PROBLEM: (78744, DEKQ10006) (PATCH ID: OSF505-004) ******** This patch fixes the following problems: - The regular expression logic used by grep did not indentify matches wthat involved expressions with multiple subexpressions and alternate patterns. - Corrects the error handling when invalid multibyte sequences are encountered by the vi, ex or more commands. PROBLEM: (73690) (PATCH ID: OSF505-0015) ******** If a code segment contained both gmtime() and localtime() calls, the time zone abbreviation set in the tm_zone member of the tm struct returned by a subsequent call to gmtime() could be incorrect (ie: something other than "GMT"). PROBLEM: (SSRT0636U) (PATCH ID: OSF505-030) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. PROBLEM: (79876) (PATCH ID: OSF505-061) ******** If the "where" or "t" ladebug command does not show all the currently active functions, it may be because of this problem. The program being debugged had to have been built with "split procedures", which is done via options in the om and spike tools. For spike, split procedures are generated if profiling is specified. For om, split procedures are generated if profiling AND the -split_procedure option are specified. PROBLEM: (78143, HPAQ20N7W) (PATCH ID: OSF505-031) ******** This fix corrects a permission denied error when writing to the /var/tcb/files/dblogs/[logfile] while running pop3d and enhanced security. PROBLEM: (MGO88206A) (PATCH ID: OSF505-044) ******** This patch corrects a problem of the rsh command displaying a warning message instead of the rsh command output when C2 security is configured. An example of the warning message displayed is "Your password will expire on ..." PROBLEM: (77761, 80315, NO) (PATCH ID: OSF505-071) ******** The changes for libc fix a problem with the sia_get_groups() interface where threads other than the main thread in a multithreaded progras would not receive the correct values in the returned group list. This includes any program calling the "sia_get_groups()" routine from within a pthread_create() callout routine. The changes for libsecurity fix a problem seen during an updateinstall from V4.0F to V5.0A on systems with Enhanced Security installed. The problem is that the Enhanced Security Databases would not be converted to the new file format and the subsequent login attempts would fail. Upon further inspection of the /var/adm/smlogs/it.log file, the following would be found: it.log: db_load: /tcb/files/auth.db2: Bad file number it.log: db_load: /var/tcb/files/auth.db2: Bad file number Although this libsecurity cannot be used during the updateinstall process, this patch once applied will allow the database conversion to succeed. After applying the patch it will be necessary to extract the installupdate database conversion process from the /usr/.smdb./OSFC2SEC505.scp script. In order to do this, extract the lines between "INSTALL)" and "DELETE)" from within the script into a temporary script file and execute it while booted into single user mode. Once successfully executed, you can reboot to multiuser mode. PROBLEM: (80211, 78358, 77975, 77126) (PATCH ID: OSF505-105) This patch fixes a problem that causes rshd and other programs to core dump with a stack trace that looks like this: Core file created by program "rshd" warning: /usr/sbin/rshd has no symbol table -- very little is supported without it signal Segmentation fault at >*[(unknown), 0x3ff801af384] ldq t1, 8(a0) (dbx) t > 0 (unknown)() [0x3ff801af384] 1 _yp_dobind_soft(0xffffffff, 0x0, 0x0, 0x0, 0x3) [0x3ff80 0da648] 2 _yp_dobind(0x0, 0x0, 0x3, 0x140011b80, 0x3ff800e8bc8) [0 x3ff800d3ff0] 3 __yp_first(0x140010410, 0x11ffe7f30, 0x140012920, 0x2000 , 0x140005880) [0x3ff800e8bc4] 4 (unknown)() [0x3ff801b704c] 5 __siad_get_groups(0x3ff8019ab4c, 0x140005b00, 0x3ff801b8 c94, 0x140005400, 0x3ff8019abb0) [0x3ff801b5cd0] 6 __sia_get_groups(0x0, 0x0, 0x0, 0x0, 0x0) [0x3ff8019acac ] 7 __initgroups(0x0, 0x40b0000000000000, 0x0, 0x0, 0x0) [0x 3ff800db8f4] 8 (unknown)() [0x3ff80199c20] 9 __sia_ses_launch(0x11ffece68, 0x140000a48, 0x3, 0x140000 168, 0x140010280) [0x3ff800f1f98] PROBLEM: (71585, 81704, BCGM508XL) (PATCH ID: OSF505-137) ******** This patch fixes a problem in uucp. uucp fails on systems names that are greater than 7 characters. PROBLEM: (81106, 81262) (PATCH ID: OSF505-128) ******** If the TZ environment variable is set to ":" (as in TZ=:), either on the command line or via a putenv() call, the data for the default time zone (GMT) is supposed to be loaded and used when time-related libc functions (such as tzset(), mktime(), localtime(), etc) are called. However, due to this bug, the data is not loaded and time zone information will either be missing (as in empty time zone abbreviations) or erroneously consistent with a previous time zone used. It may also lead to incorrect errors from mktime() when valid input is given. PROBLEM: (BCSM807S5) (PATCH ID: OSF505-135) ******** Some applications assume that initial allocations