Bug 167332 - critical upstream 2.4.2 fixes need porting to 2.4.1
critical upstream 2.4.2 fixes need porting to 2.4.1
Status: CLOSED ERRATA
Product: Red Hat Enterprise Linux 4
Classification: Red Hat
Component: tog-pegasus (Show other bugs)
4.0
All Linux
medium Severity medium
: ---
: ---
Assigned To: Jason Vas Dias
: Security
Depends On:
Blocks: 145411
  Show dependency treegraph
 
Reported: 2005-09-01 13:21 EDT by Jason Vas Dias
Modified: 2007-11-30 17:07 EST (History)
0 users

See Also:
Fixed In Version:
Doc Type: Bug Fix
Doc Text:
Story Points: ---
Clone Of:
Environment:
Last Closed: 2005-11-18 06:18:09 EST
Type: ---
Regression: ---
Mount Type: ---
Documentation: ---
CRM:
Verified Versions:
Category: ---
oVirt Team: ---
RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: ---


Attachments (Terms of Use)

  None (edit)
Description Jason Vas Dias 2005-09-01 13:21:31 EDT
Description of problem:

The OpenGroup's Pegasus team have assessed, fixed and tested a number
of serious bugs in the 2.4.1 baseline release of tog-pegasus, and 
committed the fixes to the 2.4.2 baseline that should be ported to 
2.4.1.  These are:

2207 CIMOMHandle drops InvokeMethod request
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=2207
2217 Interrupts improperly handled in Unix Semaphore implement...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=2217
2499 Initial Provider load/initialize is not thread safe.
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=2499
2503 IndicationHandlerService::_lookupHandlerForClass() not th...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=2503
3416 SDK sample build fails on x86_64 2.4 rpm
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=3416
3858 _subscriptionClassesTable not threadsafe
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=3858
3958 cimserver crashs after many indications delivered
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=3958
4004 cimserver crash in MessageQueueService after running for ...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4004
4009 Double close causes EBADF ("Bad file descriptor") failures
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4009
4014 host name validation in CIMObjectPathRep::isValidHostname...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4014
4023 Assignment operators should return object references
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4023
4025 Thread class uses internal pthread functions
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4025
4027 SSLCallbackInfo class does not declare a copy constructor...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4027
4028 CIMInstance::buildPath assumes key properties are specified
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4028
4029 Add TestIndicationStressTest to 2.4-branch
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4029
4042 TestIndicationStressTest not enabled in 2.4 branch.
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4042
4050 Compile warning building SDK packaged consumer.
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4050
4072 ThreadPool Test Failure - 2.4 version of Bug 2239
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4072
4103 Timing window where in MessageQueue Service - Could cause...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4103
4120 HTTPConnection _handleReadEvent should complete connectio...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4120
4126 On shutdown, cimom::routing_proc loops attempting to send...
        http://cvs.rdg.opengroup.org/bugzilla/show_bug.cgi?id=4126

Version-Release number of selected component (if applicable):
tog-pegasus-2.4.1-2.rhel4(-)

How reproducible:
100%

Steps to Reproduce:
Test any of the above bugs with tog-pegasus-2.4.1-2.rhel4 or earlier 
  
Actual results:
The above bugs can be reproduced .

Expected results:
Fixes need to be applied to Red Hat tog-pegasus release, and the above
bugs should not be reproducible.

Additional Info:
All the fixes for the above bugs have been extensively tested.
Comment 1 Jason Vas Dias 2005-09-01 13:22:48 EDT
There are security implications with the above bugs - see bug descriptions
for details.

All the bugs listed above are fixed with tog-pegasus-2.4.1-4.rhel4+ .
Comment 3 Mark J. Cox (Product Security) 2005-11-18 06:18:09 EST
Was released as http://rhn.redhat.com/errata/RHEA-2005-494.html

Note You need to log in before you can comment on or make changes to this bug.