[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

OSF1 : Tru64 UNIX Tru64 UNIX 4.0G PK3 BL17 ECO Summary



*******************************************************************************
*                                                                             *
*                     This is a newly released patch...                       *
*                                                                             *
*  Online links can be found at                                               *
*    http://ftp.support.compaq.com/patches/public/unix/v4.0g/t64v40gb17-c0011101-1526
6-es-20020827.README
*******************************************************************************


TITLE: Tru64 UNIX Tru64 UNIX 4.0G PK3 BL17 ECO Summary
 
New Kit Date:       10-SEP-2002
Modification Date:  Not Applicable
Modification Type:  NEW KIT

Copyright (c) Hewlett-Packard Company 2002.  All rights reserved.


PRODUCT:    Tru64 UNIX [R] 4.0G
SOURCE:     Hewlett-Packard Company

ECO INFORMATION:

     ECO Name:  T64V40GB17-C0011101-15266-ES-20020827
     ECO Kit Approximate Size:  2MB 
     Kit Applies To:  Tru64 UNIX 4.0G PK3 (BL17)

     ECO Kit CHECKSUMS:
        /usr/bin/sum results:  
        20251   1760

        /usr/bin/cksum results: 
        2333995544 1802240

        MD5 results:   
        8b304e61bdb7633ea276dfe5f459b32b

        SHA1 results:
        c8e24ffd48e610f4231b88b438b5b71d01e63471


ECO KIT SUMMARY:

A dupatch-based, Early Release Patch kit exists for Tru64 UNIX 4.0G that
contains solutions to the following problem(s):

  Several potential networking security vulnerabilities have been discovered
  in the Tru64 UNIX operating system.  These may be in the form of local
  and remote security domain risks.  The potential security vulnerabilies 
  in the following areas have been corrected:


  TCP/IP (Severity High)

  SSRT0719U
  Potential vulnerability with the Initial Random TCP Sequence Numbers which
  may result in denial of service (DoS).  This may be in the form of local
  and remote security domain risks. The potential security vulnerability in
  TCP/IP has been corrected.  More information can be found at:
  http://www.cert.org/advisories/CA-2001-09.html
 SSRT0756U, SSRT0776U
  Under certain circumstances, may result in denial of service (DoS). This
  may be in the form of local and remote security domain risks. The potential
  security vulnerability in inetd has been corrected.


  ARP  (Severity High)

  SSRT0740U
  Under certain circumstances, a remote system may take over packets destined
  for another host which may result in denial of service (DoS). This potential
  security vulnerability in ARP has been corrected.


  FTPD (Severity High)

  SSRT0762U
  Under certain circumstances, may result in denial of service (DoS). This may
  be in the form of local and remote security domain risks. The  potential
  security vulnerability in ftpd has been corrected.


The Patch Kit Installation Instructions and the Patch Summary and Release
Notes documents provide patch kit installation and removal instructions
and a summary of each patch. Please read these documents prior to 
installing patches on your system.

The patches in this ERP kit will also be available in the next mainstream
patch kit - Tru64 UNIX 4.0G Patch Kit 4.


INSTALLATION NOTES:

1) Install this kit with the dupatch utility that is included in the patch
   kit. You may need to baseline your system if you have manually changed
   system files on your system. The dupatch utility provides the baselining
   capability.

2) At this time, this ERP kit does not have any file intersections with 
   any other available ERPs for this product version.


INSTALLATION PREREQUISITES:

You must have installed Tru64 UNIX 4.0G PK3 (BL17) prior to installing 
this Early Release Patch Kit.


KNOWN PROBLEMS WITH THE PATCH KIT:

None.


RELEASE NOTES FOR T64V40GB17-C0011101-15266-ES-20020827:

1 Release Notes

This Early Release Patch Kit Distribution contains:

   - fixes that resolve the problem(s) reported in: 
        o 117-2-547 
             * for Tru64 UNIX V4.0G T64V40GAS0003-20010613.tar (BL17)

 The patches in this kit are being released early for general customer use.
 Refer to the Release Notes for a summary of each patch and installation 
 prerequisites.

 Patches in this kit are installed by running dupatch from the directory 
 in which the kit was untarred. For example, as root on the target system:

        > mkdir -p /tmp/CSPkit1
        > cd /tmp/CSPkit1
        > <copy the kit to /tmp/CSPkit1>
        > tar -xpvf DUV40D13-C0044900-1285-20000328.tar
        > cd patch_kit
        > ./dupatch

2 Special Instructions

There are no special instructions for Tru64 UNIX V4.0G Patch C111.01


3 Summary of CSPatches contained in this kit


Tru64 UNIX V4.0G

PatchId                 Summary Of Fix
- ----------------------------------------
C111.01                 SSRT-547 Network Security Patches


4 Additional information from Engineering

None


5 Affected system files
This patch delivers the following files:

Tru64 UNIX V4.0G
        Patch C111.01
                ./sys/BINARY/ether.mod
                        CHECKSUM:       61347 129
                        SUBSET: OSFBIN445
                ./sys/BINARY/inet.mod
                        CHECKSUM:       15777 296
                        SUBSET: OSFBIN445
                ./usr/sbin/ftpd
                        CHECKSUM:       33696 128
                        SUBSET: OSFCLINET445

[R] UNIX is a registered trademark in the United States and other countries 
licensed exclusively through X/Open Company Limited.

Copyright Hewlett-Packard Company 2002.  All Rights reserved.

  This software is proprietary to and embodies the confidential technology
  of Hewlett-Packard Company.  Possession, use, or copying of this
  software and media is authorized only pursuant to a valid written license
  from Hewlett-Packard or an authorized sublicensor.

       This ECO has not been through an exhaustive field test process.
       Due to the experimental stage of this ECO/workaround, Hewlett-Packard
       makes no representations regarding its use or performance. The
       customer shall have the sole responsibility for adequate protection
       and back-up data used in conjunction with this ECO/workaround.


- ---
You are currently subscribed to unix as: iglesias@draco.acs.uci.edu
To unsubscribe send a blank email to leave-unix-3140W@list.support.compaq.com