PROBLEM: (MGO101831) (Patch ID: OSF375-350188) ******** After a login session on /dev/console exits, syslogd cannot write to /dev/console PROBLEM: (TKTB51380) (Patch ID: OSF375-350383) ******** This patch fixes a problem in which the syslogd program cannot properly forward large messages to remote systems. It will either write them to the wrong facility (specified in /etc/syslog.conf) or write incomplete data. PROBLEM: (SSRT0499U) (Patch ID: OSF375-099) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Digital has corrected this potential vulnerability. NOTE: The security of the syslog facility has been enhanced in this patch. Unless the domain host name of a remote host is entered in the local file, /etc/syslog.auth, the local system will not log any syslog messages from that remote host. If you install this patch (the secure version of syslogd) on a system, and you have configured or intend to configure other hosts to forward syslog messages to the system, complete the following steps: 1. Use su to become superuser (root) 2. Create the file /etc/syslog.auth using a text editor. This file must be owned by root and have permissions set to 0600. 3. Add the names of any remote hosts that are alllowed to forward syslog messages to the local system. Host names must meet the following criteria: - Each remote host name should appear in a separate line in /etc/syslog.auth. (A line started with the "#" character is considered as a comment and is ignored.) - A host name must be a complete domain name such as trout.fin.huk.com - If a domain host name is given, it must either appear in the local /etc/hosts file or the local system must resolve it through a name server (such as BIND). - A host name can have at most as many characters as defined by the MAXHOSTNAMELEN constant in , although each line in the /etc/syslog.auth file in limited to 512 characters. If the /etc/syslog.auth file does not exist or it exists but is empty or has no valid remote host names in it, the system will assume no remote host is allowed to forward syslog messages to the local host. PROBLEM: (QAR 51348) (Patch ID: OSF375-128) ******** This patch fixes a panic that occurs when the system's message buffer size is increased to beyond the default size of 4096. During the subsequent reboot, the syslogd daemon fails with a "Segmentation fault (core dumped)" message, and creates a core file in the "/" directory. PROBLEM: (MCPM309FT, QAR 58021) (Patch ID: OSF375-143) ******** This patch fixes a problem in which the syslogd daemon may hang when writing to a named pipe log file. The following is an example of a stack trace: thread_block() mpsleep() fifo_open() vn_open() copen() open() PROBLEM: (QAR 52898) (Patch ID: OSF375-222) ******** If a system has more than 2 gigabytes of memory, and full dumps are enabled, savecore may incorrectly report that a negative number of bytes was written to the crash dump. For example: The system is coming up. Please wait... Checking for crash dumps System went down at Tue May 6 08:20:30 1997 Saving -532480 bytes of image in vmcore.2 Only the report text is incorrect, and the correct number of bytes are saved in the crash dump. PROBLEM: (HPAQ706FK, BCGM708HD) (Patch ID: OSF375-226) ******** This patch fixes a problem when setting up the syslogd.auth file for remote loggging, if there are more than 23 entries in the file, syslogd -d coredumps when started.