HP Tru64 UNIX and TruCluster Server Version 5.1B-5 Patch Summary and Release Notes (March 2009)
Patch 27016.00
OSFCDEMAIL540
• Corrects several potential security vulnerabilities where, under certain
circumstances, system integrity may be compromised. These may be in the form
of improper file access.
• Corrects a potential security vulnerability that may result in unauthorized
Privileged Access or a Denial of Service (DoS). This may be in the form of local
and remote security domain risks.
Patch 27019.00
OSFCDEMIN540
• Resolves a problem that occurs when opening big file using dtfile.
• Fixes several potential security vulnerabilities where, under certain circumstances,
system integrity may be compromised. These may be in the form of improper file
access.
• Corrects a potential security vulnerability where under certain circumstances,
system integrity may be compromised when a buffer overflow occurs in the DtSvc
utility. Buffer overflows are sometimes exploited in an attempt to subvert the
function of a privileged program and possibly execute commands at the elevated
privileges if the program file has the setuid privilege.
• Fixes dtterm problem that causes a core dump when the resource saveLines values
is set to 1000s in $HOME/Dtterm.
• Corrects a problem that can occur when the screen saver tries to activate on a
system that has reached the maximum number of processes allowed per user and
the following message is displayed:
An attempt to start a new process on host "hostname" failed
• Corrects a potential security vulnerability in CDE code that may result in
unauthorized privileged access. This may be in the form of local and remote security
domain risks.
(SSRT3589 - dtmailpr Severity - High)
• Corrects a potential security vulnerability where, under certain circumstances,
system integrity may be compromised when a buffer overflow occurs in the CDE
online help. Buffer overflows are sometimes exploited in an attempt to subvert
the function of a privileged program and possibly execute commands at the elevated
privileges if the program file has the setuid privilege.
• Fixes a dtmail problem that occurs while opening a mail attachment on an
NFS-mounted environment.
144 Tru64 UNIX Patches