2    Summary of Base Operating System Patches

This chapter summarizes the base operating system patches included in Patch Kit-0004.

Table 2-1:  Summary of Base Operating System Patches

Patch IDs Abstract

Patch 2.00

OSF445CDE-002

Patch: Fix for file permission problem

State: Existing

This patch fixes a problem in which file permissions allow any user to write to the /.dt/Trash/.trashinfo file.

Patch 3.00

OSF445CDE-003

Patch: CDE does not re-create list of application groups

State: Existing

This patch fixes a problem where the Common Desktop Environment (CDE) Application Manager did not re-create the list of application groups at login. After customizing the application groups, users would see the old groups instead of the new groups.

Patch 7.00

OSF445X11-001

Patch: ccedilla and Ccedilla characters do not display

State: Existing

This patch fixes the Turkish F keyboard problem, where the characters Ccedilla and ccedilla cannot be entered from the keyboard directly.

Patch 10.00

OSF445X11-004

Patch: Provides missing compose definitions

State: Existing

This patch provides missing compose definitions when in ISO8859-15-based locales for the scaron, Scaron, zcaron, and Zcaron characters.

Patch 28.00

OSF445-024A

Patch: Adds missing prototype for stime function

State: Existing

This patch adds the missing prototype for the stime() function to <sys/time.h>, allowing C++ programs and other software to properly resolve it.

Patch 31.00

OSF445-028

Patch: Fixes a tftpd problem

State: Existing

This patch fixes a tftpd problem when responding to a broadcast read request and it adds the -b option to control whether to respond to any broadcasts.

Patch 33.00

OSF445-003

Patch: Panic when running Classical IP over lfa ATM driver

State: Existing

This patch fixes a kernel panic seen when running Classical IP over the lfa ATM driver. This panic would only occur in lockmode 4. If not in lockmode 4, the symptom would be a CPU hang.

Patch 37.00

OSF445-033

Patch: quotactl prototype is now POSIX compliant

State: Existing

This patch changes the quotactl prototype in /usr/include/ufs/quota.h to meet POSIX standards.

Patch 46.00

OSF445-041

Patch: Fix for if.h file

State: Existing

This patch fixes a typo found in the /usr/sys/include/if.h file.

Patch 48.00

OSF445-043

Patch: Performance problem for round-robin sequential reads

State: Existing

This patch fixes a performance problem for round-robin sequential reads on LSM mirrored volumes.

Patch 50.00

OSF445-045

Patch: Prevents vold from dumping core

State: Existing

This patch prevents /sbin/vold from dumping core during an execution of a volprint or other query command.

Patch 59.00

OSF445-054

Patch: Cursor is displayed incorrectly

State: Existing

This patch fixes a problem where the cursor is displayed incorrectly when the image plane is set to 1 and the mask plane is set to 0.

Patch 61.00

OSF445-056

Patch: Fixes a problem with the psiop driver

State: Existing

Fixes a problem with the psiop driver that causes it to fail when vdump is used. The following error is displayed:

vdump : unable to write to device

Patch 62.00

OSF445-057

Patch: Provides latest driver for PowerStorm 4D10T card

State: Existing

This patch provides the latest driver for the PowerStorm 4D10T (ELSA Gloria Synergy, SN-PBXGK-BB) graphics card and the latest graphics driver for the PCI To Ethernet/Graphics Combo Adapter (3X-DEPVD-AA).

Patch 63.00

OSF445-059

Patch: Fixes a hang in shutdown process of system

State: Existing

This patch fixes a hang in the system shutdown process ("shutdown now") when a device has flow control switched off.

Patch 64.00

OSF445-006

Patch: Fixes a kernel memory fault when using ATM

State: Existing

This patch fixes a kernel memory fault when using ATM.

Patch 80.00

OSF445-071

Patch: Fix for memx command

State: Existing

This patch fixes a problem with the memx command where it improperly handles memory sizes of 2 GB or greater.

Patch 85.00

OSF445X11-005B

Patch: Fix for X server interaction with X font server

State: Existing

This patch fixes various problems with the X font server and with the X server's interaction with X font servers.

Patch 87.00

OSF445-024B

Patch: C++ functions do not properly resolve stime function

State: Existing

This patch adds the missing prototype for the stime() function to <sys/time.h>, allowing C++ programs and other software to properly resolve it.

Patch 90.00

OSF445-087

Patch: Corrects problems in the LAT driver

State: New

This patch corrects problems in the LAT driver which caused improper processing of the ioctl TCSBRK, as well as the generation of spurious characters when the libc routine tcdrain() was used.

Patch 95.00

OSF445-112B

Patch: Addresses performance and scalability issues

State: New

This patch addresses performance and scalability issues for highly contended threaded applications running on EV6 SMP machines.

Patch 97.00

OSF445-118

Patch: Assembler generates incorrect error messages

State: Supersedes patch OSF445-044 (49.00)

This patch corrects the following:

  • Resolves a problem that caused the assembler to flag any identifiers whose length exceeded 1024 characters with an assembly-time error. With this patch, such identifiers are now accepted.

  • Corrects a problem whereby the assembler would generate incorrect error messages for source programs, which produces a mix of hand-coded and assembler-generated relocation operands.

Patch 99.00

OSF445-089

Patch: Fix for mailx

State: New

This patch corrects the problem so mailx(1) will work correctly if the -r and -s options are used together.

Patch 132.00

OSF445CDE-006

Patch: dtlogin core dumps servicing srequests from XDMCP

State: New

This patch fixes a problem where the Common Desktop Environment (CDE) login daemon, dtlogin, core dumps occasionally when servicing requests from XDMCP clients such as X terminals or PCs running X servers.

Patch 147.00

OSF445-058B

Patch: Fixes reply values for NFS writes

State: New

This patch fixes reply values for NFS writes which were causing protocol violations.

Patch 157.00

OSF445-105

Patch: Bootlink fails on Alphastations 600, 600A, 500/400

State: New

This patch fixes a problem in which the bootlink can fail on Alphastations 600, 600A, 500/400.

Patch 167.00

OSF445-093B

Patch: Fix for Enhanced Security problem

State: Supersedes patches OSF445-022B (86.00), OSF445-032B (88.00), OSF445-084B (165.00)

This patch corrects the following:

  • Corrects a problem of the rsh command displaying a warning message instead of the rsh command output when C2 security is configured.

  • Fixes a problem with logins in a DCE/C2 environment. The user could encounter an error "Bad priority setting" if there is a u_priority setting used in the /etc/auth/system/default file.

  • Fixes a problem when a system is configured with DECnet, C2, and NIS. When invoking edauth(8) <user_name>, the error "Must be on NIS master server to update entry for <user_name>" is returned.

  • Fixes a problem for Enhanced Security configurations, where the Maximum Login Interval (u_max_login_intvl) field was being ignored for account templates.

Patch 169.00

OSF445-061

Patch: Fixes a problem with advscan

State: New

This patch fixes a problem where advscan -a -g does not display bootable partitions properly.

Patch 182.00

OSF445-086

Patch: Incorrect encoding for SysV Open call audit parameter

State: New

This patch fixes a problem where encoding for the SysV Open call audit parameter was incorrect. This could cause a system panic.

Patch 188.00

OSF445-092

Patch: Fixes several problems in the tapex utility

State: New

This patch fixes the following problems:

  • Accuracy of performance tests has been improved.

  • The tapex exit status has been corrected.

  • The tapex utility was fixed to determine eom status in Command Timeout Test and exit with nonsero status to indicate failure.

Patch 196.00

OSF445-135

Patch: Fix for floppy disk

State: Existing

HP has determined in laboratory testing that there is a theoretical possibility that during read and write operations to the floppy disk on DS10, DS10L and ES40 AlphaServers and VS10 and XP900 AlphaStations, a single byte of data may be inaccurately read or written without notice to the user or system. The potential for this anomaly exists only if floppy data read and write operations are attempted while there is extremely heavy traffic on these Alpha systems' internal I/O buses. Although HP has observed the anomaly only in laboratory tests designed to create atypical system stresses, including almost constant use of the floppy disk drive, we are supplying this patch to address this potential issue.

Patch 203.00

OSF445-134

Patch: fixso command causes segmentation fault

State: Existing

This patch fixes a problem with the /usr/ucb/fixso command that can cause a segmentation fault.

Patch 242.00

OSF445-173B

Patch: Supports temporary data logging on mount point

State: Existing

This patch provides support for activating temporary data logging on a mount point.

Patch 246.00

OSF445-122

Patch: Fix for quotacheck -v command

State: Existing

This patch fixes a bug where quotacheck -v <filestystem> will report that it has fixed some quotas. If you keep running the command, it will keep reporting the exact same fixes.

Patch 261.00

OSF445DX-008

Patch: Updates Netscape Communicator to Version 4.76

State: Existing

This patch updates Netscape Communicator to Version 4.76 to fix missing default MIME types in Netscape Communicator 4.75.

Patch 283.00

OSF445DX-009

Patch: dop cannot find application names which contain a dot

State: Existing

This patch fixes a problem in which dop (division of privileges) cannot find application names which contain a "." (dot) in them. For example, a name such as sysmon.csh.

Patch 289.00

OSF445-142

Patch: ATM setup script fails

State:

This patch fixes a problem of the ATM setup script failing when configuring an ELAN if the LANE subsystem is not loaded.

Patch 291.00

OSF445-199

Patch: Fix for Memory Channel driver panic

State: Existing

This patch fixes an incorrect heartbeat timer within the Memory Channel driver which caused rail failures to be incorrectly reported on memory channel Version 2 cards. With the heartbeat timer set too short, the system can be erroneously led to believe a hardware failure has occurred. Messages of the form "rmerror_int: ..." are output to the messages file containing an error_type, which has bit 29 set in error_type (heartbeat timeout). The binary error log will also have this data. Typically, the error_type data will be 0xe00000000. The messages are followed by the system hanging or panicing. When panicking, the following message is produced:

panic (cpu 0): rm_failover_if_necessary, both rails bad

A real hardware failure produces the same symptoms and stack trace. For example, having an error_type of 0xe00000002 indicates a write transmit hardware fatal failure.

Patch 297.00

OSF445-147

Patch: Fix for newgrp command

State: Existing

This patch corrects the problem where newgrp(1) fails if the file /etc/group contains multiple lines for one group.

Patch 299.00

OSF445-176

Patch: Fix for parallel-processing support library

State: Supersedes patch OSF445-042 (47.00)

This patch fixes the following problems in the Compaq C compiler:

  • A "virtual memory exhausted" error when compiling the Open Source encryption library OpenSSL.

  • An optimizer problem in loop unrolling that caused an incorrect result under certain conditions.

  • Various compiler crashes under certain conditions.

  • A problem in bounds checking that caused a compilation to fail with a virtual memory exceeded error.

  • A problem in the parallel-processing support library (libots3) that caused incorrect run-time results for an OpenMP program.

Patch 305.00

OSF445-148

Patch: Security (SSRT0672U)

State: Existing

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. We have corrected this potential vulnerability.

Patch 307.00

OSF445-167

Patch: Fixes automount handling of nogrpid option

State: Supersedes patch OSF445-036 (40.00)

This patch corrects the following:

  • Prevents the message "nfscast: select: Invalid argument" message from appearing in the daemon.log when the server is not available. It also changes the "trymany: servers not responding: RPC: Unable to receive" message to an informational rather than an error message.

  • Fixes the automount handling of the nogrpid option.

Patch 313.00

OSF445CDE-009

Patch: Fix for dtpad utility

State: Existing

This patch fixes a problem where, if dtpad cannot allocate enough memory, it will exit and leave a zero-length file in place of the file being edited.

Patch 315.00

OSF445-201

Patch: Fix for ksh hang

State: Existing

This patch fixes a problem where the Korn shell (ksh) could hang if you pasted a large number of commands to it when it was running in a terminal emulator window (such as an xterm).

Patch 323.00

OSF445-160

Patch: Corrects a memory leak in the XTI socket code

State: Existing

Corrects a memory leak in the XTI socket code

Patch 325.00

OSF445-152

Patch: Prevents TurboLaser system panic

State: Existing

This patch prevents a panic on TurboLaser systems with a DE600 in PCI slot 0. Misidentification of the DE600 in PCI slot 0 causes data structure corruption.

TurboLaser systems include the following:

AlphaServer 8200
AlphaServer 8400
AlphaServer GS60
AlphaServer GS60E
AlphaServer GS140

A DE600 is a single-port 10/100 Mbps Fast Ethernet NIC.

Patch 331.00

OSF445-193

Patch: Security (SSRT1-15, SSRT0713U)

State: Existing

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 333.00

OSF445-150

Patch: rdist utility causes segmentation fault

State: Existing

This patch corrects a problem in the rdist utility which was causing segmentation faults on files with more than one link.

Patch 335.00

OSF445-132

Patch: Kernel memory occurs occurs while using tablet

State: Supersedes patch OSF445-050 (56.00)

This patch corrects the following:

  • Fixes a "lock_terminate: lock held" panic when deleting a process group.

  • Fixes a kernel memory fault which occurs while using tablet instead of mouse.

Patch 360.00

OSF445-561

Patch: addvol adds invalid disks into a domain

State: New

This patch prevents addvol from adding invalid disks into a domain.

Patch 362.00

OSF445CDE-029

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. We have corrected this potential vulnerability.

Patch 365.00

OSF445-475

Patch: Fixes a correctable error reporting problem

State: Supersedes patches OSF445-080 (82.00), OSF445-129 (197.00), OSF445-127 (199.00), OSF445-206 (207.00), OSF445-346 (363.00)

This patch corrects the following:

  • Provides enhancements for the GS-series platforms. The header information in Hierarchical Switch machine checks was incorrect. The early revisions of PCA hardware do not allow Window 3 DAC for DMA.

  • Fixes a problem on AlphaServer GS80, GS160, and GS320 systems where under a specific set of unlikely circumstances it is possible for revision 4 PCA hardware to falsely report PCI hung bus errors. This will cause an uncorrectable hardware machine check and operating system panic. This patch must be installed if the hardware configuration includes any revision 4 PCA (IOP to PCI bus) adpaters.

  • Fixes a problem on the Alphaserver GS80, GS160, and GS320 platforms where the system will issue an environmental warning and shut itself down when it reaches a critical temperature, even though this temperature is safe for the power supply.

  • Fixes a kernel memory fault in GS series systems which have mixed revision PCI adapters.

  • GS320/160/80 1.224 GHz CPU system ECC Enhancements for DTAG error logging.

  • Fixes a correctable error-reporting problem that turns off the reporting of correctable errors forever on any CPU, except CPU 0, once throttling of correctable errors has begun.

Patch 367.00

OSF445-609

Patch: Fixes improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 369.00

OSF445-597A

Patch: Fixes a problem in XTI caused by blocked mutex lock

State: New

This patch fixes a problem in XTI caused by a blocked mutex lock. Any thread attempting to send an abortive disconnect would hang.

Patch 371.00

OSF445-597B

Patch: Fix for XTI hang

State: New

This patch fixes a problem in XTI caused by a blocked mutex lock. Any thread attempting to send an abortive disconnect would hang.

