HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.0

141

142

143

144

145

146

147

148

149

150

Patch 27086.00

OSFXADMIN540

• Corrects a potential security vulnerability in the XDM (X Display Manager) software. This

potential vulnerability, which may be locally and remotely exploitable, could result in a

denial of service (DOS), unauthorized privileged access, or both.

• Corrects a problem in which host icons overlap in the dxhosts application.

• Corrects a potential security vulnerability where, under certain circumstances, system

integrity may be compromised when a buffer overflow occurs in the dxsysinfo utility. Buffer

overflows are sometimes exploited in an attempt to subvert the function of a privileged

program and possibly execute commands at the elevated privileges if the program file has

the setuid privilege.

• Corrects the way the dxkerneltuner application handles memory.

• Fixes several potential security vulnerabilities where, under certain circumstances, system

integrity may be compromised. These may be in the form of improper file access.

• Corrects a problem in which the dxkerneltuner application when invoked with the -power

option does not remove the temporary files in /tmp when the application is closed.

• Corrects a problem in which dxproctuner does not display data in the fr_FR local.

• Corrects a problem in which the dxproctuner application, when invoked, either gives error

message or dumps core and does not work.

• Corrects a problem in which a temporary file is not deleted when dxarchiver is closed.

• Corrects a core dump problem in the dxfileshare application when the /etc/exports file is

not present in the system and a user tries to add a new entry.

• Corrects a problem in which the dxkerneltuner application dumps core when cancel is

selected in the mmsess subsystem.

• Corrects a problem in which the dxpower application shows an error when the Spin Down

Disks option is selected.

• Fixes problem with dxproctuner in which the toggle menu item View Processes for All Users

does not filter the output for non-root users.

Patch 27089.00

OSFXDEMOS540

• Corrects a potential security vulnerability where, under certain circumstances, system

integrity may be compromised. This may be in the form of improper file access.

Patch 27094.00

OSFXLIBA540

• Corrects a problem, where, under certain circumstances, the XmCvtXmStringToCT() function

does not correctly convert a compound string to a string in compound text format.

• Fixes a problem where a Chinese character whose byte sequence contains 0x9b cannot be

entered with dxhanziim or cut and pasted.

• Modifies XmbTextListToTextProperty() and XmbTextPropertyToTextList() to support 4-byte

length UTF-8 characters in the Compound Text handling.

• Corrects a potential security vulnerability where, under certain circumstances, system

integrity may be compromised. This may be in the form of improper file or privilege

management.

• Prevents application failures when an application specifies very large timeout values to X

Toolkit library (Xt) routines.

• Corrects a potential file permissions vulnerability and a potential buffer overflow in the X

Window System. The potential vulnerabilities are locally exploitable, resulting in

unauthorized privileged access.

142 Tru64 UNIX Patches