HP

HP Tru64 UNIX and TruCluster Server Version 5.1B-6

English
  Patch Summary and Release Notes > Chapter 2 Tru64 UNIX Patches   

Summary of Base Operating System Patches

The following sections provide brief descriptions of the changes delivered in this patch kit and in prior Version 5.1B patch kits.

The code required to make these changes may be delivered by multiple patches. As a result, you may see the same description listed under more than one patch.

Also, because Tru64 UNIX patch kits are cumulative, each new kit contains all of the fixes and enhancements that were provided in earlier kits. This can result in changes to components being made multiple times. For example, a patch may deliver several versions of the same driver. In such cases, the latest version is installed on your system.

Each patch provides fixes to subsets of the operating system. Subset names (listed in italic font in the following lists) consist of three parts; for example, for subset OSFACCT540, the OSF indicates that the subset is part of the base system, the ACCT indicates a category, and the 540 indicates that the subset belongs to the Version 5.1B operating system.

New Patches

The patch summaries in this section describe defect fixes new to this release. There are no new features or enhancements added in this release.

Patch 29002.00

OSFADVFS540

  • Fixes an incomplete directory path message displayed by vrestore(8) while restoring device files in verbose mode.

  • Fixes a problem in vrestore(8), where the ASU acls are not restored for symbolic links.

  • Fixes a failure in the defragment of large stripe files.

Patch 29003.00

OSFADVFSBIN540

  • Fixes the problem with truncate system call. When a file is being truncated in such a way that the new EOF falls in a frag, the last character at the new EOF is inadvertently overwritten with a null character.

  • Fixes an issue with AdvFS performance from fragmentation of storage due to the creation of sparse files.

  • Fixes a problem of kernel memory fault caused when, in certain circumstances, rmvol(8) and cfsmgr(8) are required to be running in parallel.

Patch 29009.00

OSFBASE540

  • Fixes the issue of non-root users causing cluster panic while using sysconfig(8).

Patch 29010.00

OSFBIN540

  • Fixes a kernel memory fault in ip_accessfilter.

  • Fixes a KMF problem during invalid cache memory access in the ksm component, which occurs when deleting and rescanning hardware devices.

  • Fixes vpage array overflow issues.

  • Fixes the window scale problem in TCP. The server is modified to update the window scaling option as soon as the first ACK is received from the client.

  • Fixes a performance issue with recv system call on a socket.

  • Fixes an issue in nxm thread creation.

Patch 29020.00

OSFCLINET540

  • Enables Tru64 xntpd to support Meinberg clocks.

  • Fixes a potential security problem reported on BIND running on the HP Tru64 UNIX Operating System, where remote attackers could spoof answers returned from zones using some of the DNSKEY algorithms.

  • Fixes the remotely exploitable buffer overflow problem identified in HP Tru64 UNIX NTP (Network Time Protocol)and prevents unexpected termination of an application while requesting for peer information from a remote time server.

  • Fixes a potential security problem reported on BIND running on the HP Tru64 UNIX Operating System, where remote attackers could cause a DoS by sending a specific dynamic update message.

  • Fixes a potential security problem that has been identified in xntpd, which may allow an attacker to cause DoS.

Patch 29021.00

OSFCMPLRS540

  • Fixes the external timezone variable which sometimes does not get initialized.

Patch 29038.00

OSFINCLUDE540

  • Corrects assert(3) to ensure it complies with standards.

Patch 29052.00

OSFLSMBIN540

  • Corrects an issue with boot failure when root domain is configured under LSM. Corrects a memory leak in the LSM volobject.

Patch 29077.00

OSFSERVICETOOLS540

  • Fixes a problem in collect(8). When running as a non-root user, collect(8) fails to gather cluster_root domain data under AdvFS subsystem statistics.

Patch 29088.00.00

OSFXC2SEC540

  • Fixes the incorrect behavior of dxchpwd (1X).

Patch 29114.00

OSFSSOSSL540

  • Fixes a potential security vulnerability reported on the SSL running on the HP Tru64 UNIX Operating System, through which a remote attacker could execute arbitrary code or cause a DoS.

  • Fixes a potential security vulnerability identified in the SSL running on the HP Tru64 UNIX Operating System, through which a remote attacker could cause a DoS with invalid memory access and cause the application to crash.

Patches Delivered in Previous Kits

The following patches were first delivered in previous Version 5.1B patch kits. These patches will be installed on your system if they are newer than the last patch kit you installed.

Patch 28001.00

OSFACCT540

  • Corrects problems with RFC1323 TCP timestamps and PAWS implementation.

  • Provides an enhancement to remove drawbacks of using TCP keepalives and make LAN cluster more resilient.

Patch 28002.00

OSFADVFS540

  • Corrects a time stamp problem in .

  • Fixes vrestore to restore the file attributes properly.

  • Fixes an issue with vdump(8), where it gets into an infinite loop after the end of tape is reached.

Patch 28003.00

OSFADVFSBIN540

  • Fixes a hang that may occur when filesystem is full and a clone fileset is created.

  • Corrects an AdvFS problem that results in the vdump command consuming lots of CPU time while handling striped files that are less than 8 KB in size.

  • Fixes a problem in AdvFS where the bfaccess structure is incorrectly recycled.

  • Correct user visible AdvFS messages to reference "HP" instead of "Compaq".

  • Provides tunable AdvfsFragGroupDealloc to set frag group deallocation policy.

  • Fixes an issue in the AdvFS migrate code path that occurs if a file is highly fragmented and has a clone.

  • Fixes a panic caused by a thread performing the migrate operation as part of a defragment(8) or a migrate(8) request.

  • Fixes an issue in AdvFS resulting in a backup program receiving an incorrect sparseness map.

  • Fixes an issue in the AdvFS fs_cleanup_thread message handling loop which, under certain circumstances, may cause it to monopolize the processor and not let other threads run on it.

  • Fixes an issue with AdvFS where under certain circumstances, vdump routine does not return correct file extent information.

  • Provides warning messages if live dumps are not collected when an AdvFS domain panics.

  • Fixes an issue with AdvFS where it is not handling the truncation of sparse files properly. This results in inconsistent data.

  • Fixes a problem with indexed directories that occurs when there is simultaneous access to a directory that is indexed through the AdvFS syscall interface.

  • Corrects an AdvFS problem that results in the vdump command not backing up AdvFS files greater than 8 GB in size properly.

Patch 28009.00

OSFBASE540

  • Fixes the RPC (TCP) connection reset problem when receiving XDR EOR packet without data( zero sized XDR EOR fragment).

  • Fixes find(1) to match the pathname, if the base file name of the pathname matches the pattern specified in -name, even when the pathname has trailing slash(es).

  • Fixes a problem in scanf family of functions when format specifier is %%.

  • Fixes an issue with fopen(),fdopen() and popen().

  • Fixes a failure in printf family of functions.

  • Fixes a problem in /sbin/init.d/cron which prevented the cron daemon from restarting in Japanese locale.

  • Provides additional Fibre Channel HBA port type definitions in the FC-HBA header file, hbaapi.h.

  • Fixes a problem in printf family of functions when number grouping is requested.

  • Corrects DST starting 3 December 2006 for Western Australia per the Public Domain time zone source kit (tzdata2007a).

  • Fixes a file descriptor leak in pthread library.

  • Update newfs to not set disklabel on newfs failure.

  • Fixes problems with the IBM Tivoli Storage Manager and the libpacl.so library routines.

  • Fixes a problem in return built-in command of ksh, when it is used in a sub-shell.

  • Addresses the issue of sizer v not displaying the updated HP re-brand information when patch kit is installed on alternative root with -root option of dupatch.

  • Removes duplicate lines from df output.

  • A potential security vulnerability has been identified in the ps and w commands on the HP Tru64 UNIX Operating System. The ps and w commands can be used to disclose environmental variable and argument information that might be exploited by a local, authorized user.

  • Corrects a problem in lpd resulting in creation of many lpd child processes when the size of /etc/printcap exceeds 8192 bytes.

  • Corrects New Zealand DST changes starting September 2007.

  • Fixes an issue in /sbin/mountroot script which, under DMS (Dataless Management Service), would attempt a mount update operation on the NFS root filesystem.

  • Eliminates auditd zombies resulting from combination of syslog failure and auditd overflow handler.

  • Fixes a problem in pthread_mutexattr_getprotocol().

  • Fixes dumpfs to report the proper error message. Updates dumpfs to handle filesystem images.

  • Corrects South East Australia DST changes starting April 2008.

  • Fixes an issue with strip command.

  • Fixes incorrect exit/continue logic in mailsetup.

  • Fixes a problem in /sbin/init.d/envmon which prevented the envmon daemon from starting in Japanese locale.

  • Fixes a problem in /sbin/init.d/smauth and /sbin/init.d/smsd which prevented the smauth and smsd daemons from starting or restarting in Japanese locale.

  • Mitigates a queue control file version incompatibility that can lead to mail messages being orphaned

  • Updates the Canada, Bahamas, Bermuda, Brazil, and Uruguay DST changes 2007 per the latest PD time zone source kit (tzdata2007a).

  • Fixes a problem in which the disklabel utility sets the partition size incorrectly on a CDFS (ISO 9660) ISO image file when the size is larger than 4 GB.

  • Fixes the DNS problem, where DNS client loops with unknown incoming UDP packets.

  • Adds support in the audit_tool utility, in "brief" mode, to map a socket.

  • Adds support in the audit_tool utility for new kmodcall opcodes.

  • Changes the string from "Compaq Computer Corporation" to "Hewlett-Packard Company" in sendmail file makeinfo-dec.sh.

  • Fixes the issue of displaying HP brand information when patchkit is installed with -root option of dupatch.

  • Fixes a problem in handling invalid inputs in the libc inet_network routine.

  • Modifies ksh(1) built-in test to evaluate string expressions as per POSIX Standard.

  • Provides Venezuela & Argentina with new DST changes starting December 2007.

  • Removes the code for smmsp user and group creation.

  • Fixes an issue in strncmp.

Patch 28010.00

OSFBIN540

  • Fixes a potential system panic from an illegal memory reference due to a race condition in the class scheduling code.

  • Fixes consumption of processor resources for an extended period creation of a core file for processes with large address spaces, thereby avoiding blocking other threads of execution and leading to a time out panic.

  • Fixes a deadlock due to respective buffers sharing a physical page concurrent AIO operations to a shared memory region from multiple processes.

  • Fixes a system panic when tcbhashsize tunable is modified on a running system with lock mode 4 enabled.

  • Fixes for Mobile IPv6 TAHi conformance test failures.

  • Fixes a Path MTU problem in network stack.

  • Fixes double unlocking of netisr_lock in netisr thread.

  • Resolves synchronization issues surrounding concurrent references to shared memory.

  • Fixes a SACK (Selective Acknowledgement) validation issue with TCP.

  • Resolves a race condition between process exit and coredump.

  • Fixes a problem in the FIFO code where usage of fuser(2) subsequent to opening a FIFO may result in a kernel panic with the panic string VREF: Invalid v_usecount transition.

  • Fixes a problem wherein the signal mask was not getting restored after returning from sigsuspend.

  • Fixes potential hang or panic resulting from blocking under select_enqueue().

  • Turns on the TCP Selective Acknowledgment (SACK) option by default.

  • Corrects a problem with FIFO code where stat(2) or fstat(2) operation on a FIFO returns NODEV in the st_dev field of the stat structure.

  • Corrects an issue that can lead to a kernel memory fault panic when locking file backed memory on a NUMA system.

  • Corrects problems with RFC1323 TCP timestamps and PAWS implementation.

  • Fixes a timing window in the VM subsystem and prevents a race condition between the page fault and the pageout paths.

  • Fixes an issue with NFS vnode reclaim path in CFS (Cluster File System) environment.

  • Fixes loss of multicast packet reception after netrain failover.

  • Allows filtering of dup2 syscalls while audit object selection is enabled.

  • Provides an enhancement to remove drawbacks of using TCP keepalives and make LAN cluster more resilient.

  • Corrects a potential security vulnerability whereby, under certain circumstances, a local authenticated user could cause a Denial of Service.

  • Fixes TCP SACK unaligned access panic.

  • Improves performance of ufs extendfs operation on a mounted filesystem.

  • Introduces a new sysconfig tunable to control the behavior of the O_APPEND flag with respect to the pwrite(2) system call.

  • Fixes a problem with the kernel traffic monitoring thread.

  • Fixes a problem in FFM unmount code where, under certain circumstances two or more unmount threads race and one thread can return without releasing the NFS lock_for_exported results in a hang during unmount or shutdown.

  • Corrects fixfdmn to display proper error messages when open()or write() calls to the device fail.

  • Fixes kernel memory fault panic in network stack.

  • Corrects an issue with the TCP congestion control algorithm in Tru64 UNIX.

  • Corrects a problem with the Tru64 NFS server where, under certain conditions, directories may not be visible to clients.

  • Fixes a problem with read of /dev/mem which resulted in netstat hang.

  • Add support in cluster alias to handle socket unlisten.

  • Fixes an improper reference in anon_dup routine.

  • Fixes an issue with handling page-faults inside kernel.

  • Fixes an issue in FIFO open, where under certain circumstances, applications using FIFOs may hang.

  • Fixes an issue with table() system call on a NUMA based system with a memoryless RAD configuration.

  • Provides event markers to track missing binary.errlog events.

  • Fixes a lock wait panic in the scheduling subsystem.

  • Fixes a synchronization issue between fuser() and exec_close_files().

  • Fixes problem in reporting tcp sacks.

  • Revises the UBC page allocation algorithm to consider wired pages.

  • Fixes for IPv6 TAHI conformance test failures.

  • Resolves a synchronization issue in anon subsystem.

  • Corrects an improper data access issue in the audit subsystem when auditing system calls that operate on UNIX domain sockets.

  • Fixes a locking issue in the audit subsystem.

Patch 28020.00

OSFCLINET540

  • Fixes the RPC (TCP) connection reset problem when receiving XDR EO packet without data(i.e zero sized XDR EOR fragment).

  • Fixes the problem with rcp where it fails if the remote username contains a dollar($) sign.

  • BIND 9.2.8 release.

  • Provides envmon subsystem enhancements on DS-25 and ES-45 plat

  • Corrects the security vulnerability, SSRT 080058: DNS Cache Poisoning.

  • BIND 9.2.8-P1 release.

  • Fixes a problem with inet script looping.

Patch 28021.00

OSFCMPLRS540

  • Fixes RPC (TCP) connection reset problem when receiving XDR EOR packet without data(zero sized XDR EOR fragment).

  • Fixes a problem in scanf family of functions when format specifier is %%

  • Fixes an issue with fopen(),fdopen(), and popen()

  • Fixes a failure in printf family of functions.

  • Fixes a problem in printf family of functions when number grouping is requested.

  • A potential security vulnerability has been identified in the ps and w commands on the HP Tru64 UNIX Operating System. The ps and w commands can be used to disclose environmental variable and argument information that might be exploited by a local, authorized user.

  • Fixes the DNS problem, where DNS client loops with unknown incoming UDP packets.

  • Fixes a problem in handling invalid inputs in the libc inet_network routine.

  • Fixes an issue in strncmp.

Patch 28028.00

OSFENVMON540

  • Fixes a problem in /sbin/init.d/envmon which prevented the envmon daemon from starting in Japanese locale.

  • Fixes a problem in /sbin/init.d/smauth and /sbin/init.d/smsd which prevented the smauth and smsd daemons from starting or restarting in Japanese locale.

Patch 28034.00

OSFHWBASE540

  • Corrects firmware problem with HSZ70.

  • Fixes an error handling problem with list traversal in netstat(1).

Patch 28035.00

OSFHWBIN540

  • Fixes an issue with tape devices where a rewind may occur when using a no rewind device special file. This issue is more likely to occur if the sysconfig variable cam_ccfg_aa_enable in the cam module is set to 1, the default setting, and the device reports that it supports asymmetric logical unit access in the inquiry data.

  • Fixes a problem with the CAM configuration driver by releasing the memory allocated after completing the REPORT TARGET PORT GROUP command.

  • Adds a new feature to the CAM disk driver to dynamically recognize and use new paths while the device is in use.

  • Fixes potential hang in tape backup applications.

  • Resolves a locking issue within the USB subsystem that can lead to a system failure.

  • Fixes incorrect CAM status from aha_chim driver during bus reset processing.

  • Adds support for 2TB LUNs.

  • Fixes an issue with handling ssm and l3gh.

  • Prevents simple lock timeout panic in emx driver during mailbox commands.

  • Provides envmon subsystem enhancements on DS-25 and ES-45 platforms.

  • Fixes a panic in alt driver.

  • Corrects panic seen during hardware registration.

  • Corrects a rare circumstance where an IO can erroneously be returned as successful when it has failed.

  • Provides event markers to track missing binary.errlog events.

  • Corrects a Kernel Memory Fault panic in the emx driver.

  • Enables capturing of additional state during a system failure to facilitate the analysis of virtual memory related issues.

  • Fixes a Kernel Memory Fault panic in the KZPEA driver.

  • Fixes a timing issue during boot process.

  • Fixes an issue that caused kernel to read thermal data from power supplies across partition boundaries.

  • Fixes Kernel Memory Fault on inquiry to a non existing LUN connected through KZPEA.

  • Fixes "Freed CCB" panic and lock issues.

  • Fixes a panic in bcm driver.

  • Provides 2TB LUN support in disk recovery.

  • Fixes a KMF during boot when KMEM_DEBUG_PROTECT is enabled.

  • Fixes a problem with read of /dev/mem which resulted in netstat hang.

  • Prevents monitoring thread issuing IO when disk is in recovery.

  • Provides event markers to track missing binary.errlog events.

  • Fixes mistaken report of user id change in audit data for mach trap.

  • Fixes an issue with usage of GH regions and chunks.

  • Fixes an issue in pointer synchronization for USB hub devices.

  • Fixes potential hang in tape backup applications.

  • Fixes a problem in getsysinfo.

  • Fixes an issue with the handling of Segmented Shared Memory (SSM) mapped for read-only access.

Patch 28038.00

OSFINCLUDE540

  • Fixes a problem with L_tmpnam macro.

Patch 28039.00

OSFINET540

  • BIND 9.2.8 release.

  • Fixes a RFC1323 TCP timestamp display problem with tcpdump.

  • A potential security vulnerability has been reported on the HP Tru64 operating system running BIND. The vulnerability is remotely exploitable and may result in DNS cache poisoning.

  • Fixes various functionality issues in Sysman mail application.

  • BIND 9.2.8-P1 release.

Patch 28045.00

OSFKTOOLS540

  • Provides a command-line option (-ignore_pset) to lockinfo command to print the lock details of all processors (-percpu) ignoring processor set boundaries.

  • Fixes a problem wherein patch installation fails to remove temporary files.

  • Corrects a problem with the kdbx debugger that caused the tool to display incomplete socket/pcb addresses.

  • Fixes the kdbx extensions ilock, slock, export, netstat, abscallout, rpb, ofile, and plist by synchronizing with the current release.

Patch 28046.00

OSFLAT540

  • Fixes an unaligned memory access in LATCP.

Patch 28050.00

OSFLIBA540

  • Update newfs to not set disklabel on newfs failure

  • Upgrades libots3.a to V2.1-121

Patch 28051.00

OSFLSMBASE540

  • Fixes a problem with LSM that renders it incapable of recognizing disk clones correctly

  • Fixes a problem in vold that can cause voldisksetup to hang while initializing KZPCC disks.

  • Updates volstat utility and kernel to report cluster-wide LSM statistics.

  • Fixes a diskgroup deport problem during multiple plex detaches.

Patch 28052.00

OSFLSMBIN540

  • Fixes a simple_lock_fault in LSM's dirty region log code which is seen under a low memory condition.

  • Fixes the clsm checksum error seen with a disappearing vold while volrestore is run.

  • Adds support into LSM for 2TB LUNs.

  • Updates volstat utility and kernel to report cluster-wide LSM statistics.

Patch 28054.00

OSFMANOP540

  • Updates the following reference pages:

    aliases(4)advfsd(8)disklabel(8)dsfmgr(8)
    dumpfs(8)fcntl(2)fread(3)freezefs(2)
    gethostbyaddr(3)gethostbyname(3)getlogin(2)getrlimit(2)
    iconv_intro(5)ksh(1)lockinfo(8)mailstats(8)
    mail.local(8)mailq(1)makemap(8)newaliases(1)
    netstat(1)praliases(1)proplist(4)ps(1)
    sendmail(8)sftp2(1)sialog(4)signal(2)
    ssh2(1)ssh-agent2(1)sshd2_config(4)sys_attrs_advfs(5)
    sys_attrs_cam(5)sys_attrs_generic(5)sys_attrs_inet(5)sys_attrs_vfs(5)
    sys_attrs_vm(5)useradd(8)vacation(1)vfast(8)
    vipw(8)w(1)  

Patch 28055.00

OSFMANOS540

  • Updates the find(1) reference page.

  • Updates the mlock(3) reference page.

  • Updates the sys_attrs_generic(5) and sys_attrs_advfs(5) reference page.

  • Corrects the value of vm_ubcdirtypercent to 40 from 10 in the reference page of sys_attrs_vm(5).

  • Updates the sys_attrs_inet(5) reference page.

  • Updates mount(2), unmount(2), mount(8), and unmount(8) reference pages.

  • Updates the following reference pages:

    aliases(4)advfsd(8)disklabel(8)dsfmgr(8)
    dumpfs(8)fcntl(2)fread(3)freezefs(2)
    gethostbyaddr(3)gethostbyname(3)getlogin(2)getrlimit(2)
    iconv_intro(5)ksh(1)lockinfo(8)mailstats(8)
    mail.local(8)mailq(1)makemap(8)newaliases(1)
    netstat(1)praliases(1)proplist(4)ps(1)
    sendmail(8)sftp2(1)sialog(4)signal(2)
    ssh2(1)ssh-agent2(1)sshd2_config(4)sys_attrs_advfs(5)
    sys_attrs_cam(5)sys_attrs_generic(5)sys_attrs_inet(5)sys_attrs_vfs(5)
    sys_attrs_vm(5)useradd(8)vacation(1)vfast(8)
    vipw(8)w(1)  

Patch 28062.00

OSFNFS540

  • Fixes an issue with NFS rpc.lockd in the lock reclaim path.

  • Fixes the mountd problem when user supplies wrong port number.

  • Fixes an issue with using LDAP backed netgroups with NFS mountd.

  • Fixes a problem where mountd exits due to segmentation violation.

  • Fixes memory leak issues with NFS rpc.lockd daemon.

  • Fixes a problem with lockd where, under certain circumstances it may terminate with a core dump because of incorrect usage of memory on which malloc() has been performed.

Patch 28069.00

OSFPRINT540

  • Fixes an issue with lpr(1), when the /etc/printcap file has syntax error.

  • Added support for new printers.

  • Corrects a problem in lpd resulting in creation of many lpd child processes when the size of /etc/printcap exceeds 8192 bytes.

Patch 28077.00

OSFSERVICETOOLS540

  • Corrects collect(8) to gather cluster_root domain information, when run as non-root user.

  • Fixes an issue in collect for data collection problem for case where an AdvFS domain information is not accessible.

  • Solves a problem in collect utility, where collect exits with the error message "popen() failed: Too many open files", when run in historical mode.

Patch 28079.00

OSFSYSMAN540

  • Corrects a potential security vulnerability that may lead to improper file access.

  • Fixes a problem in /sbin/init.d/envmon which prevented the envmon daemon from starting in Japanese locale.

  • Fixes a problem in /sbin/init.d/smauth and /sbin/init.d/smsd which prevented the smauth and smsd daemons from starting or restarting in Japanese locale.

  • Corrects a potential security vulnerability in dop where, under certain circumstances, a user could potentially execute privileged code.

PATCH 28085.00

OSFX11540

  • This fix addresses a X-Motif list widget problem while selecting an item from a long list.

PATCH 28102.00

OSFCDSABASE540

  • Fixes a problem with CDSA configuration where mod_install program can core dump.

PATCH 28107.00

OSFLDPAUTH540

  • Fixes ldapcd daemon to service the requests faster after failover from primary Active Directory to Backup Active Directory.

  • Fixes the locale problem in ldapcd daemon script.

PATCH 28113.00

OSFSSHBASE540

  • Corrects a potential security vulnerability that has been identified with SSH running on the HP Tru64 UNIX Operating System. Vulnerability could be exploited to allow remote unauthorized access to sensitive information.

  • Updates the SSH client to use protocol version 2.

  • Fixes wildcard matching and globing in scp2/sftp2 ls -l command.

  • A potential security vulnerability has been identified in the SFTP server (sftp-server) component of SSH 3.2.0 and earlier running on HP Tru64 UNIX versions 5.1B-3 and 5.1B-4. The vulnerability could be exploited remotely to allow an authorized remote attacker to execute arbitrary code or cause a denial of service (DoS).

Patch 27001.00

OSFACCT540

  • Corrects the action of the dodisk command to skip the commented file systems contained in the /etc/fstab file.

  • Fixes acctcom to exit with proper error message when used with invalid user ID and group ID.

  • Causes the file protections of /var/adm/pacct and ownership of /var/adm/wtmp to act as expected by the accounting utilities.

  • Fixes the fwtmp command so it does not display invalid (negative) PIDs when the number of decimal digits of PID value exceeds 5.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Corrects an error in the script in lastlogin.sh.

  • Makes start up scripts in /sbin/init.d world readable.

  • Corrects the following problems found in accounting commands:

    • Resolves the differences in the CPU time and connect time found during the conversion of accounting reports from ASCII format to binary and again back to ASCII.

    • Resolves the differences in CPU time found in the output of the acctcom and acctmerg commands for the same input file.

    • Fixes the way accounting files are referenced using CDSLs.

    • Corrects the display of the header from acctcom when accounting is first started.

    • Corrects an error message during execution of the runacct command.

    • Enables acctcom to read more than one input file.

    • Enables acctcom to work with pipes.

  • Fixes the acctcom command with respect to the display of tty lines.

  • Corrects a problem in which accounting reports show the wrong connection time for the users who remain logged in during the execution of runacct.

  • Enables the acctcon1 command to calculate the connect time for local logins in case of run level changes.

Patch 27002.00

OSFADVFS540

  • Corrects the following problems with the fixfdmn utility:

    • Fixes fixfdmn so that it will continue when it finds more than one root tag file, rather than exiting with the message “Unable to continue, more than one root tag file.

    • Fixes a potential memory fault while running the fixfdmn.

    • Fixes a problem in which fixfdmn does not properly handle domains with multi-page RBMT files.

  • Fixes the incorrect number of tag pages being returned by some AdvFS user commands.

  • Fixes vrestore command to restore file and directory attributes by default and addresses security issues during the restoration of those attributes.

  • Removes memory leaks from the AdvFS salvage utility.

  • Fixes rare problem in which the vdump/vrestore commands hang when requesting the next tape.

  • Enhances the AdvFS rmvol utility to allow multiple volumes to be removed with one command.

  • Fixes a problem that causes the defragment command to fail with the error message "“defragment: Can't allocate memory

  • Corrects return values from the vfast utility.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Provides enhancements for file system suitlets.

  • Improves AdvFS informational messages as follows:

    • Advscan reports if a domain has all of its volumes, but they are stored in a different directories. This scenario will cause mount to fail.

    • The AdvFS I/O error message includes the location of a file that will help users to translate the error number into an error message.

  • Prevents erroneous display of DMAPI messages while using the showfile command.

  • Fixes a problem in which the verify utility core dumps if it encounters a specific type of metadata inconsistency.

  • Improves the information provided in an error message that is displayed when the chfile command to display an informative error message if it fails while trying to enable data logging.

  • Modifies the nvbmtpg utility to display all the data in a specified mcell only if the -v option is selected.

  • Fixes a problem where defragmentation can fail if the process can not obtain enough memory.

  • Provides support for Smart Array disk controllers. Without this patch, if the Smart Array product is installed on the system, the SysMan Station hardware view will fail to operate.

  • Corrects the error message returned when trying to migrate striped files when the -s option is omitted.

  • Makes the following changes to the vdump, rvdump, and vrestore commands:

    • Causes vdump and rvdump to report when all hard links siblings cannot be archived through the specified path and causes them to correct the bytes to backup estimate calculation when hard links are archived.

    • Causes vdump and vrestore to act as expected upon receiving an interrupt (^C).

    • Fixes vdump and vrestore to pick up correct messages in all locales.

    • Causes vdump to avoid some unnecessary function calls, thereby allowing faster vdumps.

    • Fixes vrestore to display bit file attributes with the -l option.

    • Prevents vrestore from failing during a remote system call.

    • Causes vrestore to display a file and directory name along with the error message when the command fails to set a property list.

    • Prevents vrestore from dumping core when a tape has a smaller blocksize than expected.

    • Allows vrestore to handle no-rewind tapes properly.

    • Lets vrestore read environment variables for a user-defined device name.

