PROBLEM: (STL226954, 87527, 87856) (PATCH ID: OSF520-028) ******** This patch corrects the problem in which /usr/bin/ksh hangs for certain scripts that contain wait(1). PROBLEM: (90927, SSRT1-40U, SSRT1-41U, SSRT1-42U, SSRT1-45U, SSRT1-48U) (PATCH ID: OSF520-217) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. Compaq has corrected this potential vulnerability. In addition the following changes were made: - shell inline input files are more secure - sh noclobber and new constructs added - updated mkdir system call Updated sh, csh and ksh ----------------------- The updated shells in this kit all implement the following changes when processing shell inline input files: - File permissions allow only read and write for owner - If excessive inline input file name collisions occur the the following error message will be returned: "Unable to create temporary file" sh noclobber option and >| , >>| constructs added ------------------------------------------------- A noclobber option similar to that already available with csh and ksh has been added to the Bourne shell. When the noclobber option is used (set -C), the shell behavior for the redirection operators > and >> changes as follows: - For > with noclobber set, sh will return an error rather than overwrite an existing file. If the specified filename is actually a symlink, the presence of the symlink satisfies the criteria "file exists" whether or not the symlink target exists, and sh returns an error. The >| construct will suppress these checks and create the file. - For >> with noclobber set, output is appended to the tail of an existing file. If the file does not exist, or the filename is actually a symlink whose target does not exist, sh returns an error rather than create the file. The >>| construct will suppress these checks and create the file. ksh noclobber behavior clarified -------------------------------- For > with noclobber set, ksh returns an error rather than overwrite an existing file. If the filename is actually a symlink, the presence of the symlink satisfies the criteria "file exists" whether or not the symlink target exists, and ksh returns an error. The >| construct will suppress these checks and create the file. For >> with noclobber set, output is appended to the tail of an existing file. If the filename is actually a symlink to a non-existent file, ksh returns an error. csh noclobber behavior clarified -------------------------------- For > with noclobber set, csh returns an error rather than overwrite an existing file. If the filename is actually a symlink, the presence of the symlink satisfies the criteria "file exists" whether or not the symlink target exists, and csh returns an error. The >! construct will suppress these checks and create the file. For >> with noclobber set, output is appended to the tail of an existing file. If the filename is actually a symlink to a non-existant file, csh returns an error. The >>! construct will suppress these checks and create the file. Updated mkdir system call and command ------------------------------------- This kit reverts the mkdir system call, and thus the mkdir command, to its Tru64 UNIX V4.n behavior with respect to symlinks. For the unusual case where a symlink is used as the very last elment of a mkdir path, the mkdir syscall nows returns an error than create the target. If, for some reason, you want mkdir to follow the symlink you can do so by making the last character of the mkdir pathname a slash. The following example depicts how to get mkdir to follow the symlink: - If /var/tmp/foo is a symlink to /usr/xxx, which does not exist, then mkdir("/var/tmp/foo",0644) will return an error but mkdir("var/tmp/foo/",0644) will create /usr/xxx. Mkdir behavior can also be controlled systemwide by an addition to the sysconfig options for the vfs subsystem. The new sysconfig option "follow_mkdir_symlinks" defaults to 0, specifying the secure symlink behavior. Changing this option to 1, which Compaq strongly discourages, will cause mkdir to follow symlinks. PROBLEM: (89814, 117-1-18182) (PATCH ID: OSF520-228) ******** This patch corrects a problem in which ksh fails to substitute the tilde (~) character for a user's home directory after an assignment using the "#" or "%" characters has been used. PROBLEM: (90369, FR_G02425) (PATCH ID: OSF520-208) ******** This patch fixes a problem with ksh. When a ksh menu is started from within user's .profile, ksh will not stop when the telnet session is stopped. PROBLEM: (TKT244440) (PATCH ID: OSF520-227) ******** While in an Asian locale (such as Japanese) and executing a ksh command that deals with directories with Asian language names, a segmentation fault and core dump may occur. This patch fixes this problem. PROBLEM: (85854) (PATCH ID: OSF520-526) ******** Bourne shell has a major problem when you use type utility. When you run type utility with file path of more than 69 chars, then sh generates invalid memory reference, and thus causes memory fault. When ever memory fault is generated, it calls the signal hadler fault() routine, and this intern calls growstack() routine. When multiple times called fault(), and growstack drastically increases stack area, and thus this process will not allow other process to make use of swap space. Hence, all applications will shutdown, and system hangs. The problem is so happened that static char array size msgbuf[128] is used to store standard o/p of type utility. When file path is 69 characters, then overall o/p of type utility will become more than 128 chars and thus running out of space. To avoid this problem have allocated memory dynamically of size standard o/p of type utility. Steps to reproduce: ------------------- #mkdir -p caopreprod/apl/dec04/fluent/fluent5.3/alpha/3d_node #touch caopreprod/apl/dec04/fluent/fluent5.3/alpha/3d_node/fluent_smpi.5.3.18 #chmod +x caopreprod/apl/dec04/fluent/fluent5.3/alpha/3d_node/fluent_smpi.5.3.18 # type sh sh is /sbin/sh # sh # type caopreprod/apl/dec04/fluent/fluent5.3/alpha/3d_node/fluent_smpi.5.3.18 > -> swap space below 10 percent freeswap space below 10 percent free Unable to obtain requested swap space Unable to obtain requested swap space no space PROBLEM: (117-1-19737) (PATCH ID: OSF520-437) ******** This fix corrects a problem in which sh was using a high amount of CPU time. PROBLEM: (117-1-19056) (PATCH ID: OSF520-445) ******** This fix corrects a problem in which ksh did not clean up the processes associated with a terminal once the window was closed. PROBLEM: (92820) (PATCH ID: OSF520-595) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability. PROBLEM: (94301) (PATCH ID: OSF520-623) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the ksh utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability. PROBLEM: (92819) (PATCH ID: OSF520-626) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of improper file access. HP has corrected this potential vulnerability. PROBLEM: (94525) (PATCH ID: OSF520-656) ******** A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the sh utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. HP has corrected this potential vulnerability.