Patch 593.00

OSF445-519

Patch: Security (SSRT1-40U, SSRT1-41U, SSRT1-42U)

State: New. Supersedes patch OSF445-350B (591.00)

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 596.00

OSF445-483

Patch: Security (SSRT1-40U, SSRT1-41U, SSRT1-42U)

State: New. Supersedes patch OSF445-350C (594.00)

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 601.00

OSF445-307

Patch: Security (SSRT2275)

State: New. Supersedes patches OSF445-467 (597.00), OSF445-512 (598.00), OSF445-618B (599.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the uucp utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Fixes a problem in uucp. uucp between two Tru64 UNIX systems hangs when a uucp failure occurs.

Patch 604.00

OSF445-618C

Patch: Security (SSRT2275)

State: New. Supersedes patch OSF445-503B (602.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

Patch 607.00

OSF445-365

Patch: Clarifies the output of shfragbf (AdvFS utility)

State: Supersedes patches OSF445-212B (350.00), OSF445-219B (605.00)

This patch corrects the following:

  • Modifies AdvFS kernel code and several utilities. AdvFS will no longer panic with the following error: "ADVFS EXCEPTION : panic cpu(0) : bad frag free list". The code is modified so that during frag allocation when AdvFS determines that the frag group header's free list has been corrupted, it stops using it and marks it BAD. It is then removed from the free list so no more allocations can take place and no deallocations are performed. The verify, shfragbf, and vfragpg programs are modified to report BAD frag groups.

  • Corrects an AdvFS problem where an on-disk variable wraps when more than 64-K metadata entries are required to map the disk blocks of a file or metadata file. The side effects of this problem were data inconsistencies and an incorrect available size for the domain.

  • Clarifies the output of shfragbf, an AdvFS utility.

Patch 609.00

OSF445-564B

Patch: Fixes a problem with audit data

State: New

This patch fixes a problem with audit data not being displayed by the audit tool, problems with file object selection/deselection and directories, and NUMA performance issues associated with auditing.

Patch 611.00

OSF445-618D

Patch: Security (SSRT2275)

State: New

This patch provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

Patch 613.00

OSF445-626B

Patch: Scripts in /sbin/init.d are now world readable

State: New

This patch makes startup scripts in /sbin/init.d world readable.

Patch 615.00

OSF445-412B

Patch: Security (SSRT1-40U, SSRT1-41U, SSRT1-42U, SSRT1-45U)

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 617.00

OSF445-481B

Patch: Corrects buffer overflow problem

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 619.00

OSF445-481C

Patch: Corrects buffer overflow problem

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 621.00

OSF445-618E

Patch: Corrects buffer overflow problem

State: New

This patch provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

Patch 623.00

OSF445-436B

Patch: Security (SSRT1-40U, SSRT1-41U, SSRT1-42U, SSRT1-45U)

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 625.00

OSF445-626C

Patch: Fix for /sbin/init.d scripts

State: New

This patch makes startup scripts in /sbin/init.d world readable.

Patch 627.00

OSF445-350D

Patch: Security (SSRT1-40U, SSRT1-41U, SSRT1-42U)

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 629.00

OSF445-618F

Patch: Corrects buffer overflow problems

State: New

This patch provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

Patch 631.00

OSF445-626D

Patch: Update for /sbin/init.d scripts

State: New

This patch makes startup scripts in /sbin/init.d world readable.

Patch 633.00

OSF445-626E

Patch: Update for /sbin/init.d scripts

State: New

This patch makes startup scripts in /sbin/init.d world readable.

Patch 637.00

OSF445CDE-036A

Patch: Fixes buffer overflow problem

State: New Supersedes patches OSF445CDE-035A (634.00), OSF445CDE-010A (635.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the CDE online help. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the CDE online help. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 641.00

OSF445CDE-036B

Patch: Fixes buffer overflow problem

State: New. Supersedes patches OSF445CDE-035B (638.00), OSF445CDE-010B (639.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the CDE online help. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the CDE online help. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 643.00

OSF445-298

Patch: OSF445-298

State: New

This patch fixes a problem in <sys/timeb.h> where the ftime() prototype was not available in the default compilation name space.

Patch 666.00

OSF445CDE-015B

Patch: Fixes improper file access

State: Supersedes patches OSF445CDE-001B (83.00), OSF445CDE-004B (103.00), OSF445CDE-020B (659.00), OSF445CDE-017B (660.00), OSF445CDE-023B (661.00), OSF445CDE-012B (662.00), OSF445CDE-038B (663.00), OSF445CDE-030B (664.00)

This patch corrects the following:

  • Fixes a problem in which dtfile ICDE COSE tool does not work when TMPDIR is defined as /ldata/disk_local/tmp. The dtfile tool returns the following error:

    /ldata/disk_local/tmp/sdtdbcache_AAAaadmma: Cross-device link
    /ldata/disk_local/tmp/sdtdbcache_BAAaadmma: Cross-device link
    Floating exception (core dumped)

  • Fixes a problem with the Common Desktop Environment (CDE) in which some desktop applications will fail if CDE is not initialized. The error which appears in the users home .dt/errorlog file is as follows:

    Desktop Not Initialized: Could not create Action/Datatypes
    database.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of large values of command-line arguments. HP has corrected this potential vulnerability.

  • Fixes the dtprintinfo memory fault problem with long LANG value.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of large values of ENVIRONMENT variables and command-line arguments. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of large values of command line arguments. HP has corrected this potential vulnerability.

Patch 668.00

OSF445-617

Patch: grep now allows blank lines in the pattern file

State: Supersedes patches OSF445-034 (38.00), OSF445-078 (76.00), OSF445-155 (244.00)

This patch corrects the following:

  • When the fgrep command is used with the -s option all output is suppressed.

  • The command fgrep -f searchlist gets the following error message:

    wordlist too large

    if the searchlist is too long. In the test case it was 101.00 entries.

  • The command fgrep -f searchlist displays datafiles verbatim if the searchlist has blank lines.

  • Fixes a problem in which the grep command with the -w switch does not work as documented.

  • The grep command will now allow blank lines in the pattern file, and does not hang when executed with the -w and -f options.

Patch 670.00

OSF445-419

Patch: Provides mktemp(1) reference page

State: New

This patch adds the mktemp(1) reference page for the mktemp command.

Patch 673.00

OSF445X11-025

Patch: Fixes a problem with XP1000 667 MHz system

State: Supersedes patches OSF445X11-005A (11.00), OSF445X11-006 (12.00), OSF445X11-018 (247.00), OSF445X11-013 (249.00), OSF445X11-033 (671.00)

This patch corrects the following:

  • Fixes various problems with the X font server and with the X server's interaction with X font servers.

  • Fixes a problem where the X server could core dump or get unaligned access errors when clients used the Multi-Buffering extension. This patch fixes a problem where the X server does not display windows properly for the 128th and subsequent clients.

  • Fixes a memory leak in the X server that could occur when a client repeatedly created and destroyed buffers for the X Window System Multibuffering Extension (XmbufCreateBuffers/XmbufDestroyBuffers).

  • Fixes a problem where the X server can grow excessively when accessing certain fonts.

  • Fixes a problem with a Compaq Professional Workstation XP1000 667 MHz system with a PowerStorm 4D20 (PBXGB-CA) graphics card where fonts were sometimes drawn incorrectly.

Patch 675.00

OSF445-422

Patch: Updates the mktemp(3) reference page

State: New

This patch updates the mktemp(3) reference page with changed information regarding the mktemp() and mkstemp() routines, and adds information about the mkdtemp() and mkstemps() libc routines.

Patch 677.00

OSF445-557

Patch: Fixes improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 679.00

OSF445DX-017

Patch: OSF445DX-017

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 683.00

OSF445-584

Patch: Fix for tar command

State: Supersedes patches OSF445-094 (116.00), OSF445-180 (256.00), OSF445-128 (257.00), OSF445-130 (259.00), OSF445-638 (680.00), OSF445-542 (681.00)

This patch corrects the following:

  • Fixes a problem with the tar command. Inconsistencies occur when restoring a file system that contains more than two hard links to a file.

  • Corrects pax/tar/cpio to properly extract explicitly specified files. When an archive contained a file with extended attributes and a different file (occurring later in the archive) was specified to be extracted, improper buffer pointer management resulted in the following display (the example uses tar):

    tar: /dev/nrmt0h : This doesn't look like a tar archive
    tar: /dev/nrmt0h : Skipping to next file...
    tar: Memory allocation failed for extended data while reading :
    Not enough space

    The directory option was similarly affected. In this case the information for the specified file was not reported.

  • Fixes a problem with the tar and pax programs. These programs incorrectly append files to an existing archive and cause the file to become inconsistent. .

  • Fixes a problem where the tar -F (Fasttar) option ignores files named err but does not ignore files named errs and directories named SCCS and RCS.

  • tar now checks and report any write errors.

  • tar/pax/cpio have capability to unalter the ctime of input files upon creation of archive. And it displays warning message in case pax/cpio if unable to preserve the time of input files.

  • Corrects the behavior of the tar -o option.

  • Fixes the cpio -m option, if the destination and source files have same mtime.

  • Corrects the pax -l option has been to create hard links properly.

  • Corrects the cpio -o option to not corrupt extended uid file ownership.

  • Fixes the long file names handling in tar.

  • Fixes pax to handle ACL on directories properly.

  • Fixes a one-byte gap/hole in the maximum size in the tar command before an extended header record is used (8589934591 (octal 77777777777)).

  • Corrects the tar program to properly handle unusual directory specifications.

Patch 685.00

OSF445-493

Patch: Security (SSRT2208)

State: New

A potential security vulnerability has been identified in the HP Tru64 UNIX operating system which may allow nonprivileged users to gain unauthorized (root) access. This may be in the form of local and remote security domain risks. This potential security vulnerability in routed has been corrected.

Patch 687.00

OSF445-583

Patch: fwtmp command displays invalid PID values

State: New

Now fwtmp will not display the invalid (negative) PIDs when the number of decimal digits of the PID value exceeds 5.

Patch 693.00

OSF445-590

Patch: Corrects improper file or privilege management

State: New. Supersedes patch OSF445-620 (691.00)

This patch corrects the following:

  • Addresses compiler warnings caused by calling function with too few arguments.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability

Patch 697.00

OSF445-482

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 699.00

OSF445CDE-037

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 703.00

OSF445-265

Patch: Fixes a problem in latsetup

State: New

This patch fixes a problem in latsetup when the directory "dev/lat is not found.

Patch 705.00

OSF445-431

Patch: Incorrect error msgs displayed for power regulator

State: New

This patch fixes a problem in which the system displays incorrect error messages regarding the power regulator. This problem is specific to Alphaserver 8X00 systems.

Patch 707.00

OSF445-565

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 709.00

OSF445-502

Patch: Terminal code may block when allocating a buffer

State: New

This fix prevents "simple lock owned" panics.

Patch 711.00

OSF445DX-021

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 713.00

OSF445-537

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 719.00

OSF445X11-037A

Patch: Corrects improper file or privilege management

State: Supersedes patches OSF445X11-010A (153.00), OSF445X11-029 (714.00), OSF445X11-022A (715.00), OSF445X11-038 (716.00), OSF445X11-026A (717.00)

This patch corrects the following:

  • Fixes various memory leaks in the Motif library (libXm) that could occur when creating and destroying Motif List, Text, and TextField widgets.

  • Fixes a problem with Motif tear-off menus which may cause a core dump when the shell widget is destroyed.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of large values of ENVIRONMENT variables. HP has corrected this potential vulnerability.

  • Fixes a problem where XmGetPixmapByDepth may fail if a directory in the search path contatins a large number of files.

  • Fixes a problem with the Motif ToggleButton Widget where, in some cases, it may not draw itself correctly.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 723.00

OSF445X11-037B

Patch: Corrects improper file or privilege management

State: Supersedes patches OSF445X11-010B (155.00), OSF445X11-022B (720.00), OSF445X11-026B (721.00)

This patch corrects the following:

  • Fixes various memory leaks in the Motif library (libXm) that could occur when creating and destroying Motif List, Text, and TextField widgets.

  • A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of ENVIRONMENT variables. Compaq has corrected this potential vulnerability.

  • Fixes a problem with the Motif ToggleButton Widget where, in some cases, it may not draw itself correctly.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of large values of ENVIRONMENT variables. HP has corrected this potential vulnerability.

Patch 725.00

OSF445-369

Patch: Fixes panic caused by moving power supply

State: Supersedes patches OSF445-018 (23.00), OSF445-088 (161.00)

This patch corrects the following:

  • Corrects a problem in which the perrmask register on Tsunami systems can be overwritten.

  • Fixes a problem that caused an incorrect bcache size to be returned to the kernel from the HWRPB. This problem occurred on Professional Workstation 900 and 1000 systems and AlphaServer DS10, DS20, DS20E, ES40, GS80, GS160, and GS320 systems.

  • Corrects a problem where moving the power supply from one slot to another can cause a panic.

Patch 727.00

OSF445DX-026

Patch: Fixes buffer overflow

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxsysinfo utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

Patch 729.00

OSF445-497

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 731.00

OSF445DX-015

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 733.00

OSF445-499

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 735.00

OSF445-435

Patch: Fixes curses.h and esnmp.h header files problem

State: New

This patch fixes an interoperability problem between the curses.h and esnmp.h header files.

Patch 737.00

OSF445-498

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 740.00

OSF445-635

Patch: Eliminates compiler warnings in ln

State: New. Supersedes patch OSF445-603 (738.00)

This patch corrects the following:

  • Corrects the behavior of ln -sf to address the issue caused when a symbolic link points to a nonexisting file.

  • Eliminates compiler warnings in ln.

Patch 742.00

OSF445-399

Patch: Fix for fsck command

State: New

This patch fixes a problem with RLIMIT_DATA process limits when running fsck on a large file system.

Patch 744.00

OSF445X11-031

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 746.00

OSF445-421

Patch: Provides the safe_open(3) reference page

State: New

This patch adds the safe_open(3) reference page for the safe_open() routine in libc.

Patch 750.00

OSF445X11-030

Patch: Correction for XCopyPlane

State: Supersedes patches OSF445X11-011 (194.00), OSF445X11-017 (274.00), OSF445X11-020 (747.00), OSF445X11-021 (748.00)

This patch corrects the following:

  • Provides the Xserver library for the new 3DLabs Oxygen VX1 PCI graphcis card.

  • Corrects blocks of erroneous pixels left behind when dragging CDE application manager icons on the desktop.

  • Fixes an Xserver crash when using GTK on systems using the Oxygen VX1 graphics card.

  • Corrects window corruption on an Oxygen VX1 graphics card if backing store/save unders are enabled.

  • Corrects XCopyPlane to only copy the requested bitplane rather than all bitplanes on the Oxygen VX1 graphics card.

Patch 752.00

OSF445-612

Patch: Fix for vdump and vrestore commands

State: Supersedes patches OSF445-038 (42.00), OSF445-090 (149.00), OSF445-177 (205.00)

This patch fixes the following vrestore problems:

  • A previous patch caused incomplete restores.

  • A warning message is displayed when the path for the first file in a group of hardlinks is created without using original protection codes and property lists.

  • A warning message is displayed and vrestore aborts if it fails to malloc space for a property list.

  • A message that had been inserted at the end of the message file had the wrong message category (this could cause messaging confusion).

  • An uninitialized variable in the code that restores property lists could cause malloc failures, memory faults, "error setting extended attributes", and infinite loops using the -l option

  • Corrupted property list information could cause an infinite loop.

This patch fixes the following problems with the vdump command:

  • Fixes a problem where the vdump command will sometimes store symbolic link files as directories in the vdump archive.

