Manualshelf

HP-UX 11i v3 September 2011 Release Notes, Edition 2

ManualsBrandsHP ManualsSoftwareHP-UX 11i v3 Virtual Server Operating Environment (VSE-OE) LTU
71727374757677787980
HP-UX IPFilter: Updated to version A.03.05.13 with defect fixes and enhancements including
filtering on X.25 interfaces, filtering on 10GigE interfaces; IPFilter not plumbed into the
networking stack by default; no reboot required to enable IPFilter.
New: HP-UX IPSec: Previously only available on the AR media. Now delivered on the HP-UX
11i v3 Operating Environments. Provides an infrastructure to allow secure communications
(authentication, integrity, confidentiality) over IP networks between systems and devices that
implement the IPsec protocol suite.
HP-UX Secure Shell: Updated to version A.04.40.005 with many new features including high
performance enabled SSH/SCP patch; configuration directives in the server; auth selection
patch; increase in the default size of RSA and DSA keys; delayed compression; and many
other features, as well as defect fixes.
HP-UX Security Attributes Configuration tool (secweb): Updated to support long user name.
New: HP-UX Standard Mode Security Extensions: Enhances the security of systems running in
standard mode by providing security features that were previously available only on systems
that had been converted to trusted mode.
Install-Time Security: Adds a security step to the install/update process that allows you to run
the Bastille security lockdown engine during system installation with one of four configurations
ranging from default security to “DMZ.
Kerberos Client: Updated to version 1.3.5.03 with new features including support for powerful
cryptographic algorithms like 3DES, RC4, and AES; support for IPv6; support for TCP; and
defect fixes.
OpenSSL: Updated to version A.00.09.08d.001 with support (in default version) for several
hardware ENGINES (see section for specifics); support for elliptic curve cryptography; and
EVP, the library of which provides a high-level interface to cryptographic functions. Other
provided versions include other features.
PAM Kerberos: Enhanced to issue a warning if rc_host_0 is owned by anyone other than
root when a user tries to rlogin into a system; will also issue a warning if the keytable entry
is not found for the host service principal on the client but present at the KDC.
New: Security Patch Check: Analyzes the currency of a system with respect to security bulletins.
Recommends actions for security vulnerabilities that have not been fixed by patches, updates,
or logged manual actions currently applied to the system.
Initial (February 2007) Release Notes, Chapter 9: “Commands and System Calls”
/etc/skel/.profile shell script: . (current path) in $PATH is deprecated
32-bit pstat System Call (Deprecated): When compiling a 32-bit application that uses the
pstat () system call, the compiler option -D_PSTAT64 must now be specified. This causes
pstat () to use 64-bit fields rather than 32-bit fields. The application still remains a 32-bit
application.
at , cron, and batchCommands: New features include support for queueing multiple jobs
at the same time, support for queueing of more than 100 jobs, and ability to schedule jobs
up to the njob limit specified for every queue in queuedefs(4).
core Format Implementation Change: The true version string has replaced the utsname struct
in the CORE_KERNEL segment. A workaround has been provided for applications which
reversed-engineered the core file format and depend on utsname being in it. This new core
file format is the default format.
csh Command Line Interpreter: The non-interactive invocation of csh will not source the ~/
.history file by default.
What is new in the initial (February 2007) HP-UX 11i v3 release 77