Документ взят из кэша поисковой машины. Адрес оригинального документа : http://crydee.sai.msu.ru/ftproot/pub/comp/software/netscape/1.x/unix/README Дата изменения: Wed Sep 27 00:00:00 1995 Дата индексирования: Tue Apr 12 21:17:03 2016 Кодировка: Поисковые слова: arp 220

==============================================================================
Netscape 1.12 (X11)
==============================================================================


***********************************************
IMPORTANT! Before going any further, please
read and accept the terms in the file LICENSE.
***********************************************


Release notes for this version of Netscape are available online. After
starting the program, select "Release Notes" from the "Help" menu.
This will take you to the URL

http://home.netscape.com/eng/mozilla/1.1/relnotes/unix-1.12.html

which lists new features and known problems of this release.

To submit bugs or other feedback, use the "How To Give Feedback" option, also
on the "Help" menu, which will take you to the URL

http://home.netscape.com/home/how-to-give-feedback.html

If for some reason you cannot submit feedback using that form, you may send
email to x_cbug@netscape.com. Please be as specific as possible about the
version of Netscape you are using, and the hardware and version of the OS.
If possible, include a test case for the problem, including a URL.


==============================================================================
Security Fix Description
==============================================================================

TECHNICAL BACKGROUND

Netscape Navigator uses random information to generate session
encryption keys of either 40 or 128 bits in length. The random
information is found through a variety of functions that look into a
user's machine for information about how many processes are running,
process ID numbers, the current time in microseconds, etc. Previous
releases of Netscape Navigator were vulnerable because the amount of
unknown information in the random input was less than that in the
subsequent keys. This means that instead of searching through all of
the 2^128 possible keys by brute force, a potential intruder only had
to search through a significantly smaller space by brute force. This
was a substantially easier problem to solve because it takes much less
compute time and means 40-bit or 128-bit key strength is substantially
reduced.


SOLUTION

Netscape Navigator 1.22 (Windows), 1.12 (Macintosh and Unix), 1.12I
(localized builds for all 3 platforms) fixes the specific portion of
our software where this vulnerability existed. We have significantly
increased the amount of random information that cannot be discovered
by external sources from approximately 30 bits to approximately 300
bits.

Netscape has greatly expanded the techniques and sources used to
generate the random information. The number of unpredictable bits in
the RNG makes it no longer the weak link in the chain.

==============================================================================
Installation Instructions
==============================================================================

Installation of Netscape is very simple: unpack the tar file, and run
the resultant executable. But there are, of course, a few exceptions...

AIX: Netscape requires AIX 3.2.5 with the X11R5 and Motif 1.2 libraries.
If you are running an older version, you will get undefined
symbols at run-time; unfortunately, the only solution is to
upgrade to a more recent version of the OS. We are told (but
have not verified) that this executable works on AIX version 4.

SunOS 4.1: The SunOS 4.1 package comes with two executables: netscape and
netscape_dns. This is because Suns use two different,
incompatible methods of resolving host names (Domain Name Service,
and Network Information Service, formerly known as Yellow Pages.)
A given site only need install one of these executables.

It is usually possible to configure your YP/NIS server to consult
a DNS server for resolution of hosts not in the YP maps. Consult
your system administrator for details.

SunOS 4.1, Linux, and BSDI:
These distributions also includes a directory called "nls".
This directory is a standard part of the MIT X11R5 distribution,
but is not included with X11R4- or X11R6-based systems (such as
OpenWindows 3.0 or earlier, and XFree86 3.1 or later.)

On these systems, Netscape has been linked against X11R5 (because
Motif 1.2.4 has some bad bugs in conjunction with with X11R6.)
Unfortunately, X11R5 has one rather serious bug, which is that if
this "nls" directory does not exist, the program will dump core
any time you try to copy or paste to or from a text field!

So, if you don't have the "nls" directory on your system, you will
need to install it first. Here is where Netscape looks for it (these
default pathnames are hardcoded into the executable):

SunOS 4.1: /usr/lib/X11/nls/
Linux: /usr/X386/lib/X11/nls/
BSDI: /usr/X11/lib/X11/nls/

If you choose not to create the directory there, then you must
set the $XNLSPATH environment variable to the directory where you
did install it.

NetBSD, FreeBSD:
We have been told (but have not verified) that the BSDI binaries
will work on x86 systems running NetBSD 1.0 or FreeBSD 2.0 (but
not FreeBSD 1.1.5.1.)

* Included with all distributions is a file called XKeysymDB. Without this
file, many warnings about "unknown keysyms" will be generated when the
program starts up, and most keyboard equivalents won't work. This is a
general problem with running Motif programs on systems not configured for
Motif, and so will be necessary on most Sun systems.

This file is included with all packages because some systems have an older
version of this file, so you may still get some warnings. The XKeysymDB
file normally goes in /usr/lib/X11/XKeysymDB or /usr/openwin/lib/XKeysymDB,
but you can override that with $XKEYSYMDB.

* Also included with all distributions is a file called Netscape.ad, which
lists the default resources which are built in to the program. It is
not necessary to install this; it is provided for informational purposes.
See the comment at the top of the file for more information.

* If you get a "Cannot locate host" dialog at startup, this is a sign of
problems related to name resolution. If you're on a Sun, see the comments
above about the two executables.

* If you get a "Cannot connect to host" dialog at startup, it could mean that
you are behind a firewall, and need to tell Netscape about your SOCKS
server. See the Preferences dialog under the Options menu, or consult your
system administrator.

* Please read the release notes under "Help -> Release Notes". This
document is updated as problems are found, so please check it before
reporting a bug.

* To unpack a compressed tar file into the current directory, use some
variation of the following command:

zcat the-file.tar.Z | tar -vxf -

* And remember, it's spelled N-e-t-s-c-a-p-e, but it's pronounced "Mozilla."

==============================================================================