Compaq Tru64 UNIX Tru64 UNIX 5.1 and TruCluster Server 5.1 Patch Summary and Release Notes for Patch Kit-0003 This manual describes the release notes and contents of Patch Kit-0003. It provides special instructions for installing individual patches. For information about installing or removing patches, baselining, and general patch management, see the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s . This document might contain lines too long to fit on an ordinary page; these lines will be truncated if the document is printed in portrait mode. Print this document using the _l_p_r command with its -_O_l_a_n_d_s_c_a_p_e option. __________________________________________________ Compaq Computer Corporation Houston, Texas Copyright 2001 Compaq Computer Corporation (c) 2001 Compaq Computer Corporation COMPAQ, the Compaq logo, AlphaServer, TruCluster, ULTRIX, and VAX Registered in U.S. Patent and Trademark Office. Alpha and Tru64 are trademarks of Compaq Information Technologies Group, L.P. Motif, OSF/1, UNIX, X/Open, and The Open Group are trademarks of The Open Group. All other product names mentioned herein may be trademarks or registered trademarks of their respective companies. Confidential computer software. Valid license from Compaq required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Compaq shall not be liable for technical or editorial errors or omissions contained herein. The information in this document is provided "as is" without warranty of any kind and is subject to change without notice. The warranties for Compaq products are set forth in the express limited warranty statements accompanying such products. Nothing herein should be construed as constituting an additional warranty. Contents About This Manual Audience ............................................ v Organization ........................................ v Related Documentation ............................... v Reader's Comments ................................... vi 1 Release Notes 1.1 Patch Process Resources ....................... 1-1 1.2 Required Storage Space ........................ 1-1 1.3 Difference Between the First and Second Release Version 5.1 Kits .............................. 1-3 1.3.1 Installing Kit-0003 for the First Time ... 1-3 1.3.2 Installing the Second Release of Kit-0003 over the First Release of Kit-0003 ......... 1-3 1.4 Release Note for Tru64 UNIX Patch 399.00 ...... 1-5 1.4.1 AdvFS and Direct I/O ..................... 1-5 1.4.2 Technical Update for KZPCC products ...... 1-7 1.4.3 Release Note for KZPCC Products .......... 1-8 1.4.4 Problem with Multi-user Mode Application . 1-8 1.4.5 New Graphics Card ........................ 1-9 1.4.6 DEGPA-TA Gigabit Ethernet Device ......... 1-10 1.5 Release Note for Tru64 UNIX Patch 287.00 ...... 1-11 1.6 Release Note for Tru64 UNIX Patch 371.00 ...... 1-11 1.7 Release Note for TruCluster Server Software ... 1-12 1.8 Release Note for Broken Link Problem .......... 1-12 1.9 Release Note for Potential Rolling Upgrade Problem ....................................... 1-13 1.10 Release Note for Tru64 UNIX Patch 169.00 ..... 1-15 1.11 Release Note for Tru64 UNIX Patch 270.00 ..... 1-15 2 Summary of Base Operating System Patches 3 Summary of TruCluster Software Patches iv Contents About This Manual This manual contains information specific to Patch Kit-0003 for the Tru64(tm) UNIX 5.1 operating system and TruCluster Server Software(tm) 5.1 products. It provides a list of the patches contained in each kit and describes the information you need to know when installing specific patches. For information about installing or removing patches, baselining, and general patch management, see the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s . _A_u_d_i_e_n_c_e This manual is for the person who installs and removes the patch kit and for anyone who manages patches after they are installed. _O_r_g_a_n_i_z_a_t_i_o_n This manual is organized as follows: ______________________________________________________________________________ Chapter 1 Contains the release notes for this patch kit. Chapter 2 Summarizes the Tru64 UNIX operating system patches included in the kit. Chapter 3 Summarizes the TruCluster software patches included in the kit. ______________________________________________________________________________ _R_e_l_a_t_e_d _D_o_c_u_m_e_n_t_a_t_i_o_n In addition to this manual, you should be familiar with the concepts and mechanisms described in the following Tru64 UNIX and TruCluster documents: +o Tru64 UNIX and TruCluster _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s +o Tru64 UNIX _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s +o dddduuuuppppaaaattttcccchhhh(8) Reference Page +o Tru64 UNIX _I_n_s_t_a_l_l_a_t_i_o_n _G_u_i_d_e +o TruCluster Server _C_l_u_s_t_e_r _I_n_s_t_a_l_l_a_t_i_o_n +o TruCluster Server _C_l_u_s_t_e_r _A_d_m_i_n_i_s_t_r_a_t_i_o_n +o Release-specific installation documentation _R_e_a_d_e_r'_s _C_o_m_m_e_n_t_s Compaq welcomes any comments and suggestions you have on this and other Tru64 UNIX manuals. You can send your comments in the following ways: +o Fax: 603-884-0120 Attn: UBPG Publications, ZK03-3/Y32 +o Internet electronic mail: rrrreeeeaaaaddddeeeerrrrssss____ccccoooommmmmmmmeeeennnntttt@@@@zzzzkkkk3333....ddddeeeecccc....ccccoooommmm A Reader's Comment form is located on your system in the following location: ////uuuussssrrrr////ddddoooocccc////rrrreeeeaaaaddddeeeerrrrssss____ccccoooommmmmmmmeeeennnntttt....ttttxxxxtttt +o Mail: Compaq Computer Corporation UBPG Publications Manager ZK03-3/Y32 110 Spit Brook Road Nashua, NH 03062-9987 Please include the following information along with your comments: +o The full title of this document. +o The section numbers and page numbers of the information on which you are commenting. +o The version of Tru64 UNIX that you are using. +o If known, the type of processor that is running the Tru64 UNIX software. The Tru64 UNIX Publications group cannot respond to system problems or technical support inquiries. Please address technical questions to your local system vendor or to the appropriate Compaq technical support office. vi About This Manual Information provided with the software media explains how to send problem reports to Compaq. About This Manual vii Release Notes 1 This chapter provides important information that you need in order to work with the Tru64 UNIX 5.1 and TruCluster 5.1 Patch Kit-0003. _1._1 _P_a_t_c_h _P_r_o_c_e_s_s _R_e_s_o_u_r_c_e_s Compaq provides Web sites to help you with the patching process: +o To obtain the lastest patch kit for your operating system and cluster: hhhhttttttttpppp::::////////ffffttttpppp1111....ssssuuuuppppppppoooorrrrtttt....ccccoooommmmppppaaaaqqqq....ccccoooommmm////ppppuuuubbbblllliiiicccc////uuuunnnniiiixxxx//// +o To view or print the lastest version of the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s or the _P_a_t_c_h _S_u_m_m_a_r_y _a_n_d _R_e_l_e_a_s_e _N_o_t_e_s for a specific patch kit: hhhhttttttttpppp::::////////wwwwwwwwwwww....ttttrrrruuuu66664444uuuunnnniiiixxxx....ccccoooommmmppppaaaaqqqq....ccccoooommmm////ffffaaaaqqqqssss////ppppuuuubbbblllliiiiccccaaaattttiiiioooonnnnssss////ppppaaaattttcccchhhh//// +o To visit Compaq's main support page: hhhhttttttttpppp::::////////wwwwwwwwwwww....ccccoooommmmppppaaaaqqqq....ccccoooommmm////ssssuuuuppppppppoooorrrrtttt////iiiinnnnddddeeeexxxx....sssshhhhttttmmmmllll +o To visit the Tru64 UNIX homepage: hhhhttttttttpppp::::////////wwwwwwwwwwww....ttttrrrruuuu66664444uuuunnnniiiixxxx....ccccoooommmmppppaaaaqqqq....ccccoooommmm//// _1._2 _R_e_q_u_i_r_e_d _S_t_o_r_a_g_e _S_p_a_c_e The following storage space is required to successfully install this patch kit: _B_a_s_e _O_p_e_r_a_t_i_n_g _S_y_s_t_e_m +o Temporary Storage Space A total of ~250 MB of storage space is required to untar this patch kit. Compaq recommends that this kit not be placed in the ////, ////uuuussssrrrr, or ////vvvvaaaarrrr file systems because doing so may unduly constrain the available storage space for the patching activity. +o Permanent Storage Space Up to ~66.2 MB of storage space in ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////bbbbaaaacccckkkkuuuupppp may be required for archived original files if you choose to install and revert all patches. See the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s for more information. Up to ~67 MB of storage space in ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh may be required for original files if you choose to install and revert all patches. See the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s for more information. Up to ~616 KB of storage space is required in ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////ddddoooocccc for patch abstract and README documentation. A total of ~160 KB of storage space is needed in ////uuuussssrrrr////ssssbbbbiiiinnnn////dddduuuuppppaaaattttcccchhhh for the patch management utility. _T_r_u_C_l_u_s_t_e_r _S_e_r_v_e_r _N_o_t_e A rolling upgrade has specific disk space requirements. Be sure to check your disk space before starting a rolling upgrade. Make sure that your system contains the required space in all file systems before you begin the setup stage of the roll. If any file system fails to meet the minimum space requirements, the program will fail and generate an error message similar to the following: ***Error*** The tar commands used to create tagged files in the '/' file system have reported the following errors and warnings: NOTE: CFS: File system full: / tar: sbin/lsm.d/raid5/volsd : No space left on device tar: sbin/lsm.d/raid5/volume : No space left on device NOTE: CFS: File system full: / \&.NOTE: CFS: File system full: / If you receive this message, run the cccclllluuuu____uuuuppppggggrrrraaaaddddeeee ----uuuunnnnddddoooo sssseeeettttuuuupppp command, free up or add the required amount of space on the affected file systems, and then rerun the cccclllluuuu____uuuuppppggggrrrraaaaddddeeee sssseeeettttuuuupppp command. Rolling upgrade disk space requirements are described in Section 7.4.1 of the _T_r_u_C_l_u_s_t_e_r _S_e_r_v_e_r _S_o_f_t_w_a_r_e _I_n_s_t_a_l_l_a_t_i_o_n manual. +o Temporary Storage Space A total of ~250 MB of storage space is required to untar this patch kit. Compaq recommends that this kit not be placed in the ////, ////uuuussssrrrr, or ////vvvvaaaarrrr file systems because doing so may unduly constrain the available storage space for the patching activity. 1-2 Release Notes +o Permanent Storage Space Up to ~50 MB of storage space in ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////bbbbaaaacccckkkkuuuupppp may be required for archived original files if you choose to install and revert all patches. See the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s for more information. Up to ~51 MB of storage space in ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh may be required for original files if you choose to install and revert all patches. See the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s for more information. Up to ~675 KB of storage space is required in ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////ddddoooocccc for patch abstract and README documentation. A total of ~160 KB of storage space is needed in ////uuuussssrrrr////ssssbbbbiiiinnnn////dddduuuuppppaaaattttcccchhhh for the patch management utility. _1._3 _D_i_f_f_e_r_e_n_c_e _B_e_t_w_e_e_n _t_h_e _F_i_r_s_t _a_n_d _S_e_c_o_n_d _R_e_l_e_a_s_e _V_e_r_s_i_o_n _5._1 _K_i_t_s The Version 5.1 Patch Kit-0003 was re-issued to correct a problem with the baselining operation of the patch installation utility, dddduuuuppppaaaattttcccchhhh. The patches themselves are exactly the same in both kits. You can tell the difference between these kits as follows: +o The file for the initial kit (which has been recalled) is TTTT66664444VVVV55551111AAAASSSS0000000000003333---- 22220000000011110000444411113333....ttttaaaarrrr. When installed, the dddduuuuppppaaaattttcccchhhh utility revision in this kit is listed as Rev. 28-03. +o The file for the second release of this kit is TTTT66664444VVVV55551111AAAASSSS0000000000003333----22220000000011110000555522221111....ttttaaaarrrr. When installed, the dddduuuuppppaaaattttcccchhhh revision in this kit is listed as Rev. 29-02. To install this patch kit, use one of the following procedures. _1._3._1 _I_n_s_t_a_l_l_i_n_g _K_i_t-_0_0_0_3 _f_o_r _t_h_e _F_i_r_s_t _T_i_m_e If you are installing the second release of Patch Kit-0003 and did not install the initial release of Patch Kit-0003, you need only follow the instructions in the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s document provided with your kit. No special action is needed. _1._3._2 _I_n_s_t_a_l_l_i_n_g _t_h_e _S_e_c_o_n_d _R_e_l_e_a_s_e _o_f _K_i_t-_0_0_0_3 _o_v_e_r _t_h_e _F_i_r_s_t _R_e_l_e_a_s_e _o_f _K_i_t-_0_0_0_3 If you previously installed the initial release of Patch Kit-0003 on a system, the steps you take with the second release kit depend on whether or not your system contains manually installed customer-specific patches (CSPs): Release Notes 1-3 +o In systems without CSPs or with CSPs that were installed with the dddduuuuppppaaaattttcccchhhh utility, you need only re-install the patch installation tools. +o In systems with manually installed CSPs, you need to perform the baselining procedure and then re-install the patches. The following sections describe these procedures. Compaq recommends that you have the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s available. _C_o_m_m_o_n _S_t_e_p_s The following steps are common to all stand-alone and clustered systems: 1. From root, extract the TTTT66664444VVVV55551111AAAASSSS0000000000003333----22220000000011110000555522221111....ttttaaaarrrr file to a locally mounted file system. For example: # ssssccccrrrriiiipppptttt uuuunnnnttttaaaarrrr....lllloooogggg # ttttaaaarrrr ----xxxxppppvvvvffff TTTT66664444VVVV55551111AAAASSSS0000000000003333----22220000000011110000555522221111....ttttaaaarrrr 2. From the directory containing the extracted files run dddduuuuppppaaaattttcccchhhh: # ....////dddduuuuppppaaaattttcccchhhh _N_o_t_e Do not run the version of dddduuuuppppaaaattttcccchhhh in ////uuuussssrrrr////ssssbbbbiiiinnnn. 