HP Tru64 UNIX and TruCluster Server Version 5.1.B-4 Patch Summary and Release Notes (13156)
• Corrects a problem in which the locking and unlocking of multiple selected users did not
happen under C2 security.
• Fixes the cause of a core dump that occurs during copy/paste operations of Local/NIS
template.
• Corrects a problem in which the dxaccounts application incorrectly creates a default expiration
date of Feb 1, 1995 for new user accounts.
• Fixes a problem with copy/paste operations using dxaccounts.
• Fixes a problem that occurs when creating a new user with useradd.
Patch 27102.00
OSFCDSABASE540
• Corrects a potential security vulnerability where, under certain circumstances, system
integrity may be compromised. This may be in the form of compromised private RSA keys.
• Corrects a problem in which during a CDSA configuration the mod_install program core
dumps.
Patch 27106.00
OSFIPSECBASE540
• Corrects a potential security vulnerability in IPsec.
Patch 27107.00
OSFLDPAUTH540
• Modifies ldapcd to prevent it from crashing under the following conditions:
— When resolving group codes with very large GIDs.
— When the LDAP Directory Server is unavailable.
• Corrects a condition in which the login process may crash when LDAP users, or users
belonging to an LDAP group, attempt to log in.
• Fixes a problem with ldapcd that prevents LDAP users from being authenticated, even when
they are providing the correct password.
• Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup
data to be provided from LDAP, rather than only from NIS.
• Fixes problems caused when the UID/GID of an Active Directory user is zero.
• Corrects a condition in which the su command issues multiple "Sorry" messages when
multiple SIA mechanisms are in use; for example, when LDAP is configured for user accounts.
• Ensures that login sessions are properly established for LDAP and BSD accounts when
multiple authentication mechanisms are configured.
• Addresses the way that the ldapcd handles when the ldap server becomes unavailable.
Patch 27110.00
OSFOPENGL540
• Fixes a problem in which the OpenGL glTexCoordPointerEXT() command can cause a
segmentation fault.
• Restores two extensions missing from OpenGL library to the list of GL extensions it supports
for indirect rendering.
Patch 27113.00
OSFSSHBASE540
• Provides protection against a class of potential security vulnerabilities called buffer overflows.
Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged
144 Tru64 UNIX Patches