    • Allows attributes to set to the top level-directory.

    • Disallow block sizes greater than 64 K. (This was a new feature added in Patch Kit 2 which caused forward compatibility problems.)

    • Causes files of less than 512 bytes to be properly backed up.

    • Corrects a cluster drd bandwidth problem that occurs when a restore is attempted via a private tape drive that is not on the current node.

    • Corrects a condition that could cause the misinterpretation of the archive version in certain locales, causing vrestore to abort.

  • Corrects several problems with the fixfdmn utility:

    • Shortens the time it can take to repair large AdvFS file domains.

    • Improves the capability of fixfdmn to fix invalid extent data.

    • Improves the secure handling of temporary files by fixfdmn.

    • Allows fixfdmn to repair a rare on-disk structure problem with directories. This condition only shows up on a domains with multiple volume in which property lists are used.

    • Improves the ability of fixfdmn to fix on-disk structure version 3 domains.

    • Fixes several rare cases where fixfdmn could either fail to correct a domain or incorrectly make changes to a valid domain.

  • Fixes many small problems with the dsfmgr command.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Corrects a problem with the AdvFSstat command printing negative values for statistics that are over 10 decimal digits long.

  • Corrects several rare cases in which fixfdmn either did not fix, or incorrectly fixed data inconsistencies on AdvFS file domains. On large AdvFS file domains, this patch shortens the time it takes to repair them.

  • Causes vdump and rvdump to report when all hard link siblings cannot be archived through the specified path.

  • Causes vdump and rvdump to correct the bytes-to-backup-estimate calculation when hard links are archived.

  • Enhances /sbin/AdvFS/tag2name to print out the name of the associated directory, given the tag of an index file.

  • Allows fixfdmn to repair a rare on-disk structure problem with directories. This condition only shows up on a domains with multiple volume in which property lists are used.

  • Corrects several very rare cases where fixfdmn incorrectly fixes certain AdvFS file domains.

  • Causes the vdump -C option to display compression ratio.

  • Causes vrestore to display error message for end of tape.

  • Identifies non-tape target device during rvdump and rvrestore actions.

  • Improves the ability of fixfdmn to fix on-disk structure version 3 domains.

  • Corrects the value nvbmtpg prints for fs_stat.st_unused_1.

  • Ensures that a stripe does not succeed if a write precedes it.

  • Corrects the RBMT free mcell count for multipage RBMTs as displayed by nvbmtpg.

  • Allows the maximum directory entry name size in the vods tools.

  • Corrects several rare cases where fixfdmn incorrectly fixes certain AdvFS file domains.

  • Modifies defragcron.sh to avoid accidentally deleting the /dev/null.

  • Enables the vfast utility to run on a standalone system.

  • Fixes the vfast utility error "vfast: cannot get frag list; 14 - Bad address"

  • Fixes problems with vdump to resolve filesets mounted on a CDSL.

  • Fixes problems with vrestore to restore appropriate ACLs on the directories and sub-directories.

  • Corrects a problem that occurs when fixfdmn is run with an invalid fileset argument and the user is prompted if exit or run it against all the filesets in the domain. If exit fixfdmn is selected, changes may be made to the domain, which could cause problems.

  • Modifies vdump and vrestore to support autoloader or manual loader when the dump size exceeds single tape size

  • Modifies vdump and vrestore so they can be run as cron or batch jobs.

  • Fixes a problem in which the SysMan menu Manage AdvFS File Systems application does not retrieve the volume attributes correctly.

  • Enforces the validation of incorrect date which would go unchecked with the salvage -d option

  • Causes vdump to display the correct number and percentage of bytes to back up when a directory with symbolic links is dumped.

  • Modifies vfast so it displays the correct statistics data for the -L extents option.

  • Causes vrestore to display the correct number of volumes on which the file is striped and to display a new message when the striped file is restored on a single volume.

  • Fixes a situation in which vdump exits with message "Not enough memory to generate link table."

  • Fixes problems with vrestore that wrongly sets ownership/permissions on the top level directory.

  • Fixes a segmentation fault by the salvage utility.

  • Fixes a race condition between two threads in defragment to prevent it from looping indefinitely.

Patch 27003.00

OSFAdvFSBIN540

  • Fixes a problem that causes the first command that accesses an AdvFS domain to fail if the domain had a full RBMT when mounted.

  • Fixes a deadlock that can happen during failover of global root and var file systems when vfast is enabled on them.

  • Fixes a single thread hang.

  • Fixes a potential deadlock hang between a migration and a flush on a file.

  • Corrects AdvFS quota handling and enforcement to prevent EIO and false out-of-space conditions and account for directory index blocks.

  • Corrects the following problem with read-only and dual mounted file systems: If the system crashes after a read-only dual mount, the next time the system is booted the AdvFS domain panics on the files systems that were previously mounted as read-only dual mount.

  • Fixes a kernel memory fault from imm_page_to_sub_xtnt_map().

  • Fixes AdvFS AIO write error paths so the I/O completion steps are not repeated.

  • Fixes a hang that occurs in file systems between racing memory-mapping threads.

  • Turns a potential AdvFS panic into a domain panic.

  • Corrects a problem with the AdvFS bitfile state where, under certain circumstances, the state of the bitfile is changed without holding the lock that protects the state.

  • Fixes an issue with vfast in which a vfast thread might cause a "kernel memory fault" panic because of a race condition.

  • Fixes a potential panic on an active domain doing heavy I/O while trying to create a new fileset.

  • Fixes problems that occurs when volume expansion (mount -u -o extend) races with other code.

  • Fixes a rare simple lock timeout during domain deactivation.

  • Fixes a potential hang in AdvFS.

  • Converts non-severe system panic calls to AdvFS domain panic calls while renaming files under AdvFS.

  • Corrects a problem in which an ENOSPC error is returned on a fragmented AdvFS file system even though space is available. On a cluster, this can lead to a CFS WRITE ERROR.

  • Fixes a premature out-of-space condition that can occur as a result of repetitively extending the size of the volume.

  • Fixes resource leaks seen after a device file gets revoked.

  • Fixes a delete failure due to a “Disc quota exceeded (EDQUOT)” condition.

  • Fixes a data inconsistency that could result from the failure of an I/O request at the CFS Server due to exceeding the fileset quota.

  • Improves AdvFS informational messages as follows:

    • Advscan now reports if a domain has all of its volumes, but they are stored in a different directories. This scenario will cause mount to fail.

    • The AdvFS I/O error message now includes the location of a file that will help users to translate the error number into an error message.

  • Prevents race conditions that could cause a kernel memory fault while doing a migrate and a rmvol on a striped file.

  • Modifies the CFS flushing behavior during an rmvol.

  • Helps reduce the size of extent maps of clone files cases where the original is modified extensively under direct I/O.

  • Enhances /sbin/AdvFS/tag2name command to print the name of the associated directory when given the tag of an index file.

  • Corrects a potential problem with modifying files via direct I/O when there is a clone fileset.

  • Fixes a race during AdvFS volume removal that can cause a panic in the bs_osf_complete() routine.

  • Fixes a problem when monitoring I/O via AdvFSstat.

  • Changes the behavior of migrate_normal and migrate_stripe when migrating an original file that has a clone. If the clone was marked out of sync, migrate could come back with E_CLONE_OUT_OF_SYNC even though the migrate succeeded. Now this case is caught, and handled.

  • Fixes a problem in which a domain panic may occur in idx_lookup_node_int or bs_frag_dealloc under heavy file system activity, generating one of the following messages:

    idx_lookup_node_int: bs_refpg failed
    bs_frag_dealloc: rbf_pinpg (4) failed, return code = -1035
  • Fixes a part of AdvFS migration code in order to prevent rmvol "Can't remove volume" error.

  • Replaces the system panics caused by "Can't clear bit twice" with a domain panic.

  • Forces a domain panic instead of a system panic if AdvFS metadata is discovered to be incorrect in frag_group_dealloc.

  • Fixes a problem in which a hang may occur when a rmvol operation is performed after a cluster node failure during volmigrate, volunmigrate, or frag file migration.

  • Fixes a problem in which a crash occurs when an AdvFS file system reports I/O errors and enters into a domain panic state. The AdvFS error cleanup would panic on an invalid pointer and report an "invalid memory read access from kernel mode" panic message.

  • Fixes a standard violation on AdvFS.

  • Helps prevent kernel memory faults in AdvFS.

  • Fixes a problem where gh_min_seg_size could not be set below 8M.

  • Corrects a race condition in AdvFS in which it avoids a potential stranded log record in memory that does not get out to disk.

  • Prevents a potential hang during a reboot after a recent domain panic.

  • Prevents a panic in a cluster that when a fileset mounted -o dual is failed over or unmounted during a shutdown.

  • Fixes a possible kernel system hang in vfast when shutting down or rebooting the system.

  • Fixes a problem in file property lists where the maximum length of a property list name was limited to 245 characters. The new limit is 255.

  • Improves the performance of AdvFS under heavy I/O loads.

  • Avoids a silent infinite loop in vdump by correcting the AdvFS system call OP_GET_BKUP_XTNT_MAP. The call will now return the valid xtntCnt when it fails due to E_NOT_ENOUGH_XTNTS.

  • Adds defensive programming to stat.h to avoid stat.h getting confused if one of its internal temporary #defines is defined before stat.h is processed.

  • Corrects an internal AdvFS check that was always returning true.

  • Improves the scalability and performance of AdvFS.

  • Allows AdvFS to record if a domain panic has occurred, even if a system panic results.

  • Replaces two potential panics in AdvFS with domain panics.

  • Provides scalability improvements to AdvFS that will help reduce lock contention and improve performance.

  • Fixes an AdvFS path that can cause a panic in the advfs_page_busy() routine.

  • Fixes a deadlocking problem in the kernel where a file open on a clone could hang when ACLs are enabled.

  • Fixes a hang that can occur during the renaming of an AdvFS file.

  • Displays the correct error message for freezefs -q on a non-AdvFS file system.

  • Adds comment to reserve 0x10000000 and 0x20000000 for AutoFS flags.

  • Prevents a O_DSYNC write failure under the following situation:

    1. The user creates a new file.

    2. Closes the file.

    3. The vnode for the file is recycled.

    4. Reopens the file with the O_DSYNC flag.

    5. Writes to the file, overwriting already allocated storage.

    6. The write from step 5 returns to the application.

    7. The system crashes.

  • Corrects the NFS server's handling of files open for direct I/O.

  • Fixes an internal problem in the kernel's AdvFS, UFS, and NFS file systems where extended attributes with extremely long names (greater than 247 characters) could not be set on files. The new limit is 254 + a null string terminator.

  • Corrects a problem that can produce the following symptoms:

    • When producing a clone of a file (that is, a fileset has been cloned and one of its files is being written to) or when migrating a file (defragment, migrate, balance, rmvol), directories lose attributes and are seen as files, and files lose their ACLs and other attributes under the following circumstances:

      • On multi-volume domains with a volume that is out of space

      • By the use of a property list on a multi-volume domain

    • The rmvol command enters into an infinite loop while trying to move a file from one volume to another.

  • Fixes a problem where threads can hang when performing a malloc() function.

  • Prevents a kernel memory fault panic in _OtsMove when going through the fs_read() routine.

  • Prevents a potential hang during a umount if a domain_panic has been encountered.

  • Provides a workaround for a domain panic when a data inconsistency in the deferred-delete list of an AdvFS file system is detected.

  • Corrects idle-wait time accounting within the AdvFS file system, as reported by vmstat -w.

  • Corrects a condition in which command response deteriorates to about 30 seconds when doing an rmvol on a domain with a volume containing large files (8 GB).

  • Removes the obsolete function bs_bfdmn_flush_all.

  • Prevents a potential unaligned memory crash when ACLs are on.

  • Eliminates the lock_terminate: lock owned panic.

  • Fixes a problem where data from an AdvFS file with a frag could be written to an incorrect location if an NFS client grew the file.

  • Fixes an AdvFS asynchronous direct I/O problem that can cause a thread to hang.

  • Fixes a problem encountered where a truncated AdvFS file erroneously zeros data for the remaining leading segment of the file.

  • Corrects a condition that causes a panic resulting from a kernel memory fault in access_invalidate.

  • Corrects a problem in mount or domain activation after a panic, where a fileset (domain) cannot be mounted without running fixfdmn.

  • Improves performance for CFS filesets mounted with the server_only option. A log sync for create transactions is not needed for such filesets.

  • Fixes a cluster panic with the following error message:

    panic (cpu 3): ics_unable_to_make_progress: heartbeat checking blocked
  • Fixes an rmvol E_PAGE_NOT_MAPPED error.

  • Eliminates an ENO_MORE_BLKS error seen performing a copy-on-write procedure to a clone file while an rmvol operation is in progress.

  • Increases from 4 to 6 the number of pages that can be pinned at deletion time.

  • Improves the informational messages returned by a few domain panic strings.

  • Fixes an error in some sections of code that get E_PAGE_NOT_MAPPED errors when the code expected the page to exist.

  • Closes a small race accessing internal data structure in AdvFS.

  • Prevent a potential panic when AdvFS looks up a file name.

  • Corrects the following problems in AdvFS write logic:

    • A mismatch between the value reported by the write system call and the number of bytes written.

    • Unavailable and unused storage.

  • Causes the deallocation of preallocated storage that the caller is not using.

  • Improves the flushing of the AdvFS log.

  • Fixes an error that can cause a multivolume domain to report ENO_MORE_BLKS when some volumes still have free storage.

  • Fixes a condition that causes a kernel memory fault.

  • Fixes a condition that causes a system hang that occurs when the rename command is called with "." as the target. This patch also reinforces other rename argument restrictions.

  • Fixes an RBMT metadata inconsistency that prevents a file system from being mounted.

  • Changes a system panic resulting from a kernel memory fault in imm_remove_page_map into a domain panic.

  • Fixes a condition that can cause the invalidation of mmap dirty pages before they can be flushed to disk.

  • Improves the performance of systems performing heavy file I/O.

  • Corrects a potential deadlock hang between a truncate system call and a read system call on a clustered system.

  • Fixes an AdvFS alignment fault panic caused by inconsistent AdvFS metadata in a directory. In particular, the directory's entry size is an unaligned value.

  • Fixes erroneous logic to ensure that a domain panic on the cluster_root results in a regular panic for the cluster node on which the domain panic occurs.

  • Corrects a condition that causes an "mcs_lock: no queue entries available" domain panic.

  • Corrects a problem in which the cp -p command will not copy DMAPI-managed region information.

  • Helps to avoid a kernel panic (kernel memory fault) during a vfexer test.

  • Fixes the cause of a system crash when running with lockmode=4. This correction avoids the following types of panics that result from quotactl requests on AdvFS filesets:

    mf in dyn_hash_remove
    lock_terminate: lock held
  • Eliminates the “neg refCnt panic” in AdvFS.

  • Fixes a potential panic when using the rmfset command.

  • Fixes an infinite loop hang that occurs under special circumstances.

  • Fixes an E_TOO_MANY_ACCESSORS error that can occur when deleting a clone fileset.

  • Fixes a kernel memory leak that occurs when vfast is in use.

  • Fixes a cluster hang where one node tries to get a DIO token and another node tries to start a transaction while a third thread is waiting for the clu_clonextnt_lk lock.

  • Fixes a potential deadlock hang between a truncate system call and a read system call on a clustered system.

  • Prevents a vfast thread from using too much CPU when scanning the AdvFS sbm.

  • Provides corresponding memory frees to various mallocs in AdvFS.

  • Corrects an infinite looping condition in a vfast thread.

  • Corrects a problem in which I/O error codes were not always propagated correctly when AdvFS directIO was used without AIO.

  • Fixes a situation that occurs on a full file system in which a write using directIO via AIO may report the incorrect number of bytes written.

  • Fixes an unaligned access panic in insert_seq().

  • Fixes a check for an invalid lookup operation through the . tags interface and prevents an AdvFS domain panic.

  • Fixes a problem in which a read past the last page of the BMT occurs.

  • Fixes the vfast utility error "vfast: cannot get frag list; 14 - Bad address."

  • Fixes a "u_map_delete failed while deallocating map" error.

  • Extends synchronization during directIO writes to include the storage allocation phase.

  • Fixes a kernel memory fault that occurs while reading a file with a data inconsistency.

  • Fixes a kernel memory fault panic that occurs when recovering an AdvFS domain which was originally crashed for an unrelated reason during a rmfset clone fileset.

  • Adds a missing sanity check into AdvFS log recovery code.

  • Corrects a condition in which a system would panic due to a stale vdIndex found when writing to a file in an AdvFS domain.

  • Fixes a rare race between vfast and mount/unmount in which vfast must open the file differently depending on whether or not the fileset is mounted or not. This fix synchronizes vfast's open with mount/unmount.

  • Prevents a node in a cluster from hanging at boot time.

  • Prevents a vfast thread from using too much of a CPU when scanning the AdvFS SBM.

  • Fixes an AdvFS panic that occurs when deleting an original file and a clone file simultaneously.

  • Synchronizes clonefset with read/write paths to force clonefset to complete in a determinate and timely fashion.

  • Fixes a problem in which in certain cases the NFS server does not update the access time on the files it serves.

  • Fixes a clone data inconsistency that occurs as a result of a remote write to the original cloned file.

Patch 27004.00

OSFADVFSDAEMON540

  • Improves the /sbin/init.d/advfsd startup script to allow the user to control the boot time invocation of the advfsd daemon.

Patch 27007.00

OSFATMBIN540

  • Corrects a problem that causes a kernel memory fault panic in the event_queue_insert() routine on systems using ATM.

  • Fixes a problem of stale arp in ATM Elan connectivity.

Patch 27009.00

OSFBASE540

  • Corrects a problem with the adduser command so that duplicate UIDs are allowed.

  • Corrects a problem seen with -i option of the pr command with respect to white-space substitution.

  • Corrects a problem in which the quotacheck utility may incorrectly report that a disk quota has been exceeded.

  • Corrects default values for YESEXPR and NOEXPR defined in the localedef command and libc to get correct return value from nl_langinfo(YESEXPR) and nl_langinfo(NOEXPR).

  • Updates the audit system to display additional information for the numa_syscalls and msfs_syscall system calls.

  • Corrects a problem with the rm command in which the command fails due to excessive depth when the path name is longer than PATH_MAX.

  • Corrects a problem with the repquota command that causes it to fail with "out of memory for quotause structure."

  • Fixes a mailsetup failure if the host name is “unix.”

  • Corrects a problem in which crash dumps to Fibre Channel swap devices do not always succeed.

  • Fixes the following problems with the acl_set_file() function:

    acl_set_file() fails and returns errno = 22
    acl_set_file() does not fail if file does not exist
  • Corrects a problem with the arena memory allocator. The problem stems from a conflict between libc and libnuma on handling errors from the numa_syscalls system call. For example, an mfs request that fails due to insufficient memory should report back a failure message but instead triggers a segfault in the caller.

  • Resolves a problem that could cause rexec() to hang.

  • Provides a switch that allows users to specify a port number for mountd.

  • Fixes getaddrinfo so it works properly when IPv6 is not configured.

  • Fixes an issue of sendmail registration with PSM

  • Fixes a problem found during invalid options passed to mount while updating UFS file system

  • Enables uudecode to take care of both absolute and symbolic mode while decoding a file.

  • Corrects the message catalogue for /usr/sbin/auditd.

  • Corrects a problem with the cp command by which it continues to be POSIX compliant when the environment variable STDS_FLAG is set to the value ALL.

  • Provides a symbolic representation of the table syscall numeric option when using the audit_tool in "brief" mode.

  • Corrects a problem with the ex, and vi commands so they use the POSIX compliant shell as the default command line interpreter when the SHELL environment variable is set to NULL.

  • Implements the FC-HBA standard and additional FC-HBA API functionality.

  • Fixes an issue with the KZPCC backplane RAID adapter device driver (I2O) that causes its logical disk drives to be identified as SCSI devices.

  • Fixes the chmod command to ensure that umask is taken into consideration when the who(ugoa) field is not specified.

  • Fixes cryptic error messages generated by the newfs command on a volume 1T-512 Bytes.

  • Fixes the sulogin program to work in a cluster.

  • Fixes the find command to ignore "--" if it is given as the first argument.

  • Provides type checking in EvmVarGet wrapper functions.

  • Fixes a problem in SIA by resetting the mechanism's context pkgind on successful return of (set|end)*ent calls.

  • Provides enhancements to the AdvFS rmvol utility, allowing multiple volumes to be removed with one command.

  • Fixes a POSIX standard violation in the strfmon() function by padding the preceding and following spaces of the returned positive value strings to make an equal length between positive and negative values.

  • Fixes a security issue with the C library function getnameinfo().

  • Fixes a problem whereby, in a specific circumstance, a memory fault could occur when creating SCS threads.

  • Fixes sdiff to not show nulls when the -w option is used with more than 198 characters.

  • Corrects the audit_tool output with delimited fields and the output for the "net" and "host" fields.

  • Fixes the /usr/bin/which command to not display an error message when the environment variable SHELL is not set.

  • Corrects a problem with the “rcmgr set” command.

  • Fixes a POSIX standard violation in the strfmon() function by causing preceding and following spaces to be padded to the return value to make an equal length between positive and negative values.

  • Fixes the getnameinfo routine to display an IPv4 address instead of an IPv4 mapped IPv6 address when the BIND mapping does not exist.

  • Fixes issues with "disklabel -e" that occur when extending a disk partition currently in use and open.

  • Allows the fsdb utility to work on a file system image contained in a regular file, as well as a device. Previously, fsdb could analyze only special files, not regular files.

  • Corrects a memory leak problem associated with the clu_get_info API seen on stand-alone systems.

  • Corrects potential security vulnerabilities in the gzip program. These vulnerabilities could be exploited by a remote unauthorized user to execute arbitrary code or cause a Denial of Service (DoS).

  • Fixes a POSIX standard violation in the wcstod() function. Previously, an incorrect pointer was set to the endptr parameter of wcstod() for cases where no conversion was made.

  • Fixes the awk command to ensure that the -f option exhibits the right behavior with numeric strings.

  • Modifies the ex command to return 1 as the exit status when a read-only option with write fails.

  • Changes the return value of swprintf() so it returns the correct value if swprintf() detects an invalid wide-character.

  • Fixes the awk command to ensure that operands that begin with a numeric character or “=” are considered as valid pathnames.

  • Updates the time zone data files in /etc/zoneinfo/ to include the most recent changes from the latest PD time zone source kit (tzdata2005n).

  • Fixes a problem whereby the /proc file system could remain open after a debugging application exits.

  • Corrects a potential security vulnerability issue that could result in unauthorized privileged access or denial of service (DoS)

  • Implements the FC-HBA standard

  • Modifies the cksum command to report the correct file size in the xpg4 environment when the file is greater than 4GB.

  • Fixes the problem of syslogd dying intermittently when sent a SIGHUP to reconfigure.

  • Fixes the problem of a core dump occurring while running the fsck command on a fake UFS file system.

  • Improves space utilization in small MFS file systems by decreasing metadata overhead.

  • Fixes a problem with the mkcdsl command in which the -a option misbehaves when used on a context-dependent symbolic link (CDSL).

  • Fixes RPC timeout error messages in the ypwhich -m command.

  • Corrects a problem in which SysMan and SysMan Station are not functional after installing Java 1.3.1-4 or higher.

  • Prevents addvol from adding invalid disks into a domain.

  • Reduces cluster files system I/O in Enhanced Security.

  • Corrects a security issue in which rsh and other rcmds incorrectly report ESUCCESS when the remote side of a connection terminates before fully establishing a connection.

  • Updates sysconfig to use the cluster interconnect, thereby allowing for a greater SSI collaboration. This fix will help with changing variables on hung systems, single user systems, and normal running systems.

  • Improves cryptic warning message during a mount of a dirty file system. The new message includes a suggestion to run the fsck command for a dirty UFS.

  • Adds support in cleanPR for HSG60/HSV100/MSA/HP-XP enclosures.

  • Corrects a panic while creating or extending a large UFS file system.

  • Fixes cron job scheduling for Daylight Savings time events.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Enables the -undo_switch option for the versw command, which is required to delete patches that contain version switches.

  • Corrects a problem in which cp and cat produce different file sizes when reading from a tape device.

  • Adds SCSI reserve and release support to the mt program to assist open SAN tape management.

  • Updates the environmental monitoring daemon, envmond, to ensure the correct EVM events are being sent at the correct time.

  • Allows the auditing of login and su events based in part on the contents of user profiles (for Enhanced Security), the prevailing auditing characteristics of the originating process, and the system-wide audit mask. Previously, only the system audit mask was referenced.

  • Fixes many small problems with the dsfmgr command.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Adds an event to indicate that the soft or hard error count has changed on the device identified in the event.

  • Fixes the search algorithm to differentiate between prived and non-prived UIDs, and to allow regular expressions in string searches.

  • Corrects a problem found wherein the rmtmpfiles script would leave empty directories in /var/tmp at system startup.

  • Fixes a problem that occurs while encoding $@ in the Bourne shell.

  • Eliminates the warning message "Using an array as a reference is deprecated" when running /usr/sbin/siacfg and during system boot on systems using Perl 5.8.0 and higher.

  • Corrects a potential floating point error in threaded applications.

  • Allows the fuser command to display the reference flag, which indicates the type of reference made; for example, open, closed, unlinked, or mmapped.

  • Fixes a problem with csh that occurs when using a tilde (~) operation in directing standard input and standard output of a command to a file in a home directory.

  • Updates ddr.mod to support new hardware (NHD-6) devices.

  • Corrects a problem in which crontab removes its entries and the vi editor truncates an existing file when a file system is full.

  • Corrects the way RPC-based servers handle ill-formed TCP connections.

  • Allows mount options that take a value to be correctly processed on a cluster.

  • Corrects the tar program to properly handle unusual directory specifications.

  • Prevents segmentation faults when a malformed argument vector is passed to sia_ses_init.

  • Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Corrects a problem in which a core dump occurs when using csh from the Japanese locale.

  • Corrects a potential security vulnerability that could result in a Denial of Service (DoS). This potential vulnerability may be in the form of local and remote security domain risks.

    (SSRT2384 rpc — Severity - High)
  • Corrects a potential security vulnerability in which the Home Directory and login shell attributes for a user account are not suppled to the audit daemon for authentication failures.

  • Fixes a problem in XTI caused by a blocked mutex lock in which a thread attempting to send an abortive disconnect hangs.

  • Installs DECthreads V3.20-029c.

  • Fixes a problem with floating point data inconsistencies in threaded applications.

  • Corrects possible dead lock with the ./isl/log and ./usr/sbin/log commands.

  • Provides the correct labels for mach events to the audit subsystem.

  • Corrects the find -ls command to display the correct number of blocks.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Corrects the /usr/sbin/dirclean utility from attempting to remove the AdvFS . tags directory or the quota.group and quota.user files.

  • Fixes an extended regular expression problem where the interval expression {m,n} is handled incorrectly.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the uucp utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • Fixes memory leaks caused by certain type of scripts that called an infinite loop.

  • Fixes a ksh problem related to cleaning the process when a terminal is abruptly stopped.

  • Corrects the behavior of ln -sf to address the issue caused when a symbolic link points to a nonexisting file.

  • Corrects the exit status of sed when the disk is full.

  • Corrects a problem in which the return value of unlink() call was not checked when two threads were trying to move a file to two different destinations. Although one of the threads could unlink() the source file, no relevant error message was displayed.

  • Fixes a problem from pre-Version 5.0 releases in the libc mktime() function's handling of potentially ambiguous tm struct times; that is, those that fall within a backward clock shift and that have an initially negative tm_isdst value.

  • Fixes a linker error that occurs when the ld -update_registry /dev/null is specified.

  • Fixes various problems in the libc functions getdate(), strptime(), callrpc(), strncasecmp() and fork().

  • Fixes a problem in the libnuma function nacreate() and the system header <sgtty.h.

  • Causes sh to print the correct message when enhanced core file naming is on.

  • Fixes a problem in which attempts by the runtime loader (/sbin/loader) to free a null pointer are in error.

  • Corrects the behavior of the more command when nonexisting file and a nonempty file with a long file name are both specified.

  • Causes /usr/opt/ultrix/usr/bin/make to properly check dependencies on archive libraries.

  • Fixes various problems in the dbx and object file tools: dbx, ostrip, strip, mcs, dis, cord, file, and stdump.

  • Causes the grep command allow blank lines in the pattern file and to not hang when executed with the -w and -f options.

  • Removes compiler warnings addressing outside of array bounds.

  • Addresses compiler warnings caused by calling a function with too few arguments.

  • Adds informative messages during a rolling upgrade when a problem is encountered with the merging of the .login file.

  • Corrects vmstat to display correct free page counts a on NUMA systems.

  • Adds a -M command option to newfs to allow permissions of an MFS root directory to be specified when it is first created.