3. When the dddduuuuppppaaaattttcccchhhh menu is displayed, verify that the revision is listed as Rev. 29-02. If your system has no customer-specific patches installed, type qqqq to exit dddduuuuppppaaaattttcccchhhh; you have done all you need to do. For systems containing CSPs, see the next section. _N_o_t_e If you want to install the new installation tools without invoking the dddduuuuppppaaaattttcccchhhh menu (for example, if you are using a script), use the following command. You will, however, need to invoke the dddduuuuppppaaaattttcccchhhh menu if you want to verify the dddduuuuppppaaaattttcccchhhh revision. dddduuuuppppaaaattttcccchhhh ----ttttrrrraaaacccckkkk ----kkkkiiiitttt ppppaaaattttcccchhhh____kkkkiiiitttt ----ttttyyyyppppeeee kkkkiiiitttt _A_d_d_i_t_i_o_n_a_l _S_t_e_p_s _f_o_r _M_a_n_u_a_l_l_y _I_n_s_t_a_l_l_e_d _C_S_P_s If your system contains manually installed customer-specific patches, perform the previous steps, and then do the following: 1-4 Release Notes 1. Review your session logs from the installation of the initial Patch Kit- 0003 to determine if any critical patches failed to install. If you find none, you do not have to do anything else. If you find critical patches that failed to install, continue with the following steps. 2. Run the baseline option. See the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s for step-by-step instructions on baselining. 3. Install the patch kit. _N_o_t_e If you are installing the patch kit on a cluster using the Rolling Upgrade procedure, perform steps 1 through 5 before beginning the Rolling Upgrade. Perform step 6 during the Install Stage of the Rolling Upgrade procedure. See the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s for step-by-step instructions on performing a Rolling Upgrade. _1._4 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _T_r_u_6_4 _U_N_I_X _P_a_t_c_h _3_9_9._0_0 _1._4._1 _A_d_v_F_S _a_n_d _D_i_r_e_c_t _I/_O In laboratory testing, Compaq has observed that under certain circumstances, a possibility exists that inconsistent data may be written to disk on some Tru64 UNIX V5.0A and V5.1 systems running AdvFS and direct I/O. Compaq became aware of this possibility only during laboratory testing. To our knowledge, no customer has experienced this problem. Compaq is alerting customers to this potential problem as a precautionary measure. The conditions under which this potential problem may occur are as follows: +o An application writes to a file using AdvFS direct I/O and the file had previously been opened for normal I/O (which by default is cached). +o Some but not all of the pages are still resident in Unified Buffer Cache (UBC) memory. Invalid data could occur when a single direct I/O write spans multiple AdvFS pages, and some, but not all, of the pages are still in the UBC. If the file has been opened only for direct I/O and remains open for direct I/O, the problem does not exist. Applications that use direct I/O, such as Oracle, could be affected. Release Notes 1-5 _C_o_n_f_i_g_u_r_a_t_i_o_n_s _A_f_f_e_c_t_e_d The potential problem may affect the following systems: +o Tru64 UNIX V5.0A clustered and nonclustered systems +o Tru64 UNIX V5.1 nonclustered systems only Only V5.0A and V5.1 systems running an application that uses direct I/O could experience this potential problem. Any application using direct I/O must request this feature explicitly. The following Oracle versions use direct I/O and may therefore be affected: +o Oracle 8.1.7 +o Oracle 8.1.6.3 +o Oracle 8.1.6.2 with patch 1527141 +o Oracle 8.0.6.2 with patch 1523186 +o Oracle 7.3.4.5 with patch 1523179 In addition, the AdvFS file system that is used for any of the following Oracle files: +o Control file +o Data file +o Log file An Oracle environment meeting the above criteria could experience this potential problem. Oracle running on raw partitions exclusively or running LSM on raw partitions exclusively are not affected. Some customers write their own applications that use direct I/O. These customers should be aware of the detailed circumstances under which this problem could occur. The problem could occur as follows: +o The write spans multiple AdvFS 8K pages. +o The last page to be written is in the UBC. 1-6 Release Notes +o One or more of the preceding pages are not in the UBC. +o The write to the last page is less than a full page size (8K). Under these circumstances, the data written at the start of the total write is the original data, offset by the amount of data written to the last page. Tru64 UNIX versions V4.* and V5.0 are NOT affected. The potential problem is fixed in future Tru64 UNIX versions and in V5.0 Patch Kit 3 and V5.1 Patch Kit 3. _P_r_o_b_l_e_m If Oracle customers are running one of the affected Oracle configurations, Oracle may have already detected an inconsistency in the database and reported errors similar to the following in the alert log and trace file: ORA-01578: ORACLE data block corrupted (file # 1, block # 100) ORA-01119: data file 1: '/scratch/820/qa/dbs/t_db1.f' ORA-00368: checksum error in redo block ORA-00354: Log corruption near block #231 Oracle customers that have run the dbverify (dbv) utility may have encountered an error message similar to the following: *** Corrupt block relative dba: 0x0040900b (file 0, block 36875) Bad header found during dbv: Data in bad block - type: 27 format: 2 rdba: 0x0040900d last change scn: 0x0000.0001349a seq: 0x2 flg: 0x04 consistency value in tail: 0x349a1b02 check value in block header: 0xa377, computed block checksum: 0x0 spare1: 0x0, spare2: 0x0, spare3: 0x0 *** _1._4._2 _T_e_c_h_n_i_c_a_l _U_p_d_a_t_e _f_o_r _K_Z_P_C_C _p_r_o_d_u_c_t_s This patch provides support for KZPCC products. For more information see Tru64 UNIX technical updates provided at the following URL: Release Notes 1-7 hhhhttttttttpppp::::////////wwwwwwwwwwww....ttttrrrruuuu66664444uuuunnnniiiixxxx....ccccoooommmmppppaaaaqqqq....ccccoooommmm////ffffaaaaqqqqssss////ppppuuuubbbblllliiiiccccaaaattttiiiioooonnnnssss////ppppaaaattttcccchhhh//// Select the option for Operating System Technical Updates and choose the following document: Tru64 UNIX Version 5.1 Technical Update This technical update will also contain information for valid upgrade paths to Tru64 UNIX Version 5.1 from the Version 4.0x releases that currently support I2O. _1._4._3 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _K_Z_P_C_C _P_r_o_d_u_c_t_s In a TruCluster environment, the deletion and re-creation of any logical drive on a KZPCC controller using the SWCC utility can result in the drive becoming inaccessable. Even though the hhhhwwwwmmmmggggrrrr sees the drive being deleted and added back, it can not be disklabeled nor can any read/write operation be performed to the drive. Rebooting the system will restore the drive to a usable state. This will be fixed in the next patch kit. _1._4._4 _P_r_o_b_l_e_m _w_i_t_h _M_u_l_t_i-_u_s_e_r _M_o_d_e _A_p_p_l_i_c_a_t_i_o_n _W_a_r_n_i_n_g When applying this patch in multi-user mode, an inconsistency problem results between the updated ////sssshhhhlllliiiibbbb////lllliiiibbbbpppptttthhhhrrrreeeeaaaadddd....ssssoooo and the existing kernel. The problem manifests itself when you install the patch in multi-user mode and you elect to reboot at a later time. The scheduled reboot will not occur. This problem can be avoided by installing Patch 399.00 in single user mode, or selecting the option to reboot now (rather than scheduling later). To correct this situation, if you have installed the patch and have not rebooted the system, execute the following commands: 1. Set DDDDUUUUPPPPAAAATTTTCCCCHHHH____SSSSEEEESSSSLLLLOOOOGGGG to location of session log, by default: ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////lllloooogggg////sssseeeessssssssiiiioooonnnn....lllloooogggg 2. Get the name of newly-built kernel: #### NNNNEEEEWWWW____KKKKEEEERRRRNNNNEEEELLLL====````ggggrrrreeeepppp """"TTTThhhheeee nnnneeeewwww kkkkeeeerrrrnnnneeeellll iiiissss"""" $$$$DDDDUUUUPPPPAAAATTTTCCCCHHHH____SSSSEEEESSSSLLLLOOOOGGGG |||| aaaawwwwkkkk '''' {{{{ pppprrrriiiinnnntttt $$$$5555 }}}}'''' ```` 3. Copy the new kernel: #### ccccpppp ////vvvvmmmmuuuunnnniiiixxxx 4. Reboot the system at a specified time: #### sssshhhhuuuuttttddddoooowwwwnnnn ----rrrr 1-8 Release Notes After rebooting with the new kernel, your system will once again be consistent. _1._4._5 _N_e_w _G_r_a_p_h_i_c_s _C_a_r_d This patch provides the driver support for a new graphics card. In order to obtain full support for this graphics card, you must also select Patch 287.00, which is the X server portion of the patch. A list of supported platforms is available on the following web page: hhhhttttttttpppp::::////////wwwwwwwwwwww....ccccoooommmmppppaaaaqqqq....ccccoooommmm////aaaallllpppphhhhaaaasssseeeerrrrvvvveeeerrrr////pppprrrroooodddduuuuccccttttssss////ooooppppttttiiiioooonnnnssss....hhhhttttmmmmllll If you have a system with this new graphics card, you will need to reconfigure and rebuild the kernel after installing this patch. To do this, follow these steps: 1. Shut down the system: # ////uuuussssrrrr////ssssbbbbiiiinnnn////sssshhhhuuuuttttddddoooowwwwnnnn ----hhhh nnnnoooowwww 2. Boot genvmunix to single-user mode: >>> bbbbooooooootttt ----ffffiiii ggggeeeennnnvvvvmmmmuuuunnnniiiixxxx ----ffffllll ssss 3. After the system boots to single-user mode, mount the file systems, run the uuuuppppddddaaaatttteeee command, and activate the swap partition: # ////ssssbbbbiiiinnnn////bbbbcccchhhheeeecccckkkkrrrrcccc # ////ssssbbbbiiiinnnn////uuuuppppddddaaaatttteeee # ////ssssbbbbiiiinnnn////sssswwwwaaaappppoooonnnn ----aaaa 4. Run ddddooooccccoooonnnnffffiiiigggg to create a new kernel configuration file and rebuild the kernel: # ////uuuussssrrrr////ssssbbbbiiiinnnn////ddddooooccccoooonnnnffffiiiigggg _N_o_t_e Do not specify the ----cccc option to ddddooooccccoooonnnnffffiiiigggg. If you do, ddddooooccccoooonnnnffffiiiigggg will use the existing kernel configuration file which will not have the appropriate controller entry for the new graphics card. 5. Save the old ////vvvvmmmmuuuunnnniiiixxxx file and move the new kernel to ////vvvvmmmmuuuunnnniiiixxxx. 6. Shut down the system: # ////uuuussssrrrr////ssssbbbbiiiinnnn////sssshhhhuuuuttttddddoooowwwwnnnn ----hhhh nnnnoooowwww Release Notes 1-9 7. Boot the new kernel: >>> bbbbooooooootttt If you remove this patch from your system after you have rebuilt the kernel to incorporate support for the new graphics card as described previously, you will need to rebuild the kernel again to restore generic VGA graphics support. To do this, follow the steps given previously. The ddddooooccccoooonnnnffffiiiigggg running on the original, unpatched genvmunix will not recognize the new graphics card and will include generic VGA graphics support in the resulting kernel. _1._4._6 _D_E_G_P_A-_T_A _G_i_g_a_b_i_t _E_t_h_e_r_n_e_t _D_e_v_i_c_e This patch provides support for DEGPA-TA (1000BaseT) Gigabit Ethernet device. If you have a system with this new Ethernet device, you will need to reconfigure and rebuild the kernel after installing this patch. To do this, follow these steps: 1. Shut down the system: # ////uuuussssrrrr////ssssbbbbiiiinnnn////sssshhhhuuuuttttddddoooowwwwnnnn ----hhhh nnnnoooowwww 2. Boot genvmunix to single-user mode: >>> bbbbooooooootttt ----ffffiiii ggggeeeennnnvvvvmmmmuuuunnnniiiixxxx ----ffffllll ssss 3. After the system boots to single-user mode, mount the file systems, run the uuuuppppddddaaaatttteeee command, and activate the swap partition: # ////ssssbbbbiiiinnnn////bbbbcccchhhheeeecccckkkkrrrrcccc # ////ssssbbbbiiiinnnn////uuuuppppddddaaaatttteeee # ////ssssbbbbiiiinnnn////sssswwwwaaaappppoooonnnn ----aaaa 4. Run ddddooooccccoooonnnnffffiiiigggg to create a new kernel configuration file and rebuild the kernel: # ////uuuussssrrrr////ssssbbbbiiiinnnn////ddddooooccccoooonnnnffffiiiigggg _N_o_t_e Do not specify the ----cccc option to ddddooooccccoooonnnnffffiiiigggg. If you do, ddddooooccccoooonnnnffffiiiigggg will use the existing kernel configuration file which will not have the appropriate controller entry for the new graphics card. 5. Save the old ////vvvvmmmmuuuunnnniiiixxxx file and move the new kernel to ////vvvvmmmmuuuunnnniiiixxxx. 6. Shut down the system: 1-10 Release Notes # ////uuuussssrrrr////ssssbbbbiiiinnnn////sssshhhhuuuuttttddddoooowwwwnnnn ----hhhh nnnnoooowwww 7. Boot the new kernel: >>> bbbbooooooootttt If you remove this patch from your system after you have rebuilt the kernel to incorporate support for the new Ethernet card as described previously, you will need to rebuild the kernel. To do this, follow the steps given previously. The ddddooooccccoooonnnnffffiiiigggg running on the original, unpatched genvmunix will not recognize the new Ethernet driver. _1._5 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _T_r_u_6_4 _U_N_I_X _P_a_t_c_h _2_8_7._0_0 This patch provides the X server support for a new graphics card. In order to obtain full support for this graphic card, you must also select Patch 399.00, which is the driver portion of the patch. A list of supported platforms is available on the following web page: hhhhttttttttpppp::::////////wwwwwwwwwwww....ccccoooommmmppppaaaaqqqq....ccccoooommmm////aaaallllpppphhhhaaaasssseeeerrrrvvvveeeerrrr////pppprrrroooodddduuuuccccttttssss////ooooppppttttiiiioooonnnnssss....hhhhttttmmmmllll _1._6 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _T_r_u_6_4 _U_N_I_X _P_a_t_c_h _3_7_1._0_0 This patch contains a solution for the following issue: Compaq has advised owners of DS10, DS10L, ES40 AlphaServers, and XP900 AlphaStations that Compaq has determined in laboratory testing that there is a theoretical possibility that during read and write operations to the floppy disk on these systems, a single byte of data may be inaccurately read or written without notice to the user or system. The potential for this anomaly exists only if floppy disk read or write operations are attempted while there is extremely heavy traffic on these Alpha systems' internal input/output busses. Although Compaq has observed the anomaly only in laboratory tests designed to create atypical system stresses, including almost constant use of the floppy disk drive, Compaq has informed owners of the remote possibility that the anomaly could occur so that they may take precautions to prevent it. Compaq recommends that the solution be installed by all DS10, DS10L, ES40 AlphaServers, and XP900 AlphaStation customers. The solution to this issue is also available as an individual, manually installed patch kit named ffffllllooooppppppppyyyy____CCCCSSSSPPPP____vvvv55551111....ttttaaaarrrr....ggggzzzz, available from: hhhhttttttttpppp::::////////ffffttttpppp1111....ssssuuuuppppppppoooorrrrtttt....ccccoooommmmppppaaaaqqqq....ccccoooommmm////ppppuuuubbbblllliiiicccc////uuuunnnniiiixxxx////vvvv5555....1111 Release Notes 1-11 _1._7 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _T_r_u_C_l_u_s_t_e_r _S_e_r_v_e_r _S_o_f_t_w_a_r_e During the switch stage of a rolling upgrade from TruCluster Server Version 5.1 to TruCluster 5.1 Patch Kit-0003, you may see the following message: Initiating version switch on cluster members \&.Switch already switched You can safely ignore this message. The switch stage will complete successfully. _1._8 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _B_r_o_k_e_n _L_i_n_k _P_r_o_b_l_e_m When performing a baseline analysis with the dddduuuuppppaaaattttcccchhhh utility on Tru64 UNIX 5.1 systems, the baseline error log files may report that a number of files have broken hard links to the ////uuuussssrrrr////sssshhhhaaaarrrreeee////mmmmaaaannnn////mmmmaaaannnn3333 directory. The presence of these broken links will not affect your system operation, the installation of dddduuuuppppaaaattttcccchhhh or dddduuuuppppaaaattttcccchhhh tools, the successful installation of patches, or the rebuilding of kernels on the system. The problem will be addressed in a future version of the operating system. You can determine if these broken links exist on your system by performing the following steps: 1. Change directories as follows: # ccccdddd ////uuuussssrrrr////sssshhhhaaaarrrreeee////mmmmaaaannnn////mmmmaaaannnn3333 2. Check to see that the inodes are the same for all the files: # llllssss ----iiiillll ssssllllkkkk****....3333....ggggzzzz ccccuuuurrrrssss____ssssllllkkkk....3333....ggggzzzz An example of a correct hard link would look as follows. Note the same inodes. 