  • Failed to flag compressed extended attributes records that are split across a vdump BLOCK boundary.

  • Overrides the -D option when source path describes a root fileset Note: If you want to backup quota files, you must not use the -D option.

  • Corrects "Rewinding" message to avoid a segfault with Internationalized messages.

  • Fixes vdump to pick up correct messages in all locales.

  • Avoids some unnecessary function calls and thus allows faster vdumps.

This patch fixes the following problems with the vrestore command:

  • Fails to properly handle extended attributes records in compressed archives. This results in malloc failures, proplist inconsistencies, program abort, program crashes due to segfault or invalid memory access, and the display of the error message "error setting extended attributes".

  • Fails to set extended attributes due to confusion over selective restore of the file or directory associated. Also results in the display of the error message "error setting extended attributes".

  • Selective restore of hardlinked files is incomplete when they exist in different directories (fails to create a directory for the second occurrence of a file with the same inode number).

  • The -Q option is added to vrestore to allow the user to request ignoring the quota files (thus avoiding the time it takes to process them).

  • Fixes vrestore to pick up correct messages in all locales.

  • Enables the display of bit file attributes with the -l option.

Patch 754.00

OSF445-492

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 756.00

OSF445-518

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 760.00

OSF445-613

Patch: Corrects bfs command compiler warnings

State: New

This patch removes compiler warnings addressing outside of array bounds.

Patch 763.00

OSF445-296

Patch: Corrects a problem with the os_mibs daemon

State: New. Supersedes patch OSF445-593 (761.00)

This patch corrects the following:

  • Corrects a problem in os_mibs which resulted in the swap size and swap used values for the host mib being reported as negative values on some systems.

  • Corrects the problem where snmp getnext returns back the value of the wrongOID on queries in the FDDI MIB of os_mibs.

Patch 767.00

OSF445-604

Patch: Provides dumprmt.msg message catalog file

State: Supersedes patches OSF445-021 (26.00), OSF445-645 (764.00), OSF445-478 (765.00)

This patch corrects the following:

  • This patch fixes a problem in which the restore command can fail with the following error:

    Cannot malloc space for property list

  • Fixes dump to recognize LSM volumes correctly and not report random information when an error has occurred.

  • Eliminates the /sbin/restore program's ignoring of property lists.

  • Introduces dumprmt.msg for remote dump/restore messages. This new message catalog file is used in both rdump and rrestore programs.

Patch 769.00

OSF445DX-020

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 771.00

OSF445-539A

Patch: Provides V2.1-120 for libots3.so

State: Supersedes patch OSF445-230A (352.00)

This patch corrects the following:

  • A problem in the parallel-processing support library (libots3) that caused incorrect run-time results for an OpenMP program.

  • Installs version V2.1-120 of /usr/lib/libots3.a and /usr/shlib/libots3.so. V2.1-120 fixes a problem where long running OpenMP applications might overflow an internal libots3 counter, resulting in a breakdown of thread synchronization.

Patch 773.00

OSF445-539B

Patch: Provides V2.1-120 for libots3.a

State: Supersedes patch OSF445-230B (354.00)

This patch corrects the following:

  • A problem in the parallel-processing support library (libots3) that caused incorrect run-time results for an OpenMP program.

  • Installs version V2.1-120 of /usr/lib/libots3.a and /usr/shlib/libots3.so. V2.1-120 fixes a problem where long running OpenMP applications might overflow an internal libots3 counter, resulting in a breakdown of thread synchronization.

Patch 776.00

OSF445CDE-022

Patch: Corrects improper file access

State: Supersedes patches OSF445CDE-007 (184.00), OSF445CDE-021 (774.00)

This patch corrects the following:

  • Fixes a problem in which the Window Manager (dtwm) intermittently hangs on a system that uses multiple displays.

  • Fixes a problem in the dtwm window manager where double-click actions are performed on the second button press instead of the second button release. This causes the second button release event to be sent to any underlying window.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 779.00

OSF445-267

Patch: Fixes a problem in NetRAIN

State: New. Supersedes patch OSF445-328 (777.00)

This patch corrects the following:

  • Corrects a problem with NetRAIN which prevents it from failing over to a backup interface if the primary interface is disconnected at boot time.

  • Fixes a problem in NetRAIN. NetRAIN interface creation now fails if any of the requested standby interfaces do not exist

Patch 781.00

OSF445-449

Patch: OSF445-449

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the binmail (also called mail) utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 784.00

OSF445DX-012

Patch: Security (SSRT0785U)

State: Supersedes patches OSF445DX-001 (4.00), OSF445DX-002 (5.00), OSF445DX-003 (6.00), OSF445DX-004 (159.00), OSF445DX-013 (782.00)

This patch corrects the following:

  • Fixes a problem in which the dxaccounts application does not allow users to be added to groups with a Group ID lower than the default minimum specified in the General Options dialog.

  • Fixes the following cli/dxaccounts problems:

    • The error message displayed when the Account Manager fails to start due to the detection of an Account Manager lock file (/etc/.AM_is_running) is not clear.

    • The command uermod -D does not display the Expire date when it is set.

    • Enabling to change root's login/uid through cli/dxaccounts utilities.

  • Fixes a problem in which dxaccounts does not allow the system manager to add NIS users when the system is running enhanced security.

  • Fixes a problem where the new home directory for a new user ID is created with the date and time stamp of the /usr/skel directory.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of passwords that have a length outside of the intended range. HP has corrected this potential vulnerability.

  • Corrects the problem that causes the application dxaccounts to core dump when /etc/shells is a directory instead of a file.

Patch 789.00

OSF445-388A

Patch: Support for NEW_OPEN_MAX_SYSTEM file descriptors

State: New. Supersedes patches OSF445-245 (785.00), OSF445-417A (786.00), OSF445-264 (787.00)

This patch corrects the following:

  • Warns a user of a possible hang that can occur when a program is linked to both libaio and libaio_raw.

  • Prevents thread blocking forever when both libaio and libaio_raw are linked into the same image.

  • Closes an aio_read()/aio_cancel() race condition.

  • This patch is a backout of a previous fix to libaio which produces a warning when an application that was linked to both libaio and libaioi_raw is executed.

  • Adds support for NEW_OPEN_MAX_SYSTEM (64 K) file descriptors to libaio.

Patch 792.00

OSF445-388B

Patch: Support for NEW_OPEN_MAX_SYSTEM file descriptors

State: New. Supersedes patch OSF445-417B (790.00)

This patch corrects the following:

  • Prevents thread blocking forever when both libaio and libaio_raw are linked into the same image.

  • Closes an aio_read()/aio_cancel() race condition.

  • Adds support for NEW_OPEN_MAX_SYSTEM (64K) file descriptors to libaio.

Patch 794.00

OSF445-605

Patch: Corrects exit status of sed when disk is full

State: New

This patch corrects the exit status of sed when the disk is full.

Patch 796.00

OSF445-560

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 802.00

OSF445-359

Patch: Fixes od command hanging problem

State: New

This patch fixes an od command hanging problem.

Patch 804.00

OSF445-347

Patch: Addresses multiple issues for RA2000 controllers

State: Supersedes patch OSF445-159 (311.00)

This patch addresses multiple issues for the KZPCC family of RAID Array 2000 (RA2000) controllers:

  • Errors seen when concurrent opens are issued to separate logical partitions on the same logical device.

  • Change to the preferred chunk size from 16 KB to 64 KB, which may increase data transfer rates.

  • Fixes a problem where opens would fail when running under a heavy I/O load with the KZPCC.

Patch 807.00

OSF445CDE-019

Patch: Corrects improper file or privilege management

State: New. Supersedes patch OSF445CDE-014 (805.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 809.00

OSF445-631

Patch: Elminates compiler warnings in mkdir command

State: New

This patch eliminates compiler warnings in mkdir.

Patch 811.00

OSF445-588

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 813.00

OSF445-507

Patch: Fixes truncating problem with sysconfig utility

State: New

This patch fixes a problem in which the lines in the output stream from sysconfig -Q can be truncated.

Patch 817.00

OSF445CDE-043

Patch: Corrects improper privilege management

State: New. Supersedes patches OSF445CDE-042 (814.00), OSF445CDE-040 (815.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper privilege management. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Fixes the message catalog for the CDE application dtprintinfo.

Patch 821.00

OSF445-627

Patch: Corrects improper file or privilege management

State: New. Supersedes patches OSF445-450 (818.00), OSF445-259 (819.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the ps utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Allows whitespace in header field with the ps option -o. Multiple headers with whitespace can be given with the ps option -o.

Patch 824.00

OSF445-538

Patch: Corrects improper file or privilege management

State: New. Supersedes patch OSF445-249 (822.00)

This patch corrects the following:

  • Corrects the behavior of the sort(1) command which now checks for duplicates with the -c, -u, and -k options.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Addresses the problem where performing a sort on a large database using numerous keys fails during the consolidation phase of the temporary files.

Patch 826.00

OSF445-371

Patch: Fixes a hang problem in the script command

State: New

This patch corrects a problem in which script would hang upon exit in a dfs configuration.

Patch 828.00

OSF445-396A

Patch: Security (SSRT0779U)

State: New

A potential security vulnerability has been discovered where, under certain circumstances, SNMP services can stop functioning.

Patch 830.00

OSF445-396B

Patch: Security (SSRT0779U)

State: New

A potential security vulnerability has been discovered where, under certain circumstances, SNMP services can stop functioning.

Patch 832.00

OSF445-521

Patch: Corrects improper file or privilege management

State: Supersedes patch OSF445-117 (124.00)

This patch corrects the following:

  • Fixes a problem that caused a kernel build failure when installing or deleting dupatch. This problem occurred on Compaq AlphaServer DS20 and ES40 systems.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 834.00

OSF445-556

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 837.00

OSF445X11-034A

Patch: Fixes buffer overflow in X11 applications

State: Supersedes patches OSF445X11-015 (272.00), OSF445X11-002 (8.00), OSF445X11-008A (126.00), OSF445X11-032A (835.00)

This patch corrects the following:

  • Fixes a memory leak in the libVX11 library for X applications where freeing a GC would not free all of its memory. This problem is most likely to occur in systems with a Cateyes graphics card (4D40T, 4D50T, 4D60T, or 4D51T).

  • Fixes a problem in which some 8-bit characters cannot be entered directly from the keyboard when the Caps Lock setting is on.

  • Fixes two memory leaks in the X Window System's X library (Xlib) that can occur when creating and destroying Motif List, Text, and TextField widgets.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in X11 applications. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 840.00

OSF445X11-034B

Patch: Fixes buffer overflow in X11 applications

State: Supersedes patches OSF445X11-008B (128.00), OSF445X11-032B (838.00)

This patch corrects the following:

  • Fixes two memory leaks in the X Window System's X library (Xlib) that can occur when creating and destroying Motif List, Text, and TextField widgets.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in X11 applications. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 842.00

OSF445X11-019A

Patch: Fix for security issue in X11

State: Supersedes patch OSF445X11-003A (9.00)

This patch corrects the following:

  • Fixes a problem in which the svn widget of libDXm.so creates identical backgrounds and foregrounds.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of root directory compromise via lpr using X11.

Patch 844.00

OSF445X11-019B

Patch: Fix for security issue in X11

State: Supersedes patch OSF445X11-003B (84.00)

This patch corrects the following:

  • Fixes a problem in which the svn widget of libDXm.so creates identical backgrounds and foregrounds.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of root directory compromise via lpr using X11.

Patch 846.00

OSF445-389

Patch: Fixes premature termination of ofile kdbx extension

State: New

This patch fixes a premature termination of the ofile kdbx extension, and token length warnings when kdbx is invoked.

Patch 849.00

OSF445-455

Patch: Fixes segmentation violation caused by ld command

State: Supersedes patches OSF445-161 (326.00), OSF445-156 (327.00), OSF445-169 (329.00), OSF445-243 (358.00), OSF445-228 (847.00)

This patch corrects the following:

  • Fixes two problems in the linker where it would erroneously report "multiply defined symbol" errors or "unresolved symbol" errors:

    • Modifies the linker's symbol resolution to enable it to recognize when a reference to a symbol defined in a shared library is replaced by a symbol defined in an object file or archive.

    • Modifies the linker to cause it to rescan shared libraries before reporting unresolved symbols.

  • Fixes two errors that occur when using the -f switch with the linker (ld):

    • Using the -f switch produces link errors.

    • Any unsupported switch beginning with -f gets interpreted to mean -f.

  • Fixes a problem where the linker-defined symbol _fpdata would end up being undefined if it was referenced by a program but not used by the linker.

  • Fixes a potential optimization problem with the linker (/bin/ld).

  • Fixes two problems in the linker (ld):

    • The .text symbol was being set incorrectly for -shared and -call_shared links.

    • Five linker-defined symbols were not getting the correct type set in the Dynamic Symbol Table.

  • Fixes a linker problem that may cause executables to fail with a segmentation violation when the address of an uninitialized data symbol in a shared library is used as the initial value of a global or static pointer variable.

Patch 851.00

OSF445-473

Patch: Fixes kernel memory faults in DLI interrupt handler

State: New

This patch resolves kernel memory faults in the DLI interrupt handler.

Patch 853.00

OSF445X11-027

Patch: Fixes a problem in the mwm window manager

State: New

This patch fixes a problem in the mwm window manager where double-click actions are performed on the second button press instead of the second button release. This causes the second button release event to be sent to any underlying window.

Patch 857.00

OSF445DX-018

Patch: Fixes dxterm buffer overflow problems

State: New. Supersedes patches OSF445DX-019 (854.00), OSF445DX-024 (855.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 859.00

OSF445-420

Patch: Security (SSRT1-40U, SSRT1-41U, SSRT1-42U, SSRT1-45U)

State: New

This patch adds the dirclean(8) reference page for the /usr/sbin/dirclean utility.

Patch 861.00

OSF445-615

Patch: Fixes problems found in accounting commands

State: New

This patch corrects the following:

  • Resolved the differences in the CPU time and connect time, found during the conversion from ASCII format to binary and again back to ASCII of accounting reports.

  • Resolved the differences in CPU time found in the output of acctcom and acctmerg commands for the same input file.

Patch 863.00

OSF445-629

Patch: Update to which command

State: New

This patch fixes /usr/bin/which to take path information from the environment rather than ~/.cshrc if it is invoked from other than the C shell.

Patch 865.00

OSF445-632

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 869.00

OSF445-239

Patch: Fix for xntpd buffer overflow problem

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. xntpd contains a potential buffer overflow that may allow unauthorized access to bin privileges. HP has corrected this potential vulnerability.

Patch 871.00

OSF445CDE-026

Patch: OSF445CDE-026

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 873.00

OSF445-526

Patch: Fixes a simple lock timeout violation

State: Supersedes patches OSF445-060 (65.00), OSF445-074 (77.00)

This patch fixes the following problems:

  • Continuous resets when an I/O command is causing the resets

  • Read capacity recovery failure

  • Bad block replacement (BBR) processing

  • A simple lock panic

  • Fixes erroneous disk utilization values reported by the table system call.

Patch 875.00

OSF445-221

Patch: Fixes a lock hierarchy violation

State: Supersedes patch OSF445-184 (337.00)

This patch corrects the following:

  • Fixes DS10/DS20 performance problems introduced with the i2c driver by using thread blocking, rather than event_timeout() and DELAY().

