HP Tru64 UNIX and TruCluster Server Version 5.1B-5 Patch Summary and Release Notes (March 2009)
• Corrects a potential security vulnerability which may result in non-privileged
users gaining unauthorized access to files or privileged access on the system.
• Fixes an sh problem that occurs when executing command substitution.
• Fixes a fatal assertion error reported by pixie, hiprof, third spike, cord, uprofile
and odump object file tools for some executable files linked at optimization level
2 (-O2) or greater.
• Corrects a condition in which the system start-up script /sbin/rc2.d/S19security
could cause an unintended change in the system security configuration, which
could occur when /usr/bin/perl has been removed.
• Corrects a condition in which the mv command fails when operated on running
binaries.
• Corrects a condition in which the mv command does not allow a file to be renamed
even though directory permissions allow it.
• Fixes a problem encountered with the Bourne shell when a file name with trailing
slash (/) is used as an argument to the command.
• Allows the mv command to parse the pathname correctly when a source directory
ends in trailing slash (/).
• Corrects the default UID displayed by the adduser command when UID_MAX
exists in the /etc/passwd file and helps prevent the duplication of UIDs.
• Corrects a potential security vulnerability in sendmail that could result in
nonprivileged users gaining unauthorized access to files or privileged access on
the system. This potential vulnerability may be in the form of a local or remote
security domain risk.
• Corrects a condition that causes NIS clients to fail to connect to non-Tru64 NIS
servers that support only the V2 NIS protocol.
• Fixes a situation in which the header fields displayed by the output of the ps
command are not aligned properly.
• Corrects a problem with the class scheduler under the following conditions:
1. The class scheduler is started then stopped.
2. System owned semaphores are removed with the ipcrm -s command
3. The class scheduler fails to restart with the error "class_open: allocate or access
semaphore Invalid argument."
• Fixes a situation, in which the mkpasswd command dumps core when executed
by a nonprivileged user.
• Fixes a situation in which awk does not process input files specified in the BEGIN
section.
• Corrects a problem with the cdvd command that causes two minor problems with
its output.
• Fixes a problem that occurs when linking kernel object files from an archive library.
The problem was the linker always adds four __exc_* symbol references to the
final linked image.
3.4 Summary of Base Operating System Patches 111