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 curs_slk.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_attr_off.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_attr_on.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_attr_set.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_attroff.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_attron.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_attrset.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_clear.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_color.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_init.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_label.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_noutrefresh.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_refresh.3.gz 1-12 Release Notes 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_restore.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_set.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_touch.3.gz 14648 -rw-r--r-- 17 root system 2086 Mar 9 2000 slk_wset.3.gz An example of an incorrect hardlink would look as follows. Note the different inodes. 54891 -rw-r--r-- 2 root system 2086 Aug 11 17:32 curs_slk.3.gz 54891 -rw-r--r-- 2 root system 2086 Aug 11 17:32 slk_attr_off.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_attr_on.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_attr_set.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_attroff.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_attron.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_attrset.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_clear.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_color.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_init.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_label.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_noutrefresh.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_refresh.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_restore.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_set.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_touch.3.gz 55583 -rw-r--r-- 15 root system 2086 Aug 11 17:32 slk_wset.3.gz _1._9 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _P_o_t_e_n_t_i_a_l _R_o_l_l_i_n_g _U_p_g_r_a_d_e _P_r_o_b_l_e_m When patching a clustered Tru64 UNIX 5.1 system using the rolling upgrade procedure, the operation may fail if your system has been upgraded from a patched Tru64 UNIX 5.0A version. In such cases, the lead member is successfully patched, but the patching operation fails for subsequent members. The problem occurs because the file vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////rrrroooollllllll////iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss contains the old OOOOSSSSFFFFPPPPAAAATTTT****555500005555 entries, which no longer exist in ....////uuuussssrrrr////....ssssmmmmddddbbbb. As a result, the rolling upgrade generates error messages such as the following when subsequent members are rolled: Backing up member-specific data for member: 2 ....... grep: can't open ./usr/.smdb./OSFPAT00018600505.inv grep: can't open ./usr/.smdb./OSFPAT00019200505.inv grep: can't open ./usr/.smdb./OSFPAT00020500505.inv grep: can't open ./usr/.smdb./OSFPAT00021100505.inv grep: can't open ./usr/.smdb./OSFPAT00016500505.inv grep: can't open ./usr/.smdb./OSFPAT00020000505.inv Release Notes 1-13 The following procedures describe how to solve the problem if you discover it during a rolling upgrade or if you have not yet begun the rolling upgrade. _R_o_l_l_i_n_g _U_p_g_r_a_d_e _S_t_a_r_t_e_d Perform the following steps if you issued the cccclllluuuu____uuuuppppggggrrrraaaaddddeeee command and discovered the error during the roll of the second member (designated here as member 2): 1. Halt the failing member: # hhhhaaaalllltttt 2. On the lead member, undo the roll: # cccclllluuuu____uuuuppppggggrrrraaaaddddeeee uuuunnnnddddoooo rrrroooollllllll 2222 3. Remove the old OOOOSSSSFFFFPPPPAAAATTTT****555500005555 entries from ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////rrrroooollllllll////iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss. Because this is a cluster-common file, you need only do this once. The remaining members can be rolled as documented in the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s. 1. Change to the ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////rrrroooollllllll directory: # ccccdddd ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////rrrroooollllllll 2. Invoke an editor such as vvvviiii and remove any lines that contain the string OOOOSSSSFFFFPPPPAAAATTTT****555500005555 from the file iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss: # vvvviiii ....////iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss 4. Boot member 2 to multiuser mode and then shut down to single-user mode: >>> bbbbooooooootttt # sssshhhhuuuuttttddddoooowwwwnnnn nnnnoooowwww 5. Roll member 2: # bbbbcccckkkkeeeecccckkkkrrrrcccc # cccclllluuuu____uuuuppppggggrrrraaaaddddeeee rrrroooollllllll 1-14 Release Notes 6. Complete the procedure as documented in the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s. _R_o_l_l_i_n_g _U_p_g_r_a_d_e _N_o_t _S_t_a_r_t_e_d Perform the following steps if you have not started a rolling upgrade: 1. Rename the iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss file and re-create it. # ccccdddd ////vvvvaaaarrrr////aaaaddddmmmm////ppppaaaattttcccchhhh////rrrroooollllllll//// # mmmmvvvv ....////iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss ....////iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss....VVVV55550000AAAA # ttttoooouuuucccchhhh ....////iiiinnnnssssttttaaaalllllllleeeedddd____ppppaaaattttcccchhhheeeessss 2. Complete the procedure as documented in the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s. For information on patching your clustered system using the rolling upgrade procedure, see the _P_a_t_c_h _K_i_t _I_n_s_t_a_l_l_a_t_i_o_n _I_n_s_t_r_u_c_t_i_o_n_s and the cccclllluuuu____uuuuppppggggrrrraaaaddddeeee(8) reference page. _1._1_0 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _T_r_u_6_4 _U_N_I_X _P_a_t_c_h _1_6_9._0_0 In cases where the bbbbttttttttaaaappppeeee or bbbbttttccccrrrreeeeaaaatttteeee command is used to back up and restore UFS file systems, bbbbtttteeeexxxxttttrrrraaaacccctttt leaves behind a ssssyyyymmmmbbbboooollllttttaaaabbbblllleeee file in the restored file system. This file, if present, will cause bbbbtttteeeexxxxttttrrrraaaacccctttt to hang the next time a bootable tape is created using bbbbttttccccrrrreeeeaaaatttteeee or bbbbttttttttaaaappppeeee. The bbbbtttteeeexxxxttttrrrraaaacccctttt command hangs while trying to restore the UFS file system. To work around this problem, ensure that the file rrrreeeessssttttoooorrrreeeessssyyyymmmmttttaaaabbbb???? (where ???? refers to the cluster member ID, 0 by default) is removed. Every UFS file system that was restored using bbbbtttteeeexxxxttttrrrraaaacccctttt will have this file, and this file needs to be removed on each file system before running the bbbbttttttttaaaappppeeee or bbbbttttccccrrrreeeeaaaatttteeee command the next time. For example, if //// and ////uuuussssrrrr are backed up, then the file will be found at ////rrrreeeessssttttoooorrrreeeessssyyyymmmmttttaaaabbbblllleeee0000 and ////uuuussssrrrr////rrrreeeessssttttoooorrrreeeessssyyyymmmmttttaaaabbbblllleeee0000, and both instances of the file need to be removed before proceeding with bbbbttttccccrrrreeeeaaaatttteeee or bbbbttttttttaaaappppeeee. _1._1_1 _R_e_l_e_a_s_e _N_o_t_e _f_o_r _T_r_u_6_4 _U_N_I_X _P_a_t_c_h _2_7_0._0_0 This patch fixes a security vulnerability (called the Brown Orifice) in Netscape Communicator Version 4.72 by updating Netscape Communicator to Version 4.75. To determine which version of Netscape Communicator you are running, click on the Help button in the toolbar at the top of the Navigator component window, then choose the About Communicator option from the drop down menu. You can download the latest version of Netscape Communicator for Tru64 UNIX Release Notes 1-15 from the Netscape Download World Wide Web site: hhhhttttttttpppp::::////////hhhhoooommmmeeee....nnnneeeettttssssccccaaaappppeeee....ccccoooommmm////ddddoooowwwwnnnnllllooooaaaadddd////iiiinnnnddddeeeexxxx....hhhhttttmmmmllll Or, from the Compaq Tru64 UNIX World Wide Web site: hhhhttttttttpppp::::////////wwwwwwwwwwww....ttttrrrruuuu66664444uuuunnnniiiixxxx....ccccoooommmmppppaaaaqqqq....ccccoooommmm////iiiinnnntttteeeerrrrnnnneeeetttt////ddddoooowwwwnnnnllllooooaaaadddd....hhhhttttmmmm If you are unable to upgrade to Netscape Communicator 4.75 or later, you can avoid this security vulnerability by disabling the browser's ability to run Java by following these steps: 1. Start Netscape Communicator: $////uuuussssrrrr////bbbbiiiinnnn////XXXX11111111////nnnneeeettttssssccccaaaappppeeee 2. Click on the Edit button in the toolbar at the top of the Navigator component window. 3. Click on the Preferences... option on the drop down menu that appears when the Edit button is selected. This displays the Netscape: Preferences dialog box. 4. In the window pane on the left of the Netscape: Preferences dialog box, click on the Advanced tab. This displays the advanced Communicator preferences in the dialog box. 5. If the box next to the Enable Java preference has a check mark in it, click on the box to remove the check mark. This will disable the Java programming language. Then, click on the Okay button in the Advanced preferences dialog box. (Note: If there is no check mark in the box, you do not need to take any action.) 6. Exit Netscape Communicator by clicking on the Exit option in the drop down menu that appears when you click on the File button on the toolbar at the top of the Navigator window. Disabling Java ensures Netscape Communicator is not vulnerable to the Brown Orifice vulnerability. You do not have to disable JavaScript. _N_o_t_e If you use the Japanese or Chinese interfaces provided in the Worldwide Language Support software, you must update the Communicator version numbers in the ////uuuussssrrrr////lllliiiibbbb////XXXX11111111////****////aaaapppppppp----ddddeeeeffffaaaauuuullllttttssss////NNNNeeeettttssssccccaaaappppeeee file if you choose to upgrade to Netscape Communicator Version 4.75 or later. If the version numbers in these files do not match the version of Netscape Communicator installed, it will not run in the Japanese or Chinese locales. You can download the updated files from the Compaq Tru64 UNIX World Wide Web site: 1-16 Release Notes hhhhttttttttpppp::::////////wwwwwwwwwwww....ttttrrrruuuu66664444uuuunnnniiiixxxx....ccccoooommmmppppaaaaqqqq....ccccoooommmm////iiiinnnntttteeeerrrrnnnneeeetttt////ddddoooowwwwnnnnllllooooaaaadddd....hhhhttttmmmm Release Notes 1-17 Summary of Base Operating System Patches 2 This chapter summarizes the base operating system patches included in Patch Kit-0003. Table 2-1 lists patches that have been updated. Table 2-2 provides a summary of patches. _T_a_b_l_e _2-_1: _U_p_d_a_t_e_d _B_a_s_e _O_p_e_r_a_t_i_n_g _S_y_s_t_e_m _P_a_t_c_h_e_s ______________________________________________________________________________ PPPPaaaattttcccchhhh IIIIDDDDssss CCCChhhhaaaannnnggggeeee SSSSuuuummmmmmmmaaaarrrryyyy ______________________________________________________________________________ Patches 171.00, 173.00, 226.00, 249.00, 252.00, New 255.00, 278.00, 283.00, 285.00, 290.00, 292.00, 294.00, 300.00, 302.00, 304.00, 306.00, 308.00, 310.00, 312.00, 314,00, 316.00, 318.00, 320.00, 262.00, 326.00, 328.00, 226.00, 333.00, 335.00, 337.00, 339.00, 341.00, 343.00, 345.00, 347.00, 349.00, 351.00, 353.00, 362.00, 360.00, 364.00, 366.00, 296.00, 368.00, 372.00, 374.00, 376.00, 378.00, 232.00, 381.00, 385.00, 387.00, 389.00, 324.00, 395.00, 401.00, 403.00, 405.00 Patch 13.00 Superseded by Patch 175.00 Patches 156.00, 53.00, 60.00, 62.00, 151.00, Superseded by Patch 399.00 152.00, 154.00, 11.00, 22.00, 23.00, 24.00, 25.00, 26.00, 27.00, 28.00, 29.00, 30.00, 32.00, 86.00, 93.00, 94.00, 95.00, 96.00, 97.00, 98.00, 99.00, 100.00, 101.00, 103.00, 163.00, 165.00, 167.00, 176.00, 177.00, 178.00, 179.00, 180.00, 181.00, 182.00, 183.00, 184.00, 185.00, 186.00, 187.00, 188.00, 189.00, 190.00, 191.00, 192.00, 193.00, 194.00, 195.00, 196.00, 197.00, 198.00, 199.00, 200.00, 201.00, 202.00, 203.00, 204.00, 205.00, 206.00, 207.00, 208.00, 209.00, 210.00, 211.00, 212.00, 213.00, 214.00, 215.00, 216.00, 217.00, 218.00, 219.00, 220.00, 221.00, 222.00, 224.00 Patches 1.00, 2.00, 3.00, 5.00, 87.00, 88.00, Superseded by Patch 243.00 90.00, 233.00, 234.00, 235.00, 236.00, 237.00, 238.00, 239.00, 240.00, 241.00 Patch 9.00 Superseded by Patch 245.00 Patches 246.00, 247.00 Superseded by Patch 249.00 Patch 250.00 Superseded by Patch 252.00 Patch 253.00 Superseded by Patch 255.00 Patches 34.00, 227.00, 228.00 Superseded by Patch 230.00 Patches 64.00, 256.00, 257.00, 258.00 Superseded by Patch 260.00 Patches 55.00, 266.00 Superseded by Patch 268.00 Patch 44.00 Superseded by Patch 270.00 Patch 70.00 Superseded by Patch 280.00 Patch 281.00 Superseded by Patch 283.00 Patch 119.00 Superseded by Patch 287.00 Patch 288.00 Superseded by Patch 290.00 Patches 78.00, 263.00 Superseded by Patch 265.00 Patch 128.00 Superseded by Patch 298.00 Patch 66.00 Superseded by Patch 322.00 Patch 132.00 Superseded by Patch 330.00 Patches 72.00, 354.00, 355.00, 356.00 Superseded by Patch 358.00 Patches 145.00, 146.00, 148.00 Superseded by Patch 370.00 Patch 