  • Adds EVM notification support for UFS file systems.

  • Corrects the find -links, -size, -i, -inum behavior with respect to the + operations. Find + operations will match greater than, rather than greater than or equal to.

  • Addresses a performance issue of rm -r with large directories.

  • Eliminates compiler warnings in ksh.

  • Corrects the improper scheduling of cron jobs related to months not having 31 days.

  • Makes start up scripts in /sbin/init.d world readable.

  • Fixes client login, su, rshd, edauth, and sshd2 hangs and long delays under Enhanced Security, as well as some intermittent errors or failures seen with prpasswdd or rpc.yppasswdd.

  • Installs version V2.1-120 of /usr/lib/libots3.a and /usr/shlib/libots3.so, which fixes a problem where long-running OpenMP applications might overflow an internal libots3 counter, resulting in a breakdown of thread synchronization.

  • Corrects a problem with the merging of the termcap file during a rolling upgrade.

  • Allows white space in header field and in multiple headers with the ps option -o.

  • Makes the following changes to the tar, pax, and cpio commands:

    • The tar command now checks and reports any write errors.

    • The tar, pax, and cpio commands can unalter the ctime of input files upon creation of an archive and display a warning message if unable to preserve the time of input files.

    • Corrects the tar o option behavior.

    • Corrects the pax -l option to create hard links properly.

    • Corrects the cpio -o option to not ruin extended UID file ownership.

    • Fixes how long file names are handled in tar.

    • Fixes pax to handle ACL on directories properly.

    • Corrects tar to properly handle unusual directory specifications.

    • Modifies the tar utility so it correctly restores directory permissions when extracted using -p option.

    • Fixes the tar and pax utilities so they correctly restore the file mode when extracted using appropriate options.

  • Fixes /usr/bin/cut to correctly handle incomplete lines.

  • Causes the rescheduling of certain default cleanup cron jobs so that they will not get skipped during a time change to DST.

  • Fixes /usr/bin/which to take path information from environment rather ~/.cshrc if it is invoked from other than the C shell.

  • Eliminates compiler warnings in mkdir.

  • Corrects a problem in which performing a sort on a large database using numerous keys fails during the consolidation phase of the temporary files.

  • Fixes a typo in mkcdsl.

  • Updates the NIS start-up script to correctly start NIS on the cluster alias.

  • Fixes a problem with bcheckrc that occurs when it is run multiple times.

  • Fixes a problem with non-U.S. USB keyboards used in non-U.S. locales in which the keyboards are treated as U.S. keyboards by the operating system.

  • Corrects a problem in which sh uses a high amount of CPU time.

  • Eliminates compiler warnings in ln.

  • Eliminates compiler warnings in ksh.

  • Enhances the cron command to perform extensive logging.

  • Fixes following problems in sh:

    • A service denial problem that occurs when a quoted here doc script is executed.

    • A problem with handling ELF files.

    • A condition in which the shell variable $- does not hold the -C set option when it is turned on.

    • A condition that causes the printing of broken characters when the type built-in utility of sh is invoked in the Japanese locale.

  • Fixes a one-byte gap/hole in the maximum file size in the tar command before an extended header record is used (8589934591 (octal 77777777777)).

  • Fixes a problem in which nonsense characters are appended to the audit information output of an execve event in brief mode.

  • Installs DECthreads V3.20-033, which addresses the possibility of floating point errors in threaded programs.

  • Corrects a problem in which some networking applications, especially X.25 and X.29, stopped working as expected because of interactions with security-related fixes and how the fstat() function behaves on their sockets.

  • Corrects a potential security vulnerability which may result in non-privileged users gaining unauthorized access to files or privileged access on the system.

  • Fixes an sh problem that occurs when executing command substitution.

  • Fixes a fatal assertion error reported by pixie, hiprof, third spike, cord, uprofile and odump object file tools for some executable files linked at optimization level 2 (-O2) or greater.

  • Corrects a condition in which the system start-up script /sbin/rc2.d/S19security could cause an unintended change in the system security configuration, which could occur when /usr/bin/perl has been removed.

  • Corrects a condition in which the mv command fails when operated on running binaries.

  • Corrects a condition in which the mv command does not allow a file to be renamed even though directory permissions allow it.

  • Fixes a problem encountered with the Bourne shell when a file name with trailing slash (/) is used as an argument to the command.

  • Allows the mv command to parse the pathname correctly when a source directory ends in trailing slash (/).

  • Corrects the default UID displayed by the adduser command when UID_MAX exists in the /etc/passwd file and helps prevent the duplication of UIDs.

  • Corrects a potential security vulnerability in sendmail that could result in nonprivileged users gaining unauthorized access to files or privileged access on the system. This potential vulnerability may be in the form of a local or remote security domain risk.

  • Corrects a condition that causes NIS clients to fail to connect to non-Tru64 NIS servers that support only the V2 NIS protocol.

  • Fixes a situation in which the header fields displayed by the output of the ps command are not aligned properly.

  • Corrects a problem with the class scheduler under the following conditions:

    1. The class scheduler is started then stopped.

    2. System owned semaphores are removed with the ipcrm -s command

    3. The class scheduler fails to restart with the error "class_open: allocate or access semaphore Invalid argument."

  • Fixes a situation, in which the mkpasswd command dumps core when executed by a nonprivileged user.

  • Fixes a situation in which awk does not process input files specified in the BEGIN section.

  • Corrects a problem with the cdvd command that causes two minor problems with its output.

  • Fixes a problem that occurs when linking kernel object files from an archive library. The problem was the linker always adds four __exc_* symbol references to the final linked image.

  • Corrects a problem that can cause binlogd to dump core when parsing its remote host authorization file (/etc/binlog.auth) with greater than 513 characters.

  • Removes the 250 variable limit for /usr/bin/env.

  • Fixes a problem of race condition in rm command in which two threads can successfully delete a file simultaneously.

  • Makes it possible for the vi command to read a text file containing non-ASCII single-byte characters (for example, accents) and to read single-byte locales correctly.

  • Corrects a condition that causes the FTP daemon to dump core when the client sends an out of order ADAT command.

  • Causes EVM to check for matching braces within EVM configuration files.

  • Fixes a buffer overflow problem in /usr/bin/write.

  • Adds a CDSL from /var/adm/binlog.saved to /var/cluster/members/{memb}/adm/binlog.saved.

  • Corrects a problem when running Enhanced Security in which an emergency log in for the root account on the console would fail in TruCluster configurations, sending the message "Impossible to execute /sbin/sh."

  • Removes the race security vulnerability in the find utility.

  • Changes the sort command to give exit value 1 for all the error messages, in compliance with existing specifications.

  • Prevents the sort command from dumping core when more than 50 sort keys are used

  • Provides the feedback facility for dd in long copies.

  • Adds support to the evminfo command to check for syntax errors in the EVM authorization file.

  • Fixes a problem with the UFS file systems that occurs after using the extendfs command.

  • Fixes two problems in the dynamic runtime loader that can cause an application to crash.

  • Fixes a problem that causes a segmentation fault when dbx is analyzing a Fortran program.

  • Fixes various problems regarding regular expressions in multibyte locales.

  • Corrects a possible hang problem with complex regular expression.

  • Corrects a potential security vulnerability that can result in unauthorized Privileged Access or a Denial of Service (DoS). This may be in the form of local and remote security domain risks.

  • Fixes a possible data inconsistency that can occur when copying files across DMAPI-enabled file set using the cp command.

  • Addresses a problem with sh while using the ulimit built-in command in displaying hard and soft resource setting values when -H (hard) and -S (soft) resource limits options are specified.

  • Corrects a problem in which logins in TruCluster environments using Enhanced Security could hang on any member other than the one serving /var to CFS.

  • Fixes a problem with SIA that caused the Internet Express LDAP Authentication module to be unable to look up default group information for a user at login time.

  • Causes the appropriate exit status to be returned when a disk is full.

  • Lets awk accept input records of a length up to 5,119 bytes.

  • Fixes problem with the vi internal command when used inside a macro to repeat the last search for a pattern.

  • Corrects the last command to correctly report logout times when several sessions are active.

  • Adds support for the file command to recognize ELF and HP-UX file formats.

  • Corrects a condition in which a user would receive a protocol-handshake error when a high priority binlog event is reported via an email message. (The problem is caused by EVM's use of DECevent to translate the binlog event, which requires the HOME environment variable to be set.)

  • Corrects the behavior of munlockall in the realtime library (librt).

  • Corrects a condition that causes a panic resulting from a kernel memory fault in access_invalidate.

  • Corrects a problem in mount or domain activation after a panic, where a fileset (domain) cannot be mounted without running fixfdmn.

  • Corrects a setld security issue in relation to SSRT 3471.

  • Causes environmental monitoring on Alpha Server ES47/ES80/GS1280 systems to be turned on by default.

  • Corrects problem of excessive swapping resulting from mfs file system creation.

  • Fixes a problem with mkcdsl not carrying the sticky bit through.

  • Fixes a problem to allow the class scheduler to handle processor sets (partitions) with an ID greater than 100 when attempting to set the partition (using the setup subcommand). The error message generated by the problem is "invalid partition specified."

  • Fixes a ksh memory fault problem that occurs when logging in.

  • Corrects a problem on systems running Enhanced Security in which the command edauth -R refuses to write user-profile entries to the root partition.

  • Corrects problems with name resolution when an error is encountered during the processing of the local host files.

  • Fixes a fatal error in /usr/bin/spike.

  • Allows the Event Manager daemon, evmd, to stop listening on its default TCP port 619. This capability is not available for clustered systems.

  • Corrects a problem that occurs when using C1crypt for password encryption on Enhanced Security systems in which users are unable to change their passwords and see the passwd command warning "Password not changed: failed to write protected password entry."

  • Corrects the output of the vmstat command with per-RAD kernel usage data.

  • Fixes problems such as segmentation faults when strxfrm() function runs on the French locales.

  • Fixes setld failures that generate the message "Kerberos credentials not found."

  • Improves null partition checking code.

  • Fixes a librt memory leak that may occur when multiple message queue files are opened and then closed (the memory would be recovered when the process terminates).

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Corrects a potential security vulnerability that can result in a local Denial of Service (DoS).

  • Addresses the rarely seen class scheduler error “class_daemon: class_open: Database created with default configuration Bad file number.”

  • Fixes the pattern substitution problem in ksh with respect to the patterns ${parameter#pattern} and ${parameter%pattern}.

  • Adds per-binary big page controls to complement the system-wide tunable attributes.

  • Updates the audit_tool usage message.

  • Fixes a performance problem in the libc mktime() routine.

  • Fixes a condition that causes segmentation faults when the nm -a command is used to dump symbol information in object files compiled by the C++ compiler.

  • Fixes the dircmp to display both output columns.

  • Fixes a condition that causes cfgmgr to continue running after the remote is gone.

  • Adds a -R switch to MFS to allocate memory on one RAD. The default MFS behavior is to stripe memory across all RADs that have memory; the -R switch may improve MFS performance in many cases.

  • Fixes a problem that prevents access to AutoFS file systems if ACLs are enabled.

  • Makes the cchwtest tool for Common Criteria security evaluation.

  • Fixes the compress command to exit with new status, 3, on an I/O error, as described in the compress reference page.

  • Corrects a problem in which sendmail will not start on some configurations where the sendmail support files are symbolically linked to another location in the support environment.

  • Fixes “at” jobs that fail to execute when LANG and LD_LIBRARY_PATH are set.

  • Modifies the dc command to take care of scale while printing numbers in base 2.

  • Causes the tar utility to correctly restores directory permissions when extracted using -p option.

  • Fixes the vi command with respect to the handling of locales and the +[subcommand].

  • Corrects the behavior of the find command with respect to -size option.

  • Corrects the behavior of the ltf command for UIDs and GIDs greater than four digits.

  • Eliminates several compiler warnings.

  • Expands libpset APIs to enable the caller to get processor set information.

  • Modifies the rewind() function to always reposition to the beginning of a file.

  • Modifies the tar and pax utilities to correctly restore the file mode when extracted using appropriate options.

  • Eliminates inefficiencies and apparent login hangs in a TruCluster environment running Enhanced Security.

  • Corrects the handling of shared library version mismatches for the loader's -ignore_version and -ignore_all_versions switches.

  • This modification adds an additional helpful instruction to the instructions given to users after an SIA initialization failure.

  • Corrects a fixso failure that occurs when reporting a new conflict for __istart.

  • Corrects the behavior of the w command, when it is redirected or piped.

  • Corrects a failure in the safe_open() routine that causes symbolic links given by a relative path from the current working directory to incorrectly give ENOENT errors.

  • Installs DECthreads V3.20-029, which fixes problems that may affect threaded programs.

  • Fixes a problem where a file name is assigned incorrectly in a CDSL case.

  • Installs DECthreads V3.20-049.

  • Corrects a problem in which the evmshow command occasionally encounters print formatting problems when displaying a detailed output of binlog channel events.

  • Corrects an odd, unexpected error message that may be printed by rsh or rlogin commands.

  • Corrects a problem where the telnet command causes unnecessary delays when an IP address is supplied as a command-line argument.

  • Fixes a problem in which the mount command dumps core or gives inappropriate warning messages if a malformed option was given.

  • Corrects a problem in which the mailsetup command does not allow changes to the local user list in a noncluster environment.

  • Corrects a potential security vulnerability that may result in unauthorized Privileged Access or a Denial of Service (DoS). This may be in the form of local and remote security domain risks.

    (SSRT2384 rpc — Severity - High)
  • Adds support for NEW_OPEN_MAX_SYSTEM (64K) file descriptors to libaio.

  • Corrects a problem in which a DNS resolver routines never time out if interrupted by signals.

  • Corrects a problem in which the pop3d command dumps core when SSO (single sign-on) is configured.

  • Corrects a problem in which long-running programs using Enhanced Security interfaces (such as getespwnam) directly grow in memory use over time.

  • Provides an RFC3542 compliant implementation of IPv6 Advanced API.

  • Fixes a ksh core dump problem that occurs when too many files are opened; for example, when executing too many scripts simultaneously.

  • Fixes the more command to handle multibyte character properly.

  • Fixes a nonconcurrency issue for multithreaded applications calling popen() and certain "FILE *" routines such as fread().

  • Corrects the /sbin/sulogin utility to read values correctly from the /etc/rc.config.common and /etc/rc.config.site files.

  • Fixes a deadlock condition in multithreaded applications that call fork() and other libc callback routines such as exit handlers, __fini_* routines.

  • Eliminate spurious "dlm_tsl_set: abort: resource name changed" messages and the associated authentication failures when /var/tcb/files is no longer in the /var file system.

  • Installs DECthreads V3.20-049a, which fixes a condition that may cause some threaded applications to hang.

  • Fixes a problem with the find command that occurs when it is used with -follow option on symbolic links to a directory.

  • Adds support for latest version of the bcm card.

  • Corrects a condition in which Multiple "Sorry" messages are issued by the su command when multiple SIA mechanisms are in use (as when LDAP is configured for user accounts).

  • Updates Mobile IPv6 code to be compliant with the latest RFC.

  • Modifies the /usr/sbin/versw_enable_delete script, which is used to enable the deletion of version switched patches.

  • Enhances the audit_tool to enable a user to specify a path to archived audit logs that the audit_tool will follow for all logs instead of the path recorded in the audit_log_change events (which by default is /var/audit).

  • Fixes an error reported by dbx when the process being debugged terminates.

  • Corrects a problem in which the evmshow command hangs when processing an invalid evm.buf file.

  • Corrects a problem in which the system hangs at boot due to evmd processing an invalid evm.buf file.

  • Fixes a vold threads problem in which LSM devices may be incorrectly recorded as disk clones when LSM starts up.

  • Provides a new LSM EVM event that is posted when LSM is processing clusterwide plex detaches.

  • Corrects a problem in which xdmcp terminal failures are not logged within the terminal control database for Enhanced Security.

  • Corrects a problem in which the Mail program would occasionally generate duplicate file names when invoking the editor.

  • Corrects the default answer for cleanPR clean.

  • Corrects the behavior of the svr4 -t option of the df command in a cluster environment.

  • Allows V5 auditd servers to communicate with V4 auditd clients.

  • Fixes a problem with csh that may cause a “Missing }” error.

  • Fixes problems with Enhanced Security user accounts that reference a template.

  • Corrects a problem in which stdin, stdout and stderr are closed and cfg_connect fails to connect to cfgmgr.

  • Provides an enhanced version of the rm command that fixes a problem with VMS NFS mounts in which many files are not deleted because of shuffling effects in the file system.

  • Fixes a timestamp problem with binlogd

  • Fixes an issue with setld/pax.

  • Fixes a memory fault or segmentation fault problem that occurs when a root user tries to change a NIS user's password on the NIS master that is using BASE security.

  • Corrects a problem with the Bourne shell not displaying the trailing slash at the end of a file name that is passed as an argument to the script that displays the argument passed.

  • Fixes a problem in which software can not be installed due to subsets remaining in an unfinished state of subset loading.

  • Corrects a csh globbing problem that occurs while listing files using the asterisk (*) wild card character.

  • Fixes a problem with the sh shell during command substitution.

  • Fixes the problem of depord failing when the length of the DEPS field in the control file is greater than 250.

  • Fixes quotacheck utility to handle user/group IDs larger than 2^31.

  • Fixes the auditlogtrim script to properly recognize and delete audit log files older than the trimming date/time specified.

  • Ensures that the disklabel -z option (used for zeroing out a disk label) issues a warning if the disk partition is in use when a shell environment variable DISK_ZERO_WARN is set

  • Corrects an overlapping section error reported by the linker.

  • Fixes bad error handling that occurs when trying to install setld via the command line options setld -l <path <subset.

  • Corrects a memory leak problem in the ksh shell.

  • Corrects bind changes to rc.config changing NIS settings.

  • Fixes a problem that results in a hang or crash during the auditing of the net_tcp_stray_packet, net_udp_stray_packet, and net_tcp_rejected_conn network events .

  • Fixes and audit object deselection model in which events that modify a target object could be deselected, resulting in no audit record being generated.

  • Improves the performance of times(3).

  • Corrects incorrect behavior of the df command for automount mount points.

  • Corrects a memory leak problem in the ksh shell.

  • Enhances the fuser command to provide a cluster-wide query capability. A revised fuser(8) reference page describes this enhancement.

  • Fixes a problem with glob() returning an incorrect match when directory permission issues exist.

  • Corrects a condition that occurs when a change in system time by the ntp daemon causes a cron job to be executed with a discrepancy equal to the amount of drift in time.

  • Corrects the behavior of the tail -f command with respect to FIFO special files.

  • Corrects a problem with ksh shell pattern matching.

  • Fixes problem that occurs when multiple instances of the sort utility use the same directory path.

  • Resolves several DECThreads faults and resolves performance issues with certain Java applications.

  • fixes memory leak problem in cron.

  • Raises the highest ID handled by edquota and repquota and converts the repquota program to using the GETQUOTA/GETQUOTA64 quotactl's for obtaining data, instead of directly reading from the quota file. This results in more recent data and, in a cluster, consistent data across all nodes. It also enables handling the highest UIDs (up to 4294967294).

  • Fixes an awk() argument buffer limitation that can cause patch installations to fail if a large number of subsets (in excess of 500) are loaded on the system.

  • Fixes sh to handle a large number of open files.

Patch 27010.00

OSFBIN540

  • Provides support for identifying references to half-open pipes via the fuser utility.

  • Improves performance for some multithreaded applications running on AlphaServer GS320 and GS1280 class systems.

  • Corrects a scenario in which a spurious wakeup is sent to a process that had interrupted a blocked attempt to set a mandatory file lock.

  • Provides performance enhancements to the vm_overflow feature.

  • Changes the way page migrations occur on a NUMA system to address poor performance due to excessive paging.

  • Corrects an incompatibility between the cpus_in_rad and gh_chunks/rad_gh_regions tunable attributes that could result in a boot failure.

  • Corrects a problem with pagetable page allocations that could leave a thread waiting indefinitely during a fork operation.

  • Corrects "ubc_wire: hash failed" panics on non-NUMA systems.

  • Corrects a "not wired" panic that occurs with System V shared memory and bigpages.

  • Reduces scheduling contention when unmapping shared address space that has an extremely high number of mappers.

  • Handles reservation conflict errors to address cluster node hang during boot.

  • Updates the audit system to display additional information for numa_syscalls and msfs_syscall system calls.

  • Provides a tunable attribute to allow the reserving of a percentage of vnodes for root use.

  • Fixes an issue in the VM subsystem in which a page that is not managed by VM is incorrectly identified as being managed by VM.

  • Fixes a problem in UFS superblock update logic that could result in a failure to report errors encountered when writing cylinder group summary blocks.

  • Provides a new cluster-specific link aggregation distribution algorithm when using LAG in a LAN cluster.

  • Reduces fork/exec overhead on systems with large default stack sizes.

  • Fixes a cluster deadlock/hang issue when a new device is discovered.

  • Fixes a kernel memory fault panic that occurs during a NetRAIN interface failure.

  • Fixes a CPU hang caused by /dev/random.

  • Corrects a condition that causes a process hang and system panic when using System V shared memory and asynchronous I/O.

  • Corrects a minor tuning issue with netisrthreads on NUMA machines. Previously, four netisr threads were started per RAD, whereas the default number of netisr threads per RAD now equals the number of CPUs per RAD.

  • Fixes problems with RPC for configurations with no RAD 0.

  • Fixes a problem in which unkillable processes occur when debugging multi-threaded programs with the totalview debugger on a Sierra Cluster.

  • Fixes an underlying problem in NFS that can trigger an assert failure in CFS. These conditions can be triggered by a failed NFS mount.

  • Resolves a synchronization issue between pageout and exit paths.

  • Introduces sysconfig tunable attibutes for NFS/RPC

  • Fixes multiple panics and application hangs seen when interacting with Process Shared POSIX 1003.1c objects.

  • Fixes the handling of NFS requests that have an erroneous file handle length field.

  • Corrects the output of wired pages and gh regions found in the -P option of the vmstat command when run on a NUMA system.

  • Improves the performance and chances of success of the Tru64 kernel malloc routine, especially when used by drivers which use the M_NOWAIT option.

  • Fixes an invalid kernel memory fault panic in the code responsible for the generation of random numbers.

  • Corrects a defect in the audit subsystem that causes it to fail to record inode information on closed file descriptors.

  • Corrects a problem that occurs after an upgrade from Version 5.1B patch kit 3 to Version 5.1B-3 (Version 5.1B-3) in which the system may fail to boot with the following panic:

    KMF - invalid memory read access from kernel mode
  • Fixes a race within NFS over TCP when connection reaches idle timeout.

  • Improves the performance of Tru64's MACH implementation and also enhances stability while under heavy load.

  • Corrects several potential security vulnerabilities in TCP/IP, including ICMP. These exploits could result in a remote Denial of Service (DoS) from predictable Initial Sequence Numbers (ISNs), network throughput reduction for TCP connections, or the reset of TCP connections.

  • Corrects the following potential security vulnerabilities:

    SSRT4743, SSRT4884 - TCP/IP ICMP (Severity - High)
  • Fixes a panic condition resulting from DVDFS using a deallocated vnode.

  • Fixes a panic condition in the NFS client code resulting from the mishandling of unaligned data on clustered systems.

  • Corrects a kernel memory fault that results from the de-referencing of a null processor pointer encountered when auditing a network event after having sent a SIGKILL to the auditd daemon.

  • Forces the use of a non-cluster interconnect address in audit records.

  • Fixes a kernel memory fault panic in IPv6, and corrects improper or leaked reference counts with IPv6 route entries.

  • Fixes a panic that occurs when using the TCP SACK option.

  • Fixes a kernel memory fault panic that occurs when the vm tunable anon_rss_enforce is set.

  • Fixes a socket kernel memory leak.

  • Fixes a race condition in the UBC.

  • Corrects tracking of controlling terminal reference to session structure.

  • Corrects a problem that causes the transmission of duplicate FIN packets, which could result in a stuck connection.

  • Allows systems with multiple paths to a large number of devices to boot faster.

  • Fixes an issue with the NFS client async daemon that can occur in specific NUMA configurations. These configurations would have RAD numbers that are not part of the partition but within the range of valid RAD numbers for that partition.

  • Fixes an fsync (NFS/UFS) operation that failed to always flush all dirty pages.

  • Fixes a “lock_done: lock not currently owned” panic that occurs early in a boot.

  • Resolves lock management issues within the UBC that can lead to “mcs_unlock: current lock not found” and “mcs_lock: time limit exceeded” panics.

  • Removes NFS warning message about malaligned RPC messages.

  • Makes the poll() function compliant with revised UNIX98 standards.

  • Fixes a hang caused by the Async I/O subsystem.

  • Corrects a problem with the mount command in which issuing a mount -l command lists the property of a dual mounted fileset incorrectly as nodual.

  • Fixes a problem that causes some TCP connections to reset when sending large amounts of data (more than 2GB) to a very efficient receiving host.

  • Corrects the incompatibility of the waitpid() system call with revised UNIX98 standards.

  • Fixes an internal kernel declaration for variable maxuthreads that resolves the following types of kernel failures when the sysconfig value for max_threads_per_user in the proc subsystem is set to a value larger than 2147483647:

    thread_create() failed for pid # : maxuthreads (=-1) exceeded for uid 201
    thread_create() failed for pid 1479950: maxuthreads (=-#) exceeded for uid 15
  • Fixes a panic resulting from CDFS using a deallocated vnode.

  • Corrects a problem in which the tmt_walk_list() function in nifftmt.c mallocs memory for the tmt_state_info array, but fails to free memory when thread terminates.

  • Reduces the default value of IPFRAGTTL from 60 to 18 to avoid reassembly problems.

  • Modifies the setluid system call to handle the license correctly when a non-root user switches to different non-root user using login command.

  • Corrects a problem in which elevated load averages were reported on NUMA class systems.

  • Fixes resource leaks seen after a device file is revoked.

  • Makes possible a sticky connection feature for cluster alias.

  • Updates sysconfig to use the cluster interconnect to allow for greater SSI collaboration, which will help with changing variables on hung systems, single user systems, and normal running systems.

  • Allows the UFS attribute delay_wbuffers to be tuned using sysconfig.

  • Allows the packet filter variables pfilt_loopback and pfilt_physaddr to be tuned using sysconfig.

  • Increases the default value of ipqmaxlen (IP input queue) to 2048.

  • Provides an option to enable cluster NFS clients to use a nonprivileged TCP port to check to see if a remote NFS server is up.

  • Corrects a potential issue with NFS version 3 memory mapped files that can lead to a system panic.

  • Allows the stat system call to correctly report the st_blocks for dvdrom files.

  • Corrects a condition that causes a panic while creating or extending large UFS file system.

  • Corrects a problem in which under certain load conditions shared memory usage can lead to an inconsistency that results in a "u_ssm_oop_deallocate: reference count mismatch" panic.

  • Corrects a potential hang on exit from applications utilizing /dev/poll.

  • Fixes a condition in the kernel whereby an incorrect internal status can be returned from mpsleep(), thereby causing potentially incorrect behavior.

  • Fixes problems in tcp_output that cause connections to hang when window fills and fixes a potential loss of data when a connection is closed.

  • Corrects a potential loss of data a connection is closed.

  • Corrects inappropriate TCP probe timeouts associated with case.

  • Adds support for CPU offline on GS1280 systems (required for Capacity on Demand).

  • Corrects a problem with the keepalive mechanism that causes TCP connections to disconnect unexpectedly.

  • Corrects a problem in which changing memory protection results in a kernel memory fault panic.

  • Fixes a condition that can cause a panic in the kernel during interconnect operations involving configuration requests.

  • Corrects a problem in which an invalid core file may be generated following abnormal program termination.

  • Fixes mount/umount failures and panics in FMS, UFS FDFS.

  • Fixes a situation in which mmap memory locked with mlockall() using the MCL_FUTURE flag does not become wired automatically.

  • Fixes a problem in which fuser is unable to report on all referenced resources when attempting to identify reasons for unmount failures.

  • Improves the process exit procedure for processes that have had the nice command used on them.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Fixes multiple defects in AutoFS user space and kernel code.

  • Corrects performance issues when accessing a file with direct I/O enabled.

  • Fixes a condition that causes a panic when appending to a file.

  • Eliminates a false directory lookup warning message generated by an incorrect comparison caused by mismatched file ID variable types.

  • Improves client caching performance.

  • Prevents the loss of a single system image for an NFS file system mounted from a cluster when there are certain problems communicating with the external NFS server.

  • Fixes a problem with audit data not being displayed by the audit tool.

  • Corrects problems with file object selection and deselection and directories.

  • Addresses NUMA performance issues associated with auditing.

  • Introduces type checking of attributes when registering components with the hardware manager.

  • Adds IEEE 802.1Q (VLAN) support.

  • Fixes a panic within the two-level scheduling subsystem.

  • Fixes a process hang condition.

