HP Tru64 UNIX and TruCluster Server Version 5.1B-5 Patch Summary and Release Notes (March 2009)
(SSRT2384 rpc — Severity - High)
• Fixes a problem in which the home directory and login shell attributes for a user
account are not suppled to the audit daemon for authentication failures.
• Fixes an extended regular expression problem where the interval expression {m,n}
is handled incorrectly.
• Fixes a problem from pre-Version 5.0 releases in the way the libc mktime() function
handles potentially ambiguous tm struct times that fall within a backward clock
shift and that have an initially negative tm_isdst value.
• Fixes various problems in the libc functions getdate(), strptime(), callrpc(),
strncasecmp() and fork().
• Fixes a problem in the libnuma function nacreate() and the system header <sgtty.h.
• Fixes various problems in the dbx and object file tools dbx, ostrip, strip, mcs, dis,
cord, file, and stdump.
• Corrects a potential security vulnerability where, under certain circumstances,
system integrity may be compromised. This may be in the form of improper file
or privilege management.
• Provides protection against a class of potential security vulnerabilities called buffer
overflows. Buffer overflows are sometimes exploited in an attempt to subvert the
function of a privileged program and possibly execute commands at the elevated
privileges if the program file has the setuid privilege. This patch allows a system
administrator to enable memory management protections that limit potential
buffer overflow vulnerabilities.
• Corrects a problem in which some networking applications, especially X.25 and
X.29, stopped working as expected because of interactions with security-related
fixes and how the fstat() function behaves on their sockets.
• Corrects a potential security vulnerability that may result in nonprivileged users
gaining unauthorized access to files or privileged access on the system. This may
be in the form of a local and remote security domain risk.
• Fixes a fatal assertion error reported by pixie, hiprof, third spike, cord, uprofile
and odump object file tools for some executable files linked at optimization level
2 (-O2) or greater.
• Corrects a problem in which NIS clients may fail to connect to non-Tru64 UNIX
NIS servers that only support the V2 NIS protocol.
• Fixes a number of regular expression problems in multibyte locales and a possible
hang problem with complex regular expressions.
• Delivers version 3.07.10 of the Tru64 UNIX assembler, which fixes a problem
encountered in version 3.07.09, wherein the assembler incorrectly treats octal
constant data as if it were decimal.
• Fixes a problem with SIA that caused the Internet Express LDAP Authentication
module to be unable to look up default group information for a user at login time.
150 Tru64 UNIX Patches