381.00 Superseded by Patch 379.00 Patch 84.00 Superseded by Patch 391.00 Patch 160.00 Superseded by Patch 393.00 ______________________________________________________________________________ _T_a_b_l_e _2-_2: _S_u_m_m_a_r_y _o_f _B_a_s_e _O_p_e_r_a_t_i_n_g _S_y_s_t_e_m _P_a_t_c_h_e_s ______________________________________________________________________________ 2-2 Summary of Base Operating System Patches PPPPaaaattttcccchhhh IIIIDDDDssss AAAAbbbbssssttttrrrraaaacccctttt ______________________________________________________________________________ Patch 7.00 PPPPaaaattttcccchhhh:::: Threaded programs do not terminate OSF510-037B SSSSttttaaaatttteeee:::: Existing This patch fixes hangs in threaded programs with subprocesses created with nfork(NULL). Examining one of the hanging subprocesses shows that it has called fopen() and is waiting for the iobptr mutex in _findiop(). Patch 15.00 PPPPaaaattttcccchhhh:::: libst shared library fix OSF510-009A SSSSttttaaaatttteeee:::: Existing This patch fixes a problem with two routines in the libst library, st_obj_open() and st_obj_write(). The ability to change a file permission using these two libst routines is denied if a group has write permissions. Patch 17.00 PPPPaaaattttcccchhhh:::: libst static library fix OSF510-009B SSSSttttaaaatttteeee:::: Existing This patch fixes a problem with two routines in the libst library, st_obj_open() and st_obj_write(). The ability to change a file permission using these two libst routines is denied if a group has write permissions. Patch 19.00 PPPPaaaattttcccchhhh:::: Fix for booting problem via network interface OSF510-036 SSSSttttaaaatttteeee:::: Existing This patch solves a problem which could prevent a V5.1 kernel from booting via a network interface. It corrects a timing issue which affects processors with speeds in excess of 700MHz. Patch 21.00 PPPPaaaattttcccchhhh:::: Corrects a stack overflow panic OSF510-020 SSSSttttaaaatttteeee:::: Existing This patch corrects a stack overflow panic encountered during the startup of the system management deamon (smsd) on configurations with more than 255 devices. Summary of Base Operating System Patches 2-3 Patch 38.00 PPPPaaaattttcccchhhh:::: Fix for panic that occurs when kloadsrv is restarted OSF510-021 SSSSttttaaaatttteeee:::: Existing This patch fixes a system panic that may occur when /sbin/kloadsrv is restarted. Patch 40.00 PPPPaaaattttcccchhhh:::: Fix for lbxproxy utility OSF510X11-001 SSSSttttaaaatttteeee:::: Existing This patch fixes a problem where the X windows lbxproxy utility, which is used to make Low Bandwidth X (LBX) connections to an X server, did not accept local connections. Patch 42.00 PPPPaaaattttcccchhhh:::: Fix for grep command OSF510-031 SSSSttttaaaatttteeee:::: Existing This patch fixes a problem with the grep command in which the options -p -v together do not produce any output. Patch 49.00 PPPPaaaattttcccchhhh:::: Fixes the processing of export lists OSF510-024 SSSSttttaaaatttteeee:::: Existing This patch fixes the processing of export lists with a / (slash) in them. Patch 51.00 PPPPaaaattttcccchhhh:::: Change to kloadsrv and hotswapd entries OSF510-043 SSSSttttaaaatttteeee:::: Existing This patch changes the kloadsrv and hotswapd entries in the /etc/inittab file. The change will prevent possible problems with dynamically loaded kernel modules when shutting down to single user mode. 2-4 Summary of Base Operating System Patches Patch 57.00 PPPPaaaattttcccchhhh:::: Fix for panic or system hang that may occur on DS20E OSF510-041 SSSSttttaaaatttteeee:::: Existing This patch fixes a panic or a system hang which could occur on a DS20E with drives attached to the motherboard SCSI interface (Adaptec 7895 based) or on an Ultra3 KZPEA SCSI adapter. In addition to system hangs or panics on configurations using Memory Channel adapters, some configurations have exhibited SCSI device problems. Patch 59.00 PPPPaaaattttcccchhhh:::: Fix for tagged-file induced automount requests OSF510-025 SSSSttttaaaatttteeee:::: Existing This patch avoids tagged-file induced automount requests in AutoFS. Patch 68.00 PPPPaaaattttcccchhhh:::: Fix for dump command OSF510-003 SSSSttttaaaatttteeee:::: Existing The patch fixes a problem where a user could not dump to a regular file. Patch 74.00 PPPPaaaattttcccchhhh:::: Fixes environmental warning in GS systems OSF510-018 SSSSttttaaaatttteeee:::: Existing This patch fixes a problem on the AlphaServer GS80, GS160, and GS320 platforms where the system will issue an environmental warning and shut itself down when it reaches a critical temperature, even though this temperature is safe for the power supply. Patch 76.00 PPPPaaaattttcccchhhh:::: Hardware manager inaccurately reports the CPU speed OSF510-038 SSSSttttaaaatttteeee:::: Existing This patch fixes a problem where the hardware manager inaccurately reports the CPU speed. It reported a CPU speed that was one MHz less than the correct speed. Summary of Base Operating System Patches 2-5 Patch 82.00 PPPPaaaattttcccchhhh:::: List of application groups is not re- created OSF510CDE-001 SSSSttttaaaatttteeee:::: Existing This patch fixes a problem where the Common Desktop Environment (CDE) Application Manager did not re-create the list of application groups at login. After customizing the application groups, users would see the old groups instead of the new groups. Patch 92.00 PPPPaaaattttcccchhhh:::: Fix for system hang during a route command OSF510-069 SSSSttttaaaatttteeee:::: New This patch fixes a network problem where a system can hang during a route command. Patch 105.00 PPPPaaaattttcccchhhh:::: Prevents not currently mounted warning messages OSF510-017 SSSSttttaaaatttteeee:::: New This patch prevents "not currently mounted" warning messages from being displayed for file systems the user did not request to umount. Patch 107.00 PPPPaaaattttcccchhhh:::: Fix for tcl OSF510X11-007 SSSSttttaaaatttteeee:::: New This patch fixes a problem in which tclhelp and any other tool using #!/usr/bin/wishx as the interpreter fails when additional versions of tcl are installed in /usr/local. 2-6 Summary of Base Operating System Patches Patch 109.00 PPPPaaaattttcccchhhh:::: btextract does not create device special files OSF510-085 SSSSttttaaaatttteeee:::: New. Supersedes patches OSF510-045 (45.00), OSF510-029 (47.00) This patch corrects the following: Adjusts the sleep time for slower robot tape changers to allow them time to replace a tape. Fixes a kernel panic caused by btcreate when it generated scripts to recreate LSM volumes on restore operations. Fixes a problem where the device special files are not being created by btextract. Patch 111.00 PPPPaaaattttcccchhhh:::: Fix for smsd crash OSF510DX-003 SSSSttttaaaatttteeee:::: New This patch fixes intermittent crashes of the SysMan Station daemon (smsd) that are most likely to occur at system startup time, midnight, or during reconfiguration of system components. This crash would render a connected SysMan Station client unusable. Patch 114.00 PPPPaaaattttcccchhhh:::: Fix for Xt OSF510X11-009A SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510X11-005A (112.00) This patch corrects the following: Fixes a memory leak in the X Window System's X Toolkit library (Xt) that could occur when creating and destroying Motif List, Text, and TextField widgets. Fixes the problem of XmStringGetLtoR() failing in dxhanziim when it runs in a C/en_US.ISO8859-1 locale. Summary of Base Operating System Patches 2-7 Patch 117.00 PPPPaaaattttcccchhhh:::: Fixes a memory leak in Xt OSF510X11-009B SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510X11-005B (115.00) This patch corrects the following: Fixes a memory leak in the X Window System's X Toolkit library (Xt) that could occur when creating and destroying Motif List, Text, and TextField widgets. Fixes the problem of XmStringGetLtoR() failing in dxhanziim when it runs in a C/en_US.ISO8859-1 locale. Patch 121.00 PPPPaaaattttcccchhhh:::: Fix for dtlogin OSF510CDE-002 SSSSttttaaaatttteeee:::: New This patch fixes a problem where the Common Desktop Environment (CDE) login daemon, dtlogin, core dumps occasionally when servicing requests from XDMCP clients such as X terminals or PCs running X servers. 2-8 Summary of Base Operating System Patches Patch 124.00 PPPPaaaattttcccchhhh:::: Message fragments now I18N compatible OSF510DX-006 SSSSttttaaaatttteeee:::: Supersedes patches OSF510DX-002 (36.00), OSF510DX-005 (122.00) This patch fixes the following dxaccounts problems: A system running ASU experiences a dxaccounts crash problem when a user is deleted from PC User view. The dxaccounts dialog messages are incorrectly displayed when a user is added with no password entry. The dxaccounts utitlity is unable to create a new user from the PC Users view on a system with ASU installed. The following problems can occur with the dxaccounts application on ASU system: The dxaccounts utility crashes when the root icon is double clicked. The full name of a new PC account is not mapped to a UNIX user. Erasing a PC account's fields does not work; the values erased remain. The default values of Home Directory, Login Script, and User Profile Path for a PC user are invalid. Changing root's login/uid is enabled via cli/dxaccounts utilities. Incorrect results of usermod -G. The -x account_inactive|account_expiration options do not set the attributes. Fixes a problem where the new home directory for a new user ID is created with the date and time stamp of the /usr/skel directory. Summary of Base Operating System Patches 2-9 Fixes message fragments to make them I18N compatible. Patch 126.00 PPPPaaaattttcccchhhh:::: Fix for kernel stack not valid halt OSF510-056 SSSSttttaaaatttteeee:::: New When the user runs ATM Lan Emulation, using more than four ATM NetRAIN interfaces can result in recursive calls causing a "kernel stack not valid" halt. Patch 130.00 PPPPaaaattttcccchhhh:::: Fix for lock hierarchy violation panic OSF510-067 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-034 (80.00) This patch corrects the following: Fixes a problem that can occur under certain circumstances with an IPv6 packet that contains a routing header. This could possibly crash a machine functioning as an IPv6 router. This was only reproduced with manually generated packets. Under certain circumstances a Tru64 UNIX system configured with IPv6 can panic with a lock hierarchy violation. This panic can occur on any system running Tru64 UNIX with IPv6 enabled and configured. Patch 134.00 PPPPaaaattttcccchhhh:::: Fix for collect command OSF510-026 SSSSttttaaaatttteeee:::: New This patch fixes several problems with the collect command. It adds sysloging when collect suspends, resumes, or receives a signal. 2-10 Summary of Base Operating System Patches Patch 137.00 PPPPaaaattttcccchhhh:::: Fix for Xlib memory leak OSF510X11-008A SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510X11-004A (135.00) This patch corrects the following: Fixes two memory leaks in the X Window System's X library (Xlib) that can occur when creating and destroying Motif List, Text, and TextField widgets. Provides enhanced support for UTF-8 and UCS-4 locales. Patch 140.00 PPPPaaaattttcccchhhh:::: Support for UTF-8 and UCS-4 locales OSF510X11-008B SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510X11-004B (138.00) This patch corrects the following: Fixes two memory leaks in the X Window System's X library (Xlib) that can occur when creating and destroying Motif List, Text, and TextField widgets. Provides enhanced support for UTF-8 and UCS-4 locales. Patch 142.00 PPPPaaaattttcccchhhh:::: Fixes memory leaks in Motif library OSF510X11-006A SSSSttttaaaatttteeee:::: New This patch fixes various memory leaks in the Motif library (libXm) that could occur when creating and destroying Motif List, Text, and TextField widgets. Summary of Base Operating System Patches 2-11 Patch 144.00 PPPPaaaattttcccchhhh:::: Fix for libXm OSF510X11-006B SSSSttttaaaatttteeee:::: New This patch fixes various memory leaks in the Motif library (libXm) that could occur when creating and destroying Motif List, Text, and TextField widgets. Patch 150.00 PPPPaaaattttcccchhhh:::: Fix for advscan OSF510-052 SSSSttttaaaatttteeee:::: New This patch fixes a problem where advscan -a -g does not display bootable partitions properly. Patch 158.00 PPPPaaaattttcccchhhh:::: Fix for dtmail problem OSF510CDE-003 SSSSttttaaaatttteeee:::: New This patch fixes a dtmail problem in which a From line with quotes in it incorrectly finds the date of the mail message. This error is displayed on the main screen under the header Date and Time and shows up as Dec. 31 or as a blank field. Patch 162.00 PPPPaaaattttcccchhhh:::: Fix for diskconfig error message OSF510DX-004 SSSSttttaaaatttteeee:::: New This fixes a problem that was causing diskconfig to issue the error message "can't read tminor: no such variable" upon startup. Patch 169.00 PPPPaaaattttcccchhhh:::: Fix for bttape OSF510DX-009 SSSSttttaaaatttteeee:::: New bttape now uses the lock file /usr/run/bttape.pid for checking multiple instances. Also, the default addlist and fslist are created appropriately. Patch 171.00 PPPPaaaattttcccchhhh:::: Fix for voldctl stop command OSF510-098 SSSSttttaaaatttteeee:::: New This patch corrects the voldctl stop command behaviour for cluster support. 