  • Fixes a "thread_block: simple lock held" panic.

  • Fixes an occasional panic that can be seen when reading from a process using Granularity Hints with the procfs command.

  • Corrects a problem that causes a system to panic during a particular machine check.

  • Corrects 3D client hangs when using the Radeon graphics card.

  • Fixes a condition that causes a system to hang when using Open3D over the AGP bus on an AlphaServer GS1280.

  • Protects against "get_color_bucket: empty buckets!" panics and "kernel memory fault" failures on systems with mixed cache parameters.

  • Fixes a kernel memory fault in shadowvnode() caused by a null vnode pointer.

  • Fixes insmntque() to conform to proper locking when removing and adding a vnode to the mount vlist.

  • Fixes a condition that causes an excessive FIDS_LOCK contention when large numbers of files are using system-based file locking.

  • Fixes an issue encountered in configurations in which the primary processor is not the first processor within a RAD.

  • Fixes a condition that causes the panic “u_seg_vop_remove: seg not found” in vop.

  • Fixes a problem in which a duplicate IP address might be configured on the system or an IP address might be configured with an incorrect netmask.

  • Extension of UFS file systems via the mount command can effectively disable use of the file system. Additionally, on some LSM based systems a panic can occur after a file system extension has been completed.

  • Fixed a problem in which a process waiting on a semaphore does not get woken up.

  • Fixes a problem that causes the panic "Bigpage Assertion Failed."

  • Allows the size of the NFS server's duplicate request cache to be adjusted as needed.

  • Corrects a locking problem with NFS running over UFS.

  • Fixes a problem in which a Tru64 UNIX NFS client panics when it receives a null entry as a response to a readdirplus request from an NFS server.

  • Fixes a problem in which a Tru64 UNIX NFS server panics as a result of receiving illegal file access mode from an NFS client.

  • Corrects a rounding error for the vm attribute vm_bigpg_thresh.

  • Corrects the handling of bad pages when big pages are enabled.

  • Fixes the cause of "page mapped" panics when using mmap calls with dev/mem to access free big pages.

  • Increases the TCP window increased from 96 KB to 500 KB to improve performance.

  • Causes the netisr thread to dynamically estimate the reply size the socket buffer and subsequently reserve the space in it.

  • Adds a new timeout check to notice when data has not been acknowledged in 30-50 seconds and copy those buffers, thereby allowing the UBC to free up those mbufs and not tie them up.

  • Adds support for CPU indictment on the AlphaServer GS1280 platform.

  • Fixes a problem in which gh_min_seg_size can not be set below 8M.

  • Fixes a problem with cluster failovers of UFS filesets.

  • Fixes a panic resulting from race condition in the MFS (memory file system) over CFS (cluster file system).

  • Corrects a problem in which an ARP request for a permanent ARP entry is ignored and a connection cannot be maked from the remote system.

  • Fixes a high lock contention for str_to_lock, a STREAMS attribute.

  • Adds a configurable tuning parameter to the STREAMS subsystem for ES47/ES80/GS1280 platforms.

  • Fixes a flaw in the NFS server that can cause it to crash upon reception of malformed input.

  • Fixes a kernel memory fault in u_seg_global_destroy.

  • Corrects a kernel memory fault that can happen when running applications that use the Cray Intra-Node Shared Memory library.

  • Prevents a potential process (not system) hang seen when a system comes under heavy memory load with monolithic memory use. (Gigabyte-scale single objects.)

  • Prevents a kernel memory fault when running with protection on the 128-byte bucket — an action that should only be undertaken as directed by HP customer support personnel.

  • Addresses a situation in which a taso-compiled binary is unable to allocate more memory after performing a series of mmap calls.

  • Corrects a problem that causes hwmgr to dump core when performing environmental testing and using hwmgr to verify that a particular sensor's status would change from OK to Fault.

  • Provides the correct labels to the audit subsystem for mach events.

  • Fixes a memory management fault and panic in UFS.

  • Addresses two problems with the NFS server:

    • A potential crash during a concurrent read and truncate operation on an AdvFS file.

    • A potential crash with malformed or malicious READDIR[PLUS] version 3 RPCs.

  • Improves ufs_invalidate() handling of fractional pages.

  • Corrects the cause of an "ialloc: dup alloc" panic.

  • Increases the character limit in file property lists from 245 to 255.

  • Improves I/O performance by reducing kernel locking overhead.

  • Addresses system problems that can occur when the system is under heavy I/O load or low memory conditions.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Prevents a kernel memory fault panic that occurs when the audit daemon is set to periodically dump the kernel audit buffers to the audit log file (auditd -d freq).

  • Corrects conditions that cause "blkfree: freeing free block" and "blkfree: freeing free frag" panics.

  • Allows systems configured to use NTP to keep accurate time regardless off whether the NTP daemon is running.

  • Corrects a condition that can cause a panic in audit_rec_build when auditing execve with the exec_argp or exec_envp audit style enabled.

  • Fixes a problem in which a device file such as /dev/console can become inaccessible, returning the error “Bad File Number.”

  • Fixes a system panic in the ubc_page_stealer routine.

  • Causes the correct error message for the freezefs -q command to be displayed on a non-AdvFS file system.

  • Adds comment to reserve 0x10000000 and 0x20000000 for AutoFS flags.

  • Prevents issues in the DCE/DFS file system when pages are being flushed as part of a vnode. This patch is required for AlphaServer SC.

  • Fixes a problem where an I/O error (EIO) can occasionally be returned after a page fault.

  • Adds a lock to the initialization of a private client to avoid hung file system threads when the MVFS ClearCase file system is in use.

  • Corrects a potential security vulnerability that may result in denial of service. This may be in the form of local and remote security domain risks.

    (SSRT2384 rpc — Severity - High)
  • Corrects the NFS server's handling of files open for direct I/O.

  • Fixes a problem on a cluster NFS client where a hard-mounted NFS file system can incur ETIMEDOUT errors.

  • Fixes a problem in the kernel network subsystem that causes a kernel memory fault panic in the m_adj() routine.

  • Fixes an internal problem in the kernel's AdvFS, UFS, and NFS file systems where extended attributes with extremely long names, greater than 247 characters, could not be set on files. The new limit is 254 + a null string terminator.

  • Fixes a problem when the kernel incorrectly closes a socket that causes Sybase 1613 errors.

  • Adds support for IPV6_UNICAST_HOPS socket option on raw sockets.

  • Corrects c shell a problem in which a multithreaded process forks a single threaded process and leaves data in the proc structure that could cause problems.

  • Improves performance for removing or truncating large files on UFS file systems.

  • Fixes a problem that occurs when the Tru64 UNIX TCP layer prematurely closes a slow, but good connection with TCP reset.

  • Fixes a problem in which the quot -v command sometimes returns wrong quota information on a UFS partition.

  • Fixes a system panic that can generate the panic string "mcs_lock: lock already owned by CPU" or "thread_block: simple lock owned."

  • Fixes a system panic that generates the panic string "pg_nwriters going negative."

  • Changes an rws write lock in the VMAC lookup routine to an rws read lock for better SMP scaling.

  • Corrects a kernel memory fault in the table syscall.

  • Corrects memory striping when using big pages.

  • Fixes a problem where the system can panic with a kernel memory fault in simple_lock() being called from fuser().

  • Resolves kernel memory faults in the TCP/IP subsystem.

  • Fixes a problem where threads can hang mallocing memory.

  • Increases the default values for udp_ttl and tcp_ttl to 128 hops.

  • Fixes a condition that causes the "rdg: unwiring" panic.

  • Increases the default limit of DLI packets to 16 KB and makes the limit tunable. This corrects a problem in which attempts to send packets larger than 5000 bytes (jumbo packets) can fail.

  • Improves the fragment gathering mechanism to boost performance.

  • Corrects a problem in which the auditd -d command (which flushes the kernel audit buffers) could cause audit data inconsistencies on a multi-CPU machine on systems generating a heavy volume of audit events.

  • Provides a base system routine for use by the cluster code to determine if a particular mount has an NFS exported file or directory on it.

  • Corrects a problem in which a user process cannot be interrupted, which in some instances can be utilized in a denial of service attack.

  • Corrects a kernel memory fault caused by uninitialized or incorrect parameters being passed to the setsockopt system calls.

  • Fixes a condition that causes a kernel memory fault panic in the IP multicast loopback code.

  • Corrects a problem in which multi-CPU sometimes livelock while processing incoming network traffic. In some cases the live lock can result in a cluster event timeout panic.

  • Resolves internet protocol conformance issues and fixes a problem with sending multicast datagrams.

  • Fixes a condition that can cause crashes from within the pshared subsystem

  • Fixes several IPMI-related problems, including the following:

    • Erroneous fields in 686 OS-detected environmental machine check logout frame

    • Unusually large number of 686 sensor timeouts with heavy system load

    • IPMI always reporting -48v sensors as broken, seen as "redundant power supply failed" messages

    • An IPMI memory leak

  • Corrects problems in UFS extendfs functionality that cause file system metadata inconsistencies.

  • Corrects the default parameter for physio_max_coalescing to 8K.

  • Addresses an issue on large systems in which kernel threads might not be executed for extended periods of time.

  • Fixes two small logic errors with the NFS version 3 client that result in unintended, though correct, behavior.

  • Fixes a problem seen with the TAHI IPv6 conformance test, specifically Test 4 for the IPv6 specification.

  • Resolves a problem that results in multiple cluster members crashing with kernel memory fault in rfs_find_fsid().

  • Corrects a potential system hang when an error occurs while updating special file or named pipe access times on an NFS client.

  • Fixes an AdvFS asynchronous direct I/O problem that can cause a thread to hang.

  • Fixes a problem in which a truncated AdvFS file erroneously zeros data for the remaining leading segment of the file.

  • Fixes a minor problem in the IPv6 subsystem that causes an extra message to be sent upon startup.

  • Corrects a problem that occurs in some low free memory situations, in which a kernel thread that completes AIO requests may stall on one request, causing other requests (that can complete) to back up behind it.

  • Improves performance for CFS filesets mounted with the server_only option.

  • Allows tasks with just one SCS thread to be migrated in the same manner as single threaded processes in NUMA environments.

  • Addresses a problem in IPv6 subsystem that causes a system to panic.

  • Adds support for AlphaServer ES47/ES80/GS1280 platforms to allow the use of processors having different speeds in the same chassis.

  • Corrects the problem of the statfs() function returning EINVAL when operating on an fattach() function clone streams device.

  • Addresses a scaling issue seen on large multiprocessor systems in dealing with the class scheduling subsystem.

  • Fixes a problem in gh_chunks allocation on some configurations.

  • Improves file caching performance for large files on NUMA systems.

  • Fixes panic: simple_lock_terminate: lock busy.

  • Fixes cluster crashing when VMAC is enabled

  • Fixes an underlying problem in the NFS client that can lead to a panic on a single system or an assertion failure panic on a cluster.

  • Fixes the number of cylinders defined in the last cylinder group of a UFS file system that has been extended.

  • Fixes various problems in the bcm driver for DEGXA Gigabit Ethernet adapters.

  • Removes the 32-bit block address restriction in SpecFS read and write.

  • Removes excess data stored in the auditing of the swapctl syscall.

  • Adjusts the automatic computation of the size of the NFS server's duplicate request cache to accommodate only active RADs on a multi-RAD system.

  • Increases ability to audit memory wire and unwire operations.

  • Resolves a problem affecting IPv6 sockets where a packet transmission might fail when the destination address is not specified.

  • Fixes a kernel memory fault panic while running the IDRIS benchmark.

  • Corrects a kernel memory fault caused by configuring an IPv6 address on a legacy network interface card.

  • Fixes multiple problems with IPv6 advanced API implementation.

  • Corrects a problem in which calling aio_write with a negative size may cause a system panic.

  • Corrects a potential security vulnerability reported by SSRT2323.

  • Fixes a leak of kernel address space.

  • Corrects a problem in which a read or write operation to a changer device creates an unkillable process.

  • Corrects the panic “trap: invalid memory read access from kernel mode in procfs_psinfo().”

  • Corrects a condition in which big page memory allocations on NUMA systems may allocate remote memory too soon.

  • Fixes a problem in which clua.mod does not handle TCP RST messages appropriately.

  • Updates ICMP code to add redirect timeout support and nonmodifiable route table entries.

  • Addresses performance issues with the select() function.

  • Accelerates the booting of memory GS systems.

  • Adds pfilt_loopback and pfilt_physaddr kernel flags for controlling packetfilter written packets.

  • Corrects a "simple_lock: time limit exceeded" issue that can occur in the CAM I/O subsystem when MCS locking is disabled.

  • Provides support for the dynamically loadable packet filter.

  • Fixes IP multicast packets to work with loopback traffic

  • Improves NFS client performance on NUMA systems by doing a better job distributing data, locks, and nfsiod threads across Resource Affinity Domains (RADs).

  • Enables suitable monitoring of individual NetRAIN interfaces

  • Provides a tunable attribute that gives system administrators the ability to adjust the weight that the kernel places on the NUMA locality for forks on AlphaServer GS80, GS160, GS320, and GS1280 systems.

  • Sets a software limit to prevent serious performance problems that can occur when TCP connections that have an rate-limit enforced by a downstream network device overrun the device.

  • Adds per-binary big page controls to complement the system-wide tunable attributes.

  • Enhances HP-XP array controller support and possible future new tape device support.

  • Fixes a panic condition in AIO.

  • Fixes a "simple lock: time limit exceeded" panic.

  • Fixes a problem that prevents access to the AutoFS file systems if ACLs are enabled.

  • Improves NFS client performance on NUMA systems by doing a better job distributing data, locks, and nfsiod threads across Resource Affinity Domains (RADs).

  • Addresses the dispatching of NFS server requests for the public file handle on cluster members and multi-RAD systems.

  • Fixes how the NFS client handles full NFS version 3 64-bit file IDs.

  • Resolves a problem that prevents the viewing of files created by third-party software on some CD-ROM media.

  • Resolves a problem of not being able to view files on some CD-ROM media that is created by third-party software and corrects the erroneous reporting of success when attempting to write beyond the file size limit using synchronized I/O and the calculation of _PC_FILESIZEBITS, which is used by the operating system for pathconf file characteristics.

  • Fixes a race condition in the kernel AIO code that can panic the system with either a kernel memory fault or a duplicate malloc free.

  • Corrects a potential panic with large memory processes using System V shared Memory at process exit.

  • Corrects a panic resulting from a race condition between vnode deallocation logic and the use of CACHE_LOOKUP_REF/CACHE_LOOKUP_RELE in grab_bsacc and bs_dealloc_access (which attempt to block vnode deallocation).

  • Fixes a memory leak in the NFS server encountered when it receives malformed packets.

  • Fixes an AutoFS panic during an unmount operation when AutoFS tries to remove a directory.

  • Corrects a problem in which Tru64 UNIX sees an HP-XP RAID array controller as a disk after an HP-XP storage device is added to the system.

  • Corrects a problem in which table() calls were not correctly getting process arguments.

  • Improves the scaling of IP reassembly code on large SMP machines. NFS servers are especially susceptible when a large number of clients attempt to write at the same time.

  • Implements buffer cache page checksum caching for NFS client pages.

  • Fixes a problem that can cause a system crash when an NFS server exports files on a third-party file system (that is, one not built into Tru64 UNIX).

  • Fixes a rare kernel panic that occurs during the handling of a clock tick when class scheduling is used.

  • Corrects a potential process hang that occurs while exiting a system that has dynamically powered off a processor.

  • Corrects a system panic when running with big pages enabled.

  • Addresses problems that occur when taking noninteractive core dumps using the coredump command.

  • Corrects potential hangs of applications using the pshared subsystem that can occur as a result of a thread failing to wake up after its condition variable timer had expired.

  • Fixes two potential problems in the NFS V3 client in which unstable writes can remain uncommitted when they should have been committed to stable storage.

  • Removes erroneous "No B-cache detected" messages from certain configurations.

  • Prevents a potential panic that generates the message “memory_test=partial” or “memory_test=none.”

  • Allows the stat system call to correctly report the st_blocks on a CD-ROM file.

  • Improves performance for applications with large in-core data sets

  • Corrects a system panic caused by stack growth.

  • Adds the ability to join more than 20 IP multicast groups on a given socket.

  • Fixes a multiple process hang (which cannot be terminated with Ctrl/c) that can occur if process A attempts to attach process B to another RAD while at the same time, process B attempts to attach process A to another RAD (a classic deadlock).

  • Changes the implementation of the NFS server's duplicate request cache from a statically allocated monolithic entity to a dynamically allocated entity.

  • Corrects a kernel memory fault panic under certain heavy system loads when using the /proc file system to debug processes.

  • Corrects a problem in which using PRSABORT in the /proc file system does not correctly abort a system call in the process being debugged.

  • Fixes a "simple_lock: time limit exceeded" panic involving the vm_object.ob_lock lock.

  • Fixes a rare case of a thread blocking when waiting for memory.

  • Fixes a problem in which some IP fragments of NFS over UDP read replies may be sent to the wrong MAC address.

  • Permits the setting of the setuid, setgid and sticky bits on NFS served files.

  • Fixes kernel memory faults that can occur when packetfilter support is used incorrectly as a result of the following:

    • A misconfiguration of the packetfilters system configuration parameter in the net subsystem.

    • The dynamic load of the packetfilter subsystem on a system that has packetfilter statically built into the kernel.

  • Fixes a condition in which the fork() function returns EAGAIN incorrectly on a process using gh_chunks.

  • Corrects a problem in which interface Unicast packet counters seem to go backwards when retrieved via SNMP.

  • Improve the performance of systems that are performing heavy file I/O.

  • Corrects several minor problems with the IPv6 subsystem related to the Neighbor Discovery specification.

  • Provides an RFC3542 compliant implementation of IPv6 Advanced API.

  • Fixes a panic condition caused by a problem in the swapping subsystem.

  • Allows the niffconfig command to exceed 10 interfaces.

  • Corrects a potential kernel memory fault.

  • Fixes a problem of a system hang that occurs when the system may be swapping

  • Fixes overall system instability caused by the pshare subsystem

  • Speeds up the discovery of a healthy cluster interconnect interface by helping NetRAIN failover to a redundant healthy interface before the (Internode Communication Services) begins to time out on the keepalives, thereby preventing the cluster from crashing.

  • Fixes certain panics conditions by increasing the timeout for CPU onlines.

  • Updates Mobile IPv6 code to be compliant with the latest RFC.

  • Corrects the handling of a condition that can lead to a panic under heavy system load with high swap activity.

  • Corrects a problem in which the cp -p command will not copy DMAPI-managed region information.

  • Addresses an issue in which the default value for kernel flag mobileipv6_enabled is 1

  • Corrects the cause of a panic on a cluster system when renaming a root specified by the chroot command.

  • Fixes a kernel memory leak that occurs during routing table updates, which over time, can cause memory shortages for machines attached to a constantly changing network, as in the case of mobile IP.

  • Fixes the cause of a hang/panic that occurs soon after a console printf returns the message “NFS over TCP client xxx not reading replies, continuing."

  • Corrects a kernel memory fault in exit() where uu_curinfo is nil.

  • Fixes MIP6_CACHE_READ_TO_WRITE_LOCK() to not call lock_read_to_write() when in lockmode=0 to avoid a panic.

  • Modifies asynchronous I/O to prevent it from releasing file region locks.

  • Fixes "issig recursion" panics.

  • Fixes a simple lock timeout panic in the ubc_invalidate routine.

  • Corrects a condition in which the fork() function can lead to a “vm_pg_free: page mapped" panic when big pages are enabled.

  • Corrects a problem with HSZ events that cause I/O errors rather than doing the appropriate retries so the I/O can be successful.

  • Corrects problem that prevents proper XP RaidManager operation.

  • Corrects a Routing Header Type 2 length miscalculation.

  • Fixes a problem in which some reads on /dev/random wait until the entropy pool is completely full while other reads of /dev/random and /dev/urandom do not.

  • Fixes a problem on a VMAC -enabled cluster wherein the member that acts as the Proxy-ARP-Master for the default cluster alias address sometimes incorrectly uses the VMAC address created for it as the source MAC address.

  • Fixes the cause of a "u_anon_unlock_page: anon already unlocked" panic.

  • Fixes a problem in which the NFS version 3 server can reset the setuid and setgid bits of a file or directory after attempting to comply with the specified attributes in the request.

  • Addresses a performance issue seen in certain applications that allocate and exercise a memory segment close to the system's bcache size.

  • Prevents aio-related slowdowns.

  • Corrects an internal error so that UBC invalidate operations can execute correctly.

  • Fixes the cause of an “mcs_unlock: lock not currently owned” panic.

  • Addresses problems with reading third-party file systems exported by the NFS server.

  • Fixes crashes seen on clustered systems.

  • Addresses the panic “pmap_enter_bigpage: attempt to map big page in kernel map” that is sometimes seen on large AlphaServer GS1280 configurations.

  • Fixes an AutoFS problem,where indirect-mapped key directories are not removed for failed mounts.

  • Fixes a potential deadlock hang between a truncate system call and a read system call on a clustered system.

  • Enables AutoFS mount-on paths to have the correct maximum length when AutoFS files are mapped directly.

  • Fixes a condition that causes the evmwatch or evmshow commands to display incorrect IPv6 addresses.

  • Corrects a problem with handling of null symbolic links.

  • Exports the creation time of a process via its /proc entry's ctime attribute.

  • Fixes a problem in which questionable behavior by non-TRU64 NFS clients results in NFS over TCP server threads hanging.

  • Fixes a problem related to the deletion of binding cache entries in mobile IPv6, which affects multi-RAD systems like the AlphaServer GS1280.

  • Addresses issues that may be seen as panics or hangs having to do with the UBC.

  • Introduces the vm_overflow tunable.

  • Provides enhancements for NetRAIN operations.

  • Corrects race in streams I/O completion and timeout logic.

  • Adds the ability to decouple RPC client retransmission activity from UDP or interface transmission completion handling.

  • Fixes a condition that causes a connection timeout error when using socket keepalive options with small values on sockets over a localhost connection.

  • Corrects the cause of the a panic: "panic: Hashing that is not marked VPP_REPL."

  • Corrects a problem in the kernel dli module that causes system hangs and crashes on multi-CPU systems. The crashes occur with the panic string "lock_terminate: lock held".

  • Fixes a logic error in the virtual memory macros used for accessing the memory descriptor, based on physical address.

  • Corrects the panic “trap: invalid memory read access from kernel mode” in pshared code.

  • Corrects a problem with the randomization of initial TCP sequence numbers.

  • Allows multiple retries to mount the root file system and the ability to adjust the retry period.

  • Enhances the range of generic sysconfig parameters and eliminates unnecessary sysconfig warning messages.

  • Corrects several problems related to use of the ifconfig [interface] IPv6 up command, where interface is either cluster interconnect, ics0, or configured v6-in-v6 tunnel.

  • Fixes an NFS client kernel loop that usually results in a lock time limit exceeded panic on partitioned GS1280 class systems in partitions where CPUs have different numbers of neighbors. That usually requires a partition of more than four CPUs.

  • Ensures that the socket send buffer size will be twice the maximum segment size if the mss is 1460 bytes.

  • Fixes a problem that causes a hang or crash when auditing the network events “net_tcp_stray_packet,” “ net_udp_stray_packet,” and “net_tcp_rejected_conn.

  • Corrects a problem with the audit object deselection mode in which it was possible for events that modify a target object to be deselected, resulting in no audit record being generated.

  • Corrects for a leak of CONTROL mbufs.

  • Fixes a problem in which a threaded program tries to wake up a thread that is already running.

  • Enhances the fuser command to provide a cluster-wide query capability. A revised fuser(8) reference page describes this enhancement.

  • Fixes a problem in which the traceroute command will timeout when probing the cluster alias address from a cluster member.

  • Corrects a memory leak against the 128-byte bucket when rad_gh_regions are configured and nshmget() is used.

  • Adds support for ifconfig [inet6] delete [abort], for IPv6 connections.

  • Corrects a problem in which the netstat -s command does not display the correct global statistics on multi-CPU systems if lower-numbered CPU slots are empty.

  • Corrects a memory leak in IPv6 transmission code.

  • Corrects a condition that results in a failure to release file region locks (NFS client only).

  • Corrects a panic “vm_pg_free: page on o/h list.

  • Fixes a process deadlock that occurs when rename is called with “.” as the target.

  • Resolves a potential system hang in the kernel virtual memory subsystem when running the ClearCase V5.0 Multiversion File System (MVFS).

  • Fixes a problem that prevents 6to4 and autotunnels from being disabled properly when the corresponding IPv4 address is deleted.

  • Fix to send maximum sized packets on FDDI networks when pmtu_enabled=0.

  • Makes Tru64 UNIX V5.1B compatible with V5.1A in regard to the handling of the relationship between a controlling terminal and the “session” structure.

  • Fixes the fastpath send of RPC modules to correct conditions in which it ignores the VMAC setting and it excludes source and destination UDP port numbers when LAG is enabled.

  • Fixes a problem in which the NFS server, in certain cases, does not update the access time on the files it serves.

  • Enables IPv6 MTU to be set up to 9000 bytes on gigabit Ethernet.

  • Fixes memory troller panic that can occur when booting in low-memory conditions.

  • Addresses two potential causes of various ics timeout panics, such as “ics_unable_to_make_progress: input tread” and “ics_unable_to_make_progress: netisrs stalled.”

  • Enables allows AutoFS mount-on paths to have the correct maximum length when AutoFS files are mapped directly.

  • Fixes a race condition in VM map-entry fault handling that can result in poor performance and/or panics.

  • Fixes a SierraCluster "bigpage assert failure" panic.

  • Corrects the panic:"kernel memory fault" in umc_page_release() due to non-initialization of variable hpp.

  • Fixes a problem that can cause the system panic "cmn_err: ce_panic: ics_unable_to_make_progress: netisrs stalled."

  • Fixes a problem that causes multiple TCP sockets to be created and then left in the CLOSE_WAIT state on an NFS client in a TruCluster when the NFS server is unavailable.

  • Provides improvements to the TCP Selective Acknowledgment (SACK) option.

  • Corrects an issue in which tape devices with no ddr entry would not have compression correctly enabled or disabled as appropriate to the device special file that was used.

  • Corrects a problem that causes data transfers to be slow on socket connections when using the MSG_WAITALL flag in a recv() socket call.

  • Corrects a condition to avoid the copying of multicast packets to the networking stack when packetfilter is enabled and pfilt_copymulti=0; default is 1, meaning always copy multicast packets.

  • Fixes NFS client hangs on systems with no associated memory for RADs.

  • Modifies the kernel to correct a problem that could under certain conditions cause the following:

    • User space programs to experience unexpected "interrupt" results (EINTR) returned by system calls such as exit() or wait3().

    • Korn shell scripts to report that programs were terminated with a "Signal 64" when in fact the program ran normally and no error was present.

    • Programs that check the exit status of children to see abnormal results.

  • Fixes a problem of ambiguous connection rejection caused by socket database search in a multi-RAD system.

  • Corrects several problems in file region locking that could result in dropped file region locks or in a process hang.

  • Fixes an "m_copydata offset" panic seen on TruClusters and NUMA systems serving NFS file systems.

  • Fixes a race condition in the UBC subsystem that could result in a kernel memory fault.

  • Prevents a race condition in the code dealing with kernel address space data structures.

  • Improves NFS to help prevent an NFS client from creating more than one TCP connection for a mount point and to prevent a system panic if the problem occurs.

  • Fixes a lockmode 4 only panic due to a lock ordering problem.

  • Resolves a problem that could result in freeing active memory buffers.

  • Prevents the growth of a stack object when code invokes an mmap system call.

  • Corrects a kernel memory fault panic clock_tick().

  • Fixes the following panics:

    page is not primary page
    mcs_unlock: current lock not found
  • Corrects a memory leak caused by a race condition that can lead to the incorrect decrementing of reference counts of vm_anon objects, which can cause orphaned pages.

  • Fixes an “mcs_lock: lock already owned by cpu” panic.

  • Fixes a problem that can trigger a “big pages assert” panic under the following condition:

    • Big Pages are enabled.

    • Large argument lists are enabled.

    • An application such as a shell tries to pass a large list of arguments to a child process, such as a command.

  • Fixes the following panics:

    mcs_unlock: lock not currently owned
    the zombie walks, the sequel
  • Changes I/O retry processing when a command time out is encountered by causing the retry code to attempt to take advantage of other active paths during retries if command time outs are encountered.

  • Fixes a rare lock timeout on some AlphaServer ES47/ES80/GS1280 systems with heavy binary errorlog activity.

  • Fixes a "vl_unwire: page is not wired" panic when the system is configured with gh_chunks or rad_gh_regions enabled and new_wire_method = 1.

  • Retires the "new_wire_method" sysconfig tunable paramater. See “new_wire_method Tunable Attribute Retired”.

