HP Tru64 UNIX and TruCluster Server Version 5.1B-5 Patch Summary and Release Notes (March 2009)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.0

191

192

193

194

195

196

197

198

199

200

Patch 27085.00

OSFX11540

• Corrects a problem that occurs when attempting to open a Java applet on a V1.7

Mozilla browser displayed from a Redhat Linux RHEL 3 (update 6) to a Tru64

UNIX V5.1B-3 graphics console. The browser closes and dtwm spins at 99% CPU

usage.

• Resolves security vulnerabilities in X PixMap routines used in the Motif library.

• Modifies the online help description for Togglekeys in accessx.

• Corrects a potential security vulnerability where, under certain circumstances,

system integrity may be compromised when a buffer overflow occurs in the dxterm

utility. Buffer overflows are sometimes exploited in an attempt to subvert the

function of a privileged program and possibly execute commands at the elevated

privileges if the program file has the setuid privilege.

• Corrects a potential security vulnerability where, under certain circumstances,

system integrity may be compromised. This may be in the form of improper file

access.

• Corrects a problem, where, under certain circumstances, the XmCvtXmStringToCT()

function does not correctly convert a compound string to a string in compound

text format.

• Fixes a problem where a Chinese character whose byte sequence contains 0x9b

cannot be entered with dxhanziim or cut and pasted.

• Provides an updated keyboard map for the Russian 3R-LKQ48-BT keyboard model.

• Fixes a display width mismatch problem in the zh_CN.GB18030 locale.

• Fixes a problem with xterm while displaying a compound text that is converted

by XmCvtCTToXmString().

• Modifies XmbTextListToTextProperty() and XmbTextPropertyToTextList() to

support 4-byte length UTF-8 characters in the Compound Text handling.

• Corrects a potential security vulnerability where, under certain circumstances,

system integrity may be compromised. This may be in the form of improper file

or privilege management.

• Fixes various problems with the X font server and with the X server's interaction

with X font servers.

• Prevents application failures when an application specifies very large timeout

values to X Toolkit library (Xt) routines.

• Resolves a drag and drop problem across the screen in multi-head systems.

• Corrects a potential file permissions vulnerability and a potential buffer overflow

in the X Window System. The potential vulnerabilities are locally exploitable,

resulting in unauthorized privileged access.

• Resolves a potential buffer overflow within the X PixMap routines.

3.4 Summary of Base Operating System Patches 197