Manualshelf

HP Tru64 UNIX and TruCluster Server Version 5.1B-6 Patch Summary and Release Notes

ManualsBrandsHP ManualsSoftwareTru64 UNIX 5.0A
41424344454647484950
A fix to remote job reprinting that this patch kit provides can trigger reprints which, under
conditions previously described, do not appear to be needed.
Support for the Name Services Switch Added
The Name Service Switch (NSS) has been added to Tru64 UNIX as a replacement for the svc.conf
database service selection. The NSS provides a more extensible database service selector and
supports a dynamic list of databases. Using the NSS allows you to add LDAP as a source for
netgroup data.
Configuring the NSS converts entries from the /etc/svc.conf file into entries for
/etc/nsswitch.conf file. The/etc/svc.conf is then only used for pre-nsswitch
statically-built applications and sendmail. For more information about this feature, see nssetup(8),
nsswitch(4), and nss2svc(8)
New Hardware Support
This patch kit provides the following new hardware support.
Support for 64 Processor AlphaServer GS1280 Systems
This patch kit provides support for AlphaServer GS1280 systems configured with 64 processors.
Support for AlphaServer and AlphaStation DS15 Systems
The AlphaServer/AlphaStation DS15 3U Systems include:
Alpha 1 GHz CPU with 2 MB onboard ECC cache
512-MB, 1 GB, or 2 GB SDRAM memory - expandable to 4 GB
Onboard dual 10/100 BaseT Ethernet ports
Four 64-bit PCI expansion slots
Onboard Ultra160 SCSI controller
HP StorageWorks FCA2384
Support has been added for the FCA2384 - 2 GB, 64-Bit/133 MHz PCI- X-to-Fibre Channel Host
Bus Adapter.
Production Version of Motif 2.1 Provided
This kit replaces the Motif 2.1 Advanced Developer's Kit (ADK) with a production version of
Motif 2.1. This new version will be supported in future Version 5.1B releases. The production
version of Motif 2.1 will also be available for downloading from the Web.
Protection Against Buffer Overflow Exploitation Added
This kit provides a security feature to prevent the execution of instructions that reside in heap
or other data areas of process memory. The result is additional protection against buffer overflow
exploits. This feature is similar in concept to Tru64 UNIX executable stack protection.
This feature is implemented as a dynamic sysconfig tunable variable, executable_data, in
the proc subsystem. The supported settings allow system administrators to cause requests from
privileged processes for writable and executable memory to fail, or to be treated as a request for
writable memory, and to optionally generate a message when such a request occurs.
In a buffer overflow exploitation, an attacker feeds a privileged program an unexpectedly large
volume of carefully constructed data through inputs such as command line arguments and
environment variables. If the program is not coded defensively, the attacker can overwrite areas
of memory adjacent to the buffer.
Depending upon the location of the buffer (stack, heap, data area), the attacker can deceive these
programs into executing malicious code that takes advantage of the program's privileges or alter
a security-sensitive program variable to redirect program flow.
44 Tru64 UNIX Patches