HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)

• Updates the uucp(1), gethostbyaddr(3), getnameinfo(3), sys_attrs_io(5), kdbx(8), named(8),

and volwatch(1) reference pages.

• Updates the dd(1), ksh(1), vi(1), aio_return(3), sshd2_config(4), emx(7), dxshutdown(8),

newfs(8), prpasswdd(8), sshd2(8), and ypset(8) reference pages.

Patch 27055.00

OSFMANOS540

• Updates the following reference pages: uucp(1), gethostbyaddr(3), getnameinfo(3),

sys_attrs_io(5), kdbx(8), named(8), and volwatch(1) .

• Updates the following reference pages: awk(1), chmod(1), cp(1), ex(1), find(1), rm(1),

uuencode(1), vi(1), and which(1).

• Provides the dig(1) and host(1) reference pages to support BIND 9.

• Updates the following reference pages: poll(2), wait(2), EvmVarSet(3), sys_attrs_cam(5),

sys_attrs_cfs(5), sys_attrs_generic(5), sys_attrs_inet(5), sys_attrs_vfs(5), and sys_attrs_vm(5).

• Adds a new reference page, sys_attrs_nfs(5).

• Updates the sys_attrs_rdg(5)reference page to document an increase in the maximum number

of objects in the RDG endpoint and buffer list.

• Adds the named.conf(5) and rndc.conf(5)reference pages to support the upgrade to BIND

Version 9.

• Updates the following reference pages: btcreate(8), btextract(8) collect(8), disklabel(8),

envconfig(8), fsdb(8), ftpd(8), hwmgr_show(8), mountd(8), rmvol(8), and ddr.dbase(4). Also

adds the following new reference pages to support BIND 9: dnssec-keygen(8),

dnssec-makekeyset(8), dnssec-signkey(8), dnssec-signzone(8), named-checkconf(8),

named-checkzone(8), nsupdate(8), rndc(8), and rndc-confgen(8).

• Updates the dd(1), ksh(1), vi(1), aio_return(3), sshd2_config(4), emx(7), dxshutdown(8),

newfs(8), prpasswdd(8), sshd2(8), and ypset(8) reference pages.

Patch 27060.00

OSFNETCONF540

• Corrects several potential security vulnerabilities that have been reported on systems using

an IPsec configuration of tunnel mode ESP without authentication. Under certain

circumstances, a remote attacker could force an error so that a portion of a plain-text message

can be intercepted by the attacker. Corrects the following vulnerability:

SSRT5957 - IPsec (Severity - High)

Patch 27062.00

OSFNFS540

• Adds a name and IP address cache to NFS mountd to limit problems seen with DNS timeouts.

• Corrects a problem with pcnfsd that occurs when it is running in a cluster and sends the

member's IP address instead of the cluster alias.

• Fixes the warning message in the daemon.log file when automount starts.

• Provides an option that allows users to specify port number for mountd.

• Fixes rpc.lockd to send UNIX authentication.

• Corrects a problem in which autofs skips exported file systems that belong to netgroups in

the remote NIS domain, while a mount command for the same exported file system works.

• Fixes problems due to mountd not blocking SIGHUP when processing NFS exported file

systems.

72 Tru64 UNIX Patches