  • Fixes a lock hierarchy violation that could be seen with the generic kernel attribute lockmode turned on.

Patch 879.00

OSF445-562

Patch: Corrects improper file or privilege management

State: New. Supersedes patches OSF445-452 (876.00), OSF445-568 (877.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 882.00

OSF445-338

Patch: inetd may block incoming connections

State: Supersedes patches OSF445-175 (293.00), OSF445-404 (880.00)

This patch corrects the following:

  • Corrects a problem with inetd which could result in its termination without notice and without a core file.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form where inetd may block incoming connections when scanned by nmap or other port scanners. HP has corrected this potential vulnerability.

  • Allows the socket listen backlog in inetd(8) to be set with the command-line option using the -l switch.

Patch 884.00

OSF445-594

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 886.00

OSF445-611

Patch: Enhancement to the make command

State: New

/usr/opt/ultrix/usr/bin/make now checks dependencies on archive libraries properly.

Patch 888.00

OSF445-616

Patch: OSF445-616

State: New

In a rolling upgrade, the merge used to fail for merging the .login file without informative messages on the cause. This has been corrected.

Patch 890.00

OSF445DX-025

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 895.00

OSF445-432

Patch: Fixes a problem in binlogd daemon

State: Supersedes patches OSF445-194 (346.00), OSF445-326 (891.00), OSF445-397 (892.00), OSF445-533 (893.00)

This patch corrects the following:

  • Fixes a problem in binlogd which overwrites adjacent header fields in an error record if the system's hostname is longer than 12 characters.

  • Fixes a problem in which the binlog daemon can core dump if it attempts to recover events from a panic dump file containing invalid event data.

  • Fixes a time formatting problem when Compaq Analyze is used to display events in time zones with a positive offset from GMT.

  • Fixes a problem that may prevent a correct configuration table entry from being written to the binary error log on some systems. It also fixes a problem in which a misleading message may be displayed on older systems that do not support a configuration table. In addition to displaying this message, this bug causes binlog to malloc a randomly sized amount of memory that is never used, and if the malloc fails it displays an alarming malloc failure message.

  • Causes the binary error log daemon, binlogd, to sync its logfiles before closing them on system shutdown.

Patch 897.00

OSF445-592

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 899.00

OSF445-587

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 901.00

OSF445DX-010

Patch: OSF445DX-010

State: New

This patch fixes a problem in dxproctuner where the process information is not displayed when there is a double quote followed by any other character in the command column.

Patch 903.00

OSF445-558

Patch: : Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 906.00

OSF445-622

Patch: Updates to the find command

State: Supersedes patches OSF445-014 (19.00), OSF445-470 (904.00)

This patch corrrects the following:

  • Fixes a problem with the find command. Find fails to show filenames that start with a period.

  • Corrects find -ls, which displayed an incorrect number of blocks.

  • Corrects the find -ctime, -atime, -mtime behavior with respect to the + operations. Find + operations will match Greater Than, rather Greater Than or Equal To.

Patch 908.00

OSF445-515

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 910.00

OSF445-391

Patch: Fix for salvage utility

State: Supersedes patch OSF445-051 (174.00)

This patch corrects the following problems:

  • Fixes two infinite loops that could make salvage run forever.

  • Removes garbage characters from symlink recovery in salvage.

  • Fixes a problem that could cause salvage to core dump.

Patch 912.00

OSF445-366

Patch: startslip unable to extract info from acucap file

State: New

This patch fixes a problem where startslip was not able to extract all the information from the acucap file.

Patch 915.00

OSF445X11-036

Patch: Fix for ELSA Gloria Synergy graphics card

State: Supersedes patches OSF445X11-007 (13.00), OSF445X11-014 (270.00), OSF445X11-023 (913.00)

This patch corrects the following:

  • Fixes a problem where, on systems with a PowerStorm 4D10T (ELSA Gloria Synergy, SN-PBXGK-BB) graphics card or a PCI To Ethernet/Graphics Combo Adapter (3X-DEPVD-AA), lines and images sometimes are not drawn correctly in scrolled windows.

  • Fixes synchronization and drawing problems in the X server for the PowerStorm 4D10T (ELSA Gloria Synergy, SN-PBXGK-BB) graphics card.

  • Fixes a memory leak in the X server on systems with a PowerStorm 4D10T (ELSA GLoria Synergy, SN-PBXGK-BB) graphics card that could occur when a client repeatedly created and destroyed buffers for the X Window System Multibuffering Extension (XmbufCreateBuffers/XmbufDestroyBuffers).

  • The Elsa GLoria Comet card does not correctly draw nested shaded boxes or anything similar.

  • Fixes a problem where, on systems with an ELSA GLoria Synergy graphics card, sometimes the X server would not draw stipple patterns correctly.

Patch 917.00

OSF445-559

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 919.00

OSF445-567

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 927.00

OSF445CDE-031

Patch: Fixes buffer overflow occurring in mailcv

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the mailcv utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 930.00

OSF445-271

Patch: Fixes problems with de50x network interface cards

State: New. Supersedes patch OSF445-642 (928.00)

This patch corrects the following:

  • Resolves a problem where some de50x network interface cards, under specific circumstances, may not send gratuitous arp packets .

  • Fixes a problem with the 400ms delay upon network cable reinsertion, which could lead to temporarily held drivers.

Patch 937.00

OSF445-644

Patch: Fix for collect command

State: Supersedes patches OSF445-114 (151.00), OSF445-563 (931.00), OSF445-348 (932.00), OSF445-447 (933.00), OSF445-380 (934.00), OSF445-234 (935.00)

This patch corrects the following:

  • Fixes several problems with the collect command, and adds system logging when collect suspends, resumes, or receives a signal.

  • Allows the collect monitoring tool to recognize and gather KZPCC disk statistics.

  • Fixes several problems with the collect utility.

  • Fixes a problem in the collect system monitoring tool when it is run in historical mode.

  • Provides a fix where the collect utility does not reproduce the CPU type correctly.

  • Fixes collect's collector (/usr/sbin/collect) to correctly report the network interface load percentage.

  • Contains the fix for handling Floating Point Exception in collect.

Patch 939.00

OSF445-403

Patch: Fix for Atom-based instrumentation tools

State: New

This patch fixes a problem that may cause the third command and other Atom-based instrumentation tools to fail.

Patch 941.00

OSF445X11-028

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 944.00

OSF445CDE-033

Patch: Corrects buffer overflow in the dtterm utility

State: New. Supersedes patch OSF445CDE-034 (942.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dtterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dtterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 946.00

OSF445-548

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 948.00

OSF445-551

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 950.00

OSF445DX-022

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 954.00

OSF445-451

Patch: Fix VM locking problem in procfs

State: Supersedes patches OSF445-048 (53.00), OSF445-185 (295.00), OSF445-522 (951.00), OSF445-217 (952.00)

This patch corrects the following:

  • Fixes a kernel memory fault in procfs_get_s5_dir.

  • Corrects a problem where attaching to a program with a debugger will cause periodic timers to be lost and will make the program hang.

  • Fixes a problem in procfs that, in some situations, prevents exiting threads from exiting. This creates a situation where these threads simply spin, consuming CPU time.

  • Fixes a problem that made setuid programs unable to open themselves.

  • FixesVM locking problem in procfs.

  • Fixes a kernel memory fault related to ioctl PIOCMAP.

Patch 956.00

OSF445-549

Patch: Corrects improper file or privilege management

State: New

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Addresses the problem of coredump when the output of lint for a nonexisting file is supplied to error.

Patch 959.00

OSF445-610

Patch: Corrects improper file or privilege management

State: New. Supersedes patch OSF445-465 (957.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Corrects the behavior of more, when given both a nonexisting file and a nonempty file with long filename/pathname.

Patch 961.00

OSF445-550

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 963.00

OSF445-628

Patch: cut command now handles incomplete lines correctly

State: New

This patch fixes /usr/bin/cut to handle incomplete lines correctly.

Patch 965.00

OSF445-445

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 967.00

OSF445DX

Patch: Corrects improper file or privilege management

State: Existing

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 969.00

OSF445-540

Patch: ddr_config utility now accepts larger values

State: New

This patch corrects the problem where /sbin/ddr_config does not accept values for ReadyTimeSeconds larger than 255. The new limit is 86400 seconds (24 hours).

Patch 972.00

OSF445CDE-013

Patch: Security (SSRT0752U, SSRT0788U, SSRT0753U, SSRT0767U)

State: Supersedes patches OSF445CDE-008 (287.00), OSF445CDE-005 (180.00), OSF445CDE-001A (1.00), OSF445CDE-004A (101.00), OSF445CDE-020A (644.00), OSF445CDE-017A (645.00), OSF445CDE-023A (646.00), OSF445CDE-025 (647.00), OSF445CDE-039 (648.00), OSF445CDE-016 (649.00), OSF445CDE-027 (650.00), OSF445CDE-012A (651.00), OSF445CDE-011 (652.00), OSF445CDE-041 (653.00), OSF445CDE-038A (654.00), OSF445CDE-030A (655.00), OSF445CDE-024 (656.00), OSF445CDE-032 (970.00), OSF445CDE-015A (658.00)

This patch corrects the following:

  • Fixes a problem on multi-head systems in which the unlock display only works if the default display is screen 0.

  • Fixes a dtmail problem in which a From line with quotes in it incorrectly finds the date of the mail message. This error is displayed on the main screen under the header Date and Time and shows up as Dec. 31 or as a blank field.

  • Fixes a problem in which dtfile ICDE COSE tool does not work when TMPDIR is defined as /ldata/disk_local/tmp. dtfile returns this error:

    /ldata/disk_local/tmp/sdtdbcache_AAAaadmma: Cross-device link
    /ldata/disk_local/tmp/sdtdbcache_BAAaadmma: Cross-device link
    Floating exception (core dumped)

  • Fixes a problem with the Common Desktop Environment (CDE) in which some desktop applications will fail if CDE is not initialized. The error which appears in the users home .dt/errorlog file is:

        Desktop Not Initialized: Could not createAction/Datatypes
        database.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of large values of command line arguments. HP has corrected this potential vulnerability.

  • Fixes the dtprintinfo memory fault problem with long LANG value.

Patch 972.00

continued

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

  • Fixes a problem where a CDE session hangs at startup using localized .dt files located in ~/.dt/types directory.

  • Fixes a potential security vulnerability in CDE Subprocess Control Service(dtspcd). dtspcd has a potential buffer overflow condition which may lead to unauthorized access. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of large values of ENVIRONMENT variables and command line arguments. HP has corrected this potential vulnerability.

  • Fixes the problem of palette files not been read from /etc/dt/palettes.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper privilege management. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered , where under certain circumstances, system integrity may be compromised. This may be in the form of large values of command line arguments. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. The ttdbserverd contains a potential buffer overflow that may allow unauthorized access. HP has corrected this potential vulnerability.

Patch 974.00

OSF445-569

Patch: Fixes an IDE/ATA bus hang

State: Supersedes patch OSF445-091 (112.00)

This patch corrects the following:

  • Corrects recognition problems with some models of IDE CD-ROM devices and removable disk devices during system startup. Some IDE devices may cause the system to hang or panic during startup and others may not be recognized.

  • Fixes an IDE/ATA bus hang caused by attempting to complete raw odd byte DMA transfers to/from IDE/ATAPI devices.

Patch 982.00

OSF445X11-024A

Patch: Fix for Xt that may cause mcc_iconic_map to crash

State: Supersedes patch OSF445X11-009A (118.00)

This patch corrects the following:

  • Fixes a memory leak in the X Window System's X Toolkit library (Xt) that could occur when creating and destroying Motif List, Text, and TextField widgets.

  • Fixes a problem in the X Toolkit library (Xt) that could cause the TeMIP Iconic_map Presentation Module application (mcc_iconic_map) to crash.

Patch 984.00

OSF445X11-024B

Patch: Fix for Xt toolkit library (Xt)

State: Supersedes patch OSF445X11-009B (120.00)

This patch corrects the following:

  • Fixes a memory leak in the X Window System's X Toolkit library (Xt) that could occur when creating and destroying Motif List, Text, and TextField widgets.

  • Fixes a problem in the X Toolkit library (Xt) that could cause the TeMIP Iconic_map Presentation Module application (mcc_iconic_map) to crash.

Patch 986.00

OSF445-474

Patch: Corrects buffer overflow in the at command

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the at command. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

Patch 988.00

OSF445-305

Patch: Fixes an ATM signaling problem

State: Supersedes patch OSF445-146 (321.00)

This patch corrects the following:

  • Fixes a problem of ATM signalling going into connection released after a system reboot.

  • Fixes an ATM signaling problem.

Patch 990.00

OSF445-641

Patch: Fix re_ioctl() case DIODCMD and DIODCDB

State: New

Fixes re_ioctl() case DIODCMD and DIODCDB. Changed to handle case where cmd transfer size has been changed to avoid kernel memory fault.

Patch 995.00

OSF445-405

Patch: Fixes ATM simple_lock time limit exceeded panic

State: Supersedes patches OSF445-097 (133.00), OSF445-099 (135.00), OSF445-268 (991.00), OSF445-260 (992.00), OSF445-288 (993.00)

This patch corrects the following:

  • When running ATM LAN Emulation, using more than four ATM NetRAIN interfaces can result in recursive calls, causing a "kernel stack not valid" halt.

  • Fixes a problem of ATM LAN emulation failing to come up when using the ATM Meteor 351 board.

  • Corrects a problem that could result in ATM/lane connection requests being dropped.

  • Fixes a kernel memory fault when using ATM.

  • Fixes a "simple_lock: time limit exceeded" panic when using ATM.

Patch 997.00

OSF445-520

Patch: Corrects improper file or privilege mangement

State: New

A potential security vulnerability has been discovered, where, under certain curcumstances, system integrity may be compromised. This may be in the form of improper file or privilege mangement. HP has corrected this potential vulnerability.

Patch 1008.00

OSF445-387

Patch: Fix for fixfdmn core dump problem

State: New. Supersedes patches OSF445-240 (998.00), OSF445-376 (999.00), OSF445-525 (1000.00), OSF445-256 (1001.00), OSF445-390 (1002.00), OSF445-640 (1003.00), OSF445-429 (1004.00), OSF445-382 (1005.00), OSF445-329 (1006.00)

This patch corrects the following:

  • Provides support for the /sbin/advfs/fixfdmn utility. The /sbin/advfs/fixfdmn utility is a tool that is used to check and repair corrupted AdvFS domains. Refer to the Release Notes for a complete description.

  • Allows fixfdmn to modify only one page of the transaction log.

  • In some cases an inconsistent deferred delete list would cause fixfdmn to fail.

  • Fixes a core dump if the log extents were on different pages in the RBMT. Handles new On Disk Structures introduced in V5.1B.

  • Prevents fixfdmn from changing filesizes unnecessarily.

  • Allows fixfdmn to fix a rare inconsistency case in the RBMT/BMT0.

  • The fixfdmn utility will now remove full frag groups from the free frag list in the fileset frag file.

  • fixfdmn could core dump on a rare inconsistency.

  • fixfdmn exits prematurely with the message "Can't allocate 0 bytes for group use array" and then instructs the user on how to make more memory available, although more memory is not needed in the tag file.

  • Fixes a case were fixfdmn would abort when the same mcell was on the DDL more than once. Also allows fixfdmn to be run on domains which have been mounted under V5.1B and then moved back to an older OS.

