PROBLEM: (SSRT0617U, 74129, 74950, 74952, SSRT0617U) (PATCH ID: OSF440CDE-019) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability PROBLEM: (ZUO16050A, 47503) (PATCH ID: OSF440CDE-020) ******** This patch fixes a problem in which dtfile ICDE COSE tool does not work when TMPDIR is defined as /ldata/disk_local/tmp. dtfile returns this error: /ldata/disk_local/tmp/sdtdbcache_AAAaadmma: Cross-device link /ldata/disk_local/tmp/sdtdbcache_BAAaadmma: Cross-device link Floating exception (core dumped) PROBLEM: (UVO41850, 46127) (PATCH ID: OSF440CDE-022) ******** This patch fixes a problem with the Common Desktop Environment (CDE) in which some desktop applications will fail if CDE is not initialized. The error which appears in the users home .dt/errorlog file is: Desktop Not Initialized: Could not createAction/Datatypes database. PROBLEM: (90331) (PATCH ID: OSF440CDE-034) ******** A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of command line arguments. Compaq has corrected this potential vulnerability. PROBLEM: (88306) (PATCH ID: OSF440CDE-042) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Compaq has corrected this potential vulnerability. PROBLEM: (94946, 94947, 94949) (PATCH ID: OSF440CDE-056) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. PROBLEM: (88299) (PATCH ID: OSF440CDE-048) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Compaq has corrected this potential vulnerability. PROBLEM: (89468, SSRT0752U) (PATCH ID: OSF440CDE-039) ******** A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of command line arguments. Compaq has corrected this potential vulnerability. PROBLEM: (90725, SSRT0753U, SSRT0752U) (PATCH ID: OSF440CDE-035) ******** This patch fixes a potential security vulnerability in CDE Subprocess Control Service(dtspcd). 'dtspcd' has a potential buffer overflow condition which may lead to unauthorized access. Compaq has corrected this potential vulnerability. PROBLEM: (90902, SSRT0788U) (PATCH ID: OSF440CDE-037) ******** The dtprintinfo application may crash if the LANG environment variable has a value that is too long. This patch helps to fix this problem. PROBLEM: (89467, 89468, SSRT0753U, SSRT0752U) (PATCH ID: OSF440CDE-031) ******** A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of ENVIRONMENT variables and command line arguments. Compaq has corrected this potential vulnerability. PROBLEM: (SSRT2251, SSRT2274) (PATCH ID: OSF440CDE-050) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability. PROBLEM: (SSRT0767U) (PATCH ID: OSF440CDE-032) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. The ttdbserverd contains a potential buffer overflow that may allow unauthorized access. Compaq has corrected this potential vulnerability.