HP Tru64 UNIX and TruCluster Server Version 5.1B-5 Patch Summary and Release Notes (March 2009)
• Corrects a misspelling in the ssh-hostbased-setup utility message "is not running
a compatible sshd, skipping."
• Corrects a problem in which scp does not check whether the source and destination
were the same file, thereby causing the file to be truncated to zero bytes.
• Corrects a condition in which if a user connects to a cluster, performs two SSH
localhost, and then tries to start an X application, an error message of X connection
is broken is displayed.
• Corrects a problem in which the SSH-hostbased-setup utility does not handle host
names containing a hyphen (-).
• Corrects the handling of chroot users via ssh with Enhanced Security enabled.
• Fixes a problem with scp where, in some cases, the source file could be cleared.
• Fixes an issue with SSH V3.2.3 host-based authentication when using the MapFile
configuration option.
Patch 27114.00
OSFSSOSSL540
• Corrects a potential security vulnerability in SSL.
• Corrects a potential security vulnerability when using the Secure Sockets Layer
(SSL). The potential vulnerability may be remotely exploitable, resulting in a denial
of service (DOS).
Patch 27115.00
OSFSSOW2K540
• Fixes memory leaks in the libgssldap library used by ldapcd. The leaks caused
intermittent SSO SIA authentication failures.
• Corrects an "address already in use" problem with klogin and kshell.
• Fixes a problem that occurs when running a GSSAPI application, where instead
of returning error-specific strings, generic error-strings are returned.
3.4 Summary of Base Operating System Patches 203