  • Corrects a potential security vulnerability in the Transmission Control Protocol (TCP) that could be remotely exploitable, resulting in denial of service (DoS).

    SSRT4696 - TCP (Severity - High)
  • Corrects a potential security vulnerability that could result in a Denial of Service (DoS). This potential vulnerability may be in the form of local and remote security domain risks.

  • Fixes a panic in ubc_bigpage_release().

  • Fixes a problem that causes the audgen system call to overwrite memory beyond the end of the audit buffer.

Patch 27011.00

OSFBINCOM540

  • Fixes a rare kernel memory fault problem that occurs during an ES80 boot.

  • Provides a new cluster-specific link aggregation distribution algorithm when using LAG in a LAN cluster.

  • Allows for control ports to be deleted using the hwmgr command.

  • Fixes a potential deadlock hang between a migration and a flush on a file.

  • Addresses a potential I/O performance bottleneck in which the tape driver may select the same path for all tape drives in a system containing multiple HBAs and multiple tapes. The tape driver can now assign different paths to different tape drives to improve tape I/O performance.

  • Fixes problems that happen when volume expansion (mount -u -o extend) races with other code.

  • Corrects a C++ compilation error when including conf.h.

  • Makes the poll() function compliant with revised UNIX98 standards.

  • Revises the btcreate utility to overcome the 32MB firmware limitation on SAS kernel size.

  • Reduces the default value of IPFRAGTTL from 60 to 18 to avoid reassembly problems.

  • Provides an option that allows cluster NFS clients to use a nonprivileged TCP port to see if a remote NFS server is up.

  • Allows the hwmgr redirect scsi command to work with lockmode 4.

  • Corrects a problem in which the heavy use of the cluster alias on large SMP and NUMA machines results in excessive context switching and CPU load.

  • Enables SmartArray 5300 controller hardware events to be logged to the binary.errlog during boot time. This is useful in diagnosing logical volume state change and physical drive hotswaps that can occur while the system in not booted.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Adds SCSI reserve and release support to mt to assist open SAN tape management

  • Fixes a problem with audit data not being displayed by the audit tool.

  • Corrects problems with file object selection and deselection and directories.

  • Corrects NUMA performance issues associated with auditing.

  • Adds support for IEEE 802.1Q (VLAN).

  • Adds support for IEEE 802.1Q (VLAN) (DE50x, lan_common.h).

  • Adds support to get live status information for air movers and power supplies on AlphaServer GS1280 systems and to log intrusion packets to the error log.

  • Adds support for CPU indictment on AlphaServer GS1280 platforms.

  • Fixes a panic condition in which the operating system erroneously reboots instead of halting and fails to take a crash dump.

  • Fixes numerous issues in the driver for DEGXA Gigabit Ethernet adapters, including the DS25 on board 10/100/1000 port.

  • Adds defensive programming to stat.h to prevent it from getting confused if one of its internal temporary #defines is defined before stat.h is processed.

  • Corrects a problem in which the btextract utility was not preventing the advanced mode of restore for a system with LSM setup.

  • Removes files created under /usr/lib/sabt during the running of the btcreate utility on file systems with LSM. Previously, these files were copied to the tape, and would be restored as if they were archived by btcreate.

  • Addresses problems with the mksas utility in which false warning messages are generated and the user-specified temporary directory can be erroneously removed.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Fixes the IDE/ATAPI driver.

  • Prevents an IDE bus hang caused when issuing a play audio track command from scu to an ATAPI CD-ROM containing an enhanced CD.

  • Fixes a process hang in ubc_common_lookup.

  • Corrects the NFS server's handling of files open for direct I/O.

  • Prevents problems in the USB subsystem that include memory leaks, data inconsistencies, and USB device configuration problems.

  • Fixes problems in the USB driver layer that include potentially minor performance degradations if using USB devices and occasional USB device failures.

  • Corrects a problem in which a temporary file is left behind during the creation of bootable tape with the UFS file system.

  • Fixes an underlying problem in the NFS client that can lead to a panic on a single system or an assertion failure panic on a cluster.

  • Fixes various problems in the bcm driver for DEGXA Gigabit Ethernet adapters.

  • Defines new error log entry types for system error logging on certain 21364-based systems.

  • Increases the ability to audit memory wire and unwire operations.

  • Corrects a problem in which a read or write operation to a changer device creates an unkillable process.

  • Fixes a problem in which clua.mod does not handle TCP RST messages appropriately.

  • Increases BOOTP error timeout values for RIS kernel installations.

  • Accelerates the boot time on large memory GS systems.

  • Provides support for dynamically loadable packet filters.

  • Distributes the latest .h files for the mcutil program and the event manager.

  • Adds function prototypes for the NUMA APIs cpu_get_current() and cpu_get_rad() to sys/cpuset.h.

  • Adds the function prototype numa_query_pid() to numa.h.

  • Changes the use of /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP in addition to NIS.

  • Provides support for the Philips USB controller, which is shipped on some AlphaServer GS1280 systems. Without this patch, the Philips USB controller may fail to detect and configure devices connected to it.

  • Sets a software limit to prevent serious performance problems that can occur when TCP connections that have an rate limit enforced by a downstream network device overrun the device.

  • Corrects a problem in which /sbin/ddr_config does not accept values for ReadyTimeSeconds larger than 255. The new limit is 86400 seconds (24 hours).

  • Fixes problems with NUMA disk statistics.

  • Fixes a KMF problem that can occur when some nodes in cluster are rebooted and a device is shared by all the nodes.

  • Changes the CAM subsystem message that is printed to the error log on a recovered read error from "bad block number" to "block number."

  • Adds per-binary big page controls to complement the system-wide tunable attributes.

  • Fixes how the NFS client handles full NFS version 3 64-bit fields.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Corrects a problem with hwmgr utility deletes while a SCSI scan is in progress.

  • Improves scaling of IP reassembly code on large SMP machines. NFS servers are especially susceptible when a large number of clients attempt to write at the same time.

  • Implements buffer cache page checksum caching for NFS client pages.

  • Corrects a kernel memory fault caused by configuring a system to be a firewall router without having the GWSCREEN subsystem built into the running kernel.

  • Improves performance for applications with large in-core data sets.

  • Corrects a problem in which the less than (<) and greater than () keys on the Norwegian keyboard do not work in single-user mode.

  • Adds the ability to join more than 20 IP multicast groups on a given socket.

  • Changes the implementation of the NFS server's duplicate request cache from a statically allocated monolithic entity to a dynamically allocated entity.

  • Fixes a problem in which some IP fragments of NFS over UDP read replies may be sent to the wrong MAC address.

  • Improves the performance of systems that perform heavy file I/O.

  • Provides an RFC3542 compliant implementation of IPv6 Advanced API.

  • Provides support for latest version of bcm card.

  • Updates Mobile IPv6 code to be compliant with the latest RFC.

  • Fixes MIP6_CACHE_READ_TO_WRITE_LOCK() to not call lock_read_to_write() when in lockmode=0 to avoid a panic.

  • Corrects a problem with HSZ events that cause I/O errors rather than doing the appropriate retries so the I/O can be successful.

  • Adds read/write ability to XP control ports.

  • Corrects a problem with a sensor error that can indicate a false over-temperature condition on DS10/DS10L and TS10 systems.

  • Fixes USB problems that prevent some USB keyboards and mice from working.

  • Provides enhancements for NetRAIN operation.

  • Adds the ability to decouple RPC client retransmission activity from the UDP or interface transmission completion handling.

  • Fixes a logic error in the virtual memory macros used for accessing the memory descriptor.

  • Allows multiple retries to mount the root file system and the ability to adjust the retry period.

  • Fixes a problem in which the operating system receives an environmental machine check packet from the firmware but fails to correctly recognize the sensor that is identified as faulty by the machine check.

  • Fixes a problem that prevents keyboard input during interactive booting (SRM boot flag "i") when in graphics mode on GS1280/ES80/ES47 AlphaServers.

  • Enhances the fuser command to provide a cluster-wide query capability. A revised fuser(8) reference page describes this enhancement.

  • Fixes mass storage disk subsystem handling of specific important events reported by the HSG80 and HSG60 array controllers.

  • Provides improvements to the TCP Selective Acknowledgment (SACK) option.

  • Provides a workaround for the firmware limitation on SAS kernel size.

  • Raises the highest ID handled by edquota and repquota and converts the repquota program to using the GETQUOTA/GETQUOTA64 quotactl's for obtaining data, instead of directly reading from the quota file. This results in more recent data and, in a cluster, consistent data across all nodes. It also enables handling the highest UIDs (up to 4294967294).

  • Fixes a problem that corrects the status message which is output during boot operations before the binary.errlog log file is available.

  • Fixes a memory troller panic during a boot in low-memory conditions.

  • Fixes a rare kernel memory fault that can occur when booting an AlphaServer ES80.

  • Changes I/O retry processing when a command time out is encountered by causing the retry code to attempt to take advantage of other active paths during retries if command time outs are encountered.

Patch 27012.00

OSFC2SEC540

  • Fixes problems with prpasswdd and rpc.yppasswdd that can cause these daemons to consume high CPU time when run in a TruCluster Server environment.

  • Allows root to log in on the console when Enhanced Security is enabled and u_numunsuclog exceeds u_maxtries.

  • Modifies the prpasswdd and rpc.yppasswdd daemons to properly handle /var/tcb/files on a file system from different from /var.

  • Fixes client login, su, rshd, edauth, and sshd2 hangs and long delays under Enhanced Security, as well as some intermittent errors or failures seen with prpasswdd or rpc.yppasswdd.

  • Corrects a problem in which logins in TruCluster environments using Enhanced Security can hang on any member other than the one serving /var to CFS.

  • Fixes a problem in which group and other read privileges get stripped from /etc/passwd when a user switches from enhanced to base security.

  • Corrects a problem on systems running Enhanced Security in which the command edauth -R refuses to write user-profile entries to the root partition.

  • Corrects a problem that occurs when using C1crypt for password encryption on Enhanced Security systems in which users are unable to change their passwords and see the passwd command warning "Password not changed: failed to write protected password entry."

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Fixes problems with Enhanced Security user accounts that reference a template.

Patch 27013.00

OSFCDEAPPS540

  • Resolves security vulnerabilities within the X PixMap routines used in the IMG library.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Corrects a problem in which dtcm dumps core when the following steps are taken:

    1. Select a date

    2. Choose Browse-Compare Calendars...

    3. Press the Mail... button.

  • Fixes the dtcm warning message when selecting View –> Day in dtcm.

  • Resolves a potential buffer overflow within the X PixMap routines.

Patch 27014.00

OSFCDEDEV540

  • Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Corrects a problem that can occur when the screen saver tries to activate on a system that has reached the maximum number of processes allowed per user and the following message is displayed:

    An attempt to start a new process on host "hostname" failed
  • Corrects a problem in which the application builder core dumps when trying to generate code for menu items with the set-label action type.

Patch 27015.00

OSFCDEDT540

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Fixes the message catalog for the CDE application dtprintinfo.

  • Fixes a problem in which dtcreate core dumps while editing the icon image.

  • Corrects a problem in which setting the value of screen saver and screen lock in dtstyle disables both values.

  • Corrects a problem that causes dtsession to not work when its norestore option is enabled.

  • Resolves a problem that occurs when displaying the user-specified logo in dtlogin.

  • Resolves the incorrect system activity report by the w command with XDMCP.

  • Fixes a dtcreate problem that occurs while saving an action file in an NFS-mounted environment.

  • Fixes the dtsetup display.

  • Sets defaults for dtlogin.

  • Changes the quick setup message.

  • Sets the proper text for the front panel help page in dtsetup.

  • Corrects a potential security vulnerability in the Common Desktop Environment (CDE) software. This potential vulnerability, which may be locally and remotely exploitable, could result in a denial of service (DOS), unauthorized privileged access, or both.

    SSRT4721 - dtlogin - (Severity - High)
  • Ensures that the proper error message is set in dtlogin when an unknown display parameter is read from the Xaccess file.

Patch 27016.00

OSFCDEMAIL540

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects a potential security vulnerability that may result in unauthorized Privileged Access or a Denial of Service (DoS). This may be in the form of local and remote security domain risks.

Patch 27019.00

OSFCDEMIN540

  • Resolves a problem that occurs when opening big file using dtfile.

  • Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects a potential security vulnerability where under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the DtSvc utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • Fixes dtterm problem that causes a core dump when the resource saveLines values is set to 1000s in $HOME/Dtterm.

  • Corrects a problem that can occur when the screen saver tries to activate on a system that has reached the maximum number of processes allowed per user and the following message is displayed:

    An attempt to start a new process on host "hostname" failed
  • Corrects a potential security vulnerability in CDE code that may result in unauthorized privileged access. This may be in the form of local and remote security domain risks.

    (SSRT3589 - dtmailpr Severity - High)
  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the CDE online help. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • Fixes a dtmail problem that occurs while opening a mail attachment on an NFS-mounted environment.

Patch 27020.00

OSFCLINET540

  • Fixes a problem with the niffconfig command whereby certain characters in the interface name may be ignored.

  • Fixes a problem in the /etc/.mrg..inetd.conf merge script that causes customer-specific changes in the /etc/inetd.conf file to be ignored.

  • Fixes a problem with inetd -L in which a cluster loops in shutdown -c or rcinet start.

  • Upgrades BIND 8 to BIND 9.

  • Fixes a problem that occurs when starting inetd on all RADs in which there are holes between the RADs.

  • Fixes a potential remotely exploitable Denial of Service (DoS) vulnerability in the File Transfer Protocol server daemon, (ftpd) in which under certain circumstances authorized users could cause an ftp server to become unresponsive.

  • Adds a -n option to the ftpd daemon to prevent login delays and time-outs in an environment where host name resolution is sluggish.

  • Adds a new table in pm.mib for the pmgrd IoRate Statistics feature.

  • Adds the file pmAdvfs.MIB to define AdvFS MIB definitions.

  • Allows the optional port argument to the ftp open command to accept port numbers between 32768 and 65535.

  • Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects a potential security vulnerability that may allow nonprivileged users to gain unauthorized (root) access. This may be in the form of local and remote security domain risks.

  • Corrects a potential security vulnerability in BIND 8 code that could result in a local or remotely exploited Denial of Service (DoS).

    (SSRT3653 - BIND v8 — Severity - High)
  • Corrects a problem in niffd that results in its memory usage growing over time.

  • Fixes a problem in the operation of the IPv6 neighbor discovery daemon where IPv6 addresses are not automatically configured on PPP interfaces.

  • Adds support for IEEE 802.1Q (VLAN).

  • Fixes a problem that prevents startslip from extracting all the information from the acucap file.

  • Fixes a problem in the /etc/.mrg..protocols merge script that causes incorrect permissions on the /etc/protocols file.

  • Corrects the netstat and ifconfig commands so that when a MAC address is printed, it uses 2 digit hex octets with leading zeros.

  • Corrects a potential security vulnerability that may result in a Denial of Service (DoS). This potential vulnerability may be in the form of local and remote security domain risks.

    (SSRT2384 rpc — Severity - High)
  • Corrects a problem in os_mibs that results in the swap size and swap used values for the host mib being reported as negative values on some systems.

  • Introduces dumprmt.msg for remote dump/restore messages. This new message catalog file is used in both rdump and rrestore programs.

  • Corrects a problem in which Solaris rcp commands fail against Tru64 UNIX V5.1B servers with the message "rcp: lost connection."

  • Enables the tip command to log into the member-specific log file. The path for the aculog file has been corrected and given appropriate permissions.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Makes start up scripts in /sbin/init.d world readable.

  • Provides support for monitoring the disk I/O rate using the pmgrd daemon.

  • Adds support for monitoring AdvFS statistics using Performance Manager agent, pmgrd.

  • Fixes the mkcdsl command and updates the NIS start-up script to correctly start NIS on the cluster alias.

  • Resolves a problem in which the cluster interconnect route is inappropriately advertised.

  • Corrects a problem in which the nissetup command leaves /etc/group with an incorrect mode of 600 after removing NIS.

  • Corrects a problem in which NIS clients may fail to connect to non-Tru64 NIS servers that only support the V2 NIS protocol.

  • Corrects a problem that causes the FTP daemon to dump core when the client sends an out of order ADAT command.

  • Adds support the gated aliases-nexthop option, which provides a preference for the selection of a next-hop address when multiple addresses exist on the interface.

  • Corrects the /sbin/init.d/route script to ensure that routes get flushed properly.

  • Corrects a problem in which if a static or loopback host route is added via a routing socket, gated deletes the route upon a route aging time-out. In cluster alias environment, this problem causes all TCP/UDP packets destined to the cluster alias address to be mishandled.

  • Adds support to the ifconfig application for the IPv6 command line argument ip6reachabletime.

  • Fixes a condition that causes an ftpd file transfer failure when a file exceeds 2 GB.

  • Fixes an ftp client accounting error that occurs when transferring files larger than 4 GB.

  • Fixes library dependencies to allow ifconfig to be run in single user mode.

  • Corrects a problem that occurs when using MD5 authentication with Version 2 RIP.

  • Corrects a condition that causes a hang of the IPv6 routing daemon.

  • Resolves a problem with gated where adding a route may not succeed under certain circumstances.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may occur when the gated daemon or gated control utility (gdc) incorrectly access temporary files.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of mrouted daemon incorrectly creating and accessing temporary files.

  • Adds a required call to yp_unbind() after getnameinfo() in order to close all ports when using telnet on some machines.

  • Provides comment handling capability in the route initialization script for parsing /etc/routes file.

  • Fixes an incorrect diagnostic message in the traceroute command.

  • Modifies ifconfig to include an RCSid for patch tracking purposes.

  • Updates ICMP code to add redirect timeout support and nonmodifiable route table entries.

  • Fixes setld failures with "Kerberos credentials not found" messages.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Sets a software limit to prevent serious performance problems that can occur when TCP connections that have an rate-limit enforced by a downstream network device overrun the device.

  • Eliminates the message "usage: hostid [hexnum or internet address]" from the /usr/sbin/niscluster script while using the -d option.

  • Resolves a problem that occurs when forking inetd children processes on NUMA-based AlphaServer platforms.

  • Addresses a problem with a missing file that is required for the pmgrd daemon's iorate metrics collection feature to work.

  • Modifies NIS slaves running in a cluster to use CAA to help assign a crontab entry to update NIS maps.

  • Fixes the ftpd SIZE subcommand to conform to RFC 959.

  • Resolves a problem that can cause rsh processes hang.

  • Corrects a problem where the telnet command causes unnecessary delays when an IP address is supplied as a command-line argument.

  • Corrects a problem with the nslookup utility that results in an unexpected termination in certain situations.

  • Fixes the behavior of rpc.rquotad in a cluster.

  • Allows rcp to correctly interpret file names that contains rcp special characters such as the at ( @ ) sign and colon ( : ).

  • Fixes a problem with the IPv6 neighbor discovery daemon, which under certain circumstances, can cause bad information to be written to a DNS database causing failures on subsequent database reloads.

  • Corrects several minor problems with IPv6 subsystem related to neighbor discovery specification.

  • Corrects a problem with routed not detecting all the interfaces on system that contains more than 100 interfaces.

  • Updates Mobile IPv6 code to be compliant with the latest RFC.

  • Provides support for monitoring disk I/O rate using the pmgrd daemon.

  • Resolves a problem in which a hang occurs after the “User logged in” message is displayed during an ftp session to a UCX host as a user with no password.

  • Resolves a problem in which gated can produce a core after port 616 is scanned by a port scanner.

  • Fixes a problem with FTP byte/hash count when the file size exceeds 2 GB.

  • Modifies niffconfig to display appropriate error messages.

  • Corrects a problem in which ftp reget works incorrectly when restarting at 2 GB or larger.

  • Provides enhancements for NetRAIN operations.

  • Corrects a potential locally exploitable integer overflow vulnerability in the Network Time Protocol. This potential vulnerability could lead to clients receiving an incorrect date/time offset, resulting in an incorrect date/time on the client.

    SRT4718 - NTP (Severity - High)
  • Modifies the ip6_setup script to limit some Mobile IPv6 questions to LAN interfaces only.

  • Corrects a problem in which ftpd core dumps when a 1000 or more directories are present.

  • Adds support for ifconfig [inet6] delete [abort] for IPv6 connections.

  • Fixes a problem in the implementation of the RIPng protocol that prevents IPv6 routes from being deleted as expected.

  • Resolves intermittent core failures in gated.

  • Corrects default tape device as /dev/tape/tape0_d1 for dump and restore as per device naming convention in V5x versions.

Patch 27021.00

OSFCMPLRS540

  • Corrects default values for YESEXPR and NOEXPR defined in the localedef command and libc to get correct return value from nl_langinfo(YESEXPR) and nl_langinfo(NOEXPR)

  • Resolves a problem that could cause the rexec() function to hang.

  • Fixes the getaddrinfo() routine to work properly when IPv6 is not configured.

  • Fixes memory leaks in the libc getipnodebyname routine, which is used by ldapcd. The leaks caused intermittent SSO SIA authentication failures.

  • Fixes an issue with the KZPCC backplane RAID adapter device driver (I2O) that causes its logical disk drives to be identified as SCSI devices

  • Fixes the mountd daemon to prevent it from becoming unresponsive at a few large sites.

  • Fixes a problem in SIA by resetting the mechanism's context pkgind on a sucessful return of (set|end)*ent calls.

  • Fixes a POSIX standard violation in the strfmon() function. The preceding and following spaces will be padded to return value to make equal length between positive and negative values.

  • Fixes a security issue with the C library routine getnameinfo().

  • Fixes getnameinfo() to display an IPv4 address instead of an IPv4 mapped IPv6 address when the BIND mapping does not exist.

  • Fixes a POSIX standard violation in the wcstod() function. An incorrect pointer was set to the endptr parameter of wcstod() for cases where no conversion was made.

  • Fixes the swprintf() function to return the correct value if it detects an invalid wide-character.

  • Fixes the ypwhich -m command to prevent RPC timeout error messages.

  • Corrects a security issue in which rsh and other rcmds incorrectly report ESUCCESS when the remote side of a connection terminates before fully establishing a connection.

  • Allows the auditing of login and su events based in part on the contents of user profiles (for Enhanced Security), the prevailing auditing characteristics of the originating process, and the system-wide audit mask. Previously, only the system audit mask was referenced.

  • Fixes a problem with floating point data inconsistencies in threaded applications.

  • Corrects RPC-based servers' handling of ill-formed TCP connections.

  • Prevents segmentation faults when sia_ses_init is passed a malformed argument vector.

  • Corrects a potential security vulnerability that may result in a Denial of Service (DoS). This may be in the form of local and remote security domain risks.

    (SSRT2384 rpc — Severity - High)
  • Fixes a problem in which the home directory and login shell attributes for a user account are not suppled to the audit daemon for authentication failures.

  • Fixes an extended regular expression problem where the interval expression {m,n} is handled incorrectly.

  • Fixes a problem from pre-Version 5.0 releases in the way the libc mktime() function handles potentially ambiguous tm struct times that fall within a backward clock shift and that have an initially negative tm_isdst value.

  • Fixes various problems in the libc functions getdate(), strptime(), callrpc(), strncasecmp() and fork().

  • Fixes a problem in the libnuma function nacreate() and the system header <sgtty.h.

  • Fixes various problems in the dbx and object file tools dbx, ostrip, strip, mcs, dis, cord, file, and stdump.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Corrects a problem in which some networking applications, especially X.25 and X.29, stopped working as expected because of interactions with security-related fixes and how the fstat() function behaves on their sockets.

  • Corrects a potential security vulnerability that may result in nonprivileged users gaining unauthorized access to files or privileged access on the system. This may be in the form of a local and remote security domain risk.

  • Fixes a fatal assertion error reported by pixie, hiprof, third spike, cord, uprofile and odump object file tools for some executable files linked at optimization level 2 (-O2) or greater.

  • Corrects a problem in which NIS clients may fail to connect to non-Tru64 UNIX NIS servers that only support the V2 NIS protocol.

  • Fixes a number of regular expression problems in multibyte locales and a possible hang problem with complex regular expressions.

  • Delivers version 3.07.10 of the Tru64 UNIX assembler, which fixes a problem encountered in version 3.07.09, wherein the assembler incorrectly treats octal constant data as if it were decimal.

  • Fixes a problem with SIA that caused the Internet Express LDAP Authentication module to be unable to look up default group information for a user at login time.

  • Corrects problems with name resolution when an error is encountered during the processing of the local host files.

  • Fixes a yacc stack overflow error in the Tru64 UNIX assembler.

  • Fixes a fatal error in /usr/bin/spike.

  • Fixes problems such as segmentation faults caused by the strxfrm() function running on the French locales.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Fixes a performance problem in the libc mktime() routine.

  • Corrects a problem in which the rewind() function would fail to reposition to the beginning of a file.

  • Corrects a failure in the safe_open() routine that caused symbolic links given by a relative path from the current working directory sometimes to give ENOENT errors incorrectly.

  • Corrects an odd, unexpected error message that may be printed by rsh or rlogin commands.

  • Corrects a problem where the telnet command causes unnecessary delays when an IP address is supplied as a command-line argument.

  • Corrects a problem in which a DNS resolver routines never time out if interrupted by signals.

  • Provides an RFC3542 compliant implementation of IPv6 Advanced API.

  • Fixes a nonconcurrency issue for multithreaded applications calling popen() and certain "FILE *" routines such as fread().

  • Fixes a deadlock condition in multithreaded applications that call fork() and other libc callback routines such as exit handlers, __fini_* routines.

  • Corrects a condition in which multiple "Sorry" messages are issued by the su command when multiple SIA mechanisms are in use (as when LDAP is configured for user accounts).

  • Improves the performance of times(3).

  • Enhances the fuser command to provide a cluster-wide query capability. A revised fuser(8) reference page describes this enhancement.

  • Fixes a problem with glob() returning an incorrect match when directory permissions issues exist.

Patch 27022.00

OSFDCMT540

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management.

Patch 27023.00

OSFDCMTEXT540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

Patch 27026.00

OSFDOSTOOLS540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Corrects several security vulnerabilities.

  • Changes mcopy and mwrite so they can overwrite existing files.

  • Changes mtools so they can print appropriate error messages for nonprivileged users.

  • Standardizes the mformat prompt.

Patch 27028.00

OSFENVMON540

  • Fixes the envmond daemon to use EVM events for monitoring environmental events.

  • Fixes envmond to report redundant power supply restoration on systems that support environmental monitoring through the sysconfig command.

  • Modifies the environmental monitoring facilities /usr/sbin/envmond and /usr/sbin/envconfig to support the AlphaServer GS1280 system.

  • Updates envmond to ensure that the correct EVM events are being sent at the correct time.

  • Corrects a problem in which the environmental monitoring daemon does not display the debug message "proceed ..." when the system is booted.

  • Corrects a problem in which envmond sets rc.config variable ENVMON_HIGH_THRESH to a value read from kernel module if ENVMON_HIGH_THRESH is null.

  • Fixes issues with temperature threshold handling in envmond.

  • Corrects a performance problem on systems with many sensors by reducing the polling frequency.

  • Prevents a long boot pause on AlphaServer GS1280 systems with large disk and sensor counts.

  • Fixes issues with envmond with respect to log messages and the execution of shutdown scripts.

Patch 27030.00

OSFEXAMPLES540

  • Eliminates the use of a /tmp file in a SysMan CLI example.

Patch 27031.00

OSFEXER540

  • Corrects the memory exerciser user.syslog message from "Started" to "Stopped".

  • Corrects a message from memx.

Patch 27034.00

OSFHWBASE540

  • Enhances hwmgr show functionality for scsi path information.

  • Provides for FCP-2 Link Level Error Recovery for tape operations so that tape I/O can be successfully performed during periods of link errors, noisy lines, bit errors, and lost or corrupted data frames.

  • Enables Tru64 UNIX to work with tape devices that do not support non-tagged commands.

  • Fix for netstat trying to resolve the IP address 0.0.0.0 (INADDR_ANY) to a hostname.

  • Fix to netstat, kdbx displaying partial kernel addresses.

  • Fixes several I/O error handling and error reporting problems in the Tru64 Emulex Fibre Channel driver that can result in inefficient error handling or misleading error log entries.

  • Updates the bcm driver to V1.0.22 to fix issues with IPv6 and SNMP

  • Fixes many small problems with the dsfmgr command.

  • Fixes the hwmgr command to show path state correctly.

  • Fixes numerous issues in the driver for DEGXA Gigabit Ethernet adapters, including the DS25 onboard 10/100/1000 port.

  • Corrects a problem in which information from the hwmgr -view transaction -cluster command for a node on a cluster may not be displayed.

  • Corrects some command-parsing irregularities in hwmgr that may cause options like -category and -cluster to be confused.

  • Fixes a problem in which the display for the hwmgr -show name command is not aligned properly for the name field.