2-12 Summary of Base Operating System Patches Patch 173.00 PPPPaaaattttcccchhhh:::: fixso command causes segmentation fault OSF510-057 SSSSttttaaaatttteeee:::: New This patch fixes a problem with the /usr/ucb/fixso command that can cause a segmentation fault. Summary of Base Operating System Patches 2-13 Patch 175.00 PPPPaaaattttcccchhhh:::: Fix for vrestore problems OSF510-161 SSSSttttaaaatttteeee:::: Supersedes patch OSF510-013 (13.00) This patch fixes the following problems: A previous patch caused incomplete restores. A warning message is displayed when the path for the first file in a group of hard links is created without using original protection codes and property lists. A warning message is displayed and vrestore aborts if it fails to malloc space for a property list. A message which had been inserted at the end of the message file had the wrong message category (this could cause messaging confusion). An uninitialized variable in the code that restores property lists could cause malloc failures, memory faults, an "error setting extended attributes" message, and infinite loops using the -l option. Corrupted property list information could cause an infinite loop. Fixes problems in the vdump command: Failed to flag compressed extended attributes records that are split across a vdump BLOCK boundary. Overrides the -D option when source path describes a root fileset (Note: If you want to back up quota files, you must not use the -D option.) Corrects "Rewinding" message to avoid a segfault with Internationalized messages. Fixes problems in the vrestore command 2-14 Summary of Base Operating System Patches Fails to properly handle extended attributes records in compressed archives. This results in malloc failures, proplist corruption, program abort, program crashes due to segfault or invalid memory access, and the display of the error message "error setting extended attributes". Fails to set extended attributes due to confusion over selective restore of the associated file or directory. Also results in display of the error message "error setting extended attributes". Selective restore of hardlinked files is incomplete when they exist in different directories (fails to create directory for second occurrence of file with same inode number). The -Q option is added to vrestore to allow the user to request that quota files are ignored (thus avoiding the time it takes to process them). Patch 226.00 PPPPaaaattttcccchhhh:::: Fix for delayed AdvFS requests OSF510-107B SSSSttttaaaatttteeee:::: New This patch corrects some I/O rate fluctuations and thread unresponsiveness that had been seen when vm free pages dropped to a low level and used pages were being recycled. Summary of Base Operating System Patches 2-15 Patch 230.00 PPPPaaaattttcccchhhh:::: Fix for POSIX Threads Library OSF510-109B SSSSttttaaaatttteeee:::: Supersedes patches OSF510-039B (34.00), OSF510-212B (227.00), OSF510-206B (228.00) This patch fixes problems for threaded applications running on Tru64 UNIX V5.1: Fixes a bug in the POSIX Threads Library for Tru64 UNIX V5.1 where a terminating thread did not properly clear an enabled floating point unit, causing invalid floating point state on the next thread that is run. Fixes a bug in the POSIX Threads Library for Tru64 UNIX V5.1 that would result in a DECthreads error return of EINVAL from the pthread mutex API routines. This error would be seen only when the thread stack had been user defined/changed, specifically seen when using the user level context switching (ucontext) routines. Fixes a bug in the POSIX Threads Library for Tru64 UNIX V5.1 that would result in a DECthreads Bugcheck and process termination. Threaded applications might encounter this problem when pthread_kill() is used on a thread that is marked as blocked in the kernel. Patch 232.00 PPPPaaaattttcccchhhh:::: Adds support for activating temporary data logging OSF510-158B SSSSttttaaaatttteeee:::: New This patch provides support for activating temporary data logging on a mount point. 2-16 Summary of Base Operating System Patches Patch 243.00 PPPPaaaattttcccchhhh:::: Security (SSRT0689U) OSF510-150 SSSSttttaaaatttteeee:::: Supersedes patches OSF510-033 (1.00), OSF510-019 (2.00), OSF510-027 (3.00), OSF510- 037A (5.00), OSF510-051 (87.00), OSF510-071 (88.00), OSF510-061 (90.00), OSF510-154 (233.00), OSF510-177 (234.00), OSF510-145 (235.00), OSF510-151 (236.00), OSF510-123 (237.00), OSF510-183 (238.00), OSF510-130 (239.00), OSF510-091 (240.00), OSF510-146 (241.00) This patch corrects the following problems: Fixes a problem of the getaddrinfo() library call returning a failing status. Increases the number of places of precision for formatted printing of long doubles. Fixes the problem that, on rare occasions, the C runtime library atof() and strtod() functions (and other functions that may use them) may produce an incorrect result. The error would only be in the least significant digit of the mantissa (a rounding error). Fixes hangs in threaded programs with subprocesses created with nfork(NULL). Examining one of the hanging subprocesses shows that it has called fopen() and is waiting for the iobptr mutex in _findiop(). Fixes the printing of 0.0 when precision is specified for a %g type conversion. Fixes a problem where a TZ environment variable setting of ":" yields incorrect (or missing) time zone information after calling tzset() and incorrect error reporting from mktime(). A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Summary of Base Operating System Patches 2-17 2-18 Summary of Base Operating System Patches Patch 243.00 continued Fixes a performance problem with freeing memory in threaded applications, when many allocations of the same size have been made. It also fixes a problem when the __sbrk_override malloc tuning variable is set which caused malloc to try to allocate too much memory. Fixes a problem with the mallinfo() call which can cause an application to fail if run on a RAD other than 0. fixes a problem with the mallinfo() call which can cause an application to fail if run on a RAD other than '0'. Festores correct behavior that existed on pre- V5.0 releases for ecvt() and fcvt(). Floating point exceptions and core dumps no longer occur when denormalized values are passed to ecvt() and fcvt(). Resolves issues with customer applications that experienced floating point exceptions and core dumps when passing denormalized values to ecvt() and fcvt() that subsequently caused INFORMIX databases to crash. Fixes the return values for vwprintf() functionality when used with wide characters. Increases the input buffer size limits for the scanf family of functions to the MAXINT input buffer size. Fixes the problem of optimized programs printing incorrect values for long doubles. Adds logic that implements maximum size checks for input width descriptors on numeric scanf() format elements. Corrects a regular expression performance problem in libc. Fixes a potential online help build problem when dthelptag is used to compile online help files in a multibyte locale. Fixes regular expression handling with non- default locale settings. Summary of Base Operating System Patches 2-19 Patch 245.00 PPPPaaaattttcccchhhh:::: Install does not allow subset name with an underscore OSF510-198 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-046 (9.00) This patch fixes the following problems: Fixes a problem with the installation process rejecting a subset name with an underscore character on a V5.1 system. Specifically, when a user was trying to install the IBM MQSeries Documentation Base subset, MQS_HTML_PUBS. Fixes a problem with the deletion process on a cluster system when a member node is running /usr/bin/csh. The process fails with a command not found error. Fixes a problem with the deletion process not terminating when the C DELETE phase of the subset control program fails. Patch 249.00 PPPPaaaattttcccchhhh:::: Vendor string displayed when running on COSIX64 OSF510X11-014 SSSSttttaaaatttteeee:::: Supersedes patches OSF510X11-010 (246.00), OSF510X11-013 (247.00) This patch fixes the following problems: Fixes a memory leak in the X server that could occur when a client repeatedly created and destroyed buffers for the X Window System Multibuffering Extension (XmbufCreateBuffers/XmbufDestroyBuffers). Fixes a problem where the X server does not display windows properly for the 128th and subsequent clients. Changes the X server to dynamically retrieve its vendor string information when running on COSIX64. 2-20 Summary of Base Operating System Patches Patch 252.00 PPPPaaaattttcccchhhh:::: Thread hang on NFS mounted file systems OSF510-173 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-174 (250.00) This patch corrects the following problems: Corrects a problem where a race condition in NFS can result in a kernel memory fault. Fixes a problem where threads can hang while renaming files on NFS mounted file systems. Patch 255.00 PPPPaaaattttcccchhhh:::: tar -F ignores files named err OSF510-090 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-164 (253.00) This patch corrects the following problems: Corrects pax/tar/cpio to properly extract explicitly specified files. When an archive contained a file with extended attributes and a different file (occurring later in the archive) was specified to be extracted, improper buffer pointer management resulted in the following display (example uses tar): tar: /dev/nrmt0h : This doesn't look like a tar archive tar: /dev/nrmt0h : Skipping to next file... tar: Memory allocation failed for extended data while reading : Not enough space The directory option was similarly affected. In this case the information for the specified file was not reported Fixes a problem where the tar -F (Fasttar) option ignores files named err, but does not ignore files named errs or directories named SCCS and RCS. Summary of Base Operating System Patches 2-21 Patch 260.00 PPPPaaaattttcccchhhh:::: Fix for V5.1 dynamic loader OSF510-074A SSSSttttaaaatttteeee:::: Supersedes patches OSF510-005 (64.00), OSF510-113 (256.00), OSF510-105 (257.00), OSF510-205A (258.00) This patch fixes the following problems with the V5.1 dynamic loader: Allows the loader to properly ignore unreferenced symbols when loading a shared library with a dlopen call. Allows the loader to properly ignore loading a library with the correct library name but an incorrect library version. Fixes an /sbin/loader problem dealing with absolute value symbols when their value was -1. Fixes a problem in the /sbin/loader dynamic loader that can cause a crash. It also fixes a problem with the output for the ldd command, where the output was always going to stderr rather than stdout. A problem that may cause the /usr/ucb/spike post-link optimization tool to crash. A /sbin/loader problem that causes the ldr_inq_region() call to not report an error when an invalid region parameter is passed as a parameter to the call. Fixes a loader problem with rpaths on shared libraries, a loader problem when libraries loaded in -taso mode were loaded above the -taso address range, a problem detecting incorrectly specified _RLD_ARGS values, and a problem handling the RHF_BIND_NOW object file bit. Fixes a problem with /usr/ucb/ldd. Previously the _RLD_ARGS environment variable was not recognized. 2-22 Summary of Base Operating System Patches Patch 262.00 PPPPaaaattttcccchhhh:::: Fix for loader and ldd OSF510-074B SSSSttttaaaatttteeee:::: New This patch fixes the following problems: Fixes a loader problem with rpaths on shared libraries, a loader problem when libraries loaded in -taso mode were loaded above the -taso address range, a problem detecting incorrectly specified _RLD_ARGS values, and a problem handling the RHF_BIND_NOW object file bit. Fixes a problem with /usr/ucb/ldd. Previously the _RLD_ARGS environment variable was not recognized. Patch 265.00 PPPPaaaattttcccchhhh:::: loader does not report error OSF510-205B SSSSttttaaaatttteeee:::: Supersedes patches OSF510-028 (78.00), OSF510-147 (263.00) This patch fixes the following problems: Fixes a problem where applying spike to some binaries results in a 100% performance degradation. Fixes a problem where spike may fail to delete the low instruction of a pair of related instructions, causing it to abort with a runtime error. Fixes a problem that may cause the /usr/ucb/spike post-link optimization tool to crash. Fixes a /sbin/loader problem that causes the ldr_inq_region() call to not report an error when an invalid region parameter is passed as a parameter to the call. Summary of Base Operating System Patches 2-23 Patch 268.00 PPPPaaaattttcccchhhh:::: Security (SSRT0690U) OSF510-165 SSSSttttaaaatttteeee:::: Supersedes patches OSF510-044 (55.00), OSF510-115 (266.00) This patch fixes the following problems: A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Fixes a possible handling problem with multibyte character boundary conditions in ksh script processing. Fixes two ksh problems that occur in multi-byte Asian locales. Patch 270.00 PPPPaaaattttcccchhhh:::: Updates Netscape Communicator to Version 4.76 OSF510DX-017 SSSSttttaaaatttteeee:::: Supersedes patch OSF510DX-001 (44.00) This patch corrects the following problems: Fixes a security vulnerability (called the Brown Orifice) in Netscape Communicator Version 4.72 by updating Netscape Communicator to Version 4.75. Updates Netscape Communicator to Version 4.76 to fix missing default MIME types in Netscape Communicator 4.75. Patch 278.00 PPPPaaaattttcccchhhh:::: Cascaded switches may hang system at failover time OSF510-166 SSSSttttaaaatttteeee:::: New This patch fixes a problem where cascaded switches can hang the system at failover time. 2-24 Summary of Base Operating System Patches Patch 280.00 PPPPaaaattttcccchhhh:::: Fixes a memory leak in the X server OSF510X11-011 SSSSttttaaaatttteeee:::: Supersedes patch OSF510X11-002 (70.00) This patch fixes the following problems: Fixes a problem on systems with a PowerStorm 4D10T (ELSA Gloria Synergy, SN-PBXGK-BB) graphics card or a PCI To Ethernet/Graphics Combo Adapter (3X-DEPVD-AA). Sometimes lines and images are not drawn correctly in scrolled windows. Fixes synchronization and drawing problems in the X server for the PowerStorm 4D10T (ELSA Gloria Synergy, SN-PBXGK-BB) graphics card. Fixes a memory leak in the X server on systems with a PowerStorm 4D10T (ELSA Gloria Synergy, SN-PBXGK-BB) graphics card that could occur when a client repeatedly created and destroyed buffers for the X Window System Multibuffering Extension (XmbufCreateBuffers/XmbufDestroyBuffers). Patch 283.00 PPPPaaaattttcccchhhh:::: Security (SSRT0682U) OSF510-104 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-096 (281.00) This patch corrects the following: Fixes a problem in which rexecd fails to establish stderr. If the client rexec() function call specifies a secondary socket for stderr, connects to rexecd hang. A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Summary of Base Operating System Patches 2-25 Patch 285.00 PPPPaaaattttcccchhhh:::: Fixes C++ runtime errors OSF510-118 SSSSttttaaaatttteeee:::: New This patch fixes C++ runtime errors. Patch 287.00 PPPPaaaattttcccchhhh:::: Corrects blocks of erroneous pixels OSF510X11-012 SSSSttttaaaatttteeee:::: Supersedes patch OSF510X11-003 (119.00) This patch corrects the following: Provides the Xserver library with a new graphics card. Corrects blocks of erroneous pixels left behind when dragging CDE application manager icons on the desktop. 