Patch 1010.00

OSF445-255

Patch: Fixes a kernel memory fault in pgrp_ref

State: New

This patch fixes a kernel memory fault in pgrp_ref.

Patch 1013.00

OSF445-553

Patch: Fix for ftp open command

State: New. Supersedes patch OSF445-555 (1011.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered, where under certain circumstanes, system integrity may be compromised. HP has corrected this potential vulnerability.

  • Corrects a bug in the ftp(1) open command. The optional port argument now accepts port numbers between 32768 and 65535.

Patch 1015.00

OSF445-491

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 1017.00

OSF445X11-035

Patch: Updated keyboard map for Russian 3R-LKQ48-BT keyboard

State: New

This patch provides an updated keyboard map for the Russian 3R-LKQ48-BT keyboard model.

Patch 1019.00

OSF445-487

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 1021.00

OSF445-489

Patch: Corrects incorrectly installed signal handler

State: Supersedes patches OSF445-022A (27.00), OSF445-032A (36.00), OSF445-084A (162.00), OSF445-093A (164.00)

This patch corrects the following:

  • Corrects a problem of the rsh command displaying a warning message instead of the rsh command output when C2 security is configured.

  • Fixes a problem with logins in a DCE/C2 environment. The user could encounter an error "Bad priority setting" if there is a u_priority setting used in the /etc/auth/system/default file.

  • Fixes a problem when a system is configured with DECnet, C2, and NIS. When invoking edauth(8) <user_name>, the error "Must be on NIS master server to update entry for <user_name>" is returned.

  • Fixes a problem for Enhanced Security configurations, where the Maximum Login Interval (u_max_login_intvl) field was being ignored for account templates.

  • Corrects the problem of an incorrectly installed signal handler when Enhanced Security is enabled.

Patch 1023.00

OSF445-270

Patch: Provides fix for the BPF default packet filter

State: New

This patch corrects a problem that could result in a system panic on close() if the BPF default packet filter is in use.

Patch 1025.00

OSF445-414

Patch: Provides the ckfsec(1) reference page

State: New

This patch delivers the ckfsec(1) reference page.

Patch 1027.00

OSF445-589

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 1029.00

OSF445-331

Patch: Security (SSRT0664U, SSRT0762U)

State: Supersedes patches OSF445-121 (340.00), OSF445-153 (342.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Corrects a problem with the ftpd daemon which could result in PC ftp clients hanging when transferring some files in ASCII mode.

  • Fixes a globbing problem with ftp where numerous concatenated asterisks in a directory search would cause ftp to fail and drop the user into a shell.

Patch 1033.00

OSF445-547

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 1035.00

OSF445-384

Patch: Security (SSRT0794U)

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. HP has corrected this potential vulnerability.

Patch 1037.00

OSF445-413

Patch: Provides the ckfsec utility

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of certain files in world-writable directories. This patch provides the ckfsec utility which can help detect such files.

Patch 1039.00

OSF445-252

Patch: Device inaccessible after aseagent daemon interup

State: Supersedes patch OSF445-055 (60.00)

This patch fixes a problem when the type of SCSI device dynamically changes, which can result in a kernel memory fault or memory inconsistency panic. This patch corrects a problem where interrupting an aseagent daemon with a signal can cause devices to become unaccessible.

Patch 1041.00

OSF445-440

Patch: Problem with remote debugging of system kernel

State: New

This patch corrects a problem with remote debugging of a system kernel so that it is now possible with KDEBUG enabled.

Patch 1043.00

OSF445-383

Patch: Savecore prematurely terminates crash dump recovery

State: New

This patch corrects a problem where savecore may prematurely terminate crash dump recovery on partitions larger than 4 GB.

Patch 1045.00

OSF445-250

Patch: joind fails to clean up its lock files

State: Supersedes patch OSF445-168 (344.00)

This patch corrects the following:

  • Corrects a problem with joind, which caused it to respond to certain client dhcp requests via the wrong port.

  • Fixes a problem where joind may fail to clean up its lock files in /var/join.

Patch 1047.00

OSF445-486

Patch: Corrects improper file or privilege management

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 1049.00

OSF445-576

Patch: Fixes a problem with scu

State: New

This patch fixes a problem with scu where a mismatch between expected and found data displays incorrect data expected.

Patch 1051.00

OSF445-229

Patch: Fix for fta driver

State: New

This patch corrects a problem with excessive receive overrun error messages from the fta driver.

Patch 1053.00

OSF445CDE-028

Patch: CDE login screen truncates message in issue file

State: New

This patch fixes a problem where the CDE login screen may truncate the message contained in the /etc/issue file when it is displayed.

Patch 1064.00

OSF445-677

Patch: genvmunix does not boot on system with Atalla AXL200

State: Supersedes Patch 52.00 (OSF445-047)

This patch corrects the following:

  • Fixes a problem where genvmunix does not boot on a system with an Atalla AXL200 card installed.

  • Fixes a problem that could generate a crash when running in lockmode 4.

Patch 1066.00

OSF445-674A

Patch: Security (SSRT2400)

State: New

This patch corrects the following:

  • A potential security vulnerability has been discovered, where under certain circumstanes, system integrity may be compromised. HP has corrected this potential vulnerability.

  • Updates BIND from V4.9.3 to 8.3.4.

Patch 1068.00

OSF445-674B

Patch: Security (SSRT0636U, SSRT2408, SSRT2410, SSRT2411, SSRT2400)

State: Supersedes patches OSF445-030 (34.00), OSF445-137 (276.00), OSF445-633 (688.00), OSF445-238 (690.00)

This patch corrects the following:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Fixes a problem of named producing a core file when named is started and the named.boot file has more than 32767 zones specified.

  • Potential BIND (Berkeley Internet Name Domain) security vulnerabilities have been reported to HP that may result in buffer overflows, unauthorized access, or denial of service (DoS) on HP Tru64 UNIX systems. These potential security vulnerabilities may be in the form of local and remote security domain risks.

  • The following potential security vulnerabilities have been corrected:

    SSRT2408 BIND - (Severity - High)
    SSRT2410 BIND - (Severity - High)
    SSRT2411 BIND - (Severity - High)

  • A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered, where under certain circumstanes, system integrity may be compromised. HP has corrected this potential vulnerability.

  • Updates BIND from V4.9.3 to 8.3.4.

Patch 1070.00

OSF445-676

Patch: Fix for gated that causes core dump

State: New

This patch fixes a problem with gated where the daemon would dump core under certain circumstances.

Patch 1072.00

OSF445-681

Patch: Security (SSRT3469, SSRT3531)

State: Supersedes patch OSF445-650 (1059.00)

  • A potential security vulnerability has been identified in sendmail which may result in nonprivileged users gaining unauthorized access to files or privileged access on the system. This potential vulnerability may be in the form of a local or remote security domain risk.

  • A potential security vulnerability has been reported that may result in unauthorized Privileged Access or a Denial of Service (DoS). This potential vulnerability may be in the form of local and remote security domain risks. HP has corrected this potential vulnerability.

    SSRT3531 sendmail - (Severity - High)

Patch 1074.00

OSF445-683

Patch: Revises reference pages for BIND update to V8.3.4

State: New

This patch revises the following reference pages for the update of BIND from V4.9.3 to V8.3.4:

named.boot.4.gz
named.conf.4.gz
named.star.4.gz
resolver.4.gz
bind_intro.7.gz
bind_manual_setup.7.gz
named-bootconf.8.gz
named-xfer.8.gz
named.8.gz
nslookup.8.gz

Patch 1079.00

OSF445-682

Patch: Fix for newfs

State: Supersedes patch OSF445-154 (285.00)

This patch provides the following fixes:

  • Signal parent process to enable user notification of mount failure.

  • Return functionality to accept disk type from user.

  • Exit if overlap detected and not being run interactively.

  • Do not do check_usage for -N option or MFS.

  • Move common variable declarations to header file.

  • Adjust fssize and references to it to handle larger file systems.

  • Corrects a problem with large file systems (> 16K cylinder groups) created by newfs/mkfs/extendfs, which can cause system panics when accessing data beyond cyl group 16K.

Patch 1081.00

OSF445-678

Patch: Fixes a problem in rpc.lockd

State: Superseds patch 309.00 (OSF445-124)

This patch corrects the following:

  • Fixes a problem in rpc.lockd where the FCNTL () function fails to lock NFS mounted directories.

  • Fixes three issues with rpc.lockd dealing with replies to message passing RPCs, requests from hosts with multiple IP addresses, and grant messages issued to down clients.

Patch 1083.00

OSF445-694

Patch: System panics on configurations using Memory Channel

State: Supersedes patches OSF445-143 (319.00), OSF445-566 (975.00), OSF445-577 (976.00), OSF445-363 (977.00), OSF445-477 (978.00), OSF445-215 (980.00)

This patch corrects the following:

  • Fixes a panic or a system hang which could occur on a DS20E with drives attached to the motherboard SCSI interface (Adaptec 7895-based) or on an Ultra3 KZPEA SCSI adapter. In addition to system hangs or panics on configurations using Memory Channel adapters, some configurations have exhibited SCSI device problems.

  • Corrects problems in the aha_chim driver that could result in bus hangs, panics, and inappropriate access of freed memory during a high rate of bus resets.

  • Incorrect I/O status may be returned by the KZPEA driver when attempting to abort an I/O during a reset.

  • Fixes several problems found in the KZPEA driver that could result in hung I/O, pending I/O not being cleared on a reset, panics seen when abortng I/O, and hard error returned to applications on opens during reset conditions.

  • CHIM changes to fix Ignore Wide Residue fix and Kernel Memory Fault panic.

  • Fixes several problems found in the KZPEA driver that could result in memory corruption, bus hangs, and system panics. This patch also includes binary error logging support in the driver.

  • KZPEA firmware fails to correctly handle filemarks with odd byte transfers.

Patch 1085.00

OSF445-697

Patch: Fixes potential panic in auditing of swapctl syscall

State: New

This patch fixes a potential panic in the auditing of the swapctl syscall.

Patch 1087.00

OSF445-412C

Patch: Corrects improper file access

State: New

A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 1093.00

OSF445-666

Patch: rm -r command does not scale for large directories

State: New. Supersedes OSF445-623 (695.00)

This patch corrects the following:

  • Addresses the performance issue of rm -r with large directories.

  • Fixes the problem of a race condition in rm command, wherein two threads can successfully delete a file simultaneously.

Patch 1095.00

OSF445-679

Patch: Fixes a potential problem in screend

State: New

This patch fixes a potential problem in screend.

Patch 1097.00

OSF445-672

Patch: Fixes SDLT media error caused bus resets

State: Supersedes patches OSF445-081 (137.00), OSF445-211 (277.00), OSF445-192 (279.00), OSF445-345 (920.00), OSF445-527 (921.00), OSF445-402 (922.00), OSF445-254 (923.00), OSF445-528 (925.00)

This patch corrects the following:

  • Fixes for the itpsa driver negotiating for ULTRA2 speed although the SCSI bus is single-ended.

  • Fixes a problem that can cause a simple lock timeout or a kernel memory fault on EV6 systems using the itpsa driver.

  • Fixes a problem with some slower tape devices serviced by the itpsa driver by lengthening the timeout value used.

  • Fixes a kernel memory fault panic after an "ITPSA: itpsa_action - error converting path ID to ITPSA softc structure" message.

  • Fixes a kernel memory fault related to the KZPCA adapter.

  • Adds the capability for KZPCA devices to work with SCSI devices that only support asynchronous data transfers.

  • Fixes a panic in the itpsa driver. It is seen when an abort to the SCSI rewind command is issued to a TLZ10 tape device.

  • Fixes SDLT media error that caused bus resets with KZPCA adapters.

  • Fixes a problem in the KZPCA itpsa driver that can be seen when a SCSI target presents multiple LUNs.

Patch 1099.00

OSF445-665

Patch: Fixes a buffer overflow problem in usr/bin/write

State: New

This patch fixes a buffer overflow problem in /usr/bin/write.

Patch 1102.00

OSF445-713

Patch: Enhancement to access control list functionality

State: New. Supersedes patches OSF445-315 (867.00), OSF445-706 (1100.00)

This patch corrects the following:

  • If multiple processes attempt to access the same file at the same time and access to the file should be allowed by an ACL on the file, access may be denied instead.

  • If the ACL on a file is corrupted, the corrupted ACL is passed into the kernel causing a variety of problems.

  • Fixes various problems in the ee driver for DE60x Ethernet adapters.

  • Fixes an I/O hang condition on FibreChannel.

Patch 1103.00

OSF445-714

Patch: Enhances SuperDLT maximum transfer size edit

State: New. Supersedes patches OSF445-531 (797.00), OSF445-446 (798.00), OSF445-546 (800.00)

This patch corrects the following:

  • Changes the SuperDLT1 maximum transfer size.

  • Provides device support for the SDLT160/320 tape drive.

  • Enhances the SuperDLT maximum transfer size edit to be more tolerant of previous changes.

  • Provides support for possible future Tape devices.

Patch 1105.00

OSF445-715

Patch: Fixes unaligned kernel space access from km panic

State: Supersedes patch OSF445-140 (339.00)

This patch fixes a problem in which the system may panic with the panic string "Unaligned kernel space access from kernel mode".

