Manualshelf

HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.0
141142143144145146147148149150
program and possibly execute commands at the elevated privileges if the program file has
the setuid privilege. This patch allows a system administrator to enable memory management
protections that limit potential buffer overflow vulnerabilities.
Fixes the error "Xauth data does not match fake data." that can occur when multiple SSH
sessions from the same client are open on different cluster member nodes.
Modifies the ssh-pubkeymgr script to change the default keyfile name to user-host, and to
simplify the procedure for enabling a key for a remote login.
Fixes a problem in SSH in which when attempting SSH TCP port forwarding the SSH server
handling the forwarding would die.
Corrects a problem that occurs when booting a during a file system full situation in which
the ssh-validate-conf utility attempts to write to the files /etc/ssh2/sshd2_config and
/etc/ssh2/ssh2_config, thereby causing them to be zeroed out.
Corrects a potential security vulnerability.
Corrects a misspelling in the ssh-hostbased-setup utility message "is not running a compatible
sshd, skipping."
Corrects a problem in which scp does not check whether the source and destination were
the same file, thereby causing the file to be truncated to zero bytes.
Corrects a condition in which if a user connects to a cluster, performs two SSH localhost,
and then tries to start an X application, an error message of X connection is broken is
displayed.
Corrects a problem in which the SSH-hostbased-setup utility does not handle host names
containing a hyphen (-).
Corrects the handling of chroot users via ssh with Enhanced Security enabled.
Fixes a problem with scp where, in some cases, the source file could be cleared.
Fixes an issue with SSH V3.2.3 host-based authentication when using the MapFile
configuration option.
Patch 27114.00
OSFSSOSSL540
Corrects a potential security vulnerability in SSL.
Corrects a potential security vulnerability when using the Secure Sockets Layer (SSL). The
potential vulnerability may be remotely exploitable, resulting in a denial of service (DOS).
Patch 27115.00
OSFSSOW2K540
Corrects an "address already in use" problem with klogin and kshell.
Fixes a problem that occurs when running a GSSAPI application, where instead of returning
error-specific strings, generic error-strings are returned.
3.4 Summary of Base Operating System Patches 145