2-26 Summary of Base Operating System Patches Patch 290.00 PPPPaaaattttcccchhhh:::: Fixes problems in the Tru64 UNIX Assembler OSF510-103 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-132 (288.00) This patch corrects the following: When assembling a .s file containing a data declaration directive (such as .byte) that specifies a list of values greater than 74, a fatal "yacc stack overflow" condition is raised. A main procedure's prologue description will overwrite that of an alternate entry point when they both share the same address and they both specify their own .prologue directive. A .s file that contains .align directives in its text section that is assembled at an optimization level greater than O0 may produce a series of zeros in its text section which, if executed, would cause the program to halt. The -arch and -tune command line switches were essentially being ignored. Code generated by the assembler for emulated ldb/ldbu/ldw/ldwu instructions produces incorrect results leading to a linker optimization that produces an invalid executable. Code generated by the assembler for emulated ldb/ldbu/ldw/ldwu instructions produces incorrect results leading to a linker optimization that produces an invalid executable. Code generated for loads with offsets larger than 32K is incorrect. Incorrect addresses are generated when symbolic arithmetic is used, and when the address in question extends beyond the intitial 64K boundary of a section. A prodecure with no instructions causes the assembler to segfault. A prodecure with no instructions causes line number generation to segfault. Summary of Base Operating System Patches 2-27 Data declared using the .gprel32 directive was not being longword aligned. The relocation count for a program that contains a section that has in excess of 65535 reloctions will be incorrect, resulting in a bad link and an invalid executable. An entry (PDSC_FLAGS_BASE_REG_IS_FP) was not being set correctly in a short-form stack-frame RPD when a .frame directive specified register 15. When two entry points to a procedure (main or alternate) share the same address, the assembler generates four nop profiling instruction sequences for each one when the -pg switch is specified. This causes post-link tools, such as spike, problems. When a main and an alternate entry point share both an address and a prologue, the assembler associates the prologue with the alternate entry and not the main, resulting in the assembler not generating an RPD because it does not see a prologue for the main entry. The assembler miscalculates the number of relocations present in the .text section if a jmp/jsr instruction was specified without a symbol as an operand. This can result in a linker error. Patch 292.00 PPPPaaaattttcccchhhh:::: Security (SSRT1-38) OSF510-148 SSSSttttaaaatttteeee:::: New A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Patch 294.00 PPPPaaaattttcccchhhh:::: Fixes a problem with the EVM daemon evmd OSF510-160A SSSSttttaaaatttteeee:::: New This patch fixes a problem with the EVM daemon, evmd, where it will crash if /etc/rc.config contains a blank line. 2-28 Summary of Base Operating System Patches Patch 296.00 PPPPaaaattttcccchhhh:::: evmd crashes if rc.config contains a blank line OSF510-160B SSSSttttaaaatttteeee:::: New This patch fixes a problem with the EVM daemon, evmd, where it will crash if /etc/rc.config contains a blank line. Patch 298.00 PPPPaaaattttcccchhhh:::: Fix for kernel memory fault on EV6 systems OSF510-210 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-004 (128.00) This patch corrects the following problems: Fixes a cross RAD I/O hang problem with the ITPSA controller. Fixes a problem that can cause a simple lock timeout or a kernel memory fault on EV6 systems using the itpsa driver. Patch 300.00 PPPPaaaattttcccchhhh:::: Introduces the JJ printcap parameter OSF510-080 SSSSttttaaaatttteeee:::: New This fix introduces the JJ /etc/printcap parameter, which allows the user to choose either one TCP/IP connection for all jobs in the print queue (JJ=1), or a TCP/IP connection for each job in the print queue (JJ=0). It also closes a timing hole that existed when lpd was shutting down. Patch 302.00 PPPPaaaattttcccchhhh:::: dop tool causes segmentation fault OSF510DX-007 SSSSttttaaaatttteeee:::: New This patch fixes a problem in which the dop tool would cause a segmentation fault when a non-root user entered the root password. Summary of Base Operating System Patches 2-29 Patch 304.00 PPPPaaaattttcccchhhh:::: Running cord on libraries causes infinite loop OSF510-137 SSSSttttaaaatttteeee:::: New This patch fixes an infinite loop that occurs when using cord on a library compiled with -g3. If the library has unused static routines that are optimized away, cord may go into an infinite loop. Patch 306.00 PPPPaaaattttcccchhhh:::: Fixes a C++ compiler error OSF510-116 SSSSttttaaaatttteeee:::: New This patch fixes a C++ compiler error. Patch 308.00 PPPPaaaattttcccchhhh:::: Fixes C shell processing problems OSF510-106 SSSSttttaaaatttteeee:::: New This patch fixes C shell processing problems in the new zh_CN.GB18030 locale. Patch 310.00 PPPPaaaattttcccchhhh:::: Fixes a problem on multi-head systems OSF510CDE-006 SSSSttttaaaatttteeee:::: New This patch fixes a problem on multi-head systems in which the unlock display only works if the default display is screen 0. Patch 312.00 PPPPaaaattttcccchhhh:::: Fixes a problem of the ATM setup script failing OSF510-076 SSSSttttaaaatttteeee:::: New This patch fixes a problem of the ATM setup script failing when configuring an elan if the lane subsystem is not loaded. 2-30 Summary of Base Operating System Patches Patch 314.00 PPPPaaaattttcccchhhh:::: Security (SSRT0708U) OSF510-138 SSSSttttaaaatttteeee:::: New This patch fixes the following /usr/sbin/inetd problems: A potential security vulnerability has been discovered, where, under certain circumstances, system integrity may be compromised. This may be in the form of inetd child process core dumping or failing to service incoming connection requests. Compaq has corrected this potential vulnerability. inetd can terminate without notice and without a core file. The disable keyword is being ignored when used in the /etc/inetd.conf.local configuration file. The -h option does not restart any inetd children to handle requests because the parent still thinks one is running. Patch 316.00 PPPPaaaattttcccchhhh:::: Attaching debugger to program causes program hang OSF510-171 SSSSttttaaaatttteeee:::: New This patch corrects a problem where attaching to a program with a debugger will cause periodic timers to be lost and will make the program hang. Patch 318.00 PPPPaaaattttcccchhhh:::: Fix for newgrp command OSF510-081 SSSSttttaaaatttteeee:::: New This patch corrects the problem where newgrp(1) fails if the file /etc/group contains multiple lines for one group. Summary of Base Operating System Patches 2-31 Patch 320.00 PPPPaaaattttcccchhhh:::: Fixes a problem in diskconfig OSF510DX-011 SSSSttttaaaatttteeee:::: New This fixes a problem in diskconfig where partitions with an offset and size of zero cannot be selected. It also fixes a problem where overlapping partitions cannot be adjusted if the existing partitions are not in alphabetical order. Patch 322.00 PPPPaaaattttcccchhhh:::: Fix for problems in Compaq C compiler OSF510-142A SSSSttttaaaatttteeee:::: Supersedes patch OSF510-016 (66.00) This patch fixes the following problems in the Compaq C compiler: An optimizer problem that caused the wrong answer to be produced for a program involving tail recursion. An optimizer problem that caused a runtime error when compiling gcc using -feedback. An optimizer crash when compiling a program using -ieee and -tune ev6. An optimizer problem that caused a failure in the llogin UNIX command. An optimizer problem that caused incorrect run- time results for an OpenMP program. A problem in the parallel processing support library that caused incorrect run-time results for an OpenMP program. 2-32 Summary of Base Operating System Patches Patch 324.00 PPPPaaaattttcccchhhh:::: Fix for libots3 OSF510-142B SSSSttttaaaatttteeee:::: New This patch fixes the following problem in the Compaq C compiler: An optimizer problem that caused a failure in the llogin UNIX command. An optimizer problem that caused incorrect run- time results for an OpenMP program. A problem in the parallel processing support library that caused incorrect run-time results for an OpenMP program. Patch 326.00 PPPPaaaattttcccchhhh:::: Security (SSRT0672U) OSF510-082 SSSSttttaaaatttteeee:::: New A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Patch 328.00 PPPPaaaattttcccchhhh:::: Fixes automount handling of nogrpid option OSF510-144 SSSSttttaaaatttteeee:::: New This patch fixes the automount handling of the nogrpid option. Summary of Base Operating System Patches 2-33 Patch 330.00 PPPPaaaattttcccchhhh:::: Write errors occur on soft mounted NFS file systems OSF510-135 SSSSttttaaaatttteeee:::: Supersedes patch OSF510-070 (132.00) This patch fixes the following problems: Fixes an NFS file locking race. Corrects the problem with write errors seen on soft mounted NFS file systems. The error received is: NFS3 RFS3_WRITE failed for server ncinfs: RPC: Server can't decode arguments Patch 333.00 PPPPaaaattttcccchhhh:::: Upgrades sys_check to v120 OSF510-112 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-185 (331.00) This patch corrects the following problems: Fixes errors generated by syscheck when NFS is not configured. Upgrades sys_check to V120. 2-34 Summary of Base Operating System Patches Patch 335.00 PPPPaaaattttcccchhhh:::: Fix for DVD file system problem OSF510-141 SSSSttttaaaatttteeee:::: New This patch addresses two issues with the DVD File system: When directory entries are large enough to overflow a user's buffer and require multiple calls to complete, DVDFS fails because it does not properly calculate the continuation point for successive calls. Logical block numbers are not properly calculated after the first directory data read. Patch 337.00 PPPPaaaattttcccchhhh:::: Fix for bindconfig OSF510DX-008 SSSSttttaaaatttteeee:::: New This patch fixes the problem of OutOfOrder hide stack trace, which occurs when an invalid domain name is entered during bindconfig. Patch 339.00 PPPPaaaattttcccchhhh:::: Fix for dtpad OSF510CDE-005 SSSSttttaaaatttteeee:::: New This patch fixes a problem where, if dtpad cannot allocate enough memory, it will exit and leave a zero-length file in place of the file being edited. Patch 341.00 PPPPaaaattttcccchhhh:::: Fix for ksh hang OSF510-197 SSSSttttaaaatttteeee:::: New This patch fixes a problem where the Korn shell (ksh) could hang if the user pastes a large number of commands to it when it is running in a terminal emulator window (such as an xterm). Patch 343.00 PPPPaaaattttcccchhhh:::: Fix for vi core dump OSF510-114 SSSSttttaaaatttteeee:::: New This patch fixes a problem in which the vi editor core dumps when it finds invalid syntax during a substitute operation. Summary of Base Operating System Patches 2-35 Patch 345.00 PPPPaaaattttcccchhhh:::: Cannot create builds with CAMDEBUG enabled OSF510-187 SSSSttttaaaatttteeee:::: New This patch fixes a problem of not being able to create builds with CAMDEBUG enabled. Patch 347.00 PPPPaaaattttcccchhhh:::: Fixes a problem of ATM signalling OSF510-079 SSSSttttaaaatttteeee:::: New This patch fixes a problem of ATM signalling going into connection released after a system reboot. Patch 349.00 PPPPaaaattttcccchhhh:::: Corrects memory leak in XTI socket code OSF510-121 SSSSttttaaaatttteeee:::: New This patch corrects a memory leak in the XTI socket code. Patch 351.00 PPPPaaaattttcccchhhh:::: Fix for Turbolaser panic OSF510-093 SSSSttttaaaatttteeee:::: New This patch prevents a panic on TurboLaser systems with a DE600 in pci slot 0. Mis- identification of the DE600 in pci slot 0 causes data structure corruption. TurboLaser systems include the following: AlphaServer 8200 AlphaServer 8400 AlphaServer GS60 AlphaServer GS60E AlphaServer GS140 A DE600 is a single-port 10/100 Mbps Fast Ethernet NIC. Patch 353.00 PPPPaaaattttcccchhhh:::: Fix for fsx utility OSF510-190 SSSSttttaaaatttteeee:::: New This patch fixes a problem in which the fsx utility would not correctly handle the -s switch. 2-36 Summary of Base Operating System Patches Patch 358.00 PPPPaaaattttcccchhhh:::: Fix for link errors OSF510-102 SSSSttttaaaatttteeee:::: Supersedes patches OSF510-022 (72.00), OSF510-153 (354.00), OSF510-108 (355.00), OSF510-120 (356.00) This patch corrects the following: Fixes a spike problem. The problem results in an assertion and core dump when trying to spike a kernel. This patch is only needed if the post-link tool spike will be used on the Tru64 UNIX kernel. Fixes a problem where the linker defined symbol _fpdata would end up being undefined if it was referenced by a program but not used by the linker. Fixes link errors encountered when linking with -A. Fixes two problems in the linker where it would erroneously report "multiply defined symbol" errors or "unresolved symbol" errors. Modifies the linker's symbol resolution to enable it to recognize when a reference to a symbol defined in a shared library is replaced by a symbol defined in an object file or archive. Modifies the linker to cause it to rescan shared libraries before reporting unresolved symbols. Fixes two errors that occur when using the -f switch with the linker (ld): Using the -f switch produces link errors. Any unsupported switch beginning with -f gets interpreted to mean -f. Summary of Base Operating System Patches 2-37 Patch 360.00 PPPPaaaattttcccchhhh:::: Nodes in cluster unable to set high temp threshold OSF510DX-012A SSSSttttaaaatttteeee:::: New This fix corrects a problem in which nodes in a cluster are unable to set their high temperature thresholds. Patch 362.00 PPPPaaaattttcccchhhh:::: Cluster nodes unable to set high temp threshold OSF510DX-012B SSSSttttaaaatttteeee:::: New This fix corrects a problem in which nodes in a cluster are unable to set their high temperature thresholds. Patch 364.00 PPPPaaaattttcccchhhh:::: Security (SSRT1-15, SSRT0713U) OSF510-186 SSSSttttaaaatttteeee:::: New A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Patch 366.00 PPPPaaaattttcccchhhh:::: Fixes ee driver for DE60x Ethernet cards OSF510-125 SSSSttttaaaatttteeee:::: New This patch addresses two problems with the ee driver for DE60x Ethernet cards. These problems affect all Tru64 UNIX systems containing ee cards: Fixes a race condition where the card could stop receiving packets from the network under rare circumstances. Fixes the lan_config user options -x and -s. 2-38 Summary of Base Operating System Patches Patch 368.00 PPPPaaaattttcccchhhh:::: rdist utility causes segmentation fault OSF510-086 SSSSttttaaaatttteeee:::: New This patch corrects a problem in the rdist utility which was causing segmentation faults on files with more than one link. Patch 370.00 PPPPaaaattttcccchhhh:::: Fix for prpasswdd daemon hang OSF510-170 SSSSttttaaaatttteeee:::: Supersedes patches OSF510-054 (145.00), OSF510-055 (146.00), OSF510-072 (148.00) This patch corrects the following: Corrects a problem in an Enhanced Security configuration where, at login time, if it is determined an account's password has expired, the "Old password:" prompt did not appear. Rather, the user is immediately prompted for their new password options and is allowed to change to a new password. This patch also allows a user logged into a system configured as a NIS client with Enhanced Security installed to change their password. Fixes a problem in an Enhanced Security configuration. This patch restores the capability of being able to su to a user as root without being prompted or having to know the users password. Fixes a problem for Enhanced Security configurations where the Maximum Login Interval (u_max_login_intvl) field was being ignored for account templates. Fixes problems with the prpasswdd daemon hanging when there are numerous background processes simultaneously attempting to authenticate users to the system in an Enhanced Security environment. Summary of Base Operating System Patches 2-39 Patch 372.00 PPPPaaaattttcccchhhh:::: Kernel memory fault occurs when using tablet OSF510-127 SSSSttttaaaatttteeee:::: New This patch fixes a kernel memory fault which occurs while using a tablet instead of a mouse. Patch 374.00 PPPPaaaattttcccchhhh:::: Hang seen on multi-CPU systems using NFS-over-TCP OSF510-139 SSSSttttaaaatttteeee:::: New This patch corrects a hang that can be seen on multi-CPU systems using NFS-over-TCP. The SMP race is seen between the nfs_tcp_input and the nfs_tcp_thread functions. Patch 376.00 PPPPaaaattttcccchhhh:::: Fixes DS10/DS20 performance problems OSF510-172 SSSSttttaaaatttteeee:::: New This patch fixes DS10/DS20 performance problems introduced with the i2c driver by using thread blocking, rather than event_timeout() and DELAY(). Patch 378.00 PPPPaaaattttcccchhhh:::: Fix for unaligned kernel space panic OSF510-077 SSSSttttaaaatttteeee:::: New This patch fixes a problem in which the system may panic with the panic string "Unaligned kernel space access from kernel mode". 