  • Adds IEEE 802.1Q Virtual Local Area Network (VLAN) support for the following:

    • DEGPA

    • DEGXA

    • DE50x, lan_common.h

    • DE60x

  • Fixes a problem in the alt driver for DEGPA Gigabit Ethernet adapters. This problem affects all Tru64 UNIX systems containing DEGPA network interfaces.

  • Fixes a problem with scu where a mismatch between expected and found data causes incorrect data to be displayed.

  • Provides additional support for Ultrium 2 SCSI tape drive.

  • Ensures proper compilation of the DDR database.

  • Modifies netstat and ifconfig so that when a MAC address is printed, it is printed using 2-digit hex octets with leading zeros.

  • Fixes a problem in which Smart Array 5300 logical volumes are counted as RAID controllers.

  • Adds dumprmt.msg for remote dump/restore messages. This new message catalog file is used in both rdump and rrestore programs.

  • Corrects a potential system crash when shutting down after using a DAPBA or DAPCA ATM adapter.

  • Fixes a problem with non-U.S. USB keyboards used in non-U.S. locales in which the keyboards are treated as U.S. keyboards by the operating system.

  • Fixes various problems in the bcm driver for DEGXA Gigabit Ethernet which can cause crashes.

  • Fixes the dump command to recognize LSM volumes correctly and to not report random information when an error has occurred.

  • Fixes a condition that may cause a panic if the Xserver is stopped.

  • Changes the fwupgrade command to allow the specified firmware update image to be located on a BOOTP server in a connected network.

  • Fixes several problems in the bcm driver for DEGXA Gigabit Ethernet adapters, including the following:

    • A condition that causes the driver to incorrectly report data overruns

    • A condition that prevents DEGX2-SA modules from being recognized

  • Fixes two problems in the tu driver for DE5xx 10/100 MB Ethernet adapters.

  • Adds code to print greater than 61 UNIX domain sockets.

  • Changes file read errors from /dev/kmem to ignore and continue in a running system.

  • Fixes a problem in the alt driver that prevents DEGPA from being used with DE50x or DE60x adapters in a LAG set.

  • Increases the default limit of DLI packets to 16 K and makes the limit tunable. This corrects a problem in which attempts to sent packets larger than 5000 bytes (jumbo packets) can fail.

  • Updates DDR for the MSA array controller and for other future devices.

  • Adds recognition for possible future devices.

  • Fixes various problems in the bcm driver for DEGXA Gigabit Ethernet adapters.

  • Updates ICMP code to add redirect timeout support and non-modifiable route table entries.

  • Provides modifications for emx hardware.

  • Provides device support for the SDLT160/320 tape drive.

  • Fixes various problems in the ee driver for DE60x.

  • Sets a software limit to prevent serious performance problems that can occur when TCP connections that have an rate-limit enforced by a downstream network device overrun the device.

  • Corrects a problem in which /sbin/ddr_config does not accept values for ReadyTimeSeconds larger than 255. The new limit is 86400 seconds (24 hours).

  • Fixes problems with NUMA disk statistics

  • Fixes a KMF problem that can happen if some of the nodes in cluster are rebooted and a device is shared by all the nodes.

  • Changes the CAM subsystem message that is printed to the error log on a recovered read error from "bad block number" to "block number."

  • Corrects a problem that can cause a core dump when the fwupgrade command is executed with qualifiers.

  • Enhances HP-XP Array controller support.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management.

  • Fixes an I/O hang condition on Fibre Channel.

  • Corrects a problem in which Tru64 UNIX sees an HP-XP RAID array controller as a disk after an HP-XP storage device is added to the system.

  • Updates the Radeon graphics driver to not reject multi-headed configurations.

  • Fixes a memory fault condition in the emx driver that occurs when responding to an inquiry command from a remote port in the fabric.

  • Updates DDR for the SDLT600, DLT VS, SuperDLT1, SDLT320, and VS series of tape drives.

  • Modifies a script that sets up entries in /dev to solve the following problem: When creating a cluster, certain old style /dev entries should be removed, but in some configurations they are not.

  • Provides support for the Ultrium 2 SCSI tape drive.

  • Corrects a condition that causes bootstrap address collisions after console heap_expand uses more memory and extends into address range used by the kernel.

  • Updates the tu driver to support Ethernet Multicast addresses larger than 512, which is necessary to support a large number of IPv6 addresses

  • Updates the alt driver to V2.0.20 to fix issues with IPv6, NFS performance and SNMP

  • Fixes an improper handling of domain, area, and fabric RSCNs, or Registered State Change Notifications by the emx driver that results in the nondetection of path failures to storage devices in the fabric.

  • Fixes and improves the mcutil program by correcting how bus resets are handled by the program and enhancing its error reporting capabilities.

  • Fixes a problem where Ultrium 2 tape drives do not use hardware compression.

  • Updates the ee driver to V1.0.27 to fix issues with IPv6 and SNMP

  • Adds path failure detection to the Tru64 Emulex Fibre Channel driver for situations involving hung N_Ports of a storage controller in a switched fabric environment.

  • Updates Mobile IPv6 code to be compliant with the latest RFC.

  • Modifies the DDR database to add support for the HP DAT72X6 changer.

  • Updates the bcm driver to V1.0.23 to fix issues with Jumbo frames.

  • Corrects a problem with HSZ events that cause I/O errors rather than doing the appropriate retries so the I/O can be successful.

  • Adds read/write ability to XP control ports.

  • Corrects an issue in which tape devices that have no ddr entry would not get compression correctly enabled or disabled as appropriate to the device special file that was used.

  • Fixes a problem that prevents keyboard input during interactive booting (SRM boot flag i) when in graphics mode on GS1280, ES80, and ES47 AlphaServers.

  • Fixes mass storage disk subsystem handling of specific, important events reported by the HSG80 and HSG60 array controllers.

  • Corrects default tape devices as /dev/tape/tape0_d1 for dump and restore as per device naming convention in V5x versions.

    Changes I/O retry processing when a command time out is encountered. With this change, the retry code attempts to take advantage of other active paths during retries if command time outs are encountered.

  • Corrects a problem with the DAT160 tape drive in which tape devices with no ddr entry would not get compression correctly enabled or disabled as appropriate to the device special file that was used.

  • Adds ddr.dbase support for the DAT160 tape drive.

  • Corrects A potential security vulnerability.

Patch 27035.00

OSFHWBIN540

  • Prevents the state machine performing Bad Block Replacement on a disk for which BBR is disabled.

  • Fixes a rare panic during boot on GS1280/ES80/ES47.

  • Fixes a "lock_fault" panic that can happen during system startup and shutdown.

  • Corrects the handling of certain disk “not ready” conditions to prevent long I/O stall times.

  • Provides performance enhancements based on the vm_overflow feature added in V5.1B-3.

  • Changes the way page migrations occur on a NUMA system to address poor performance due to excessive paging.

  • Corrects a problem with pagetable page allocations that can leave a thread waiting indefinitely during a fork operation.

  • Corrects the cause of "ubc_wire: hash failed" panics on non-NUMA systems.

  • Correct the cause of "not wired" panics with System V shared memory and bigpages.

  • Fixes an issue in the VM subsystem, wherein a page that is not managed by VM is incorrectly identified as being managed by VM.

  • Provides enhanced hwmgr show functionality for scsi path information.

  • Fixes a problem in which crash dumps to Fibre Channel swap devices do not always succeed.

  • Allows for control ports to be deleted by the hwmgr utility.

  • Fixes a cluster deadlock/hang issue that occurs when a new device is discovered.

  • Fixes a problem in which the “hwmgr refresh scsi -all” command does not always remove stale paths.

  • Corrects the cause of a process hang and system panic that occurs when using System V shared memory and asynchronous I/O.

  • Provides preferred path support for active-active, asymmetric storage devices.

  • Improves tape read/write command reliability in SANs by allowing the use of FCP-2 Link Level Error Recovery (LLER) for read and write tape commands if the destination Fibre Channel port supports LLER.

  • Enables Tru64 UNIX to work with tape devices that do not support non-tagged commands.

  • Addresses a potential I/O performance bottleneck in which the tape driver may select the same path for all tape drives in a system containing multiple HBAs and multiple tapes. With this change, the tape driver can assign different paths to different tape drives to improve tape I/O performance.

  • Addresses a NUMA memory initialization issue that can lead to system instability.

  • Allows systems with multiple paths to a large number of devices to boot faster.

  • Fixes the cause of the "pmap_pagemove" panic that occurs with some third party drivers.

  • Fixes a problem in which the changer code causes a kernel memory fault.

  • Fixes an issue with the KZPCC backplane RAID adapter device driver (I2O) that causes its logical disk drives to be identified as SCSI devices.

  • Makes adapter error messages more descriptive.

  • Corrects a memory leak.

  • Fixes the problem with the hwmgr utility displaying the wrong output for network device MTU.

  • Addresses an issue in which the cam changer driver does not unwire user pages when a path fails.

  • Fixes a problem of system hangs that occur due to combined memory leak and DMA resource leak in the EMX driver during the processing of an UNTAGGED request like device/lun reset.

  • Fixes a problem with KZPAC (SWXCR controller) that occurs when an open() issued on a deleted unit succeeds and a read I/O request results in a system crash.

  • Allows systems with multiple paths to a large number of devices to boot faster.

  • Changes the way the aha_chim OSM driver handles timeouts. Previously, timeouts were handled by registering a timer in the kernel callout queue for each I/O that timed out. As a result, a burst of aha_chim timeouts could flood the kernel callout queue. The new method times the I/O itself, so no entries are put in the kernel callout queue.

  • Ensures that the alt firmware is stopped before freeing buffers when the alt card is re-initializing.

  • Fixes a problem with the alt driver regarding receiving 9000-byte packets.

  • Provides transmit/receive flow control settings and driver revision to the bcm Gigabit Ethernet driver boot time startup messages.

  • Provides a fix for the proper operation of DS25 onboard bcm LEDs.

  • Fixes an issue in the error recovery procedure of CISS adapters.

  • Improves failure detection handling due to command timeouts.

  • Fixes a potential race condition that causes a kernel memory fault by the changer code.

  • Allow systems with multiple paths to a large number of devices to boot faster.

  • Fixes inappropriate handling of failures during tape changer opens.

  • Corrects a problem in which the consvar command can panic or fail without error when setting some console environment variables.

  • Fixes problems in the aha_chim (KZPEA) driver.

  • Corrects a potential hang issue with tapes when their SCSI address changes.

  • Enables FCP-2 Link Level Error Recovery for tape operations.

  • Corrects the handling of LS_RJT messages in the emx driver.

  • Corrects the cause of a kernel memory fault panic in the KZPEA driver.

  • Fixes a simple lock fault in wakeup_async_waiter.

  • Fixes a problem with the environmental monitoring daemon on partitioned AlphaServer GS80/GS160/GS320 systems.

  • Provides new EMX driver hardware attributes.

  • Improves selection timeout handling in RAID services.

  • Fixes a simple lock fault in cdisk_bbr_comp.

  • Fixes an issue related to aha_chim driver blocking in interrupt context.

  • Fixes the cause of a kernel memory fault that occurs in the ctape_generic_pass_thru routine when bus resets were detected.

  • Prevents system hangs due to certain internal Fibre Channel adapter failures.

  • Fixes an issue in which the hwmgr utility displays an incorrect MTU size for a network interface.

  • Fixes several I/O error handling and error reporting problems in the Tru64 Emulex Fibre Channel driver that can result in inefficient error handling or misleading error log entries.

  • Causes an error to be logged to binary.errlog when a LUN contraction is detected

  • Causes "Tru64 AHA_CHIM" to be returned for the SIM vendor ID.

  • Allows the hwmgr redirect scsi command to work with lockmode 4.

  • Fixes device recovery timing by improving the chances for a problem disk to recover.

  • Allows the first path to be removed with hwmgr if it is stale.

  • Provides environmental sensor support for Superdome power supply sensors.

  • Provides support for the CPU offline capability on AlphaServer GS1280 systems, as required for Capacity on Demand.

  • Updates the bcm driver to V1.0.22 to fix issues with IPv6 and SNMP.

  • Enables SmartArray 5300 controller hardware events to be logged to the binary.errlog during boot time. This is useful in diagnosing logical volume state change and physical drive hotswaps that can occur while the system in not booted.

  • Fixes a simple lock panic in the floppy diskette driver.

  • Prevents the memory troller from starting on titan and tsunami platforms with aluminum ev68 CPUs.

  • Fixes a problem with the Smart Array driver that could cause a system hang to occur during error recovery when I/O is active.

  • Fixes a consvar -s bootdef_dev failure with KZPCC.

  • Corrects a problem in which systems configured with VX1 graphics card do not return to console when the halt button is pressed, thereby making the console is then unusable.

  • Adds an event to indicate that the soft or hard error count has changed on the device identified in the event.

  • Corrects a potential deadlock in the hardware configuration subsystem.

  • Fixes a problem where, when using hwmgr to delete a component, a "DELETE_COMMIT: Cannot fetch name." message may be displayed on the console. This problem can be seen frequently in a cluster environment when the component being deleted does not exist on the system.

  • Fixes numerous issues in the driver for DEGXA Gigabit Ethernet adapters, including the DS25 onboard 10/100/1000 port.

  • Corrects a problem in which incorrect values for LONG_MAX and LONG_MIN were displayed when using the hardware manager to show attributes.

  • Introduces type checking of attributes when registering components with the hardware manager.

  • Corrects a problem where after entering a hwmgr -redirect SCSI command and rebooting, the system only boots to single user mode with the following error displayed:

    bcheckrc: Device Naming failed boot configure
    or verify  Please correct the problem and continue or reboot INIT:
    SINGLE-USER MODE
  • Corrects invalid hwmgr show component inconsistency.

  • Addresses a problem encountered when mounting cluster root if the cluster root domain devices are private to different cluster members. Currently, you cannot boot your cluster. It will hang. With this fix, your cluster will boot with a warning to the console. This configuration is not recommended; however the cluster should not be unbootable. Currently, this is with respect to non-LSM cluster root domains.

  • Prevents the hardware management cluster database from being reset.

  • Adds IEEE 802.1Q Virtual Local Area Network (VLAN) support for the following:

    • DEGPA

    • DEGXA

    • DE50x, lan_common.h

    • DE60x

  • Removes a restriction in which dynamic VMEbus device drivers can probe only one controller per driver.

  • Corrects a potential floating point register inconsistency.

  • Corrects 3D client hangs when using the Radeon graphics card.

  • Corrects a problem in which a kernel memory fault sometimes occurs if a USB keyboard or mouse does not respond quickly enough. This KMF can occur during boot or soon after a USB keyboard or mouse is connected. Any device can trigger this, though it is neither predictable nor common.

  • Fixes a problem in the alt driver for DEGPA Gigabit Ethernet adapters. This problem affects all Tru64 UNIX systems containing DEGPA network interfaces.

  • Fixes a condition that causes a system hang when using open3D over the AGP bus on an AlphaServer GS1280.

  • Fixes a problem that can cause an ES45 to hang if the Xserver is restarted or the system is rebooted without a power cycle when using the Radeon AGP graphics device.

  • Fixes a problem with USB hubs (or any other bus device) that occurs when they are removed from a running system.

  • Fixes a performance problem that occurs when doing wiring on gh_chunks memory.

  • Fixes multiple problems affecting a system with peripheral USB hubs attached, as well as problems that might occur when moving or adding USB host adapters.

  • Fixes a situation in which mounting a valid CD-ROM for the first time fails with the message “No valid file system exists on this partition,” although subsequent mounts of the same CD-ROM work as expected.

  • Fixes a kernel memory fault for systems that contain more that 8 IDE/ATA buses.

  • Corrects rounding errors for vm attribute vm_bigpg_thresh.

  • Corrects the handling of bad pages when big pages are enabled.

  • Fixes the cause of "page mapped" panics when using mmap calls with dev/mem to access free big pages.

  • Corrects a problem in which Incorrect I/O status may be returned by the KZPEA driver when attempting to abort an I/O during a reset.

  • Adds support in the platform code to handle MSI capable adapters. AlphaServer GS1280 systems support option cards that require MSI capabilities.

  • Installs the V1.07 release of the ciss driver, which is the minimum version required to support the Smart Array 5300 controller.

  • Corrects a problem in which a path event can cause hang in cdisk_online during disk open of HSG80.

  • Provides additional environmental support for the DS20L platform.

  • Allows multiple VX1 graphic cards to be configured in a separate I/O box system.

  • Adds support to get live status information for air movers and power supplies on AlphaServer GS1280 systems and to log intrusion packets to the error log.

  • Adds support for CPU indictment on AlphaServer GS1280 systems.

  • Corrects problems with the time of year (TOY) clock.

  • Fixes an IDE/ATA bus hang caused by attempting to complete raw odd byte DMA transfers to or from IDE/ATAPI devices.

  • Addresses small memory leaks within the kernel that occur infrequently.

  • Adds sysconfig tunable attributes for AlphaServer ES45 environmental monitoring.

  • Addresses an issue in which a NULL Inquiry data causes a “Device has no 'name' ” error and possible I/O stalls.

  • Corrects the cause of a delete_pv_entry panic when kernel virtual address space has high usage.

  • Fixes a problem in which Smart Array 5300 logical volumes are counted as RAID controllers.

  • Address an issue in which AdvFS domain panics occur during HSZ and HSG failovers.

  • Improves I/O performance by reducing kernel locking overhead.

  • Fixes a small memory leak in Power Management code.

  • Prevents unnecessary retries on an HSG80 when fail unit attention with ascq = Oxf002 and returns proper error to higher layer.

  • Fixes the IDE/ATAPI driver's reset logic to prevent a kernel memory fault when booting and to properly detect and log all master and slave reset failures when the system is operational.

  • Corrects a potential system crash when shutting down after using a DAPBA or DAPCA ATM adapter.

  • Prevents an IDE bus hang caused when issuing a play audio track command from scu to an ATAPI CD-ROM containing an enhanced CD.

  • Installs Version 1.08 of the ciss driver.

  • Fixes a problem with non-U.S. USB keyboards used in non-U.S. locales in which the keyboards are treated as U.S. keyboards by the operating system.

  • Fixes various problems in the bcm driver for DEGXA Gigabit Ethernet that can cause crashes.

  • Corrects a problem in the marvel_pfm driver where xmesh and bmesh incorrectly reported 100 percent utilization for IO7 ports held in reset. Previously, this had to be corrected by using the mvfi test program.

  • Makes it possible for CPUs that do not take interrupts (either directly from the attached IO7 or indirectly from IO7s attached to offlined CPU) to always be allowed to be offlined.

  • Verifies path structures in ctape_ioctl and ctape_generic_passthru to prevent a kernel memory fault if the tape was opened with FNDELAY flag set.

  • Prevents a recursive panic situation on the ES47 platform when a double bit memory error is detected.

  • Corrects a condition to prevents erroneous “ccfg_MakeDeviceIdentWWID: Invalid device ID” messages from being generated.

  • Fixes a problem that may cause a panic if the Xserver is stopped.

  • Fixes a process hang in ubc_common_lookup.

  • Corrects a problem in which the BBR code logs all error messages as soft error, even if the error was not recovered and it failed to do the bad block replacement.

  • Fixes a condition that causes a rare hang in the hardware configuration subsystem.

  • Resolves a problem in which some DE50x network interface cards, under specific circumstances, may not send gratuitous arp packets.

  • Fixes the re_ioctl() cases DIODCMD and DIODCDB where cmd transfer size has been changed to avoid kernel memory fault.

  • Changes the fwupgrade command to allow the specified firmware update image to be located on a BOOTP server in a connected network.

  • Suppresses an erroneous console warning message that may be provided when cluster root is under LSM control. The warning "WARNING: cluster root devices are on private buses!" may be erroneously output when cluster root is under LSM control. LSM does not support such configurations.

  • Fixes a problem in which the CAM I/O subsystem can cause a kernel memory fault or system hang when the subsystem is low on memory.

  • Installs Version 1.09 of the ciss driver.

  • Installs Version 1.10 of the ciss driver.

  • Modifies console callback code to allow users to use upper and lower case variable names for known console environment variables. This patch is required for update installations on EV7 based platforms.

  • Corrects the creation of console boot device strings for devices on subordinate buses.

  • Fixes the garbage character that sometimes appears when requesting the name of a boot device via consvar.

  • Fixes several problems in the bcm driver for DEGXA Gigabit Ethernet adapters, including the following:

    • A condition that causes the driver to incorrectly report data overruns.

    • A condition that prevents DEGX2-SA modules from being recognized.

  • Fixes two problems in the tu driver for DE5xx 10/100 MB Ethernet adapters.

  • Clarifies the "LIDs do not match" error message by displaying the values that do not match.

  • Corrects a race condition that may result in hung disks under certain circumstances, for example, after a SCSI reset.

  • Corrects problems in which tape devices become unavailable, do not respond, report unrecoverable errors, or cause a kernel memory fault.

  • Corrects problems in the aha_chim driver that could result in bus hangs, panics and inappropriate access of freed memory during high rate of bus resets.

  • Modifies the changer device driver so that it reports the manufacturer ID attribute as could be seen with the hwmgr -view devices command.

  • Fixes a problem in the alt driver that prevents DEGPA from being used with DE50x or DE60x adapters in a LAG set.

  • Fixes the cause of the panic “dg: unwiring.”

  • Fixes a problem in the KZPCA itpsa driver that occurs when a SCSI target presents multiple LUNs.

  • Prevents problems in the USB subsystem, including memory leaks, data inconsistencies, and USB device configuration problems.

  • Installs Version 1.11 of the ciss driver.

  • Fixes problems in the USB driver layer, inc.luding minor performance degradations and device failures.

  • Reduces the delay with hwmgr of EV7 based machines by reducing the number of calls to the console to update sensor data.

  • Fixes several IPMI-related problems, including the following:

    • Erroneous fields in 686 OS-detected environmental machine check logout frame.

    • Unusually large number of 686 sensor timeouts with heavy system load.

    • IPMI always reporting -48v sensors as broken, seen as "redundant power supply failed" messages

    • An IPMI memory leak

  • Restores the well known panic strings "Processor Machine Check" and "System Uncorrectable Machine Check," which had been replaced by more specific error strings. With this patch, both the old panic strings and the more specific ones will be issued.

  • Adds recognition for possible future devices.

  • Adds the capability for KZPCA devices to work with SCSI devices that only support asynchronous data transfers.

  • Fixes a problem in which the SDLT media causes bus resets.

  • Corrects problems that can result in tape devices not responding or in a kernel memory fault when the FNDELAY flag is set in tape open and tape ioctl.

  • Addresses an issue in which I/O may not complete under certain circumstances.

  • Installs version 1.12 of the ciss driver to correct a condition that causes an AlphaServer GS80 to hang following an Smart Array 5300 reset.

  • Corrects lockmode 4 problem in cdisk_event_notify.

  • Corrects a condition in which a system may panic with a kernel memory fault when a device that is being opened by one program is being deleted via the hwmgr utility.

  • Corrects an illegal instruction that causes a rare system crash.

  • Fixes a problem in which the user cannot connect to a printer on the parallel port after cancelling a print job.

  • Adds support for EV7 class machines (for example, the AlphaServer GS1280) to allow the use of processors having different speeds in the same chassis.

  • Corrects a condition in which the KZPEA firmware fails to correctly handle file marks with odd byte transfers.

  • Fixes a problem in the PCI bus code that can prevent some functions on a multifunction PCI card from being configured.

  • Fixes a problem with the USB keyboard driver that affects keyboard operation when the X server is not running. Specifically, the autorepeat function it may appear jumpy, or keys may appear to press themselves after they are released.

  • Fixes a problem relating to gh_chunks allocation on some configurations.

  • Fixes various problems in the bcm driver for DEGXA Gigabit Ethernet adapters.

  • Provides the logging of an informational event to the errorlog when the peripheral driver is unable to get a user specified IDENTIFIER for a storage array device.

  • Fixes CAM errors that occur when opening CD devices containing blank media.

  • Corrects a problem in which a read or write operation to a changer device creates an unkillable process.

  • Fixes a problem that can cause a kernel memory fault during boot if a Fibre Channel LSM boot disk is not discovered during the device probe.

  • Suppresses an in_cksum() console debug message.

  • Fixes a memory fault condition in the user agent driver that occurs when multiple threads issue I/Os on different CPUs.

  • Fixes jitter problems in 24-bit depth on VX1 graphics cards with certain date codes.

  • Fixes the cause of a system crash that can occur if the hwmgr command deletes a disk while it is in recovery.

  • Increases BOOTP error timeout values for RIS kernel installations.

  • Updates the values in the header of the PCI subpackets.

  • Corrects problems that can result in changer devices not responding or in a kernel memory fault when the FNDELAY flag is set in changer open and changer ioctl.

  • Allows multiple PCI-X devices on a system to use Message Signaled Interrupts (MSI).

  • Reduces the existing limitation on the number of CPUs that can be taken off line by allowing the other CPUs in the system to handle the interrupts coming from up to two IO7s.

  • Corrects a "simple_lock: time limit exceeded" issue that can occur in the CAM I/O subsystem when MCS locking is disabled.

  • Fixes a problem that turns off the reporting of correctable errors forever on any CPU, except CPU 0, once the throttling of correctable errors has begun.

  • Causes the posting of environmental events in the event of a machine check on EV7-based platforms.

  • Corrects a problem on AlphaServer ES45 platforms that resets sysconfigtab settings for the attribute titan_sys_ps_hotswap after a system reboot.

  • Provides modifications for possible future emx hardware.

  • Provides support for the Philips USB controller, which is shipped on some AlphaServer GS1280 systems. Without this patch, the Philips USB controller may fail to detect and configure devices below it.

  • Fixes various problems in the ee driver for DE60x Ethernet adapters.

  • Corrects a problem in which /sbin/ddr_config does not accept values for ReadyTimeSeconds larger than 255. The new limit is 86400 seconds (24 hours).

  • Fixes problems with NUMA disk statistics.

  • Fixes a KMF problem can occur if some nodes in cluster are rebooted and a device is shared by all the nodes.

  • Changes the CAM subsystem message that is printed to the error log on a recovered read error from "bad block number" to "block number."

  • Provides hardware support for the AlphaServer DS15/TS15 platform.

  • Corrects a race condition that can cause a process to hang during disk error recovery failure processing.

  • Fixes a hole in disk I/O handling that can cause a panic in rare circumstances.

  • Corrects a problem that causes a system panic while running applications that open a RAID device and the faulting routine is control_port_open.

  • Fixes an I/O hang condition on Fibre Channel.

  • Fixes a rare case in which the target of a ladebug-invoked routine (via the call func command) aborts with a segmentation fault while derefencing the gp register.

  • Corrects a problem in which an unconfigured PCI devices can cause a panic during boot.

  • Corrects a problem in which Tru64 UNIX sees an HP-XP RAID array controller as a disk after an HP-XP storage device is added to the system.

  • Corrects an address problem with hwmgr delete while a SCSI scan is in progress.

  • Updates the Radeon driver to not reject multiheaded configurations.

  • Removes an unwanted test text message.

  • Fixes a memory fault condition in the emx driver that occurs when responding to an inquiry command from a remote port in the fabric.

  • Corrects a problem that reduces performance or causes a device to switch controllers unnecessarily when active paths are improperly treated as standby or vice versa.

  • Fixes a problems in which locks used for disk I/O are not released during rare error conditions.

  • Fixes a problem with disk I/O barrier code that was not executed when it was needed.

  • Corrects a condition in which a panic can occur when unrecognized PCI devices are probed with a PCI class code of 255. The problem is probably limited to very old or specialized devices.

  • Corrects a HSZ70 controller failover failure that generates the message "Logical unit not ready, cause not reportable."

  • Changes the way reservation-conflict errors are handled in a cluster.

  • Prevents a potential panic that generates the message “memory_test=partial” or “memory_test=none.”

  • Corrects a problem in which certain older tape drives (such as the TZK50 and TSV07) would produce only errors when they were accessed.

  • Causes the AlphaServer GS1280 to accurately report and handle fatal memory errors if the associated CPU is off line.

  • Extends the hardware managers for CPU entries to include the attributes on a GS1280 platform to include the CPU chip revision number and the cache size.

  • Fixes a condition that causes hung I/Os in systems with multiple RADs.

  • Updates the tu driver to support Ethernet Multicast addresses larger than 512, which is necessary to support a large number of IPv6 addresses

  • Corrects a problem that causes the command sysconfig -r hwc hwc_print=5 to generate a kernel memory fault.

  • Updates the alt driver to V2.0.20 to fix issues with IPv6, NFS performance, and SNMP.

  • Fixes an improper handling of domain, area, and fabric RSCNs (Registered State Change Notifications) by the emx driver that results in the nondetection of path failures to storage devices in the fabric."

  • Fixes the reporting of device monitoring events and hardware errors during disk recovery from the disk driver to the binary errlog.

