PROBLEM: (SSRT0296U) (Patch ID: OSF405-400189B) ******** A potential security vulnerability has been discovered in BIND (Domain Name Service), where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. DIGITAL has corrected this potential vulnerability. PROBLEM: (TKTBC2528, 46553) (Patch ID: OSF405-400313) ********* This patch corrects a problem where, if the FLAG bit is set in the IP header, screend incorrectly reports: ACCEPT: Not first frag, off 64 PROBLEM: (SSRT0494U) (Patch ID: OSF405-400422) ******** This patch corrects a security vulnerability which might allow unauthorized access to a DIGITAL Unix system. PROBLEM: (SSRT0546U, SSRT0542U) (Patch ID: OSF405-403) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Digital has corrected this potential vulnerability. In addressing this issue, a warning message not previously seen may be placed in the daemon.log by named. An example of the message follows: Jan 7 14:03:25 hostname named[316]: owner name "xx_yy.zz.com" IN (secondary) is invalid - proceeding anyway This message has no impact on system operation and will only be seen once for any given node name on a BIND server at startup. It is informing the user that this node name contains non-standard characters. Standard characters are defined as A-Z, a-z, 0-9 and hyphen. Non-standard characters are characters that fall out of the standard set such as underscores.