HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)
Patch 27095.00
OSFXMIT540
• Corrects a potential security vulnerability where, under certain circumstances, system
integrity may be compromised. This may be in the form of improper file access.
• Fixes various problems with the X font server and with the X server's interaction with X font
servers.
• Corrects a potential file permissions vulnerability and a potential buffer overflow in the X
Window System. The potential vulnerabilities are locally exploitable, resulting in
unauthorized privileged access.
Patch 27100.00
OSFXSYSMAN540
• Fixes several problems with dxaccounts on a system with ASU installed.
• Fixes several potential security vulnerabilities where, under certain circumstances, system
integrity may be compromised. These may be in the form of improper file access.
• Corrects a problem with the userdel command that can cause it to dump core when the shell
field is empty in the passwd file.
• Corrects a problem with the usermod command not working as expected with NIS +/- users.
• Fixes several minor problems with the account management tools.
• A potential security vulnerability has been discovered, where under certain circumstances,
system integrity may be compromised. This may be in the form of passwords that have a
length outside of the intended range.
• Updates the account management tools to use the latest versions of the ASU (Advanced
Server for UNIX) API calls when ASU is in use on the server.
• Updates the SysMan Menu layout in the online help.
• Corrects a problem in which extra leading and trailing spaces from the FIND dialog box in
dxaccounts are not trimmed before being used, which results in a search failure.
• Modifies dxaccounts to display the account expiration date at first view.
• Fixes a condition in which a disabled I/O port incorrectly reports 100% utilization.
• Causes the display of instructions for creating the /dev/marvel_pfm file when the file is not
present on the system.
• Fixes a condition in which the menu does not wrap around when the window width is too
small to accommodate all the menu items.
• Adds the xmesh resource file /usr/lib/X11/app-defaults/Xmesh to customize xmesh.
• Allows the adjustment of the color key to change the percentage range for each color.
• Modifies the dxaccounts application to prevent core dumps under the following
circumstances:
— When a UNIX login name is modified and its corresponding PC account is not remapped
to the new login name.
— When a user tries to modify the UNIX and PC account login names and then tries to
see information in PC user view.
— When the root user is selected from the drop-down list for modification.
— During a copy-and-paste operation of the Local/NIS template
— In the Retire function.
• Fixes a problem where, under certain circumstances, the Display Window application (dxdw)
displays garbled characters in the transcript area of the application.
• Modifies dxaccounts to allow it to change the local user password in Enhanced Security
environment.
3.4 Summary of Base Operating System Patches 143