HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.0

121

122

123

124

125

126

127

128

129

130

• Corrects an issue in which multiple access to changer devices (for example, via

Legato/Networker) could lead to a kernel memory fault in the changer driver.

• Fixes problems with DS15 environmental monitoring.

Patch 27038.00

OSFINCLUDE540

• Offers the sticky connection feature for a cluster alias.

• Modifies the getaddinfo to compile properly with the POSIX_SOURCE compiler flag.

• Fixes various problems in the libc functions getdate(), strptime(), callrpc(), strncasecmp()

and fork().

• Fixes a problem in the libnuma function nacreate() and the system header <sgtty.h.

• Fixes various problems in the dbx and object file tools dbx, ostrip, strip, mcs, dis, cord, file,

and stdump.

• Corrects a problem on systems running Enhanced Security in which the command edauth

-R refuses to write user-profile entries to the root partition.

• Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup

data to be provided from LDAP, rather than only from NIS.

• Adds per-binary big page controls to complement the system-wide tunable attributes.

• Fixes an interoperability problem between the curses.h and esnmp.h header files.

• Installs DECthreads V3.20-049.

• Resolves several DECthreads faults and resolves performance issues with certain Java

applications.

Patch 27039.00

OSFINET540

• Corrects a problem that occurs during a DNS server configuration using the SysMan DNS

server application in which the user is not informed if the named daemon fails to start.

• Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup

data to be provided from LDAP, rather than only from NIS.

• Modifies the prpasswdd and rpc.yppasswdd daemons to properly handle /var/tcb/files on

a file system from different from /var.

• Corrects a problem that can cause the /usr/sbin/pop3d server to generate a segmentation

fault.

• Corrects a problem in which the /usr/bin/mailauth -ini command does not create a usable

database.

• Corrects a potential security vulnerability in BIND 8 code that could result in a local or

remotely exploited Denial of Service (DoS).

SSRT3653 - BIND v8 — Severity - High

• Adds support for IEEE 802.1Q (VLAN).

• Makes start-up scripts in /sbin/init.d world readable.

• Fixes client login, su, rshd, edauth, and sshd2 hangs and long delays under Enhanced

Security, as well as some intermittent errors or failures seen with prpasswdd or

rpc.yppasswdd.

• Corrects potential BIND security vulnerabilities that may result in buffer overflows,

unauthorized access, or denial of service (DoS). These may be in the form of local and remote

security domain risks.

SRT2408 BIND — Severity - High

SSRT2410 BIND — Severity - High

SSRT2411 BIND — Severity - High

3.4 Summary of Base Operating System Patches 125