MAILbus 400 Message Transfer Agent and Application Program Interface, Version X2.0-167 for HP Tru64 UNIX This Cover Letter lists the functional changes that have been introduced in Version X2.0-167 of MAILbus 400 MTA and MAILbus 400 Application Program Interface (API). Functional Changes ------------------ MTA Version X2.0-167 is based on MTA V2.0C and it includes the fixes for the following IPMTs and ASN.1 Vulnerabilities. 1. IPMT CFS.77437 Fix for MTA crash while decoding certain types of IPMS extension field in messages. 2. IPMT CFS.79710 Fix for Non-DEC OID translation failure problem. 3. IPMT CFS.80088 The MTA would, under certain conditions, not log the domain name for "Transfer In" entries in the accounting log. This problem has been resolved now. 4. IPMT CFS.80803 The outbound message stall problem under high message traffic condition is resolved 5. The MTA X2.0-167 supports 256 parallel agent connections. 6. Fix for SSRT3624 X.400 potential security vulnerability via ASN.1 cross reference: NISCC (006489) A potential denial of service has been identified that may allow a Remote initiated Buffer Overflow when malformed ASN.1 messages are submitted. This potential buffer overflow has been fixed in this version. Installation Prerequisites and Procedure: ----------------------------------------- Versions of Tru64 UNIX that this patch should be installed on: This patch should be installed on all the Tru64 UNIX machines that are running MAILbus 400 MTA 2.0C and X2.0-x versions. Installing Version X2.0-167: To install this kit, follow the instructions given in "MAILbus 400 MTA Installing on a Tru64 UNIX System" or "MAILbus 400 API Installing on Tru64 UNIX System", with the following exceptions: Following is a brief description about the Installation procedure: (For detailed installation procedure, refer the steps described in the Manual "MAILbus400 Message Transfer Agent Installing on a Digital UNIX system" Version 2.0.) 1. Copy the tar file to a directory, for example, /tmp1, on the target node. 2. Create a temporary directory, for example, /tmp2, to contain the MTA and API subsets. 3. Change current directory to /tmp2. 4. Unpack the tar file into this directory, for example: # tar -xvf /tmp1/mailbus_400_mta.tar 5. You can now install MTA X2.0-167 from the temporary directory: # setld -l . When you deinstall the MTA, the MTA startup script (/var/mta /scripts/ start_mta.ncl) is renamed to /var/mta/scripts/start_ mta.ncl.savn, where n is a number. The MTA installation pro- cedure installs a new template /var/mta/scripts/start_mta.ncl file. After the subsets have been successfully installed, reap- ply your saved changes to the new copy of the start_mta.ncl file. For the MAILbus 400 API, if you are using the archive libraries on Tru64 UNIX, you will need to relink your application after you has installed Version X2.0-167. The version number of this kit when displayed using NCL manage- ment is x2.0.167 To identify this kit, type the following command: # what /usr/sbin/mta/mta | grep MAILbus the following is the response from this command MAILbus 400 MTA (X2.0-167) Mon Dec 1 13:17:43 IST 2003 Problem reporting: ------------------ Problems relating specifically to this kit should be reported through your normal HP support channel.