2-40 Summary of Base Operating System Patches Patch 381.00 PPPPaaaattttcccchhhh:::: Security (SSRT0664U) OSF510-131 SSSSttttaaaatttteeee:::: New. Supersedes patch OSF510-100 (379.00) This patch corrects the following: This patch corrects a problem with the ftpd daemon which could result in PC ftp clients hanging when transferring some files in ASCII mode. A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Patch 387.00 PPPPaaaattttcccchhhh:::: CDFS media burned in 2001 shows the wrong dates OSF510-143 SSSSttttaaaatttteeee:::: New CDFS media burned in 2001 shows the wrong dates. Patch 385.00 PPPPaaaattttcccchhhh:::: Fixes problem in exit status value of swapon utility OSF510-075 SSSSttttaaaatttteeee:::: New This patch fixes a bug in the exit status value of the swapon utility. Patch 389.00 PPPPaaaattttcccchhhh:::: Corrects a problem with joind OSF510-152 SSSSttttaaaatttteeee:::: New This patch corrects a problem with joind which caused it to respond to certain client dhcp requests via the wrong port. Summary of Base Operating System Patches 2-41 Patch 391.00 PPPPaaaattttcccchhhh:::: System crash when accessing the FDI floppy OSF510-128 SSSSttttaaaatttteeee:::: Supersedes patch OSF510-058 (84.00) This patch corrects the following: Compaq has determined in laboratory testing that there is a theoretical possibility that during read and write operations to the floppy disk on DS10, DS10L and ES40 AlphaServers and XP900 AlphaStations, a single byte of data may be inaccurately read or written without notice to the user or system. The potential for this anomaly exists only if floppy data read and write operations are attempted while there is extremely heavy traffic on these Alpha systems' internal input/output busses. Although Compaq has observed the anomaly only in laboratory tests designed to create atypical system stresses, including almost constant use of the floppy disk drive, we are supplying this patch to address this potential issue. Corrects a potential system crash when accessing the FDI floppy. Patch 393.00 PPPPaaaattttcccchhhh:::: Fix for CDE window manager loop or abort problems OSF510CDE-007 SSSSttttaaaatttteeee:::: Supersedes patch OSF510CDE-004 (160.00) This patch corrects the following: Fixes a problem where the Window Manager (dtwm) intermittently hangs on a system which uses multiple displays. Fixes a problem where the Common Desktop Environment (CDE) window manager loops or aborts when creating and deleting workspaces or when displaying the CDE Window List. 2-42 Summary of Base Operating System Patches Patch 395.00 PPPPaaaattttcccchhhh:::: Security (SSRT0713U) OSF510-189 SSSSttttaaaatttteeee:::: New A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Summary of Base Operating System Patches 2-43 Patch 399.00 PPPPaaaattttcccchhhh:::: Security (SSRT0700U) OSF510-224 SSSSttttaaaatttteeee:::: Supersedes patches OSF510-042 (156.00), OSF510-048 (53.00), OSF510-010 (60.00), OSF510- 014 (62.00), OSF510-015 (151.00), OSF510-087 (152.00), OSF510-060 (154.00), OSF510-011 (11.00), OSF510-032 (22.00), OSF510-006 (23.00), OSF510-007 (24.00), OSF510-008 (25.00), OSF510- 049 (26.00), OSF510-030 (27.00), OSF510-012 (28.00), OSF510-023 (29.00), OSF510-047 (30.00), OSF510-039A (32.00), OSF510-059 (86.00), OSF510-065 (93.00), OSF510-073 (94.00), OSF510- 084 (95.00), OSF510-063 (96.00), OSF510-053 (97.00), OSF510-050 (98.00), OSF510-064 (99.00), OSF510-035 (100.00), OSF510-062 (101.00), OSF510-089 (103.00), OSF510-095 (163.00), OSF510-094 (165.00), OSF510-101 (167.00), OSF510-097 (176.00), OSF510-119 (177.00), OSF510-110 (178.00), OSF510-124 (179.00), OSF510-175 (180.00), OSF510-078 (181.00), OSF510-159 (182.00), OSF510-196 (183.00), OSF510-107A (184.00), OSF510-126 (185.00), OSF510-182 (186.00), OSF510-201 (187.00), OSF510-213 (188.00), OSF510-168 (189.00), OSF510-212A (190.00), OSF510-211 (191.00), OSF510-111 (192.00), OSF510-184 (193.00), OSF510-188 (194.00), OSF510-099 (195.00), OSF510-149 (196.00), OSF510-206A (197.00), OSF510-136 (198.00), OSF510-209 (199.00), OSF510-140 (200.00), OSF510-117 (201.00), OSF510-192 (202.00), OSF510-163 (203.00), OSF510-155 (204.00), OSF510-194 (205.00), OSF510-122 (206.00), OSF510-157 (207.00), OSF510-134 (208.00), OSF510-129 (209.00), OSF510-181 (210.00), OSF510-109A (211.00), OSF510-180 (212.00), OSF510-092 (213.00), OSF510-167 (214.00), OSF510-158A (215.00), OSF510-179 (216.00), OSF510-178 (217.00), OSF510-068 (218.00), OSF510-199 (219.00), OSF510-156 (220.00), OSF510-169 (221.00), OSF510-162 (222.00), OSF510-200 (224.00) This patch corrects the following: This patch is required in order to use the SuperDLT1 tape drive. Fixes a problem encountered on a heavily loaded HSG80, in which a device may become unavailable to other cluster members if a cluster node crashes at the same time an error occurs on that device. 2-44 Summary of Base Operating System Patches Prevents panics from occurring if AdvFS detects corruption in the per-fileset frags file and attempts to work around the corruption. Fixes AdvFS memory mapped file support so that it honors the noatimes and readonly mount options when updating file timestamps. A kernel memory fault can occur on an smp machine when one thread is extending a clone frags file and another thread does a stat system call on a file with a frag. Provides an improvement to AdvFS performance when the first bytes of user data (and subsequent storage requests) is written to a domain. Corrects read-ahead behavior for AdvFS for both local and NFS reads. Read performance is increased by approximately 10% with the addition of this patch. This patch does not include any correctness fixes. Fixes a problem on AlphaServer GS80, GS160, and GS320 systems where, under a specific set of unlikely circumstances, it is possible for Revision 4 PCA hardware to falsely report PCI hung bus errors. This will cause a uncorrectable hardware machine check and operating system panic. This patch must be installed if the hardware configuration includes any Revision 4 PCA (IOP to PCI bus) adapters. Fixes a kernel memory fault which can occur during scheduler load balancing on a NUMA system. Summary of Base Operating System Patches 2-45 Patch 399.00 continued Fixes a panic that occurs in madvise() when called with MADV_DONTNEED when running in lockmode 4. Improves performance of HPTC programs on GS- series NUMA machines. Fixes a kernel memory fault which can happen when all the physical memory is in use. Fixes a problem seen in a cluster when one member whose boot partition is on a device whose SCSI wwid changes while the node is down. Corrects a failure that is seen as a user_cmd timeout. Fixes a kernel memory fault when accessing a shared text segment after or during load balancing on a NUMA system. Fixes a bug that, when fuser -k is issued on a dismounted NFS mount point in which a process is running, a hang will occur. A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Improves webserver performance, fixes an IPV6 related crash, and a hang in soclose(). Fixes problems for threaded applications running on Tru64 UNIX V5.1 sbin/dd has been made non-threaded. This is to avoid problems while installing patches that are incompatible with the running kernel. /usr/bin/dd is not affected by this patch. Fixes SPECweb99 httpd hangs in umc_get_page() routine waiting for the page. Includes performance fixes for systems doing raw I/O, raw async I/O, and systems with large disk farms (high disk count). Enables the getconf command to return the 2-46 Summary of Base Operating System Patches abbreviated vendor name correctly. Provides the device driver for a new graphics card. Fixes a problem where some network-based multimedia applications will cause a kernel memory fault when exiting. Provides support for the DEGPA-TA (1000BaseT) Gigabit Ethernet device. Fixes a potential deadlock on systems using shared memory segments and granularity hints. This can occur when allocating a gh region larger than the available free memory. Improves UDP performance by removing an unneeded lock from the UDP output path. Fixes a panic in in_pcbfree() when NFS is implemented over TCP. Fixes a lock contention for multiple writers which would use 100% of CPU time. This problem has been seen when running Oracle database doing Table Creates. Resolves hang-like behavior when LSM volumes are used to create AdvFS domain volumes. The default preferred I/O byte transfer size may be too large and needs to be set lower. Fixes periodic slowdowns seen on large systems that are consuming large amounts of memory due to file I/O. These changes make the reclaiming of memory in use for file buffers more efficient. There is also a fix for a lock timeout seen on the vdIoLock because of a large number of buffers on the SmoothSync queues. Summary of Base Operating System Patches 2-47 Patch 399.00 continued Fixes a race condition which could result with either a Kernel Memory Fault or a Kernel Unaligned Access in one of the AdvFS I/O queue manipulation routines. Fixes inaccuracy problems when using setrlimit/getrlimit with a threaded application. Addresses multiple issues for the KZPCC family of RAID Array 2000 (RA2000) controllers: Errors seen when concurrent opens are issued to separate logical partitions on the same logical device. Change to the preferred chunk size from 16 KB to 64 KB which may increase data transfer rates. Fixes a hang seen while running collect and the vdump utility. This patch prevents the hang in tok_wait from occurring. Prevents stat(), lstat(), fstat(), statfs(), fstatfs(), getmntinfo(), and getfsstat() from returning EOVERFLOW errors for programs compiled on Tru64 UNIX V4.0 or earlier. Fixes a problem where threads can hang in x_load_inmem_xtnt_map(). Fixes a kernel memory fault when writing to /proc, while anon_rss_enforce is set to 2. Fixes an issue with lightweight wiring of pages and shared memory regions. Fixes a system panic when the system has at least one AdvFS domain and the system is configured for lockmode=4 kernel lock statistics collection. Corrects some I/O rate fluctuations and thread unresponsiveness that had been seen when vm free pages dropped to a low level and used pages were being recycled. In laboratory testing Compaq has observed that, 2-48 Summary of Base Operating System Patches under certain circumstances, a possibility exists that inconsistent data may be written to disk on some Tru64 UNIX V5.0A and V5.1 systems running AdvFS and direct I/O. Compaq became aware of this possibility only during laboratory testing. To our knowledge, no customer has experienced this problem. Compaq is alerting customers to this potential problem as a precautionary measure. The conditions under which this potential problem may occur are as follows: An application writes to a file using AdvFS direct I/O and the file had previously been opened for normal I/O (which by default is cached). Some but not all of the pages are still resident in Unified Buffer Cache (UBC) memory. Invalid data could occur when a single direct I/O write spans multiple AdvFS pages, and some, but not all, of the pages are still in the UBC. If the file has been opened only for direct I/O and remains open for direct I/O, the problem does not exist. Applications that use direct I/O, such as Oracle, could be affected. This patch addresses two types of system crashes: Crash caused by VM hash corruption, kernel memory fault. Crash caused by a lock hierarchy violation. Summary of Base Operating System Patches 2-49 Patch 399.00 continued Fixes a problem with the driver for Gigabit Ethernet adapters (DEGPA-FA and DEGPA-TA) which prevented its use in a NetRAIN (Redundant Array of Independent Network Adapters) set. Fixes a problem where the setgid bit of a directory was not being set when created if its parent directory has the setgid bit set. Fixes issues with memory allocation attributes. Fixes a bug in the POSIX Threads Library for Tru64 UNIX V5.1 where a terminating thread did not properly clear an enabled floating point unit, causing an invalid floating point state on the next thread that was run. Fixes several virtual memory algorithms related to the allocation and freeing of pages within the kernel. Fixes panics which can occur if a signal is sent to a multi-threaded task in which one or more threads are calling exit() or exec(). Fixes the corruption of the CAM hardware database when using hwmgr. This typically can result in a kernel memory fault when the database is being written to disk after a hwmgr operation. Corrects an AdvFS panic which can occur during a rmfset operation, causing the following panic string: rbf_delete_int: can't find bf attributes Fixes an issue with some remote ioctls for tape/changer drivers not working in a cluster. Fixes a panic which comes from a page fault on a user buffer while already holding the write lock. Fixes a bug in the POSIX Threads Library for Tru64 UNIX V5.1 that would result in a DECthreads error return of EINVAL from the pthread mutex API routines. This error would be seen only when the thread stack had been user defined/changed, specifically seen when using 2-50 Summary of Base Operating System Patches the user level context switching (ucontext) routines. Fixes a problem in which the system panicked with a kernel memory fault while the class scheduler was being configured. Fixes cluster hangs where I/O stops, and a hwmgr -view -clu command does not return. However, the systems will respond to pings. This is caused by the ubc_memory_purge in routine cfs_putpage being blocked when doing FSOP_PUTPAGE. Summary of Base Operating System Patches 2-51 Patch 399.00 continued Fixes the following system panics: A "simple_lock: lock already owned by cpu" panic when anon_rss_enforce is non-zero and lockmode is set to 4. This remove occurs when a process, whose RSS (resident set size; the number of pages a process can have in memory) limit is exceeded tries to expand its heap. A "panic: vm_page_activate: already active" panic that can occur on a system during memory shortages. An "mcs_lock: no queue entries available" panic that can occur on a GS160 system. This is caused by an abandoned page mistakenly being reclaimed off the the 0/O hash. The page is then removed off a UBC free list where two stale page pointers were connected, hereby connecting the ACTIVE and INACTIVE list. When attempting to deactivate pages (move them from the ACTIVE queue to the INACTIVE queue) an INACTIVE page is encountered, which causes an inadvertant failure to unlock the page. Continued attempts to deactivate INACTIVE pages results in the lock queue being filled. This can also cause a "kernel memory fault" panic. Fixes a problem in which a heavy load placed on an HSG80 can disable the device. Fixes a timing window where flushing data to disk can be incomplete when a system is going down, or if more than one thread calls reboot() without first going through shutdown, /sbin/reboot, or /sbin/halt. Fixes a system crash that could occur when calling nmadvise. A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. 