Patch 1107.00

Patch: (SSRT1-45U, SSRT2439, SSRT2341, SSRT0740U)

State: New. Supersedes patches OSF445-072 (79.00), OSF445-082 (138.00), OSF445-115 (140.00), OSF445-136 (281.00), OSF445-063 (67.00), OSF445-111 (130.00), OSF445-113 (192.00), OSF445-109 (201.00), OSF445-164 (250.00), OSF445-202 (251.00), OSF445-174 (252.00), OSF445-183 (253.00), OSF445-163 (255.00), OSF445-011 (16.00), OSF445-019 (24.00), OSF445-162 (262.00), OSF445-181 (264.00), OSF445-001 (14.00), OSF445-023 (81.00), OSF445-025 (29.00), OSF445-031 (35.00), OSF445-112A (91.00), OSF445-108 (93.00), OSF445-165 (208.00), OSF445-170 (209.00), OSF445-138 (211.00), OSF445-098 (105.00), OSF445-107 (122.00), OSF445-157 (266.00), OSF445-012 (17.00), OSF445-040 (45.00), OSF445-068 (71.00), OSF445-073 (78.00), OSF445-079 (75.00), OSF445-083 (176.00), OSF445-005 (55.00), OSF445-007 (73.00), OSF445-010 (15.00), OSF445-016 (21.00), OSF445-017 (22.00), OSF445-026 (30.00), OSF445-004 (44.00), OSF445-049 (54.00), OSF445-062 (66.00), OSF445-064 (68.00), OSF445-066 (69.00), OSF445-101 (108.00), OSF445-069 (72.00), OSF445-008 (74.00), OSF445-065 (141.00), OSF445-075 (142.00), OSF445-002 (143.00), OSF445-095 (110.00), OSF445-058A (145.00), OSF445-106 (114.00), OSF445-015 (20.00), OSF445-013 (18.00), OSF445-029 (32.00), OSF445-037 (41.00), OSF445-052 (57.00), OSF445-076 (107.00), OSF445-171 (212.00), OSF445-144 (213.00), OSF445-189 (214.00), OSF445-131 (215.00), OSF445-123 (216.00), OSF445-133 (217.00), OSF445-182 (218.00), OSF445-178 (219.00), OSF445-173A (220.00), OSF445-119 (221.00), OSF445-172 (222.00), OSF445-196 (223.00), OSF445-120 (224.00), OSF445-126 (225.00), OSF445-151 (226.00), OSF445-191 (227.00), OSF445-190 (228.00), OSF445-188 (229.00), OSF445-166 (230.00), OSF445-200 (231.00), OSF445-187 (232.00), OSF445-197 (233.00), OSF445-195 (235.00), OSF445-179 (236.00), OSF445-203 (237.00), OSF445-204 (238.00), OSF445-186 (240.00), OSF445-212A (348.00), OSF445-116 (303.00), OSF445-242 (356.00), OSF445-035 (39.00), OSF445-020 (25.00), OSF445-104 (170.00), OSF445-096 (172.00),

Patch 1107.00

continued

OSF445-046 (51.00), OSF445-085 (186.00), OSF445-039 (43.00), OSF445-158 (317.00), OSF445-102 (178.00), OSF445-139 (268.00), OSF445-067 (70.00), OSF445-053 (58.00), OSF445-510 (372.00), OSF445-367 (373.00), OSF445-308 (374.00), OSF445-272 (375.00), OSF445-334 (376.00), OSF445-506 (377.00), OSF445-598 (378.00), OSF445-377 (379.00), OSF445-494 (380.00), OSF445-378 (381.00), OSF445-634 (382.00), OSF445-352 (383.00), OSF445-516 (384.00), OSF445-595 (385.00), OSF445-504 (386.00), OSF445-274 (387.00), OSF445-517 (388.00), OSF445-294 (389.00), OSF445-309 (390.00), OSF445-423 (391.00), OSF445-210 (392.00), OSF445-433 (393.00), OSF445-602 (394.00), OSF445-269 (395.00), OSF445-426 (396.00), OSF445-224 (397.00), OSF445-630 (398.00), OSF445-364 (399.00), OSF445-459 (400.00), OSF445-513 (401.00), OSF445-591 (402.00), OSF445-484 (403.00), OSF445-327 (404.00), OSF445-227 (405.00), OSF445-360 (406.00), OSF445-500 (407.00), OSF445-523 (408.00), OSF445-340 (409.00), OSF445-393 (410.00), OSF445-406 (411.00), OSF445-316 (412.00), OSF445-235 (413.00), OSF445-411 (414.00), OSF445-244 (415.00), OSF445-476 (416.00), OSF445-425 (417.00), OSF445-321 (418.00), OSF445-324 (419.00), OSF445-545 (420.00), OSF445-462 (421.00), OSF445-317 (422.00), OSF445-464 (423.00), OSF445-524 (424.00), OSF445-313 (425.00), OSF445-398 (426.00), OSF445-263 (427.00), OSF445-458 (428.00), OSF445-619 (429.00), OSF445-607 (430.00), OSF445-508 (431.00), OSF445-501 (432.00), OSF445-332 (433.00), OSF445-530 (434.00), OSF445-300 (435.00), OSF445-468 (436.00), OSF445-471 (437.00), OSF445-351 (438.00), OSF445-639 (439.00), OSF445-621 (440.00), OSF445-374 (441.00), OSF445-231 (442.00), OSF445-312 (443.00), OSF445-350A (444.00), OSF445-291 (445.00), OSF445-442 (446.00), OSF445-381 (447.00), OSF445-529 (448.00), OSF445-222 (449.00), OSF445-356 (450.00), OSF445-275 (451.00), OSF445-358 (452.00), OSF445-436A (453.00), OSF445-379 (454.00), OSF445-281 (455.00), OSF445-283 (456.00), OSF445-283 (456.00), OSF445-368 (457.00), OSF445-279 (458.00), OSF445-437 (459.00), OSF445-586 (460.00), OSF445-495 (461.00), OSF445-266 (462.00), OSF445-209 (463.00), OSF445-336 (464.00), OSF445-485 (465.00), OSF445-490 (466.00), OSF445-434 (467.00), OSF445-292 (468.00), OSF445-400 (469.00), OSF445-625 (470.00), OSF445-463 (471.00), OSF445-299 (472.00), OSF445-262 (473.00), OSF445-355 (474.00), OSF445-534 (475.00), OSF445-636 (476.00), OSF445-349 (477.00), OSF445-306 (478.00), OSF445-386 (479.00), OSF445-218 (480.00), OSF445-574 (481.00), OSF445-503A (482.00), OSF445-370 (483.00), OSF445-342 (484.00), OSF445-304 (485.00), OSF445-582 (486.00), OSF445-543 (487.00), OSF445-438 (488.00), OSF445-637 (489.00), OSF445-216 (490.00), OSF445-536 (491.00), OSF445-416 (492.00), OSF445-335 (493.00), OSF445-314 (494.00), OSF445-225 (495.00), OSF445-385 (496.00), OSF445-427 (497.00), OSF445-318 (498.00), OSF445-301 (499.00), OSF445-236 (500.00), OSF445-237 (501.00), OSF445-472 (502.00), OSF445-600 (503.00), OSF445-373 (504.00), OSF445-430 (505.00), OSF445-290 (506.00), OSF445-257 (507.00), OSF445-375 (508.00), OSF445-415 (509.00), OSF445-232 (510.00), OSF445-248 (511.00), OSF445-596 (512.00), OSF445-554 (513.00), OSF445-219A (514.00), OSF445-357 (515.00), OSF445-479 (516.00),

Patch 1107.00

continued

OSF445-247 (517.00), OSF445-325 (518.00), OSF445-208 (519.00), OSF445-457 (520.00), OSF445-303 (521.00), OSF445-401 (522.00), OSF445-330 (523.00), OSF445-541 (524.00), OSF445-618A (525.00), OSF445-564A (526.00), OSF445-544 (527.00), OSF445-573 (528.00), OSF445-441 (529.00), OSF445-320 (530.00), OSF445-273 (531.00), OSF445-409 (532.00), OSF445-444 (533.00), OSF445-333 (534.00), OSF445-392 (535.00), OSF445-456 (536.00), OSF445-443 (537.00), OSF445-289 (538.00), OSF445-572 (539.00), OSF445-261 (540.00), OSF445-410 (541.00), OSF445-293 (542.00), OSF445-532 (543.00), OSF445-220 (544.00), OSF445-655 (545.00), OSF445-505 (546.00), OSF445-606 (547.00), OSF445-418 (548.00), OSF445-481A (549.00), OSF445-341 (550.00), OSF445-585 (551.00), OSF445-514 (552.00), OSF445-407 (553.00), OSF445-353 (554.00), OSF445-339 (555.00), OSF445-258 (556.00), OSF445-412A (557.00), OSF445-276 (558.00), OSF445-535 (559.00), OSF445-344 (560.00), OSF445-284 (561.00), OSF445-461 (562.00), OSF445-469 (563.00), OSF445-626A (564.00), OSF445-649 (565.00), OSF445-552 (566.00), OSF445-466 (567.00), OSF445-282 (568.00), OSF445-453 (569.00), OSF445-286 (570.00), OSF445-496 (571.00), OSF445-361 (572.00), OSF445-285 (573.00), OSF445-297 (574.00), OSF445-647 (575.00), OSF445-278 (576.00), OSF445-454 (577.00), OSF445-624 (578.00), OSF445-509 (579.00), OSF445-395 (580.00), OSF445-337 (581.00), OSF445-277 (582.00), OSF445-223 (583.00), OSF445-643 (584.00), OSF445-372 (585.00), OSF445-535 (559.00), OSF445-344 (560.00), OSF445-284 (561.00), OSF445-461 (562.00), OSF445-469 (563.00), OSF445-626A (564.00), OSF445-649 (565.00), OSF445-552 (566.00), OSF445-466 (567.00), OSF445-282 (568.00), OSF445-453 (569.00), OSF445-286 (570.00), OSF445-496 (571.00), OSF445-361 (572.00), OSF445-285 (573.00), OSF445-297 (574.00), OSF445-647 (575.00), OSF445-278 (576.00), OSF445-454 (577.00), OSF445-624 (578.00), OSF445-509 (579.00), OSF445-395 (580.00), OSF445-337 (581.00), OSF445-277 (582.00), OSF445-223 (583.00), OSF445-643 (584.00), OSF445-372 (585.00), 1057.00 (OSF445-614), OSF445-675 (1060.00), OSF445-648 (1062.00), OSF445-692 (1075.00), OSF445-695 (1077.00), OSF445-700 (1088.00), OSF445-651 (1089.00), OSF445-654 (1091.00), OSF445-315 (867.00), OSF445-706 (1101.00)

This patch corrects the following:

  • This patch provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Fixes a printing problem where lpd reads any data from the printer that has not been read for local and remote connections. The read-backs for remote connections cause an additional two-second timeout which may cause a job-submit failure on the job-number wraparound.

Patch 1107.00

continued

  • A user is unable to delete a print job from a remote system with a host name greater than 32 characters because the host name was truncated.

  • When a TCP/IP connection fails, the retry algorithm would take longer to print jobs due to a long retry interval.

  • A timing hole during lpd last-job completion and shutdown needed to be closed.

  • It was not possible to print to the lpd queue using Windows 2000.

  • Corrects a problem in which, under certain conditions, unnecessary error messages are written to the lpr.log file.

  • Introduces the JJ /etc/printcap parameter, which allows the user to choose either one TCP/IP connection for all jobs in the print queue (JJ=1), or a TCP/IF connection for each job in the print queue (JJ=0). It also closes a timing hole that existed when lpd was shutting down.

  • Fixes a problem in which lpd hangs when printing to advanced server queues (using /dev/null).

  • Updates the emx Fibre Channel driver to Revision 1.22, correcting a successive command timeout problem. This error would cause degraded performance.

  • This patch fixes the following DE600/DE602 10/100 Ethernet adapters problems:

    • The primary CPU may appear hung on networks where switches send "Flow Control Pause" frames if they become overloaded.

    • Transmit timeout messages appear in the console log due to the driver timing out a frame.

    • Provides the device driver support for the 3DLabs Oxygen VX1 graphics adapter.

    • Provides support for the DEGPA-TA (1000BaseT) Gigabit Ethernet device.

  • Fixes a "u_anon_free: page busy" panic.

  • Fixes a problem with the driver for Gigabit Ethernet adapters (DEGPA-FA and DEGPA-TA), which prevented its use in a NetRAIN (Redundant Array of Independent Network Adapters) set.

  • Fixes an issue with lightweight wiring of pages and shared memory regions.

  • Fixes a problem where cascaded switches can hang the system at failover time.

  • Addresses two problems with the ee driver for DE60x Ethernet cards. These problems affect all Tru64 systems containing ee cards.

    • Fixes a race condition where the card could stop receiving packets from the network under rare circumstances.

    • Fixes for the lan_config user options -x and -s.

Patch 1107.00

continued

  • Fixes a problem in ksh. When the current working directory is / and the command cd .. is entered, the following error message is displayed:

    ksh: ..: bad directory

  • Fixes a problem in ksh in which a space after the -p option would cause the command to fail.

  • Fixes a possible handling problem with multibyte character boundary conditions in ksh script processing.

  • Fixes two ksh problems that occur in multibyte Asian locales.

  • Adds a NULL to the resulting string output of swprintf() calls.

  • Fixes a problem in libc that affects debugger tracebacks of code containing split procedures.

  • Fixes a problem where gmtime() was erroneously setting the tzname[0] array.

  • Increases the length of the user names for rsh and rexec to allow for NT interoperabilty.

  • Addresses performance and scalability issues for highly contended threaded applications running on EV6 SMP machines.

  • Fixes a problem for those applications that assume that initial allocations of memory from the C run-time library's malloc() function will return only zero-filled memory.

  • Fixes a problem that might occur with threaded applications linked against older versions of DECthreads. The DECthreads internal symbol __pthreads_legacy_init_routine may show up as an unresolved symbol at load time when those applications are run on systems on which a newer version of DECthreads has been installed.

  • A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Prevents "not currently mounted" warning messages from being displayed for file systems the user did not request to umount.

  • Upgrades the sys_check utility to Version 119.1 and provides the following changes:

    • Fixes the ra200info tool from core dumping.

    • Utilizes Compaq Analyze when available.

    • Utilizes storage's new cliscript tool in place of hszterm.

    • Updates ASU section.

    • Fixes two NFS problems.

  • Upgrades the sys_check utility to Version 120.

  • Fixes a problem with verify. When verify is run on a brand new domain, NFS warnings are displayed even though no-NFS related activity is being done.

  • Fixes a system hang that could last up to a few minutes with large files when performing synchronous I/O requests and a flushing loop.

  • Fixes a problem where, in the output of a ps command, the PAGEIN column reports 0 for all processes.

  • Patch turns off AdvFS assert which, when turned on, a performance degradation in AdvFS occurs.

Patch 1107.00

continued

  • A kernel memory fault can occur on an SMP machine when one thread is extending a clone frags file and another thread does a stat system call on a file with a frag.

  • Fixes a problem with AdvFS. An AdvFS domain becomes inaccessible when using the mount -d option.

  • Fixes a kernel memory fault in VMAC code if_addnewaddr().

  • Adds a fix to VMAC functionality when used with NetRAIN.

  • Fixes a problem where the following can occur during a system panic:

    • System calls interrupts

    • mpsleep() returns an EINTR error when the panicstr is non-NULL

    • An infinite looping at a very high priority

  • Fixes a bug such that when fuser -k is issued on a dismounted NFS mount point in which some process is running, a hang will occur.

  • Fixes a problem in which operations on NFS files can hang indefinitely.

  • Fixes a problem that causes corruption in the floating point registers whereby the flag fields nxm_fp_owned are overwritten with 0s.

  • Fixes a problem where, if the size of the message queue was increased, writers to the queue that were blocked would not wake up for processing.

  • Fixes a system panic with the panic string:

    psig: catch not set

  • Fixes a problem where the system appears to hang. A child process is holding a lock too long and preventing other processes from doing work.

  • Fixes a problem in which the POSIX interval timer is not resilent to clock slowdown caused either by NTP or by a backwards change of the clock.

  • Fixes a kernel memory fault seen under certain conditions when setting a thread's priority.

  • There is a potential for a system panic in routine sbflush() if there is an attempt to flush a socket buffer while it is locked by another thread. This patch corrects the problem.

  • This patch fixes two panics that have the following error messages:

    simple_lock: time limit exceeded

    simple_lock: lock already owned by cpu

  • Corrects a problem with the incorrect ordering of network interfaces which was resulting in network partitions.

  • Fixes a panic associated with ASE service failover.

  • Fixes a panic in in_pcbfree() when NFS is implemented over TCP.

  • Fixes a problem with relocating an TCR/ASE NFS service when one or many clients have the service mounted over TCP.

  • Coding change to ip_insertoptions() to correct excessive execution time in routine in_cksum due to invalid message length.

Patch 1107.00

continued

  • Fixes reply values for NFS writes which were causing protocol violations.

  • Prevents a possible NFS over TCP hang. NFS TCP threads will be blocked in sosbwait() causing the system to appear to hang.

  • Fixes a problem where the operating system only looks in slot 0 for the primary CPU.

  • Fixes a problem where a root user was not allowed to check file access on behalf of a user without completely becoming the user. The functionality is needed by the ASU (Advanced Server for UNIX) product.

  • Fixes a simple_lock time limit exceeded panic due to an SMP race condition in namecache.

