HP Tru64 UNIX and TruCluster Server Version 5.1B-5 Patch Summary and Release Notes (March 2009)
• Fixes a problem with ldapcd that prevents LDAP users from being authenticated,
even when they are providing the correct password.
• Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow
netgroup data to be provided from LDAP, rather than only from NIS.
• Fixes problems caused when the UID/GID of an Active Directory user is zero.
• Corrects a condition in which the su command issues multiple "Sorry" messages
when multiple SIA mechanisms are in use; for example, when LDAP is configured
for user accounts.
• Ensures that login sessions are properly established for LDAP and BSD accounts
when multiple authentication mechanisms are configured.
• Addresses the way that the ldapcd handles when the ldap server becomes
unavailable.
Patch 27110.00
OSFOPENGL540
• Fixes a problem in which the OpenGL glTexCoordPointerEXT() command can
cause a segmentation fault.
• Restores two extensions missing from OpenGL library to the list of GL extensions
it supports for indirect rendering.
Patch 27113.00
OSFSSHBASE540
• Corrects a potential issue with scp2 and sftp2.
• Fixes the cause of memory leaks in sshd.
• Provides protection against a class of potential security vulnerabilities called buffer
overflows. Buffer overflows are sometimes exploited in an attempt to subvert the
function of a privileged program and possibly execute commands at the elevated
privileges if the program file has the setuid privilege. This patch allows a system
administrator to enable memory management protections that limit potential
buffer overflow vulnerabilities.
• Fixes the error "Xauth data does not match fake data." that can occur when multiple
SSH sessions from the same client are open on different cluster member nodes.
• Modifies the ssh-pubkeymgr script to change the default keyfile name to user-host,
and to simplify the procedure for enabling a key for a remote login.
• Fixes a problem in SSH in which when attempting SSH TCP port forwarding the
SSH server handling the forwarding would die.
• Corrects a problem that occurs when booting a during a file system full situation
in which the ssh-validate-conf utility attempts to write to the files
/etc/ssh2/sshd2_config and /etc/ssh2/ssh2_config, thereby causing them to be zeroed
out.
• Corrects a potential security vulnerability.
202 Tru64 UNIX Patches