  • Corrects a problem that occurs with a device or bus reset during the execution of a command to a media changer device, like a tape library, and causes the system to panic with the message "PWS_CCB_QUE_REMOVE: ccb not on any list."

  • Prevents a cluster panic when installing new RAID hardware before OS support is installed on the cluster.

  • Fixes a problem in which an I/O operation is prematurely treated as complete, which can cause a panic in XPT or a storage driver.

  • Improves error handling and I/O timing.

  • Fixes hangs that can occur prior to disk spinups.

  • Improves system recovery when media errors occur.

  • Eliminates a condition that causes a panic to occur when removing sensors on a ES47 system.

  • Fixes a problem with HSG80 controllers due to bad count for persistent reservation keys.

  • Improves the performance of systems that perform heavy file I/O.

  • Changes the way that memory is marked as bad on the AlphaServer GS1280 in order to prevent a recursive crash on reboots. (A crash is expected as a result of a double-bit-memory error machine check.)

  • Fixes the errant binary.errlog entry "Status = CMP but resid not NULL Possible Software Problem - Impossible Cond Detected" from the peripheral disk, tape, and changer drivers.

  • Updates the ee driver to V1.0.27 to fix issues with IPv6 and SNMP

  • Corrects a potential race condition in the cam_tape driver.

  • Fixes a problem that causes a system to hang when swapping.

  • Corrects the cause of a simple lock timeout panic during I/O barriers.

  • Adds path failure detection to the Emulex Fibre Channel driver for situations involving hung N_Ports of a storage controller in a switched fabric environment.

  • Corrects the cause of a system crash that occurs when deleting disks using hwmgr.

  • Fixes the cause of certain panics by increasing the timeout for CPU onlines.

  • Provides better error handling for the MSA1000.

  • Fixes a problem in which a node does not properly find the server for a disk but incorrectly fails an open with ENODEV.

  • Installs Version 1.13 of the ciss driver.

  • Provides changes that allow for the proper usage of Smart Array controllers that are behind PCI bridges.

  • Provides support for new PCI svid for the ATM controllers 155 mmf, 155 utp, and 622 mmf.

  • Fixes the 'hwmgr edit scsi command.

  • Fixes the cause of a "Simple lock owned" panic seen on a KZPEA during a cluster boot.

  • Updates the bcm driver to V1.0.23 to fix issues with Jumbo frames.

  • Corrects a condition in which the firmware FRU table and Configuration Tree are not logged to binary errorlog during boot on AlphaServer ES47/ES80/GS1280 systems with less than 4 GB of memory.

  • Fixes the cause of a system crash that occurs when running with lockmode=4.

  • Corrects a problem in which the hwmgr command's display of DS15 environmental sensors may indicate that they are in the warning state when they are actually in the fault state.

  • Corrects a condition that prevents setting a high temperature threshold (warn and fault) for hwmgr and envmond on DS15.

  • Fixes a potential disk-identification delay when doing disk cloning.

  • Corrects a problem in which the hwmgr -delete command can cause a panic when directed at a sensor.

  • Adds a ddr flag to prevent failing I/O when ASCQ_LUN_NRDY_MAN are received from HSZ devices.

  • Adds read/write ability to XP control ports.

  • Corrects a problem with a sensor error that can indicate a false over-temperature condition on DS10/DS10L and TS10 systems.

  • Fixes a kernel memory fault panic problem with the KZPCC RAID adapter.

  • Fixes a panic that can occur during asynchronous event notification by a mass storage driver.

  • Corrects a problem in which AlphaServer GS1280/ES80/ES47 systems may report false over-temperature conditions if the temperature drops to (or below) 9 degrees Celsius (48 F).

  • Allows hwmgr -redirect to work with lockmode 4.

  • Fixes invalid queue entries and system panics following Retries Exhausted.

  • Fixes a persistent reduction in SCSI queue depth after a queue full occurs.

  • Fixes a race condition in xpt_async_event_thread.

  • Fixes an “mcs_lock:lock already owned by cpu” panic.

  • Fixes an issue with the storage subsystem I/O Barrier error handling.

  • Fixes USB problems that prevent some USB keyboards and mice from working.

  • Fixes POx Uncorrected and Unrecoverable Error panics on EV7 based systems.

  • Corrects tag and non-tag I/O handling when the system is booting.

  • Corrects a problem in which a multi-threaded application accessing a single tape drive via a single FILE object shared amongst the threads causes a kernel memory fault.

  • Fixes a problem with VMAC not working on the bcm driver (DEGXA) without explicitly enabling promiscuous mode.

  • Fixes a rare problem in which a “queue full” response during device discovery results in a kernel memory fault.

  • Adds additional fast fail functionality to the disk class driver.

  • Clarifies the binary error-log entry for medium or hardware errors.

  • Correct error logging problems in the emx driver.

  • Fixes a problem that causes an “invalid link address” kernel panic in the Alteon gigabit Ethernet driver.

  • Fixes the incorrect locking order in alt driver.

  • Corrects a problem in which FibreChannel dropped data is not detected during I/O error recovery and so is not retried, thereby causing unexpected and unnecessary errors.

  • Corrects a problem in which tape devices with no ddr entry would incorrectly enable or disable compression to the device special file that was used.

  • Fixes a problem in which the operating system receives an environmental machine check packet from the firmware, but fails to correctly recognize the sensor that is identified as faulty by the machine check.

  • Corrects a problem in which multiple access to changer devices (for example, via Legato/Networker) could lead to a kernel memory fault in the changer driver.

  • Fixes problems with DS15 environmental monitoring.

  • Fixes mass storage disk subsystem handling of specific important events reported by the HSG80 and HSG60 array controllers.

  • Corrects a problem in which multiple processes accessing a changer device can hang in a deadlock situation accessing the changer.

  • Improves logging of sense data during error recovery.

  • Fixes a problem with stalled or hung I/O's on clusters.

  • Corrects the panic, “cmn_err: CE_PANIC: elan0: heartbeat pacemaker - flatlined ....” that occurs on AlphaServer SC systems.

  • Fixes a panic that can occur when the ee driver momentarily drops its lock.

  • Resolves a logic error in hardware-specific platform code for certain boundary conditions.

  • Enables IPv6 MTU to be set up to 9000 bytes on gigabit Ethernet.

  • Fixes a rare kernel memory fault that occurs when booting an AlphaServer ES80.

  • Fixes a timer queue overflow panic with ccmn_get_dbuf.

  • Fixes a kernel memory fault in hwc_lookup_devt_safe.

  • Enables the right mouse button for some two-button USB mice.

  • Fixes a kernel memory fault that can occur during boot on some large AlphaServer GS1280 systems.

  • Enhances CAM disk driver resiliency.

  • Fixes a potential I/O hang with the KZPCC backplane RAID adapter.

  • Fixes a rare occurrence where on a shared parallel SCSI bus disks may become inaccessible to hosts under certain fault conditions.

  • Fixes the panic "no locks owned by cpu" caused by the bcm driver (DEGXA) when the device is shut down.

  • Fixes a problem that causes incorrect parent bus information from being printed for Smart Array 53xx adapters.

  • Corrects a lock initialization during boot.

  • Prevents a kernel memory fault within control_port_open when there are no control ports within the system configuration.

  • Fixes a problem and prevents a uagt thread from causing a "simple lock owned" panic in low memory situations.

  • Fixes a kernel memory fault in hwc_lookup_devt_safe.

  • Improves cluster I/O resiliency during certain error cases.

  • Provides enhancements for future versions of XP storage tools.

  • Fixes a race condition in the EMX driver that can cause the driver state flags to go bad.

  • Fixes the cause of a KMF panic that occurs when closing a removable device with no paths.

  • Provides better error handling for new tape devices.

  • Fixes an issue in the error recovery procedure of CISS adapters.

  • Corrects a problem in which changer applications hang when opening media changer device.

  • Improves the performance of various hwmgr commands on large AlphaServer ES80 and GS1280 systems.

  • Fixes a "vl_unwire: page is not wired" panic when the system is configured with gh_chunks or rad_gh_regions enabled and new_wire_method = 1.

  • Retires the "new_wire_method" sysconfig tunable paramater. See “new_wire_method Tunable Attribute Retired”.

  • Corrects the cause of the “pmap_ssm_lock_bit timeout” panic.

  • Fixes a problem in which a disk device is inaccessible after physical removal and reinstallation.

  • Fixes the cause of a rare hang on an AlpthaServier ES47 system that occurs when booting in graphics console mode.

  • fixes a problem whereby multiple LSM kernel-initiated plex detaches processed simultaneously by different cluster members across different diskgroups can cause I/O requests to those volumes to hang.

Patch 27036.00

OSFHWBINCOM540

  • Provides environmental sensor support for Superdome power supply sensors.

  • Adds support to get live status information for air movers and power supplies on AlphaServer GS1280 systems and to log intrusion packets to the error log.

  • Adds support for CPU indictment on AlphaServer GS1280 systems.

  • Fixes a situation where, on a panic, the operating system erroneously reboots instead of halting and fails to take a crash dump.

  • Distributes the latest .h files for the mcutil program and the event manager.

  • Corrects a problem with hwmgr delete while a SCSI scan is in progress.

  • Causes the AlphaServer GS1280 platform to accurately report and handle fatal memory errors if the associated CPU is off line.

  • Fixes and improves the mcutil program by correcting how bus resets are handled by the program and by enhancing its error reporting capabilities.

  • Corrects an issue in which multiple access to changer devices (for example, via Legato/Networker) could lead to a kernel memory fault in the changer driver.

  • Fixes problems with DS15 environmental monitoring.

Patch 27038.00

OSFINCLUDE540

  • Corrects a problem introduced in Tru64 UNIX V5.1B-2 that causes a syntax error when compiling programs using the header file /usr/include/netdb.h and defining _XOPEN_SOURCE_EXTENDED.

  • Corrects the assert macro definition in /usr/include/assert.h.

  • Offers the sticky connection feature for a cluster alias.

  • Modifies the getaddinfo to compile properly with the POSIX_SOURCE compiler flag.

  • Fixes various problems in the libc functions getdate(), strptime(), callrpc(), strncasecmp() and fork().

  • Fixes a problem in the libnuma function nacreate() and the system header <sgtty.h.

  • Fixes various problems in the dbx and object file tools dbx, ostrip, strip, mcs, dis, cord, file, and stdump.

  • Corrects a problem on systems running Enhanced Security in which the command edauth -R refuses to write user-profile entries to the root partition.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Adds per-binary big page controls to complement the system-wide tunable attributes.

  • Fixes an interoperability problem between the curses.h and esnmp.h header files.

  • Installs DECthreads V3.20-049.

  • Resolves several DECthreads faults and resolves performance issues with certain Java applications.

Patch 27039.00

OSFINET540

  • Provides changes in the bindconfig application (sysman dns) to support BIND 9 version.

  • Addresses a formatting error in the output of the tcpdump -r command whereby timestamps may be displayed as negative numbers.

  • Fixes invalid permission and ownership of the /usr/bin/deliver IMAP image.

  • Fixes a problem with the TruCluster software product running as a NIS server without Enhanced Security installed.

  • Upgrades BIND 8 to BIND 9.

  • Fixes a cyradm memory fault for an improper directory entry in the /etc/imapd.conf file.

  • Corrects the cause of RPC timeout error messages in the ypwhich -m command.

  • Adds support to decode TCP SACK packets in tcpdump.

  • Corrects the decoding of NFSv3 sattr structure in tcpdump.

  • Corrects a problem that occurs during a DNS server configuration using the SysMan DNS server application in which the user is not informed if the named daemon fails to start.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Modifies the prpasswdd and rpc.yppasswdd daemons to properly handle /var/tcb/files on a file system from different from /var.

  • Corrects a problem that can cause the /usr/sbin/pop3d server to generate a segmentation fault.

  • Corrects a problem in which the /usr/bin/mailauth -ini command does not create a usable database.

  • Corrects a potential security vulnerability in BIND 8 code that could result in a local or remotely exploited Denial of Service (DoS).

    SSRT3653 - BIND v8 — Severity - High
  • Adds support for IEEE 802.1Q (VLAN).

  • Makes start-up scripts in /sbin/init.d world readable.

  • Fixes client login, su, rshd, edauth, and sshd2 hangs and long delays under Enhanced Security, as well as some intermittent errors or failures seen with prpasswdd or rpc.yppasswdd.

  • Corrects potential BIND security vulnerabilities that may result in buffer overflows, unauthorized access, or denial of service (DoS). These may be in the form of local and remote security domain risks.

    SRT2408 BIND — Severity - High
    SSRT2410 BIND — Severity - High
    SSRT2411 BIND — Severity - High
  • Fixes the mkcdsl command and updates the NIS start-up script to correctly start NIS on the cluster alias.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management.

  • Fixes a problem in tcpdump that causes it to not filter UDP traffic properly.

  • Corrects a potential problem in screend.

  • Corrects a problem in which logins in TruCluster environments using Enhanced Security can hang on any member other than the one serving /var to CFS.

  • Corrects a problem on systems running Enhanced Security in which the command edauth -R refuses to write user-profile entries to the root partition.

  • Corrects a problem that occurs when using C1crypt for password encryption on Enhanced Security systems in which users are unable to change their passwords and see the passwd command warning "Password not changed: failed to write protected password entry."

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Adds the retry option to snmp_request.

  • Updates Mobile IPv6 code to be compliant with the latest RFC.

  • Enables tcpdump to display encapsulated IPv6 packets sent over the IPv6-in-IPv6 tunnel.

  • Corrects a problem in which a reverse zone lookup entry is not added to the /etc/namedb/named.conf file when configuring a cluster node as a DNS server using the bindconfig application.

  • Resolves a problem in which tcpdump can fail with the message “tcpdump: no VLAN support for data link type 0xa.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management or remote code execution.

Patch 27045.00

OSFKTOOLS540

  • Enhances the inpcb kdbx extension to display additional PID information.

  • Updates the kdbx audit extension to accommodate a new device driver state and optionally fetch data appropriately.

  • Enhances the kdbx netstat extension.

  • Fixes a premature termination of the ofile kdbx extension and warning messages in various kdbx extensions.

  • Fixes problems in the kdbx u and vnode extensions.

  • Provides enhanced kdbx debugging features to include a -A flag for route and to keep inpcb from truncating port numbers.

  • Updates Mobile IPv6 code to be compliant with the latest RFC.

Patch 27046.00

OSFLAT540

  • Makes start-up scripts in /sbin/init.d world readable.

Patch 27047.00

OSFLDBBASE540

  • Provides Version V69 of the ladebug debugger to cause it to properly return from a fork call when CATCHFORKS is set.

Patch 27048.00

OSFLDBDOC540

  • Provides Version V69 of the ladebug debugger to cause it to properly return from a fork call when CATCHFORKS is set.

Patch 27049.00

OSFLEARN540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

Patch 27050.00

OSFLIBA540

  • Updates the audit system to display additional information for the numa_syscalls and msfs_syscall system calls.

  • Fixes problems in which acl_set_file() fails and returns errno = 22 and does not fail if a file does not exist.

  • Corrects a problem in the arena memory allocator that stems from a clash between libc and libnuma on handling errors from the numa_syscalls system call.

  • Provides type checking in EvmVarGet wrapper functions.

  • Enhances the AdvFS rmvol utility to allow multiple volumes to be removed with one command.

  • Prevents addvol from adding invalid disks into a domain.

  • Fixes a problem in XTI, caused by a blocked mutex lock, in which any thread attempting to send an abortive disconnect would hang.

  • Installs DECthreads V3.20-029c to fix a problem with floating point data inconsistencies in threaded applications.

  • Provides the correct labels for mach events to the audit subsystem.

  • Fixes various problems in the libc functions getdate(), strptime(), callrpc(), strncasecmp() and fork().

  • Fixes a problem in the libnuma function nacreate() and the system header <sgtty.h.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Installs version V2.1-120 of /usr/lib/libots3.a and /usr/shlib/libots3.so to fix a problem where long running OpenMP applications might overflow an internal libots3 counter, resulting in a breakdown of thread synchronization.

  • Installs DECthreads V3.20-033, which addresses the possibility of floating point errors in threaded programs.

  • Corrects the behavior of munlockall in the realtime library (librt).

  • Improves null partition checking code.

  • Fixes a librt memory leak that can occur when multiple message queue files are opened and then closed. (The memory would be recovered when the process terminates.)

  • Expands libpset APIs to enable the caller to get processor set information.

  • Installs DECthreads V3.20-029, which fixes problems that may affect threaded programs. DECthreads V3.20-029 is the initial support version of the HP POSIX Threads Library.

  • Installs DECthreads V3.20-049.

  • Adds support for NEW_OPEN_MAX_SYSTEM (64K) file descriptors to libaio.

  • Installs DECthreads V3.20-049a, which fixes a problem that could cause some threaded applications to hang.

  • Resolves several DECthreads faults and resolves performance issues with certain Java applications.

Patch 27051.00

OSFLSMBASE540

  • Fixes a problem with vold logging (vold -k -x log) in which the default log file cannot be created.

  • Improves LSM's volunmigrate disk processing to produce more informative error messages on command line errors rather than defaulting to a general usage statement.

  • Corrects volunmigrate to allow for the full pathname to the device as input and to properly reject partitions with an invalid partition length.

  • Fixes an issue whereby the volevac command can appear hung when the number of volumes exceeds 512.

  • Provides enhancements to LSM hot-sparing.

  • Fixes a problem of adding LUNs off a SWXCR controller to LSM.

  • Fixes an issue seen in CLSM that causes a diskgroup import to fail when clsm collision proposals are seen in messages file.

  • Fixes a LSM diskgroup deport problem.

  • Prevents a "Too Many Volumes" error when attempting to add a volume and the maximum volumes allowed has not been reached.

  • Fixes an issue with the initialization of large disks.

  • Fixes an issue seen when using KZPAC/SWXCR disks in LSM.

  • Corrects several label strings in the SysMan LSM application.

  • Fixes problems with SysMan LSM administrator that deal with disk names in "Add disk to LSM" window and the display of disk names in Migrate.

  • Allows the LSM voldisk online and voldisk -a online commands to work cluster-wide for devices that have not been replaced. This is useful for rescanning devices that had a temporary disk failure.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects a problem in which volmigrate returns a shell error when attempting to migrate an AdvFS domain with multiple filesets. These domains can now be migrated as long as all the filesets are mounted.

  • Prevents inconsistent LSM volumes when the name of a partition that is being encapsulated matches the name of a current LSM volume.

  • Corrects a problem in which smsd triggers LSM configuration errors when querying LSM in a cluster. This fix ensures that a cluster member will be up to date with respect to the LSM configuration when calls are made to an internal LSM routine.

  • Corrects a problem during the creation of a new plex in which the volmake command reports that associating a subdisk with the plex would cause an overlap with another subdisk when they should not be overlapping.

  • Prevents vold from core dumping when attempting to delete a disk that was not initialized properly.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Corrects an I/O performance issue that occurs when CLSM is configured and one member of a cluster goes down unexpectedly.

  • Fixes a slow boot when booting several cluster nodes at the same time and CLSM is configured.

  • Enables volassist to create a mirror of a striped volume with the mirror having a layout of concat.

  • Corrects an error return code for volinfo. If a specified volume is not in the configuration database, the error code returned from volinfo will reflect this error.

  • Corrects an issue of a cluster node hanging during a boot while another member recovers the cluster root file systems.

  • Allow volsave and volrestore to save nconfig/nlog policies for disk groups and restore them appropriately.

  • Corrects awk errors for invalid quit statements.

  • Corrects a problem in which lsmbstartup does not ignore comment lines in /etc/fstab, thereby making it possible for it to attempt to process that line if it appears to be an entry for the root file system.

  • Corrects an internationalization problem in which an instructional message that is output by the LSM voldiskadm command's list option is incorrect because it had not been entered properly in the message catalog.

  • Improves null partition checking code.

  • Modifies the volassist command to correctly output a warning message for its shrink operations.

  • Enables a full recovery to occur in the event of an invalid magic number found in the recovery map.

  • Corrects a problem in which the volplex command does not send a disk group option to the usage type utility when both the usage type and disk group options are specified on the command line.

  • Allows a mirrored swap plex to be detached when it contains a phantom subdisk.

  • Corrects a problem in which vold may dump core when connectivity to a disk group is lost, for example its underlying storage is local to one cluster member and that cluster member leaves the cluster.

  • Modifies volsave and volrestore to let them handle public and private offsets of an LSM disk.

  • Causes LSM tol issue an error if a nonroot user tries to run the volencap command.

  • Decreases CLSM boot times in large cluster configurations.

  • Fixes problems in vol_new_disk ioctl when errors are encountered when loading a disk in the kernel.

  • Fixes a problem with the disk group loglen getting set to 0 when adding a disk to a non-rootdg disk group.

  • Fixes an LSM problem in which device failures may not be handled properly in a cluster. This is with respect to devices discovered from a previous configuration. The result could be a diskgroup deport.

  • Fixes a vold threads problem in which LSM devices may be incorrectly recorded as disk clones where LSM starts up,

  • Provides a new LSM EVM event, which is posted when LSM is processing clusterwide plex detaches.

  • Modifies LSM to ensure that AdvFS volume links are not required to be named the same as the device they point to.

  • Corrects a problem in which the dsfmgr command does not notify LSM of certain disk changes With this fix, the procure for replacing a failed boot disk under LSM control should work as described in Section 6.4.6 of the Logical Storage Manager manual without generating the error message “lsm:voldisk: ERROR: Device dskxf: define failed.

  • Corrects a condition that causes the incorrect use of the volmigrate and volunmigrate commands to return success instead of failure.

  • Fix a problem in voldisk moddb that can cause a disk group to become unusable.

  • Enhances CLSM performance during boot and disk scanning.

  • Fixes a problem in voldisk moddb that can cause a disk group to become unusable.

  • Fixes the voldiskadm utility to correctly remove a disk for replacement.

  • Fixes a problem whereby LSM mirrored volumes are erroneously left in the SYNC state after a cluster member failure and simultaneous underlying disk storage failure.

  • Fixes an error in dissociating swapvol/rootvol plexes.

  • Corrects incorrect error messages generated by the voldctl command. With this fix, if voldctl disable fails, the error message returned will be “disable failed” and if voldctl license fails, the error message will be “license check failed.

  • Corrects a problem to ensure the correct calculation of subdisk offsets in a plex when associating subdisks to a plex using the volsd command.

  • Corrects a problem with non-rootdg disk groups disappearing.

Patch 27052.00

OSFLSMBIN540

  • Prevents the following panics on systems using LSM or CLSM with low free memory:

    mcs_lock: lock already owned by cpu
    mcs_unlock: current lock not found
  • Suppresses the following erroneous console warning message that may be provided when cluster root is under LSM control.

    WARNING: cluster root devices are on private buses!

    LSM does not support such configurations.

  • Corrects a highly contentious spin lock in the LSM kernel that occurs when running a high number of I/O operations to an LSM volume.

  • Corrects a problem to allow CLSM ioctls to return EINVAL when not in a cluster.

  • Prevents the dereferencing of a null pointer in volkiostart() when a DRL object has failed and no mirrors belong to the object.

  • Fixes a klog inconsistency during node boot in which it is possible that no nodes in the cluster respond to a klog sync request and the booting node simply clears the disk group klog.

  • Decreases CLSM boot times in large cluster configurations.

  • Fixes problems in the vol_new_disk ioctl when errors are encountered when loading a disk in the kernel.

  • Fixes the cause of a panic in LSM voldrl_commit_delete that occurs during a transaction abort.

  • Corrects the cause of a panic in LSM voldrl_commit_delete seen during a transaction abort.

  • Adds performance enhancements to help reduce LSM cluster-wide plex-detach processing time.

  • Fixes a problem whereby LSM does not properly removing plex detach entries from its kernel change log in a TruCluster environment.

  • Fixes an issue with kernel plex detach by attempting to further reduce the number of redundant detach events sent from the kernel to vold.

  • Fixes a boot problem with the LSM I/O performance change when the root file system is an LSM volume.

  • Adds a configurable fastfail option to the LSM driver for mirrored volume I/O.

  • Modifies conditions to allow multiple retries to mount the root file system and provide the ability to adjust the retry period.

  • Corrects a locking issue in KCL local lock.

  • Fixes an "assert wait" panic caused by automatic LSM error tracing when DRD uses LWC (light weight context) switching and many I/O and plex detaches occur.

  • Fixes a problem in which I/O requests hang when multiple LSM kernel-initiated plex detaches are processed simultaneously by different cluster members across different diskgroups.

Patch 27052.00

OSFLSMX11540

  • Prevents a process hang occurring when large I/O's are performed on multiple drl-enabled LSM volumes simultaneously on Multi-CPU systems.

  • Causes zero length I/O requests to be flagged with the proper error message to the user rather than causing a panic.

  • Fixes a “clsm_config" dlm_lock deadlock issue.

Patch 27053.00

OSFLSMX11540

  • Fixes a problem in the LSMSA GUI where the application throws a Null Pointer Exception while trying to display volume and fileset information on systems having ASU file-on-file mounts.

Patch 27054.00

OSFMANOP540

  • Updates the uucp(1), gethostbyaddr(3), getnameinfo(3), sys_attrs_io(5), kdbx(8), named(8), and volwatch(1) reference pages.

  • Updates the dd(1), ksh(1), vi(1), aio_return(3), sshd2_config(4), emx(7), dxshutdown(8), newfs(8), prpasswdd(8), sshd2(8), and ypset(8) reference pages.

  • Revises the EvmEventPost(3) reference page to document the return value EvmERROR_CONNECTION_LOST.

  • Revises the nsdispatch(3) reference page.

  • Revises the getaddrinfo(3) reference page to document the POSIX_SOURCE compiler flag.

Patch 27055.00

OSFMANOS540

  • Updates the following reference pages: uucp(1), gethostbyaddr(3), getnameinfo(3), sys_attrs_io(5), kdbx(8), named(8), and volwatch(1) .

  • Updates the following reference pages: awk(1), chmod(1), cp(1), ex(1), find(1), rm(1), uuencode(1), vi(1), and which(1).

  • Provides the dig(1) and host(1) reference pages to support BIND 9.

  • Updates the following reference pages: poll(2), wait(2), EvmVarSet(3), sys_attrs_cam(5), sys_attrs_cfs(5), sys_attrs_generic(5), sys_attrs_inet(5), sys_attrs_vfs(5), and sys_attrs_vm(5).

  • Adds a new reference page, sys_attrs_nfs(5).

  • Updates the sys_attrs_rdg(5)reference page to document an increase in the maximum number of objects in the RDG endpoint and buffer list.

  • Adds the named.conf(5) and rndc.conf(5)reference pages to support the upgrade to BIND Version 9.

  • Updates the following reference pages: btcreate(8), btextract(8) collect(8), disklabel(8), envconfig(8), fsdb(8), ftpd(8), hwmgr_show(8), mountd(8), rmvol(8), and ddr.dbase(4). Also adds the following new reference pages to support BIND 9: dnssec-keygen(8), dnssec-makekeyset(8), dnssec-signkey(8), dnssec-signzone(8), named-checkconf(8), named-checkzone(8), nsupdate(8), rndc(8), and rndc-confgen(8).

  • Updates the dd(1), ksh(1), vi(1), aio_return(3), sshd2_config(4), emx(7), dxshutdown(8), newfs(8), prpasswdd(8), sshd2(8), and ypset(8) reference pages.

  • Revises the sysconfig(8) reference page to document the cluster interconnect.

  • Revises the tcpdump(8) reference page for the VLAN functionality.

  • Revises the ifconfig(8), lan_config(8), niffconfig(8), ping(8) vlanconfig(8), and vlan(7) reference pages for the VLAN functionality.

  • Revises the mt(1) reference page to document three new commands, mt reserve, mt release and mt tur, that allow for tape devices to be reserved (via the scsi-2 reserve command) and released (via the scsi-2 release command.

  • Revises the envconfig(8) and envmond(8) reference pages for the environmental monitoring facilities (/usr/sbin/envmond, /usr/sbin/envconfig) to support the AlphaServer GS1280 hardware platform.

  • Revises several of the SSH reference pages to address issues and problems with SSH, such as interoperability with other SSH implementations, SSH client/server configuration files compatibility issues, and the lack of IPV6 support.

  • Revises the sys_attrs_ee(5) reference page to document the new ee subsystem attribute link_check_interval.

  • Revises the newfs(8) reference page to document the -M command option to newfs, which lets you specify permissions of an MFS root directory when it is first created.

  • Revises the vdump(8) reference page to change the statement for the -b option to be a maximum of 2048.

  • Adds the new reference page chatr(1).

  • Revises the sys_attrs_proc(5) reference page to add a new tunable attribute, executable_data.

  • Adds the new reference page javaexecutedata(8).

  • Revises the fwupgrade(8) reference page to document a new feature that allows the specified firmware update image to be located on a BOOTP server in a connected network.

  • Revises the collect(8) and pmgrd(8) reference pages to document new AdvFS features.