of memory from the C run-time library's malloc() function will return zero-filled memory. The problem is that malloc() and free() often write into the first 16 bytes of the allocated memory. This change to malloc() zeros out the first 16 bytes in the allocated memory. The result is that memory allocated prior to any call to free() -- and prior to any other run-time library function that might call free -- should be zero filled. PROBLEM: (79556) (PATCH ID: OSF505-086) ******** The output string for the swprintf() interface was not NULL terminated. PROBLEM: (80995) (PATCH ID: OSF505-116) ******** If you encounter a filename for a temporary file containing a '#' character, it is probably because of this problem. This would be a problem particularly if the name were used inside a shell script because the '#' character indicates the start of a comment. PROBLEM: (81129) (PATCH ID: OSF505-118) ******** This patch corrects a problem in an Enhanced Security configuration where at login time if it is determined an account's password has expired, the "Old password:" prompt did not appear. Rather, the user is immediately prompted for their new password options and is allowed to change to a new password. PROBLEM: (KAOQ71787, 81139) (PATCH ID: OSF505-119) ******** This patch restores the functionality of the 'su' utility in an Enhanced Security configuration. In earlier releases, it was possible to become another user without knowing their password as long as you knew root's password. An example is as follows: login as user1 su root enter root's password su user2 Without the patch user1 would have to know user2's password even though they knew root's password. After the patch is applied, the su to user2 will be allowed without providing the password. PROBLEM: (TKTR60015, 81049) (PATCH ID: OSF505-113) ******** This patch fixes a problem for Enhanced Security configurations where the Maximum Login Interval (u_max_login_intvl) field was being ignored for account templates. PROBLEM: (76208) (PATCH ID: OSF505-099) ******** This patch fixes a problem that occurs when attempting to log in on a system with enhanced security. If the login attempt times out or is terminated with a Control C, the following is seen: login: n1_1 Password: Login timed out malloc: Interrupted system call Connection closed by foreign host. PROBLEM: (84797, 84942) (PATCH ID: OSF505-241) ******** This patch fixes the problem of optimized programs printing incorrect values for long doubles. PROBLEM: (SSRT0689U) (PATCH ID: OSF505-168) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management. Compaq has corrected this potential vulnerability. PROBLEM: (TKTR80008) (PATCH ID: OSF505-163) ******** This fix corrects a regular expression performance problem in libc. PROBLEM: (83212, 84065, 84848, 84849, 84850) (PATCH ID: OSF505-228) ******** This patch fixes a problem in Enhanced Security in which calls to get data from or set data in one of the Enhanced Security databases would cause the process to hang. The problem primarily affected the prpasswdd daemon and authentication programs that made frequent and/or simultaneous requests to get or set the Enhanced Security data. PROBLEM: (BCGM91S2D, HPAQC0PTL) On standalone systems, the following stack trace could be found in any process attempting to access the Enhanced Security database: 0 thread_block 1 sleep_prim 2 mpsleep 3 setflck 4 msfs_lockctl 5 fcntl 6 syscall 7 _Xsyscall PROBLEM: (TKTRB0029, BCSMB1WJN, BCGMC0S9B) On TruCluster systems, the following stack traces were seen for processes attempting to access the Enhanced Security database: 0 thread_block 1 sleep_prim 2 mpsleep 3 dlm_wait_on_event 4 convert_lock 5 dlm_convert 6 syscall 7 _Xsyscall In some processes, the create_lock routine would be found on the stack instead of the dlm_convert and convert_lock routines. PROBLEM: (64466, CFS78826) (PATCH ID: OSF505-153) ******** Prior to this fix, printing of long double values using the stdio printf functions would result in a value with a maximum of 17 places of precision. This fix increases the number of places of precision for long doubles to 36. PROBLEM: (EVT38717A, 81694) (PATCH ID: OSF505-191) ******** This patch fixes a problem in which the 'vi' editor core dumps when it finds invalid syntax during a substitute operation. PROBLEM: (BCGMC14C4, 84427) (PATCH ID: OSF505-209) ******** This patch restores correct behavior that existed on pre-V5.0 releases for ecvt() and fcvt(). Floating point exceptions and core dumps no longer occur when denormalized values are passed to ecvt() and fcvt(). This patch also resolves issues with customer applications that experienced floating point exceptions and core dumps when passing denormalized values to ecvt() and fcvt() that subsequently caused INFORMIX databases to crash. PROBLEM: (83376, 84726) (PATCH ID: OSF505-210) ******** This patch fixes regular expression handling that used bracket expressions with the '*' character in non-default locales.