These header files are loaded if you have the optionally loaded OSFINCLUDE405 subset on your system. This patch contains header files for the following patches: PROBLEM: (Patch ID: OSF405-400331) ******** When the /etc/passwd file is very large, a performance degradation may occur. When the number of passwd entries reaches up into the 30,000 to 80,000 range or greater, mkpasswd will sometimes fail to create a hashed (ndbm) database. Since the purpose of this database is to allow for efficient (fast) searches for passwd file information, failure to build it causes commands that rely on it to do a linear search of /etc/passwd. This results in a serious per- formance degradation for those commands. For customers choosing to use the mkpasswd -s option to avoid this type of failure, a potential database/binary compatibility problem may arise. If a customer application that accesses the password database created by mkpasswd is built statically (non-shared), that application will be unable to read from or write to the password database correctly. This would cause the customer application to fail either by generating incorrect results or by possibly dumping core. Any statically linked application would be affected if it directly or indirectly calls any of the libc ndbm routines documented in the ndbm(3) man page and then accesses the password database. To remedy this situation, the customer would need to re-link the application. Customers who do not use the mkpasswd -s option will not see this database/ binary compatibility problem. PROBLEM: (QAR 48162) (Patch ID: OSF405-400056) ******** Several reentrant libc interfaces do not have proper prototypes in the appropriate include files and produce error messages similar to the following when compiled with c++: cxx: Error: toto.cc, line 9: In this statement, "_Plocaltime_r" is not declared. The interface given in the error message will always begin with _P and end with _r. PROBLEM: ( QAR 50697, MGO102332, FNO100130 ) (Patch ID: OSF405-400198) ******** This patch fixes a number of problems relating to signals and POSIX 1003.1b timers in multithreaded programs running on multiprocessor systems. These problems can result in missed timer-expiration signals and system crashes. These issues involve synchronizing timer creation, timer deletion, and timer reset within multithreaded programs. Two distinct crashes are typical of the problems. Here's a sample of the first crash, a signal panic: panic (cpu 0): psig: catch not set With the following stack trace: > 0 boot 1 panic 2 psig 3 syscall 4 _Xsyscall A sample of the second crash is shown in the following example: from vmcore.3 : . . . simple_lock: time limit exceeded . . . pc of caller: 0xfffffc000024a5a4 lock address: 0xfffffc003d93b210 current lock state: 0x000000000043af85 (cpu=0,pc=0xfffffc000043af84,busy) . . . panic (cpu 2): simple_lock: time limit exceeded While a stack trace would show: kernel stack of CPU 0 > 0 boot 1 panic 2 event_timeout 3 simple_lock_miss 4 netisr_timeout 5 softclock_scan 6 lwc_schedule 7 thread_preempt 8 boot 9 panic 10 cpu_ip_intr 11 _XentInt 12 swap_ipl_preempt_check 13 wanTimerSysTick . . . kernel stack of CPU 1 > 0 stop_secondary_cpu ... 1 panic : 2 cpu_ip_intr : THIS PART OF THE KERNEL STACK 3 _XentInt : IS VERY TYPICAL FOR THIS CLASS 4 sigq_enqueue_tail : OF CRASHES. 5 psignal_internal : 6 psx4_tod_expire_sig ..: 7 psignal_lwc 8 lwc_schedule 9 do_preemption 10 simple_unlock_preempt 11 sigwaitprim 12 syscall 13 _Xsyscall . . . kernel stack of CPU 2 > 0 stop_secondary_cpu 1 panic 2 event_timeout 3 xcpu_puts 4 printf 5 panic 6 simple_lock_fault 7 simple_lock_time_violation 8 psx4_set_todtimer 9 syscall 10 _Xsyscall . . . kernel stack of CPU 3 > 0 stop_secondary_cpu 1 panic 2 cpu_ip_intr 3 _XentInt 4 swap_ipl_preempt_check 5 netisr_thread 6 wanTimerTick . . . This patch closes MP race conditions for multithreaded use of POSIX timers and signals. PROBLEM: (SSRT0296U) (Patch ID: OSF405-400189) ******** A potential security vulnerability has been discovered in BIND (Domain Name Service), where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. DIGITAL has corrected this potential vulnerability. PROBLEM: (QAR 45580) (Patch ID: OSF405-400239) ******** Multithreaded applications that call the pthread_mutex_destroy routine may fail when there are no threads referencing the mutex. This is caused by a race condition inside the pthread_mutex_unlock code. The typical symptom will be a return value of EBUSY from pthread_mutex_destroy. *** NOTE *** Applications using "inline" mutex operations, as described in the pthread.h header file, will need to RECOMPILE with the application of this patch. The instruction sequences for the pthread_mutex_unlock routine have changed. Please refer to the existing note in pthread.h entitled "NOTICE: inline function performance vs. binary compatibility" for more information. PROBLEM: (MCPM31P0Q/QAR 60741) (Patch ID: OSF405-440) ******** This patch is a fix to libtli/libxti to correctly handle a continuation data message still on the stream head. PROBLEM: (SSRT0546U, SSRT0542U) (Patch ID: OSF405-403) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Digital has corrected this potential vulnerability. In addressing this issue, a warning message not previously seen may be placed in the daemon.log by named. An example of the message follows: Jan 7 14:03:25 hostname named[316]: owner name "xx_yy.zz.com" IN (secondary) is invalid - proceeding anyway This message has no impact on system operation and will only be seen once for any given node name on a BIND server at startup. It is informing the user that this node name contains non-standard characters. Standard characters are defined as A-Z, a-z, 0-9 and hyphen. Non-standard characters are characters that fall out of the standard set such as underscores.