HP-UX 11i Version 2 September 2006 Release Notes

ManualsBrandsHP ManualsSoftwareHP-UX 11i v2 Foundation OE LTU

What is New at a Glance

What is New in the September 2004 Release?

Chapter 3

• Point-to-Point Protocol (PPP): Available on HP-UX 11i v2. Includes changes to

Point-to-Point Protocol over Ethernet (PPPoE) and Point-to-Point Protocol for IPv6

(PPPv6).

• STREAMS/UX: The HP-UX 11i v2 September 2004 Release Notes contains an error

and should instead read as follows: For non-blocking writes, during flow control

conditions, STREAMS now returns success (0 return value) in the case of partial

writes on STREAMS-based pipes.

What is New in

September 2004

for Customers

Migrating from

HP-UX 11i v1

September 2004 Release Notes, Chapter 8: “Security”

• Boot Authentication: Now available on all Standard Systems. Standard Mode Boot

Authentication feature can be configured by two parameters.

• Generic Security Service Application Programming Interface (GSS-API): IPv6

enabled.

• HP-UX Bastille 2.1: New product for customers migrating from HP-UX 11i v1.

• HP-UX IPFilter A.03.05.10.02: Includes additional defect fixes.

• HP-UX Secure Shell A.03.71.000: Contains several new features, including enhanced

ssh_prng_cmds file for random number generation, new escape character for

requesting a pseudo terminal, and support for generating KEX-GEX groups in the

ssh-keygen file.

• HP-UX Strong Random Number Generator: New product with HP-UX 11i v2.

• HP-UX Host Intrusion Detection System 2.3: Product bundle renamed and

restructured to improve product installation and maintenance.

• Install-Time Security B.01.x.x: New product for customers migrating from HP-UX

11i v1.

• Kerberos Client (KRB5-Client): Changes include support for appdefaults section in

the /etc/krb5.conf; multidomain support; IPv6 support.

• OpenSSL A.00.09.07-d: A self-signed host certificate is automatically generated

while installing OpenSSL.

• PAM: 64-bit framework now supported on both PA-RISC and Itanium-based

systems. New PAM module introduced. Defect fixes included.

• PAM-Kerberos v1.23: Supports both Itanium-based and PA-RISC applications in

32-bit mode and 64-bit mode. The pam_sm_acct_mgmt() function returns

PAM_USER_UNKNOWN instead of PAM_SUCCESS when the user is not present in the

kerberos database.

• Security Patch Check 2.0: New product for customers migrating from HP-UX 11i v1.

• Shadow Passwords: New feature enhances system security by hiding user-encrypted

passwords in a shadow password file. Now supported by SAM.

What is New in

September 2004

for Customers

Migrating from

HP-UX 11i v1

September 2004 Release Notes, Chapter 9: “Commands and System Calls”

•The execve[*]() system calls: Beginning with HP-UX 11i v1.6, the kernel ignores

setuid and setgid bits on scripts for security reasons. In addition, buffer overflow

protection is now enabled.

•The fuser Command: Performance improved.

•The insf, lssf, and mksf Commands: Now support IHV drivers.