
PROBLEM:  (SSRT0546U, SSRT0542U)    (Patch ID: OSF425-405403)
********
A potential security vulnerability has been discovered, where under certain 
circumstances, system integrity may be compromised. This may be in the form 
of improper file or privilege management. Digital has corrected this potential 
vulnerability.

In addressing this issue, a warning message not previously seen may be
placed in the daemon.log by named.  An example of the message follows:

  Jan  7 14:03:25 hostname named[316]: owner name "xx_yy.zz.com"
  IN (secondary) is invalid - proceeding anyway

This message has no impact on system operation and will only be seen
once for any given node name on a BIND server at startup.  It is
informing the user that this node name contains non-standard
characters.  Standard characters are defined as A-Z, a-z, 0-9 and
hyphen.  Non-standard characters are characters that fall out of the
standard set such as underscores.

PROBLEM:  (QAR 68986)    (Patch ID: OSF425-405568)
********

This patch fixes a problem in which a BIND server may find that 
named will place a warning message in the daemon.log that was 
not previously seen. This message has no impact on system
operation and will only be seen once for any given
node on a BIND server at startup.

In addressing security releated BIND issues, an area of BIND 
functionality was altered in a previous BIND patch.  A message
that informs the user that a node name contains non-standard 
characters, such as underscores, is placed in the daemon.log 
file.  An example of the message is:

  Jan  7 14:03:25 host named[316]: owner name "xx_yy.zz.com"
  IN (secondary) is invalid - proceeding anyway

Standard characters are defined as A-Z, a-z, 0-9 and hyphen. 


PROBLEM:  (QAR 69028)    (Patch ID: OSF425-405569)
********

This patch fixes a problem in which a BIND server writes
files to the /etc/namedb directory instead of the
/var/tmp directory.

In addressing security related BIND issues, an area of BIND 
functionality was altered in a previous BIND patch.  Files 
written to the /etc/namedb directory include named.run, 
named_dump.db, and named.stats.

PROBLEM:  (SSRT0636U) (PATCH ID: OSF425-882)
********

A potential security vulnerability has been discovered, where under
certain circumstances, system integrity may be compromised. This may
be in the form of improper file or privilege management. Compaq has
corrected this potential vulnerability.

PROBLEM: (N/A) (PATCH ID: OSF425-986)
********
This patch fixes a problem where named could possibly core dump when printing
an informational message to syslog.


PROBLEM: (GB-G00704) (PATCH ID: OSF425-1044)
********
This patch fixes a problem of named producing a core file when named is 
started and the named.boot file has more than 32767 zones specified.