  • Fixes a race condition in the UBC code where a lookup is done on a page being invalidated (freed).

  • Includes UFS delayed metadata mount option that fixes metadata-intensive application performance.

  • Fixes a hang or simple_lock_state_violation panic in biodone.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Corrects a problem in which a single application's creating and removing of files repeatedly in the absence of other applications working on the same fileset can cause poor update daemon performance due to a flawed kernel hashing algorithm.

  • Fixes panics which can occur if a signal is sent to a multithreaded task in which one or more threads are calling exit() or exec().

  • Fixes a problem in which the wrong status was returned from EEROM read.

  • Corrects a problem where a directory entry may be attempted to be changed to "." and the code checks for this prevents it from happening.

  • Fixes a panic in AdvFS which has the following error message:

     panic: Unaligned kernel space access from kernel mode.

  • Fixes a problem where the setgid bit of a directory was not being set when created, if its parent directory has the setgid bit set.

  • Fixes an AdvFS hang that is caused by a thread waiting for flushCv notification and is holding resources that other threads want. This type of hang has been experienced when shutting the system down.

  • Provides support for activating temporary data logging on a mount point.

  • Fixes a kernel memory fault from ufs_mount().

  • Fixes a system hang caused by netisr queue corruption due to a race condition that is primarily encountered by third-party drivers and layered products that call schednetisr_nospl().

  • Corrects a simple lock timeout seen when dealing with NFS loopback mounted file systems with large amount of dirty pages.

Patch 1107.00

continued

  • Prevents a system panic from occurring while using AdvFS.

  • Fixes a "simple_lock: time limit exceeded" system panic either from cache_lookup() or cache_enter(). This is caused by the namecache LRU list getting corrupted.

  • Fixes inaccuracy problems when using setrlimit/getrlimit with a threaded application.

  • Fixes a hang in the UFS file system.

  • Fixes a memory leak when named pipes (FIFOs) are used.

  • Fixes a problem that causes Tarantella Enterprise 1.41 not to install on Tru64 UNIX.

  • CDFS media burned in 2001 shows the wrong dates.

  • Fixes a timing window where flushing data to disk can be incomplete when a system is going down, if more than one thread calls reboot() without first going through shutdown, /sbin/reboot, or /sbin/halt.

  • Fixes a problem where threads can hang in x_load_inmem_xtnt_map().

  • Fixes a potential problem flushing data to disk when using data logging with sparse files.

  • Corrects an AdvFS panic which can occur during a rmfset operation with the panic string: "rbf_delete_int: can't find bf attributes".

  • Fixes hangs in AdvFS fileset operations such as clone creation and deletion when I/O errors or device full conditions resulted in the operation being undone.

  • Fixes a problem when using multiple subnets on a network interface; ARP request packets sent by the system will contain the IP alias address in the sender field when that alias is in the same subnet as the requested IP address.

  • Fixes a problem when applications make IOCTL calls using an IP alias address on a network interface.

  • Modifies AdvFS kernel code and several utilities. AdvFS will no longer panic with the following error:

    ADVFS EXCEPTION : panic cpu(0) : bad frag free list

    The code is modified so that during frag allocation when AdvFS determines that the frag group header's free list has been corrupted, it stops using it and marks it BAD. It is then removed from the free list so no more allocations can take place AND no deallocations are performed. The verify, shfragbf, and vfragpg programs are modified to report BAD frag groups.

Patch 1107.00

continued

  • Fixes two problems with the consvar command:

    • consvar -s now sets a tape device as a boot device from the console.

    • consvar -g now displays a listing of the console settings as intended.

  • Fixes a "simple_unlock: lock not owned by cpu" panic in the biodone routine.

  • Fixes a problem of NetRAIN devices failing to come up after the rcinet restart command is entered.

  • An invalid error message when attempting to move files in which the source name is the same as the destination name.

  • When using mv -i to rename a symlink pointing to a file on a different filesystem owned by a different user, this results in the prompt:

    Ownership of y will change. Continue?

  • When moving a file from one file system to another, the mv command will copy the file rather than using the rename() system call, which can result in file loss.

  • Corrects the problem with the mv(1) command deleting files in the directory when the user moves a directory to itself.

  • Fixes a problem where some crontab jobs would run multiple times in the same minute.

  • The cron daemon does intensive logging and fills up the disk.

  • Multiple cron daemons continue to run and consume system resources due to the fact that, after a user is deleted from the system, there are still jobs running on the user's behalf.

  • On EV6 platforms, when the debugger is used to view the OT_DEVMAP object mapping memory in I/O space that is mapped to a user process.

  • Corrects a problem that occurred when routine pmap_coproc_exit_notify() modifies the pmaps' coproc_tbi function to be 0, a null pointer, when it was being checked by routine pmap_remove_all().

  • Fixes a problem in which the vi editor core dumps when it finds invalid syntax during a substitute operation.

  • Fixes a problem in the what command, where it was unable to process more than one input file at once.

  • Fixes several problems when bindsetup is used to change host names.

  • Fixes three problems in dbx:

    • dbx stack trace is incomplete.

    • Assignment to a variable would fail after viewing a nonlocal symbol.

    • The use of vfork would raise a signal 66.

Patch 1107.00

continued

  • Fixes a problem with btcreate command where default restore fails if the disklabel is different. This patch also fixes a btextract character missing problem and extends the robot media changer sleep time for slower media changers.

  • Adds code to print greater than 61 UNIX domain sockets and change file read errors from /dev/kmem to ignore and continue in a running system.

  • Fixes two possible panics in AdvFS:

    • One caused by bs_real_invalidate_pages.

    • One caused by bs_purge_dirty.

  • Fixes a kernel memory fault due to a bug in kernel code.

  • Corrects a problem with ICMP redirect processing which resulted in incorrect ICMP redirect messages.

  • Addresses a kernel memory fault panic in malloc_thread().

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Fixes a problem where memory could retain execute permission on EV6 machines.

  • Fixes a delete_pv_entry panic when kernel virtual address space has high usage.

  • Corrects a problem where df was showing negative values for large NFS file systems.

  • Corrects a problem introduced in a prior patch which can result in a system panic when outputting through the packet filter.

  • To avoid log inconsistencies we no longer reuse log pages. In one case these inconsistencies resulted in a system hang caused by a huge, unreasonable malloc.

  • Fixes a problem where, in rare cases, the system would panic instead of failing gracefully. The panic message is "ftx_done_urdr: handle level N1 doesn't match ftx lvl N2".

  • Fixes a problem where, in some cases, the system would report that there is no space left and would be unable to create files, even though there is disk space left and the BMT has not reached its maximal number of extents.

  • Shell inline input files are more secure.

  • sh noclobber and new constructs were added.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

Patch 1107.00

continued

  • Fixes problem that occurred while expanding positional parameters in the Bourne shell. The expansion "$@" should generate zero fields when there are no positional parameters specified for the shell function.

  • Corrects problems of audit_tool supplying incorrect or insufficient data about an audit event.

  • Corrects two problems:

    • The table() system will not abort connections properly if a tcb hash table number is greater than 1.

    • There was a kmf in option_scan due to SMP race between cfgmgr(CFG_OP_CONFIGURE) and sysconfigdb(CFG_OP_RECONFIGURE). The fix was to add a lock around access to cfg_db.

  • Fixes two code paths where the user could accidentally look up the unspecified address (0.0.0.0), find an ARP entry for it, and start the timer ticking away on it, eventually causing a panic.

  • Prevents a race in msfs_umount.

  • Corrects a problem in which ksh fails to substitute the tilde (~) character for a user's home directory after an assignment using the # or % characters has been used.

  • Fixes kernel memory faults caused by ufs_sync_int accessing an inactivated or deallocated vnode.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

  • Under certain conditions, invalidating a portion of a very large file can make the file system appear to be hung. Any program trying to access the file system, ls for example, will hang until the file is invalidated. This will only happen when rt_preempt_opt=1.

  • Fixes a ksh problem related to cleaning the process when the terminal is abruptly stopped.

  • Fixes kernel panics which can occur in the context of threaded applications. The panic string is "trap: invalid memory write access from kernel mode" and the faulting virtual address is always 0x0000000000000048.

  • Prevents a possible lock hierarchy violation while opening a clone.

  • Fixes a kernel memory fault that can occur after a user issues "kill-STOP".

  • Addresses three issues:

    • The TCP window has been increased from 96 KB to 500 KB for performance improvements.

    • This patch will have the netisr thread dynamically estimate the reply size and subsequently reserve the space in the socket buffer.

    • A new timeout check has been added to notice when the data has not been ACKnowledged in 30-50 seconds and copies those buffers. This will allow the UBC to free up those mbufs and not tie them up.

  • Fixes a problem where decreasing the smoothsync_age does not always have an effect.

Patch 1107.00

continued

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • Corrects a problem with could result either in the panic of a cluster member or in inconsistent data when the sbcompress_threshold configurable is set.

  • A potential security vulnerability has been discovered in the HP Tru64 UNIX operating system that may result in a Denial of Service (DoS). This potential vulnerability may be in the form of local and remote security domain risks.

  • The following potential security vulnerability has been corrected: SSRT2384 RPC (Severity - High)

  • Prevents the error message "local HSM Error: msgsvc: socket close failed" from being generated when an application closes the socket with return state 0.

  • Updates the emx driver to v2.03 and fixes a problem which could cause an emx driver panic during adapter resets.

  • Installs DECthreads V3.16-032, which fixes problems that may effect threaded programs using pthread_kill() on Tru64 UNIX V4.0G systems.

  • Fixes the kernel memory fault panic in the IP multicast loopback code.

  • Corrects a problem with the counters maintained for the NetRAIN virtual interface.

  • A potential security vulnerability has been discovered where, under certain circumstances, users can clobber temporary files created by shell commands and utilities (for example, under /sbin, /usr/sbin, /usr/bin, and /etc). HP has corrected this potential vulnerability.

  • Corrects a problem in which ksh did not clean up the processes associated with a terminal once the window was closed.

  • Fixes a problem which can result in a panic, hang, or inconsistencies from vnode deallocation during an unmount. This also fixes a "VFS_UNMOUNT panic" upon unmount.

  • Fixes a panic with simple_lock_timeout due to too many pages to scan in ubc_page_alloc().

  • Fixes heap and stack limitations in the older operating system. versions required for SAP.

  • Avoids an AdvFS command problem. In rare cases, migrate programs (rmvol, balance, migrate, defragment) would fail to migrate a file due to E_PAGE_NOT_MAPPED.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be comprimised when a buffer overflow occurs in the ypmatch and traceroute utilities. Buffer overflows are sometimes exploited in an attempt to subvert the funcuion of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • Prevents a panic in fifo_write with the panic message "NULL fifo_bufhdr append pointer".

  • Fixes a problem that causes a system panic when a program calls sendfile(2) to access a file via NFS.

Patch 1107.00

continued

  • Corrects a problem found where the rmtmpfiles script would produce errors at startup of the form:

    dirclean: lstat failure for starting directory: /.osonly_tmp/:
    No such file or directory

  • Fixes an application core dump problem when the LANG environment variable is too long.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

  • Fixes sync-related processing of vnodes in AdvFS and NFS.

  • Fixes a "kernel memory fault" panic in the Virtual Memory subsystem on SMP systems.

  • Fixes a regular expression performance problem in sed.

  • A potential security vulnerability has been discovered in the kernel where, under certain circumstances a race condition can occur that could allow a nonroot user to modify any file and possibly gain root access.

  • Eliminates a false directory lookup warning message generated by an incorrect comparison caused by mismatched file id variable types. The fix also slightly improves client caching performance.

  • This patch provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • sh now prints the correct message when enhanced core file naming is on.

  • Resolves kernel memory faults in the TCP/IP subsystem.

  • Corrects the problem where telnetd leaves an extra UDP port open.

  • Fixes mbuf memory corruption that can cause kernel memory fault panics.

  • Resolves a problem of not being able to view files on some CD-ROM media that is created by third-party software.

  • Fixes locking on retry case for multithreaded select/poll. A panic with the stack trace "PANIC: thread_block: simple lock owned" is indicative of this problem:

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the csh utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • Fixes the following problems in sh:

    • Service denial problem when a quoted here doc script is executed.

    • Problem with handling ELF files.

    • The shell variable $- not holding -C set option when it is turned on.

    • Printing broken characters when type builtin utility of sh is invoked in Japanese locale.

Patch 1107.00

continued

  • Prevents a kernel memory fault panic that would occur when the audit daemon is set to periodically dump the kernel audit buffers to the audit log file (auditd -d freq).

  • Installs DECthreads V3.16-030, which fixes problems that may affect threaded programs which use the fork() system call running on Tru64 UNIX V4.0G.

  • Fixes the following editors to handle tags functionality using the <Ctrl/T> key:

    • vi

    • edit

    • ex

    • view

    • vedit

  • Fixes a problem with ksh. When a ksh menu is started from within a user's .profile, ksh will not stop when the telnet session is stopped.

  • Correction in cron to correctly handle backslash (\) commands so that crontab and /dev/console output do not include backslashes.

  • Corrects a failure in the safe_open() routine which caused symbolic links given by a relative path from the current working directory sometimes to give ENOENT errors incorrectly.

  • Avoids a domain panic when a E_CANT_ACCESS_LOG error is detected.

  • Corrects a problem where offlining a CPU with bound process(es) can lead to a "malloc_check_checksum: memory pool corruption" panic.

  • Fixes a problem that affects threaded programs compiled with the taso option on Tru64 UNIX V4.0G. The default stack size for taso user threads in DECthreads V3.16 was too large.

  • Addresses two problems with the alt driver for DEGPA Gigabit Ethernet adapters. These problems affect all Tru64 UNIX systems using alt with vMAC or NetRAIN:

    • A fix for vMAC support. Prior to this patch, vMAC has not worked with DEGPA.

    • A fix to prevent two DEGPA adapters from getting the same MAC address in a NetRAIN configuration.

  • Fixes a rare panic in the driver for the DE600/DE602 10/100 Ethernet adapter.

  • Fixes a problem where a system crash occurs at the end of a rmvol. The following panic string will be seen:

    panic (cpu 0): lsn_io_list: current lsn > hiflushlsn

  • Fixes system panic and/or data inconsistencies caused by changing fifo parameter pipe-databuf-size while fifo operations are in flight.

  • Fixes a bug that causes inconsistencies in binary.errlog.

  • Eliminates a "Simple Lock Time Limit Exceeded" due to the IoQueueMutex being held in bs_real_invalidate_pages.

  • Fixes a problem with multi-threaded applications that can cause the application to consume 100% of the CPU usage time.

  • Fixes an lpd problem, a memory leak associated with the allocation of a buffer.

Patch 1107.00

continued

  • Fixes a problem in the VM subsystem that could cause a crash with the panic string "vm_page_ssm_unwire".

  • Prevents segmentation faults when sia_ses_init is passed a malformed argument vector.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the sh utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege.HP has corrected this potential vulnerability.

  • Provides the /usr/lbin/mkstemp program which allows the mechanism to create a secure temporary file.

  • Resolves a problem in which there was a panic ("simple lock: time limit exceeded") in spec_reclaim.

  • Provides fuser functionality to allow detecting unlinked referenced files.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the xdr library, which is used by the RPC library. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered in the HP Tru64 UNIX operating system, where under certain circumstances, system integrity may be compromised through improper file access (overwriting of files). This potential vulnerability is in the form of a local security domain risk.