2-52 Summary of Base Operating System Patches Eliminates a kernel memory fault in AdvFS. Fixes multiple problems with SCSI tape handling including improvements to backup procedures, SCSI passthrough, an increase to the local IO size for transfers, a fix for a system crash that can occur during a bus reset, and a fix for a panic with the following panic string: PWS_CCB_QUE_REMOVE: CCB NOT ON ANY LIST Fixes a system hang caused by netisr queue corruption due to a race condition that is primarily encountered by third party drivers and layered products that call schednetisr_nospl(). Fixes a lockmode 4 panic in netisr_del_rad where netisr_del_rad attempted to release a lock it did not hold. Corrects the use of Granularlity Hints in a threaded application program. Fixes a problem with writing out crashdumps on systems with their swap on Fibrechannel. Summary of Base Operating System Patches 2-53 Patch 399.00 continued Fixes a kernel memory fault and invalid memory ifetch panic which can occur in AlphaServer SC systems running Quadrics' RMS software. Fixes a bug in the POSIX Threads Library for Tru64 UNIX V5.1 that would result in a DECthreads Bugcheck and process termination. Threaded applications might encounter this problem when pthread_kill() is used on a thread that is marked as blocked in the kernel. Corrects the behavior of the FIONBIO, FIOASYNC, and FIONREAD ioctls in a cluster environment. These commands would fail, returning ENOTTY when they should have succeeded. Fixes a problem in which the system call fcntl(fd, F_DUPFD, 15) fails with "too many files" even after fd limits have been increased. Corrects two problems with the scheduler: Enables NUMA load balancing in other processor sets then the default processor set (pset 0). Enables the processor to do load balancing for multi-threaded applications. Provides support for activating temporary data logging on a mount point. Fixes a hang in the UFS file system. Fixes kernel build failures due to an undefined ss_sched function. Fixes a problem with the execution of interpreter programs failing with a "file not found" error if the the total space used by the environment variables and command arguments is close to a multiple of 8K (page size). Provides full KZPCC support in Version 2.0 of the I2O block storage driver. Restriction: For TCR V5.1 installations, KZPCC support is restricted to data-only service; devices on the KZPCC controller cannot be used for system or 2-54 Summary of Base Operating System Patches boot partitions in a cluster. Additionally, this patch fixes the problem where extraneous console messages will appear when hardware is added or deleted. Fixes a performance problem with V5.1 where threads doing large I/O transfers could spend excess time in ubc_page_alloc(). Fixes nmadvise with a modification to VM to allow migration of shared memory. Provides functions to support EMC storage boxes that support Persistent Reserves (SCSI command set) as defined by the final SCSI specification. Fixes a kernel memory fault in GS series systems which have mixed revision PCI adapters. Fixes the following two issues: A "u_anon_free: page_busy" system panic when using System V shared memory locked by a single process. Failures ranging from uninitialized simple_lock panics, kernel memory fault panics, and process hangs, on GS320/160/80 systems configured with at least one memory less quad. Patch 401.00 PPPPaaaattttcccchhhh:::: Fixes POSIX message queue issues OSF510-176A SSSSttttaaaatttteeee:::: New This patch fixes POSIX message queue issues seen with mq_open() and other calls with messsaging. Patch 403.00 PPPPaaaattttcccchhhh:::: Fix for POSIX 4 message queue OSF510-176B SSSSttttaaaatttteeee:::: New This patch fixes POSIX message queue issues seen with mq_open() and other calls with messsaging. Summary of Base Operating System Patches 2-55 Patch 405.00 PPPPaaaattttcccchhhh:::: POSIX 4 message queues not following standard OSF510-176C SSSSttttaaaatttteeee:::: New This patch fixes POSIX message queue issues seen with mq_open() and other calls with messsaging. ______________________________________________________________________________ ______________________________________________________________________________ ______________________________________________________________________________ 2-56 Summary of Base Operating System Patches Summary of TruCluster Software Patches 3 This chapter summarizes the TruCluster software patches included in Patch Kit-0003. Table 3-1 lists patches that have been updated. Table 3-2 provides a summary of patches in Patch Kit-0003. _T_a_b_l_e _3-_1: _U_p_d_a_t_e_d _T_r_u_C_l_u_s_t_e_r _S_o_f_t_w_a_r_e _P_a_t_c_h_e_s ______________________________________________________________________________ PPPPaaaattttcccchhhh IIIIDDDDssss CCCChhhhaaaannnnggggeeee SSSSuuuummmmmmmmaaaarrrryyyy ______________________________________________________________________________ Patches 4.00, 9.00, 17.00, 41.00 New Patches 2.00, 13.00, 18.00, 19.00, 20.00, 21.00, Superseded by Patch 26.00 22.00, 23.00, 24.00 Patch 11.00 Superseded by Patch 30.00 Patch 5.00, 7.00 Superseded by Patch 32.00 Patch 15.00, 33.00, 34.00, 35.00, 36.00, 37.00 Superseded by Patch 39.00 ______________________________________________________________________________ _T_a_b_l_e _3-_2: _S_u_m_m_a_r_y _o_f _T_r_u_C_l_u_s_t_e_r _P_a_t_c_h_e_s ______________________________________________________________________________ PPPPaaaattttcccchhhh IIIIDDDDssss AAAAbbbbssssttttrrrraaaacccctttt ______________________________________________________________________________ Patch 4.00 PPPPaaaattttcccchhhh:::: Fix for Cluster Alias Manager system management tool TCR510DX-001 SSSSttttaaaatttteeee:::: New This patch fixes the Cluster Alias Manager system management tool from crashing and displaying errors. Patch 9.00 PPPPaaaattttcccchhhh:::: Initializing the MC-API results in system crash TCR510-001 SSSSttttaaaatttteeee:::: New This patch fixes a problem where on the AlphaServer GS160 systems, initializing the MC- API results in the system crashing with a "kernel memory fault" message. Patch 17.00 PPPPaaaattttcccchhhh:::: Removes rmerror_int diagnostic messages TCR510-018 SSSSttttaaaatttteeee:::: New This patch eliminates unnecessary rail failovers in vhub configurations and removes rmerror_int diagnostic messages. 3-2 Summary of TruCluster Software Patches Patch 26.00 PPPPaaaattttcccchhhh:::: Security (SSRT0691U) TCR510-008 SSSSttttaaaatttteeee:::: Supersedes patches TCR510-004 (2.00), TCR510-006 (13.00), TCR510-026 (18.00), TCR510- 020 (19.00), TCR510-013 (20.00), TCR510-015 (21.00), TCR510-017 (22.00), TCR510-014 (23.00), TCR510-025 (24.00) This patch corrects the following: A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. Provides a small TPC-C performance optimization to cfsspec_read for reporting TPC-C single node cluster numbers. When attempting to roll a patch kit on a single member cluster without this patch, the following error messages will be seen when running the postinstall stage: *** Error*** Members '2' is NOT at the new base software version. *** Error*** Members '2' is NOT at the new TruCluster software version. During backup stage of clu_upgrade setup 1, clu_upgrade is unable to determine the name of the kernel configuration file. clu_upgrade does not check the availabilty of space in /, /usr, and /usr/i18n. During the preinstalled phase, clu_upgrade will ignore a no answer when the user is prompted, during an error condition, whether they wish to continue. clu_upgrade incorrectly assumes that if the directory /usr/i18n exists, then it is in its own file system. After the clu_upgrade clean phase, the final step of clu_upgrade, no message is displayed that leads the user to believe they have completed the upgrade. Only the prompt is Summary of TruCluster Software Patches 3-3 returned and the clu _upgrade -completed clean command reports that the clean had not completed. clu_upgrade can display "Could not get property..." and "...does not exist" type of error messages during the undo install phase. The clu_upgrade undo switch command, after completing a clu_upgrade switch command, should display an error message instead of claiming it has succeeded. Fixes a problem with disaster recovery whereby the node being restored will hang on boot. Corrects a problem in which a cluster may panic with a "cfsdb_assert" message when restoring files from backup while simultaneously relocating the CFS server for that file system. Corrects a problem in which a cluster member can panic with the panic string "cfsdb_assert" when a NFS v3 TCP client attempts to create a socket using mknod(2). Corrects a problem in which a cluster member will panic with the patch string "lock_terminate: lock held" from cinactive(). 3-4 Summary of TruCluster Software Patches Patch 26.00 continued Fixes a hang seen while running collect and the vdump utility. This patch prevents the hang in tok_wait from occurring. This also prevents a cfsdb_assert panic that contains the following message: Assert Failed: (tcbp- >tcb_flags & TOK_GIVEBACK) == 0 Prevents a cfsdb_assert panic from occurring in the cfs block reserve code. The system is most likely running process accounting that will receive this type of panic. Provides performance enhancements for copying large files (files smaller than the total size of client's physical memory) between a CFS client and server within the cluster. Patch 30.00 PPPPaaaattttcccchhhh:::: Corrects incorrect warning message TCR510-024 SSSSttttaaaatttteeee:::: Supersedes patch TCR510-007 (11.00) This patch corrects the following: corrects a problem in which the RDG subsystem will stop sending messages even though there are messages which are deliverable. Fixes an incorrect display of the following warning message at boot time: rdg: failed to start context rcvq scan thread Summary of TruCluster Software Patches 3-5 Patch 32.00 PPPPaaaattttcccchhhh:::: ring_recv does not handle change in channel numbers TCR510-023 SSSSttttaaaatttteeee:::: Supersedes patches TCR510-002 (5.00), TCR510-003 (7.00) This patch corrects the following: Fixes an occasional cluster hang which can occur after a Memory Channel error. Fixes a kernel memory fault which occurs in the ics_mct_ring_recv() routine. The kernel memory fault is seen when a node is booting into the cluster, and can occur on the booting node or on another node. Fixes a problem in ICS where ring_recv() does not properly handle a change in channel numbers. The fix will, in turn, improve validation of the connection structure on node joins. 3-6 Summary of TruCluster Software Patches Patch 39.00 PPPPaaaattttcccchhhh:::: System panics while doing tape failovers TCR510-012 SSSSttttaaaatttteeee:::: Supersedes patches TCR510-005 (15.00), TCR510-021 (33.00), TCR510-009 (34.00), TCR510- 016 (35.00), TCR510-011 (36.00), TCR510-022 (37.00) This patch corrects the following: Fixes two TruCluster problems: If a Quorum disk is manually added by the command clu_quorum -d add, the disk becomes inaccessible because the PR flag is not being cleaned up. The same command will work in the next reboot. A cluster member cannot boot under a specific hardware setup. The CFS mount fails because of the PR flag is not cleaned up. Addresses the need for IOCTL for remote DRD, adds clean up for failed remote closes for non- disks, fixes error returns on failed tape/changer closes, and fixes tape deadlock experienced in netbackups. Fixes an issue with a tape/changer failing to correctly report a close failure of a device in a cluster environment. Fixes a problem which results in a system panic while doing tape failovers. Fixes a node panic during fiber port disables. Fixes an issue with a tape/changer giving back "busy on open" if a close from a remote node failed. Provides the TCR portion of the functionality to support EMC storage boxes that support Persistent Reserves (SCSI command set) as defined by the final SCSI specification. Fixes an issue with requests being stuck on a failed disk in a cluster. Summary of TruCluster Software Patches 3-7 Patch 41.00 PPPPaaaattttcccchhhh:::: Cluster members not able to route an alias TCR510-019 SSSSttttaaaatttteeee:::: New This patch corrects the following: Fixes the cluamgr command where it will display the alias status even if no cluster member has joined the alias. Fixes a problem in which rpc requests to the cluster alias may fail with "RPC timeout" message. ______________________________________________________________________________ ______________________________________________________________________________ ______________________________________________________________________________ 3-8 Summary of TruCluster Software Patches