HP Insight Management Agents for Tru64 UNIX

»

HP Tru64 UNIX

Tru64 UNIX

» Tru64 UNIX V5.1B-6
» Tru64 UNIX V5.1B-5
» Documentation
» Information library
» Software web index
» Software products library
» Patch database
» Services
» Developer & Solution Partner Program
» Send us your comments
» Support Statements

Evolving business value

» Tru64 UNIX to HP-UX 11i transition benefits calculator
» Alpha RetainTrust Program
» Transition

Related links

» Alpha systems
» HP-UX 11i
» Integrity servers
» Linux
» HP storage
» HP solutions
HP-UX 11i: measurably better TCO!

» Management

Product Info

» Download

» Resources

 CPQIM320.HTTP.03 - Patch for HP Insight Management Agents for Tru64 UNIX

  This page provides installation information and release notes for the patch kit.
Patch Kit Information and Installation Notes
PatchID: CPQIM320.HTTP.03
New Kit Date: 20-May-2004
Modification Date:  Not Applicable
Modification Type:  NEW KIT

PRODUCT:  HP Insight Management Agents for Tru64 UNIX
SOURCE:     Hewlett-Packard Company

PATCH-KIT SUMMARY:
A shell script-based, compressed tar Patch-kit for HP Insight Management Agents V3.2 on Tru64 UNIX (CPQIM320) that contains solution  to the following problem:

  •  A potential security vulnerability has been identified in the HP Tru64 UNIX SSL (Secure Sockets Layer) library used by Insight Manager Web Agent (insightd). The potential vulnerability may be remotely exploitable, resulting in a denial of service (DoS).

The Patch-Kit Installation Instructions and the Patch Summary and Release Notes sections provide patch kit installation and removal instructions and a summary of each patch. Please read these sections prior to installing patches on your system.

INSTALLATION NOTES:

  • Install the patch components using the shell-script, "im_patch" that is included in this patch-kit.

  • By running the im_patch script without any option, the user can get to know the various options supported by the im_patch.

  • It is necessary to uninstall the previous patch-kit CPQIM320.HTTP.01 or CPQIM320.HTTP.02 before installing the new patch-kit CPQIM320.HTTP.03. To uninstall the previous patch-kits, execute "im_patch -d patch-kit" and follow the instructions

INSTALLATION STEPS:

  1. Login as root into the system where the patch needs to be install

  2. mkdir -p /tmp/patchkit

  3. cd /tmp/patchkit

  4. copy the patch-kit CPQIM320.HTTP.03.tar.gz to /tmp/patchkit

  5. gunzip CPQIM320.HTTP.03.tar.gz

  6. tar -xvf CPQIM320.HTTP.03.tar

  7. ./im_patch -i CPQIM320.HTTP.03

INSTALLATION PREREQUISITES:
You must have installed HP Tru64 Insight Management Agents base-kit CPQIM320, prior to installing this Patch-Kit. This patch kit is applicable to Tru64 UNIX version 4.0F and above.

SUPERSEDED PATCH LIST: CPQIM320.HTTP.02
KNOWN PROBLEMS WITH THE PATCH KIT: None.
 

Release Notes

This document summarizes the contents and special instructions for the Tru64 UNIX Insight Management Agents components contained in this kit. For information about installing or removing patches, and general patch management, execute the im_patch file which is part of the patch-kit.

1) This Patch Kit Distribution contains:

The 'Management HTTP Server' with various SSRT fixes and uses SSL library version: OpenSSL 0.9.6m

The patch-kit CPQIM320.HTTP.03 includes all the SSRT fixes from the previous patch-kits CPQIM320.HTTP.01 and CPQIM320.HTTP.02.

The components in this kit are being released early for general customer use. Components in this kit are installed by running im_patch from the directory in which the kit was untarred.

2) Special Instructions: If this patch kit is being installed on a cluster, it is sufficient to do so on only one of the nodes. But in order for the patch to take effect on the other nodes, the agents have to be manually re-started. On all other nodes run the following commands:

#/sbin/init.d/snmpd stop
#/sbin/init.d/insightd stop
#/sbin/init.d/snmpd start
#/sbin/init.d/insightd start

3) Summary of Insight Management patch components contained in this kit:

PatchId             Summary Of Fix

----------------    ------------------------------------------------------

CPQIM320.HTTP.03    libcpqhmmo.so built with openssl library version 9.6m

4) Additional information from Engineering

The 'Management HTTP Server' has various SSRT fixes and uses SSL library version openssl 9.6m. A potential security vulnerability has been identified in the HP Tru64 UNIX SSL library used by Insight Manager Web Agent (insightd). The potential vulnerability may be remotely exploitable, resulting in a denial of service (DoS).

HP has corrected the following potential security vulnerability:

SSRT4717 - SSL (Severity - High)  SSL=Secure Sockets Layer

The patch-kit CPQIM320.HTTP.03 is cumulative, and it includes all the SSRT fixes from the previous patch-kits.

5) Affected files: This patch delivers the following files:

/var/shlib/libcpqhmmo.so
/var/opt/CPQIM320/bin/libcpqhmmo.so

Copyright Hewlett-Packard Company 2004.  All Rights reserved