SEARCH CONTACT US SUPPORT SERVICES PRODUCTS STORE
United States    
COMPAQ STORE | PRODUCTS | SERVICES | SUPPORT | CONTACT US | SEARCH
gears
compaq support options
support home
software & drivers
ask Compaq
reference library
support forum
frequently asked questions
support tools
warranty information
service centers
contact support
product resources
parts for your system
give us feedback
associated links
.
} what's new
.
} contract access
.
} browse patch tree
.
} search patches
.
} join mailing list
.
} feedback
.
patches by topic
.
} DOS
.
} OpenVMS
.
} Security
.
} Tru64 Unix
.
} Ultrix 32
.
} Windows
.
} Windows NT
.
connection tools
.
} nameserver lookup
.
} traceroute
.
} ping 

 OpenVMS ALPLOAD02_062 Alpha V6.2 LOGINOUT/Security Server ECO Summary


 
NOTE:  An OpenVMS saveset or PCSI installation file is stored
       on the Internet in a self-expanding compressed file.
       The name of the compressed file will be kit_name-dcx_vaxexe
       for OpenVMS VAX or kit_name-dcx_axpexe for OpenVMS Alpha.
 
       Once the file is copied to your system, it can be expanded
       by typing RUN compressed_file.  The resultant file will
       be the OpenVMS saveset or PCSI installation file which
       can be used to install the ECO.
 
Copyright (c) Digital Equipment Corporation 1996, 1997.  All rights reserved.

PRODUCT:    OpenVMS Alpha

COMPONENT:  CIA.EXE
            LOGINOUT.EXE
            SECURESHR.EXE
            SECURESHRP.EXE

SOURCE:     Digital Equipment Corporation

ECO INFORMATION:

     ECO Kit Name:  ALPLOAD02_062
     ECO Kits Superseded by This ECO Kit:  ALPLOAD02_070 (For Alpha
                                                          V6.2 *ONLY*)
                                           ALPLOAD01_070
                                           ALPLOAD01_062
                                           ALPLOGI02_070
                                           ALPLOGI01_070
     ECO Kit Approximate Size:  1674 Blocks
     Kit Applies To:  OpenVMS Alpha V6.2, V6.2-1H1, V6.2-1H2, V6.2-1H3
     System/Cluster Reboot Necessary:  Yes

     Installation Rating:  3 - To be installed on all systems running         
                               the listed versions of OpenVMS which           
                               are experiencing the problems described.       

     NOTE:  In order to receive the full fixes listed in this kit,
            the following remedial kits also need to be installed:

                 None. 


ECO KIT SUMMARY:

An ECO kit exists for the LOGINOUT and the Security Server on OpenVMS 
Alpha V6.2, V6.2-1H1, V6.2-1H2 and V6.2-1H3.

Problems addressed in ALPLOAD02_062:

  o  The DISUSER flag gets set on a user account when no intrusions           
     are present.                                                             
                                                                              

Problems addressed in ALPLOAD02_070:
 
  o  After installing the ALPLOAD01_070 kit on V6.2 systems, logins
     were not possible.


Problems addressed in ALPLOAD01_070: 

  o  The $GETUAI and $SETUAI services may return RMS record locked
     errors when attempting to access the SYSUAF.  These errors
     will happen if the caller uses these services with a context
     block supplied (which keeps the SYSUAF open), and encounters a
     locked record for other than the initial call (because the RMS
     structures  are not correctly re-initialized after the initial
     call).

     This problem is corrected in OpenVMS Alpha V7.0

  o  Some logins are not correctly audited due to a disconnected 
     terminal checking loop which can exit before audits are 
     restored.

  o  Users without WORLD privileges generate many "No WORLD priv"
     audits when logging in.

  o  Proxy behavior is unpredictable.  Sometimes they are                     
     inoperative and at other times access is given to an                     
     incorrect place.                                                         
                                                                              
  o  Records in the old intrusion database can not be deleted                 
     because they are ill-formed (i.e., they contain control                  
     characters, nulls, spaces, etc.).                                        
                                                                              
  o  If a user is prompted for and successfully enters a new password
     at login time, no audit records are written or displayed.


Problems addressed in ALPLOAD01_062:

  o  Five seconds after a password is entered, a login is rejected.

  o  A login attempt hangs for 30 seconds and is then rejected.


Problems addressed in ALPLOGI02_070:

  o  Users with an expired password, but with the DISFORCE_PWD_CHANGE         
     flag set, are getting their password unexpired even though they          
     do not set a new password.                                               
                                                                              
  o  Audit information about network sessions from TCP/IP connections         
     does not contain remote host information.                                


Problems Addressed in ALPLOGI01_070:
                                                                              
  o  Intrusion records and audits from DECnet/OSI network                     
     connections have a username padded with  characters.                
                                                                              
  o  A user typing meaningless characters, whitespace, or "/" in              
     response to the USERNAME prompt receives a CLI error and then            
     successfully logs in.  This causes both an intrusion and an              
     incorrect audit to be generated.                                         

  o  Errors may occur in a log file specification when a logical name         
     is used.  When using item code SJC$_LOG_SPECIFICATION with               
     SYS$SNDJBCW, OpenVMS V6.2 handles logical names differently than         
     OpenVMS V6.1 and earlier versions.                                       
                                                                              
     For example, using "TEST" as the log file specification, the             
     DCL command 'DEFINE/SYSTEM TEST DEV1:[USER.TMP]' gives the               
     following results from $SNDJBC when executed from directory              
     DEV1:[USER]:                                                             
                                                                              
       For OpenVMS V6.1:                                                      
                                                                              
          DEV1:[USER.TMP]jobname.LOG                                          
                                                                              
       For OpenVMS V6.2:                                                      

          DEV1:[USER.TMP].LOG
                                                                              
  o   When setting host into a DECnet Phase V system, the logical name        
      SYS$REM_NODE is set incorrectly.                                        


INSTALLATION NOTES:

In order for the corrections in this kit to take effect, the system must      
be rebooted.  If the system is a member of a VMScluster, the entire           
cluster should be rebooted.

This patch can be found at any of these sites:

Colorado Site
Georgia Site


Files on this server are as follows:

alpload02_062.README
alpload02_062.CHKSUM
alpload02_062.CVRLET_TXT
alpload02_062.a-dcx_axpexe

privacy and legal statement