HP-UX 11i Version 2 June 2007 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU

What is New at a Glance

What is New in the June 2007 Release?

Chapter 3

• LDAP-UX Integration: Updated to version B.04.10. Provides defect fix and new

features, including Dynamic Group Support, PAM_AUTHZ enhancements, and more.

(See “LDAP-UX Integration” on page 170.)

• Mozilla: Updated to 1.7.13.01. Contains security fixes. (See “Browsers” on page 164.)

• Netscape Directory Server for HP-UX: Updated to B.06.21.50. Contains defect fixes

in addition to new features provided in version B.06.21, including support for

four-way multi-master replication, support for fine-grained password policy, and

more. (See “Netscape Directory Server for HP-UX” on page 172.)

• Red Hat Directory Server for HP-UX: Updated to version B.07.10.20.20 to provide

defect fixes. (See “Red Hat Directory Server for HP-UX” on page 174.)

• Thunderbird and ThunderbirdSrc: Updated to 1.5.08.00. Fixes several security

vulnerabilities reported by the Mozilla Foundation. (See “Browsers” on page 164.)

Chapter 8: “Security” (see page 177)

• HP-UX Bastille: With version 3.0.x, new enhancements, capabilities, features, and

benefits (including bastille_drift analysis) represent additional items that Bastille

will be able to lock down, additional usability improvements, and a new ability for

Bastille to ensure that each cluster node has a consistent set of security settings.

Bundle name changed from B6849AA to HPUXBastille. (See “HP-UX Bastille” on

page 178.)

• HP-UX Host Intrusion Detection System: Updated to version 4.1. Supports an alert

volume reduction feature; enables the generation of customized and consolidated

alert reports that are easy to view and print; provides a tuning tool that reduces the

time and effort to deploy and maintain Surveillance Schedules; and more. (See

“HP-UX Host Intrusion Detection System” on page 179.)

• HP-UX IPFilter: Updated to version A.03.05.14 with Filtering for IPv6 packets

equivalent to IPv4 packet filtering while maintaining IPv4 support; Stateful filtering

for TCP (limited stateful filtering for UDP and ICMPv6); IPv6 fragmentation

support (the ability to block fragmented traffic); and other changes. (See “HP-UX

IPFilter” on page 181.)

• HP-UX Security Attributes Configuration: Defects are fixed in this release. (See

“HP-UX Security Attributes Configuration” on page 183.)

• Install-Time Security: Includes the bundles Sec00Tools, Sec10Host, Sec20MngDMZ,

and Sec30DMZ. Updated to version 1.4.x with new questions/configuration,

diagnostic daemon configure to local-only use (not network), and syslog local-only.

(See “Install-Time Security” on page 184.)

• OpenSSL: Updated to version A.00.09.07l.003. Incorporates defect fixes. If OpenSSL

A.00.09.08d is enabled, additional security features are available. (See “OpenSSL” on

page 185.)

• HP-UX Role-based Access Control: Updated to version B.11.23.04 with introduction

of a set of “privilege shells,” integration with HP System Management Homepage,

integration with select commands, and defect fixes. Available on Software Pack. (See

“HP-UX Role-based Access Control” on page 187.)

• HP-UX Secure Shell: Updated to version A.04.40.011. Features include change to

ssh ControlMaster directive for Connection Sharing; improved performance for

remote-to-local and local-to-remote file transfers; and features introduced in

OpenSSH4.4p1. (See “HP-UX Secure Shell” on page 188.)