HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.1

101

102

103

104

105

106

107

108

109

110

Select a date1.

2. Choose Browse-Compare Calendars...

3. Press the Mail... button.

• Fixes the dtcm warning message when selecting View –> Day in dtcm.

• Resolves a potential buffer overflow within the X PixMap routines.

Patch 27014.00

OSFCDEDEV540

• Fixes several potential security vulnerabilities where, under certain circumstances, system

integrity may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer

overflows are sometimes exploited in an attempt to subvert the function of a privileged

program and possibly execute commands at the elevated privileges if the program file has

the setuid privilege.

• Fixes several potential security vulnerabilities where, under certain circumstances, system

integrity may be compromised. This may be in the form of improper file access.

• Corrects a problem that can occur when the screen saver tries to activate on a system that

has reached the maximum number of processes allowed per user and the following message

is displayed:

An attempt to start a new process on host "hostname" failed

• Corrects a problem in which the application builder core dumps when trying to generate

code for menu items with the set-label action type.

Patch 27015.00

OSFCDEDT540

• Corrects several potential security vulnerabilities where, under certain circumstances, system

integrity may be compromised. These may be in the form of improper file access.

• Fixes the message catalog for the CDE application dtprintinfo.

• Fixes a problem in which dtcreate core dumps while editing the icon image.

• Corrects a problem in which setting the value of screen saver and screen lock in dtstyle

disables both values.

• Corrects a problem that causes dtsession to not work when its norestore option is enabled.

• Resolves a problem that occurs when displaying the user-specified logo in dtlogin.

• Resolves the incorrect system activity report by the w command with XDMCP.

• Fixes a dtcreate problem that occurs while saving an action file in an NFS-mounted

environment.

• Fixes the dtsetup display.

• Sets defaults for dtlogin.

• Changes the quick setup message.

• Sets the proper text for the front panel help page in dtsetup.

• Corrects a potential security vulnerability in the Common Desktop Environment (CDE)

software. This potential vulnerability, which may be locally and remotely exploitable, could

result in a denial of service (DOS), unauthorized privileged access, or both.

SSRT4721 - dtlogin - (Severity - High)

• Ensures that the proper error message is set in dtlogin when an unknown display parameter

is read from the Xaccess file.

106 Tru64 UNIX Patches