  • The following potential security vulnerability has been corrected:

    SSRT2301 uudecode  (Severity - Medium)

  • When ACLs are enabled and there is a Default Access ACL on a directory on an AdvFS file system, the permissions of symbolic links created in that directory will appear to be incorrect, even though access is not affected.

  • Fixes a problem in fwrite() where it was failing when the total number of bytes to be written is larger than 2 GB.

  • Fixes performance shortcomings in NXM thread replacement.

  • Eliminates the compiler warnings in ksh.

  • A potential security vulnerability has been identified in the HP Tru64 UNIX operating system which may result in nonprivileged users gaining unauthorized access to files or privileged access on the system. This potential vulnerability may be in the form of a local and remote security domain risk.

  • The following potential security vulnerability has been corrected:

    SSRT0845U  stdio file descriptors     (Severity - High)

  • Corrects a problem where the SNMP interface counter ifInUcastPkts occassionally decrements or jumps to an arbitrary, large value.

Patch 1107.00

continued

  • Updates the emx driver to V2.01 and fixes the following problems:

    • A problem of unexpected tape I/O aborts.

    • A panic of "Can't grow probe list".

    • Several kernel memory faults within the driver.

    • Redundant adapter failures no longer panic the system.

    • A problem of panicing with low memory resources.

    • Stalling I/O during reprobing when a cluster member goes down.

  • Fixes a segmentation fault problem with long LOCPATH and LANG values.

  • Systems configured with VX1 graphics card will not return to the console when the halt button is pressed. The console is then unusable.

  • Eliminates compiler warnings in ksh.

  • Fixes a problem with strerror where buffers could not be allocated.

  • Fixes a problem with malloc() over-allocating memory from the kernel when malloc tuning variable __sbrk_override has been set to 1.

  • Fixes a kernel panic with "get_xm_page_range_info:kernel memory fault".

  • Fixes an occasional panic that can be seen when reading from a process using Granularity Hints via procfs.

  • Avoids a silent infinite loop in vdump by correcting the AdvFS system call OP_GET_BKUP_XTNT_MAP. The call will now return the valid xtntCnt when it fails due to E_NOT_ENOUGH_XTNTS.

  • Fixes a problem with vm_faults against anon objects mapped by multiple map entries.

  • Corrects the problem where the DLI queue stalls when there is no traffic in the TCP/IP or HDLC stacks.

  • When the file system is full, now crontab will not be removing its entries and vi also will not be truncating the existing file.

  • Corrects the problem where a user may experience a core dump, when using csh from the Japanese locale.

  • Fixes excessive FIDS_LOCK contention observed when large numbers of files are using system-based file locking.

  • Enhances cron to now do extensive logging.

  • Fixes a problem in which the mv command will not perform a move if the inode of the file is the same as the inode of the destination directory, even though the file and directory are on different file systems.

  • Fixes a problem in the kernel network subsystem that caused a kernel memory fault panic in the routine m_adj().

  • Addresses three problems with the ee driver for DE60x Ethernet cards. These problems affect all Tru64 systems containing ee cards.

    • Fixes a race condition where the card could stop receiving packets from the network under rare circumstances.

    • Improves error checking when allocating buffers.

    • Fixes DMA resource allocation to prevent a panic when a machine runs low on DMA resources.

Patch 1107.00

continued

  • Fixes a problem with fopen. fopen was returning "file not found" when there was insufficient memory to allocate the file structure. fopen now returns "not enough space" for this case.

  • Fixes a bug that could cause a panic with the panic string "ubc_object_free: page still resident".

  • Corrects a problem where gated will no longer complain each time it attempts to send an OSPF HELLO packet and possibly fill up log files.

  • Corrects a possible panic when auditing execve with exec_argp/exec_envp enabled.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of file corruption due to the manner in which setuid/setgid programs core dump. HP has corrected this potential vulnerability.

  • Fixes locking problems in vclean().

  • In u_anon_dupu(), the error-handling path at label pg_error should remove the entries that have been made in the physical map.

  • Fixes a problem where network interfaces can appear unresponsive to network traffic.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the BIND utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • The /usr/sbin/dirclean utility no longer attempts to remove the AdvFS .tags directory or the quota.group and quota.user files.

  • Fixes a problem with booting over the network (dataless management) and booting from a tape device.

  • Corrects two problems:

    • New_wire_method (light weight wiring) issues known as the Oracle connect problem or Oracle performance problem.

    • ARMTech kernel malloc invalid size panic.

  • Fixes an Asian language processing problem under the Korn shell.

  • Corrects a problem in the virtual file system that could cause a panic with the panic string "kernel memory fault."

  • Corrects a problem in the virtual file system that could cause panic with the panic string "kernel memory fault."

  • Allows fuser to display the reference flag. This option indicates the type of reference made. For example: open, closed, unlinked, or mmapped.

Patch 1107.00

continued

  • Fixes a problem in which lpd hangs when printing to advanced server queues (using /dev/null).

  • Fixes a bug that can cause a panic when a system is powering down.

  • ARP request for a permanent ARP entry is ignored, and the user cannot connect from remote system.

  • Corrects an lpc regression in the lpc buffer overflow fix.

  • Corrects an AdvFS problem where an on-disk variable wraps when more than 64 K metadata entries are required to map the disk blocks of a file or metadata file. The side effects of this problem were data inconsistencies and an incorrect available size for the domain.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the lpq, lpr, and lprm commnads. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commnads and the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • Fixes a problem in which /usr/bin/ksh hangs for certain scripts that contain wait(1).

  • Fixes an "unaligned access" panic when attempting to free or malloc memory from the 512-byte kernel memory bucket (bucket 5).

  • Fixes a problem with AdvFS where mounting the file system with option -o dual causes a panic.

  • Fixes segmentation errors that can occur when running SAS.

  • Fixes a kernel crash dump generation problem which resulted in the wrong page(s) being compressed/written. Without this fix, postmortem debugging may be difficult or impossible.

  • Corrects a problem in which sh was using a high amount of CPU time.

  • Corrects a race condition which could result in a failure to set the modification time of a file. This occurs only on a UFS filesystem.

  • Fixes the audit_tool search algorithm to differentiate between prived and non-prived uids, and to allow reqular expressions in string searches.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Fixes a problem with audit data not being displayed by the audit tool, problems with file object selection/deselection and directories, and NUMA performance issues associated with auditing.

  • Prevents panics caused by bad arguments to system calls.

  • A potential security vulnerability has been identified in the HP Tru64 UNIX operating system which may result in a Denial of Service (DoS). This may be in the form of local and remote security domain risks.

  • The following potential vulnerability has been corrected:

    SSRT2322 - BIND resolver     (Severity - High)

Patch 1107.00

continued

  • Improves msync performance on files that are mapped with the MAP_PRIVATE flag.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This could result in a panic with the string: "lock_clear_recursive: recursion not enabled." HP has corrected this potential vulnerability.

  • Fixes a problem where a system with a dual-mounted AdvFS file system can panic with the panic string, "bs_unpinpg: unpin sync with writeRef >1".

  • Fixes a problem that caused the 4.3BSD socket interface to return incorrect values for IOCTL calls accessing IP alias address information.

  • If an I/O fails and it may be helped by an AdvFS initiated retry, a message will be written to the console providing information on how to retry.

  • Fixes numerous problems of accessing deallocated and freed vnodes.

  • Fixes an ISO9660 file system size limitation of 2.1 GB and provides full capacity access to DVD-ROM media.

  • Prevents USB from initializing on systems where USB is not supported.

  • Alleviates a temporary hang/pause condition seen when forking or running down an application with several child processes from a parent process having an extremely large number of unique or discontigous memory allocations.

  • Fixes a problem when there is a hole in the virtual disk array.

  • Provides a new lpd to fix /etc/hosts.lpd case sensitivity. For example, node.domain is treated the same as Node.Domain.

  • Corrects the problem of a simple lock timeout due to POSIX timers and also corrects some inaccuracies of the POSIX realtime timers.

  • Fixes a problem where calling send() with the AIO flags set can cause the system to panic with a kernel memory fault in the "aio_send" code.

  • Fixes a problem in fread() where excessive I/O was taking place for large amounts of data, causing performance problems. It also addresses a failure in fread() to properly handle data sizes that have representations greater than 32 bits (2^32 of data).

  • Corrects a potential system hang when the directory link limit is reached while creating subdirectories. This patch also corrects the erroneous reporting of success when attempting to write beyond the file size limit using synchronized I/O.

  • Corrects a problem where an fcntl() with the FIFO parameter would return errno=22 (Invalid Argument).

  • Fixes a problem caused when the Tru64 UNIX TCP layer prematurely closes a slow but good connection with TCP reset.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. HP has corrected this potential vulnerability.

Patch 1107.00

continued

  • The return value of unlink() call was not checked when two threads were trying to move a file to two different destinations. Due to this, though one of the threads could unlink() the source file, there were no relevant error message displayed. A fix is given to address this issue.

  • Corrects u_anon_free: page busy panics.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • Corrects a Kernel Memory Fault that could result from an inp pointer disappearing when the listen socket is in the process of closing at the same time a new connection is establishing.

  • Contains a fix for a Tru64 UNIX NFS server panic caused by receiving illegal file access mode from an NFS client.

  • A potential security vulnerability has been identified in the HP Tru64 UNIX operating system that may result in denial of service. This may be in the form of local and remote security domain risks.

  • The following potential security vulnerability has been corrected:

    SSRT2266 IGMP (Severity - High)

  • Corrects a problem which had resulted in broadcast or multicast packets being processed multiple times on behalf of a NetRAIN device, once for each backup interface.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. This may be in the form of network programs core dumping. HP has corrected this potential vulnerability.

  • Fixes a kernel memory fault in msg_rpc_trap.

  • Fixes a system panic resulting from a rare race condition. The panic error message is "kernel memory fault".

  • Corrects the problem of a rexec command hanging on a system.

  • Fixes a problem of incorrect default route modification in which there is a race condition between gated startup and installation of static routes.

  • Fixes a potential security problem.

  • Fixes two problems in the ee driver for DE60x 10/100 Ethernet adapters. These problems affect all Tru64 UNIX systems containing DE60x network interfaces.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the ksh utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • Makes start up scripts in /sbin/init.d world readable.

  • Fixes sh problem while executing here document through command substitution.

Patch 1107.00

continued

  • Corrects a problem in AdvFS where it avoids a potential stranded log record in memory that does not get out to disk by fixing a race condition.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised. A malicious user can attempt to subvert a program file that has the setuid or setgid privilege, and possibly execute commands at an elevated privilege level. HP has corrected this potential vulnerability.

  • Fixes a problem with the c shell (csh) so that it now correctly recognizes the backslash (\) meta character.

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the chfn, chsh, or passwd utilities. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • A potential security vulnerability has been discovered in networking where, under certain circumstances, an alias IP address could be incorrectly promoted to being the primary address when another alias is removed. A remote system can take over packets destined for another host.

  • Corrects a problem which could result in an alias IP address being incorrectly promoted to being the primary address when another alias is removed.

  • Fixes a problem where a system can panic with a kernel memory fault in malloc.

  • Corrects a problem with csh(1) where, if a non-root user performed an ls(1) with wildcard characters on a directory having permission 700, then it would display the invalid error message, "Glob aborted". Now it displays the correct error message of "Permission denied".

  • Corrects an NFS hang when the delayed option is used with the mount command.

  • A potential security vulnerability has been identified in the HP Tru64 UNIX operating system which may result in nonprivileged users gaining unauthorized access to files or privileged access on the system. This potential vulnerability may be in the form of a local and remote security domain risk.

  • Fixes a problem that sometimes caused the system to select the incorrect IP source address for outgoing connections when using IP aliases and subnetting on a network interface.

  • Fixes three problems with the alt driver for DEGPA Gigabit Ethernet adapters. These problems affect all Tru64 UNIX systems containing DEGPA network interfaces.

  • Improper scheduling of cron jobs related to months not having 31 days is now corrected.

Patch 1107.00

continued

  • A potential security vulnerability has been discovered where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the telnetd daemon. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program, and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.

  • Fixes a problem resulting in a system panic for applications that directly call nxm_get_bindings.

  • Fixes a potential problem where system responsiveness may be impacted.

  • Fixes a system panic with the panic string "lock_terminate: lock held". This is being caused by the table call which, when accessing an open file table from another task, was not doing the proper locking.

  • Corrects a kernel memory fault panic in clntktcp_connect().

  • Fixes a problem in audit_tool which appends nonsense characters to the audit information to the output of an execve event in brief mode.

  • A potential security vulnerability has been discovere, where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability.

  • Fixes a memory leak when using dlclose in libraries in a threaded application.

  • Fixes the predictable TCP Sequence Number.

  • Fixes memory leaks caused by certain type of scripts which is called in infinite loop. This consumes more virtual address space over time.

  • sh will not receive SIGSEGV signal when you run type with file path > 69 chars.

  • Fixes a kernel build failure seen during an Update Installation from CD-ROM. The problem affects systems whose default time zone (/etc/zoneinfo/localtime) is not in North or South America.

  • Corrects a problem in audit_tool parsing the n, p, or u options of the -a, -u, or -r switches and corrects the audit_tool usage message to reflect current funtionality.

  • A potential security vulnerability has been identified in the HP Tru64 UNIX operating system that may result in denial of service. This may be in the form of local and remote security domain risks.

  • The following potential security vulnerability has been corrected:

    SSRT2266 IGMP (Severity - High)

  • Fixes an assert_wait panic coming from k_mem_fault.

  • The gettimezone script fails to present menus properly.

  • A potential security vulnerability has been discovered that may result in a denial of service (DoS) on RPC-based HP Tru64 UNIX servers with Enhanced Security (C2) enabled. This potential security vulnerability may be in the form of local and remote security domain risks.

  • Fixes the problem of /usr/bin/csh picking the wrong message catalog entry from the translated message catalog when LANG was set to Japanese locale.

Patch 1107.00

continued

  • Fixes a problem in the Network startup script where it could fail to configure an interface with an IP address.

  • Corrects possible security hole reported by SSRT2323.

  • Fixes the problem encountered with the Bourne shell when a file name with trailing slash (/) is used as an argument to the command.

  • NIS clients may fail to connect to non-Tru64 UNIX NIS servers that only support the V2 NIS protocol.

  • Fixes a problem where, if multiple processes attempted to access the same file at the same time and access to the file should have been allowed by an ACL on the file, access may have been denied instead.

  • Fixes a problem where, if the ACL on a file wascorrupted,and the corrupted ACL was passed into the kernel, it caused a variety of problems.

  • Fixes various problems in the ee driver for DE60x Ethernet adapters.

  • Fixes an I/O hang condition on FibreChannel.

Patch 1109.00

OSF445-723

Patch: Fixes problem where tape read/write operations fail

State: New. Supersedes patch OSF445-251 (758.00)

This patch corrects the following:

  • Fixes a problem when the type of SCSI device dynamically changes, which can result in a kernel memory fault or memory corruption panic.

  • Corrects a problem where interrupting an aseagent daemon with a signal can cause devices to become unaccessible.

  • Fixes the problem where tape read/write operations fail with the following repetitive binary.errorlog message:

     ctape_strategy: Device state flags indicate a Reserve is Pending

  • Tapes reporting a SCSI version other than 2 would not work properly.