  • Revises the codconfig(8) reference page to include new supported platforms.

  • Revises the xmesh(1) reference page to include new supported platforms.

  • Revises the sys_attrs_clubase(5) reference page to document the change to the cluster_rebuild_delay.

  • Revises the sys_attrs_lsm(5) reference page to document scalability and performance with LSM spin locks.

  • Revises the fuser(8) reference page

  • Revises the binlogd(8) reference page to document information about adding a CDSL (Context Dependent Symbolic Link) to the binlog archive directory.

  • Revises the voliod(8) reference page to document a change to the voliod -f set 0 command.

  • Revises the evminfo(1) reference page to document the addition of the auth option to the -verify option, which allows users to check for syntax errors in the EVM authorization file.

  • Revises the kdbx(8) reference page to document the addition of the -A flag to route.

  • Revises the netstat(1), sys_attrs_inet(5), sys_attrs_net(5) and route(8) reference pages.

  • Revises the chatr(1) and sys_attrs_vm(5) reference pages.

  • Revises the volrestore(8) and volsave(8) reference pages to document the change which will allow volsave and volrestore to save nconfig/nlog policies for disk groups and restore them appropriately.

  • Revises the volassist(8) reference page.

  • Revises the ldapcd.conf(4), ldapusers.deny(4), netgroup(4), svc.conf(4), nsswitch.conf(5), edauth(8), nss2svc(8), nssetup(8), and svcsetup(8) reference pages.

  • Revises the nslookup(8) reference page.

  • Revises the rcp(1) reference page.

  • Revises the pmgrd(8) reference page to correct the path name and the file name for the pmAdvfs.mib file.

  • Revises the migrate(8) reference page to add information about interrupts that can occur when direct I/O is enabled.

  • Revises the xmesh(1) reference page to add the Xmesh resource file information in the FILES section.

  • Revises the snmp_request(8) reference page to document the new -r option.

  • Revises the sys_attrs_net(5) reference page to add pfilt_loopback and pfilt_physaddr.

  • Revises the sys_attrs_ufs(5) reference page to document the tuning of the UFS attribute delay_wbuffers using sysconfig.

  • Revises the sys_attrs_alt(5) reference page.

  • Revises the ip(7) reference page.

  • Revises the sys_attrs_inet(5) reference page to update the default value for ipqmaxlen to 2048 (instead of 1024).

  • Revises the sys_attrs_bcm(5) reference page.

  • Revises the chatr(1) reference page.

  • Revises the audit_tool(8) reference page to document a change that allows a user to specify a path to archived audit logs that the audit_tool will follow for all logs instead of the path recorded in the audit_log_change events (which by default is /var/audit).

  • Revises the csh(1), sh(1b), ip6rtrd.conf(4), ntp.conf(4), sys_attrs_ipv6(5), sys_attrs_vfs(5), nifftmt(7), dump(8), freezefs(8), fwtmp(8), ip6rtrd(8), restore(8), and xntpd(8) reference pages.

  • Revises the sys_attrs_lsm(5) and disklabel(8) reference pages.

  • Revises the mt(1), netstat(1), sys_attrs_ee(5), sys_attrs_inet(5), sys_attrs_vm(5), collect(8) envconfig(8), fuser(8), ifconfig(8), and kdbx(8) reference pages.

  • Revises the btcreate(8) and psradm(8) reference pages.

Patch 27060.00

OSFNETCONF540

  • Corrects several potential security vulnerabilities that have been reported on systems using an IPsec configuration of tunnel mode ESP without authentication. Under certain circumstances, a remote attacker could force an error so that a portion of a plain-text message can be intercepted by the attacker. Corrects the following vulnerability:

    SSRT5957 - IPsec (Severity - High)
  • Fixes a problem in which a stack trace occurs during quicksetup if the host name and any NFS parameters are changed.

  • Modifies the netconfig application to prevent breaking automation while using the SysMan command-line interface.

  • Corrects the netconfig application to a avoid stack trace that occurs while configuring a token ring adaptor on a different node.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Corrects a problem in which when DHCP is selected for a network interface card, netconfig places invalid data in the /etc/hosts file.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Fixes a problem in the SysMan nfs_export application in which adding a host to the rw-access list does not take effect.

  • Fixes a problem in the SysMan nfs_export application in which an inappropriate message is displayed when a nonroot user runs it.

  • Corrects a problem in which the network wizard exits when running as nonroot.

  • Corrects a potential security vulnerability in IPsec/IKE (Internet Key Exchange) with Certificates. This potential vulnerability is remotely exploitable, resulting in unauthorized privileged access.

    SSRT3674 - IPsec/IKE (Severity - High)
  • Fixes a problem in which SysMan route does not handle the destination name input correctly

Patch 27062.00

OSFNFS540

  • Adds a name and IP address cache to NFS mountd to limit problems seen with DNS timeouts.

  • Corrects a problem with pcnfsd that occurs when it is running in a cluster and sends the member's IP address instead of the cluster alias.

  • Fixes the warning message in the daemon.log file when automount starts.

  • Provides an option that allows users to specify port number for mountd.

  • Fixes rpc.lockd to send UNIX authentication.

  • Corrects a problem in which autofs skips exported file systems that belong to netgroups in the remote NIS domain, while a mount command for the same exported file system works.

  • Fixes problems due to mountd not blocking SIGHUP when processing NFS exported file systems.

  • Fixes multiple defects in AutoFS user space and kernel code.

  • Enables mountd to correctly handle entries with multiple lines of input in an exports file.

  • Makes start-up scripts in /sbin/init.d world readable.

  • Fixes an issue with the rpc.lockd daemon's message passing-style RPCs, where replies are sent to the IP address of the lock's caller_name field instead of to the call message's source.

  • Modifies the mountd daemon to correct a core dump problem.

  • Restore exports file (-root=hostlist) behavior.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Enables AutoFS to handle loopback mounts correctly, specifically regarding failed attempts to use AutoFS to access a loopback mount via a cluster alias.

  • Fixes the behavior of the rpc.rquotad daemon in a cluster.

  • Addresses a mountd problem in which spurious signals can cause mountd to dump core and a second problem that causes .INCLUDE parsing to function incorrectly.

  • Enables AutoFS mount-on paths to have the correct maximum length when AutoFs files are mapped directly.

  • Fixes an rpc.lockd problem involving lock contention, in which lock requests accumulate on a linked list that is searched with each kernel lock manager poll and result in excessive CPU consumption

  • Fixes an issue in which an error was being reported with an empty direct map.

  • Fixes a problem where rpc.statd does not correctly create the sm and sm.bak directories on startup, causing rpc.statd to exit.

Patch 27064.00

OSFOBSOLETE540

  • Updates Tru64 UNIX version information in accordance with HP rebranding efforts.

Patch 27065.00

  • Updates Tru64 UNIX version information in accordance with HP rebranding efforts.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

OSFOEMBASE540

Patch 27068.00

OSFPGMR540

  • Fixes a sendmail registration issue with PSM.

  • Updates sysconfig to use the cluster interconnect, thereby allowing for a greater SSI collaboration. This will help with changing variables on hung systems, single user systems, and normal running systems.

  • Corrects several potential security vulnerability where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management.

  • Corrects a core dump problem that occurs when output of the lint command for nonexisting file is supplied to error.

  • Fixes many small problems in dsfmgr.

  • Fixes various problems in the dbx and object file tools dbx, ostrip, strip, mcs, dis, cord, file, and stdump.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Corrects a problem that occurs when stdin, stdout and stderr are closed and cfg_connect fails to connect to cfgmgr.

Patch 27069.00

OSFPRINT540

  • Provides LPD support for the following HP Printers:

    • Color LaserJet 4650

    • Color LaserJet 9500

    • LaserJet 4200

    • LaserJet 4250

    • LaserJet 4300

    • LaserJet 4350

    • LaserJet 9040

    • LaserJet 9050

  • Fixes a problem with lpstat -o in handling hyphens in printer names. If there is a hyphen in printer name, lpstat -o was interpreting it as a job-id instead of printer name.

  • Corrects a problem that exists with print jobs submitted on clusters that occurs when an “on”attribute in /etc/printcap is specified for one node and a job is submitted on another node.

  • Modifies lpd to fix /etc/hosts.lpd case sensitivity; for example, "node.domain" treated the same as "Node.Domain."

  • Makes start-up scripts in /sbin/init.d world readable.

  • Improves printing (lpd) maintainability, including the addition of new DEBUG lpr.log messages, a DEBUG message screening feature, and an improved remote printing connection-retry scheme.

  • Fixes a problem in which job pages are missing when the jj printcap flag is set to 1.

  • Fixes a problem in which temporary files are left in root (/) when lpd gets bad file names from /etc/printcap.

  • Provides new delay timers to address timing problems.

  • Provides a new syslog DEBUG message for lpr.log to debug bad remote job file names.

  • Fixes a problem that causes queues that use the lpf output filter (and potentially other output filters) to hang when the print subsystem is used heavily; for example, 300 queues used continuously.

  • Fixes an error in which remote job reprinting does not occur when needed.

  • Adds a new /etc/printcap option, sr, to suppress job reprinting.

Patch 27070.00

OSFRCS540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

Patch 27071.00

OSFRIS540

  • Corrects a joind failover problem and an extracted RIS area issue.

Patch 27072.00

OSFSCCS540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

Patch 27073.00

OSFSDE540

  • Fixes various problems in the dbx and object file tools: dbx, ostrip, strip, mcs, dis, cord, file, and stdump.

  • Fixes the way the spike code optimization tool handles -arch and -tune options. Using these options with previous versions of spike resulted in unproductive error messages and/or system crashes.

  • Fixes a fatal assertion error reported by pixie, hiprof, third spike, cord, uprofile and odump object file tools for some executables linked at optimization level 2 (-O2) or greater.

  • Fixes an internal error with the /usr/bin/spike optimization command.

  • Modifies the cflow utility to store its temporary files in a temporary directory created using the /usr/bin/mktemp utility. If cflow cannot create a temporary directory it terminates with an exit value of 1.

  • Fixes a fatal error in /usr/bin/spike.

  • Fixes a problem in which the prof -pixie -testcoverage <exe <exe.Counts sometimes reports invalid source line number ranges.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Fixes performance tool failures on Sierra Clusters Parallel File Systems.

  • Corrects an inaccurate error message in spike optimizer.

Patch 27075.00

OSFSER540

  • Fixes a panic on a system with an Oxygen VX1 graphics card when the X server is killed while it is starting up.

  • Fixes a problem in which the X server shared memory extension sometimes does not display images properly in windows of depth 16 or 24.

  • Corrects a problem that occurs with the Oxygen VX1 graphics card in which XCopyPlane copies all bitplanes rather than only the requested bitplane.

  • Fixes a memory leak in the X server PanoramiX/Xinerama Extension that can cause a process to core dump.

  • Fixes a problem in which the X server's command line option to turn off VESA Display Power Management Signalling (-dpms) does not work.

  • Corrects a problem that can cause the X server to hang every 49 days on systems with PowerStorm 4D40T, 4D50T, 4D51T, or 4D60T graphics options.

  • Fixes a problem in which the X server may crash if the RADEON layered product kit is installed, 3D rendering is disabled, and a client queries the GLX extension.

  • Corrects a potential file permissions vulnerability and a potential buffer overflow in the X Window System. The potential vulnerabilities are locally exploitable, resulting in unauthorized privileged access.

  • Fixes a problem with the X server when the PanoramiX extension is enabled in which clients running on Linux® systems with their displays directed to the Tru64 UNIX X server will fail to start.

  • Fixes a problem in the X server that causes mouse buttons to stop working as expected.

Patch 27077.00

OSFSERVICETOOLS540

  • Corrects a problem that can cause the collect utility to die from a memory access fault on systems with a large number of AdvFS domains and filesets.

  • Provides the collect utility with support for long disk names.

  • Corrects a potential security vulnerability that could result in non-privileged users gaining unauthorized privileged access on the system.

  • Provides the ability for the collect utility to salvage data files with missing termination records.

  • Provides the collect utility with the ability to report local and remote I/O access statistics for cluster storage devices in a TruCluster Server environment.

  • Corrects a problem of compromised AdvFS data integrity which occurs when a new AdvFS domain or fileset is added while collect is running.

  • Updates the collect utility to Version 2.0.5.

  • Provides new collect features, including AdvFS monitoring and CPU and memory metrics on a per RAD basis.

  • Fixes floating-point exception in collect.

  • Corrects a condition in which collect cannot create a new data file from a data file that does not include a termination record.

  • Corrects a condition in which the concatenation of two or more of collect's data files prevents access to last record and collect generates an "out-of-sync" error. With this patch, collect will print out the last record when the -l option is used on playback.

  • Allows collect to gather AdvFS statistics when the number of active AdvFS filesets exceeds 128.

  • Causes collect to exit with the following message if it is run with the -H option and the directory linking to /var/adm/collocated does not exist:

    chmod or chown failed.: No such file or directory
  • Corrects a problem in which collect hangs on a AS8200 server and CPU resources would rise to 99.9% until a Ctrl/c is issued.

  • Fixes the problem where collect displays wrong values of usrtim and systim.

  • Cleans up resource usage caused by collect.

  • Fixes an issue with the collect on NUMA platforms in which collect RAD CPU Summary statistics are inconsistent with the single statistics.

  • Corrects a problem in which collect stops working intermittently when data collection is done with compression.

  • Fixes a memory leak problem with collect on NUMA systems.

  • Fixes a problem with the collect that cause it to report incorrect packet count information when a large number of incoming/outgoing packets occur per second.

  • Improves collect so it can properly handle dynamic changes to resources such as AdvFS file systems and disks. The collect utility now also ensures that errors are logged through syslog so they are not lost when it is run in historic mode.

  • Corrects a condition that causes collect to display the error “Mini-Header out of sync” when playing back data files.

  • Improves input validation and the handling of process lists supplied via the collect -P command.

  • Corrects a problem in which memory reports generated by collect for a system on NUMA platform are different from those generated on a non-NUMA system.

  • Corrects a problem with collect when it is used with the -l option to seek to the last record of a data file whose size is less than 312 bytes.

  • Corrects a problem with collect incorrectly reporting RAD and memory statistics on systems where the RADs are not serially numbered.

  • Corrects a problem of collect stopping after 48 hours, when running in historical mode.

Patch 27079.00

OSFSYSMAN540

  • Fixes a smsd core dump problem in a cluster.

  • Fixes repeated AdvFS domain panics triggered by smsd.

  • Fixes a problem in dxaccounts, where the Modify option dumps core when more than one NIS user is selected on the NIS client.

  • Corrects a problem in the SysMan advfsmgr utility, where the size of a very large fileset is shown as zero.

  • Fixes a problem where sysman -station does not work in the French locale.

  • Fixes a problem in which a stack trace occurs during quicksetup if the host name and any NFS parameters are changed.

  • Fixes a problem in which SysMan ppp_options does not show the ttyname and speed values.correctly.

  • Fixes a problem where “sysman users” does not allow root to change the password.

  • Corrects a problem in the function of SysMan ufsmgr “expand.”

  • Fixes a condition that can cause a copy-and-paste of a NIS-group to hang.

  • Modifies the netconfig application to prevent breaking automation while using the SysMan command-line interface.

  • Fixes problems with the dxaccounts application on systems with ASU installed.

  • Corrects a problem that occurs with ntpconfig that causes the error message "keyword authdelay unknown" to be written into the daemon.log file whenever XNTPD V4 starts.

  • Fixes a problem in which a stack trace occurs in the ntpconfig application during attempts to delete duplicate entries.

  • Fixes a problem in which dxaccounts deletes the home directory upon modification

  • Changes the incorrect choice LSMnopriv to LSMnoprv in the Usage: button option of the diskconfig application.

  • Corrects a problem in the SysMan account management application in which an invalid error message is displayed while deleting a user who does not have a home directory.

  • Enables the multi-column List widget implemented in SUIT to use any value specified for the -height option in the curses domain.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects the cause of a core dump that occurs when the usermod command is used with the -x pc_synchronize option.

  • Corrects a problem that causes the userdel command to core dump when the shell field is empty in the passwd file.

  • Corrects a problem that causes the usermod command to not work as expected with NIS +/- users.

  • Fixes minor problems with the account management tools.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of passwords that have a length outside of the intended range.

  • Updates the account management tools to use the latest versions of the ASU (Advanced Server for UNIX) API calls when ASU is in use on the server.

  • Provides support for SmartArray disk controllers. Without this fix, if the SmartArray product is installed on the system the SysMan Station hardware view will fail to operate.

  • Modifies the useradd command to correctly manage default and template data properly. The problem showed up most notably with the useradd -p command would producing the message "Password must be between 32 and 80 characters."

  • Corrects a problem in some cluster configurations that causes the SysMan Station to fail to generate the hardware view and a Java stack trace is generated indicating that the routine "HardwareLayout.fancyPlace" was being executed at the time of the trace.

  • Provides enhancements for file system suitlets.

  • Corrects a problem in which the SysMan Station display is not updated when a component (for example CPU) registration and deregistration events occurs.

  • Corrects a problem in which if the Reload/Refresh button is pressed during the running of any of the SysMan tools in a browser, the tool hangs, thereby requiring the user to restart the browser to continue with the tool.

  • Corrects a condition in which the daemons used by Insight Manager fail and do not restart when restarting the network using the SysMan Menu.

  • Corrects a problem in which when SysMan is used to change the configuration of a network adapter card, it would also reconfigure other cards, thereby causing a cluster connectivity interruption

  • Prevents users from attempting to configure a network adapter card that is part of a NetRAIN set.

  • Updates the SysMan Menu layout in online help.

  • Fixes a problem that occurs when dealing with white spaces in a "Filter by Comment" search of the SysMan Account Management application.

  • Corrects a problem that occurs when DHCP is selected for a network interface card, the netconfig command places invalid data in the /etc/hosts file.

  • Fixes a problem encountered when bttape TCL scripts are executed by nonprivileged users.

  • Adds $quote directive to the message catalog.

  • Corrects a confusing error message seen when ASU is installed and a user runs useradd on a non-PDC server.

  • Fixes potential issues with system security during the creation of temporary files.

  • Corrects a problem in which the SUIT multicolumn list incorrectly handles the programatic sizing of the columns, thereby causing data to be truncated.

  • Corrects a problem in which SysMan Station fails when the HOME environment variable is not set or points to a nonexistent directory.

  • Corrects a problem in which the SysMan Station does not allow the relocation of CAA resources in the CAA view by dragging and dropping resource objects.

  • Corrects a condition that causes the useradd command to create the same UIDvalue for a new user when the /etc/passwd file contains the expression ?#?.

  • Corrects a problem on systems with multipath SCSI devices in which the SysMan Station Hardware View incorrectly displays the hardware components and their relationships.

  • Fixes a problem with the display of the appropriate title label in the Manage Local Users and Manage NIS Users SysMan applications in a Java domain.

  • Fixes a problem with the dialogue box that appears when remote printing and Advanced Server printer types are selected during the Add Printer configuration.

  • Improves the input validation for Client, Server and IP address fields for the pap-secrets and chap-secrets file.

  • Corrects a problem in curses mode in which AlphaServer Management Server tool incorrectly displays selected nodes and loses column headers after viewing help.

  • Corrects a condition that causes double clicking table headers in Manage CPUs and AMS causes traceback.

  • Corrects a class loader hang that occurs when run by non-root users.

  • Corrects a condition that causes the setld SUITlet to fail when it is run from a browser or SysMan Station.

  • Corrects a userdel -D failure to a remove user from the /etc/passwd file on Enhanced Security systems.

  • Eliminates two warning messages from the SysMan Security Configuration tool. One appears when changing the root password on systems with ASU installed and the other appears when a user tries to trim auth logs before they are created.

  • Corrects a problem in which running the usermod command with certain options, such as -x distributed grace_limit, results in a “Cross-device link” error when the var and yp directories belong to two different filesets, on a NIS master.

  • Corrects a problem in which when a node in a cluster is rebooted, the SysMan Station daemons running on each of the other nodes core dumps and a core file can be seen on the root (/) directory.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP rather than only from NIS.

  • Corrects a problem that occurs when new hardware objects are inserted on a node in a cluster and smsd on each node displays the newly added hardware object as being added to the local node.

  • Fixes a problem in which ntpconfig posts two events for each modification of the ntp.keys file.

  • Corrects problems in which SysMan drdmgr dumps tcl stack when a user tries to manage devices or file systems of a cluster node that is down.

  • Corrects a condition that causes failures when locking and unlocking multiple selected users.

  • Modifies netconfig to avoid tcl stack dumps that occur when a user who has no HOME directory tries to view the network daemon status of a cluster alias or a remote node or tries to set up network interface cards on a remote node.

  • Fixes a problem with the validation of the account expiration date in usermod.

  • Corrects a problem in which the network wizard exits when running as nonroot.

    Corrects a problem in which the Modify and Delete keys are disabled when using the arrow keys to move through a list.

  • Modifies SysMan SUIT so that suitlets such as Manage CPUs and Event Viewer can successfully be launched in JAVA display mode.

  • Fixes a java null pointer exception problem when starting a sms client whose initial view window has been deleted.

  • Fixes the cause of a core dump that occurs during a copy/paste operation of a Local/NIS template

  • Modifies the useradd and usermod commands to validate that the shell argument passed is a valid executable file.

  • Improves the input validation in SysMan pppconfig.

  • Fixes a problem with the copy/paste operation of dxaccounts.

  • Fixes a problem with the creation of new user using useradd.

  • Modifies the SysMan Display Mounted File Systems application to correct a problem with file system size.

  • Modifies the SysMan Display Currently Mounted File Systems application to correct a problem in which it incorrectly lists file-on-file mounts.

  • Modifies the SysMan Mount File Systems application to correct a problem in which it incorrectly mounts entries in /etc/fstab file.

  • Fixes a problem where the SysMan Unmount File Systems application does not display file-on-file mounts correctly.

  • Addresses a problem with the usermod command when it is used to perform operations on NIS local plus or minus users.

  • Modifies the dop command and SysMan dop to correct various problem.

  • Addresses a problem with the usermod command when it is used to move a user's home directory to a subdirectory of the old home directory, causing the deletion of the old home directory (and thereby, the newly created home directory).

  • Addresses a problem with the userdel command when it is used to delete an NIS local plus or minus user.

  • Fixes a problem of not being able to change the user login name in SysMan account management application.

  • Fixes a problem with dxaccounts with C2 security enabled, where dxaccounts cannot set the null password for a user even if the user's database entry allows the user to have a null password.

  • Corrects a problem in which diskconfig does not delete old alias name when a new alias name is specified.

  • Fixes the cause of a core dump that occurs with in dxaccounts when the Delete operation is attempted on a default template in Local Templates view under enhanced security.

  • Fixes a problem with SysMan Menu when it is invoked through a browser.

  • Corrects a problem where SysMan Station does not show the long name of CAA resources.

  • Corrects a problem in which using the usermod -d -m command to specify the creation of a new home directory fails if the new directory contains a trailing slash (/).

  • Corrects a problem in which diskconfig does not display UFS file system creation errors.

  • Modifies the Quicksetup application for evaluating Printer Name and Printer Server data.

Patch 27080.00

OSFTCLBASE540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

Patch 27083.00

OSFTRUETYPE540

  • Corrects a potential file permissions vulnerability and a potential buffer overflow in the X Window System. The potential vulnerabilities are locally exploitable, resulting in unauthorized privileged access.

  • Corrects a potential file permissions vulnerability and a potential buffer overflow in the X Window System. The potential vulnerabilities are locally exploitable, resulting in unauthorized privileged access.

Patch 27084.00

OSFUUCP540

  • Corrects a problem with the uucp command in which it changes the time stamps of the destination file when the destination file already exists as a directory.

  • Enables the tip command to log into the member-specific log file.

  • Corrects the path for the aculog file and gives the file appropriated permissions.

  • Makes start up scripts in /sbin/init.d world readable.

  • Corrects several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file or privilege management.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the uucp utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

Patch 27085.00

OSFX11540

  • Corrects a problem that occurs when attempting to open a Java applet on a V1.7 Mozilla browser displayed from a Redhat Linux RHEL 3 (update 6) to a Tru64 UNIX V5.1B-3 graphics console. The browser closes and dtwm spins at 99% CPU usage.

  • Resolves security vulnerabilities in X PixMap routines used in the Motif library.

  • Modifies the online help description for Togglekeys in accessx.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxterm utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Corrects a problem, where, under certain circumstances, the XmCvtXmStringToCT() function does not correctly convert a compound string to a string in compound text format.

  • Fixes a problem where a Chinese character whose byte sequence contains 0x9b cannot be entered with dxhanziim or cut and pasted.

  • Provides an updated keyboard map for the Russian 3R-LKQ48-BT keyboard model.

  • Fixes a display width mismatch problem in the zh_CN.GB18030 locale.

  • Fixes a problem with xterm while displaying a compound text that is converted by XmCvtCTToXmString().

  • Modifies XmbTextListToTextProperty() and XmbTextPropertyToTextList() to support 4-byte length UTF-8 characters in the Compound Text handling.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Fixes various problems with the X font server and with the X server's interaction with X font servers.

  • Prevents application failures when an application specifies very large timeout values to X Toolkit library (Xt) routines.

  • Resolves a drag and drop problem across the screen in multi-head systems.

  • Corrects a potential file permissions vulnerability and a potential buffer overflow in the X Window System. The potential vulnerabilities are locally exploitable, resulting in unauthorized privileged access.

  • Resolves a potential buffer overflow within the X PixMap routines.

Patch 27086.00

OSFXADMIN540

  • Corrects a potential security vulnerability in the XDM (X Display Manager) software. This potential vulnerability, which may be locally and remotely exploitable, could result in a denial of service (DOS), unauthorized privileged access, or both.

  • Corrects a problem in which host icons overlap in the dxhosts application.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised when a buffer overflow occurs in the dxsysinfo utility. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege.

  • Corrects the way the dxkerneltuner application handles memory.

  • Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects a problem in which the dxkerneltuner application when invoked with the -power option does not remove the temporary files in /tmp when the application is closed.

  • Corrects a problem in which dxproctuner does not display data in the fr_FR local.

  • Corrects a problem in which the dxproctuner application, when invoked, either gives error message or dumps core and does not work.

  • Corrects a problem in which a temporary file is not deleted when dxarchiver is closed.

  • Corrects a core dump problem in the dxfileshare application when the /etc/exports file is not present in the system and a user tries to add a new entry.

  • Corrects a problem in which the dxkerneltuner application dumps core when cancel is selected in the mmsess subsystem.

  • Corrects a problem in which the dxpower application shows an error when the Spin Down Disks option is selected.

  • Fixes problem with dxproctuner in which the toggle menu item View Processes for All Users does not filter the output for non-root users.

Patch 27089.00

OSFXDEMOS540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

Patch 27094.00

OSFXLIBA540

  • Corrects a problem that occurs when attempting to open a Java applet on a V1.7 Mozilla browser displayed from a Redhat Linux RHEL 3 (update 6) to a Tru64 UNIX V5.1B-3 graphics console. The browser closes and dtwm spins at 99% CPU usage.

  • Corrects a problem, where, under certain circumstances, the XmCvtXmStringToCT() function does not correctly convert a compound string to a string in compound text format.

  • Fixes a problem where a Chinese character whose byte sequence contains 0x9b cannot be entered with dxhanziim or cut and pasted.

  • Modifies XmbTextListToTextProperty() and XmbTextPropertyToTextList() to support 4-byte length UTF-8 characters in the Compound Text handling.

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file or privilege management.

  • Prevents application failures when an application specifies very large timeout values to X Toolkit library (Xt) routines.

  • Corrects a potential file permissions vulnerability and a potential buffer overflow in the X Window System. The potential vulnerabilities are locally exploitable, resulting in unauthorized privileged access.

Patch 27095.00

OSFXMIT540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of improper file access.

  • Fixes various problems with the X font server and with the X server's interaction with X font servers.

  • Corrects a potential file permissions vulnerability and a potential buffer overflow in the X Window System. The potential vulnerabilities are locally exploitable, resulting in unauthorized privileged access.

Patch 27100.00

OSFXSYSMAN540

  • Fixes a problem in dxaccounts in which the Modify option dumps core under certain circumstances.

  • Fixes several problems with dxaccounts on a system with ASU installed.

  • Fixes several potential security vulnerabilities where, under certain circumstances, system integrity may be compromised. These may be in the form of improper file access.

  • Corrects a problem with the userdel command that can cause it to dump core when the shell field is empty in the passwd file.

  • Corrects a problem with the usermod command not working as expected with NIS +/- users.

  • Fixes several minor problems with the account management tools.

  • A potential security vulnerability has been discovered, where under certain circumstances, system integrity may be compromised. This may be in the form of passwords that have a length outside of the intended range.

  • Updates the account management tools to use the latest versions of the ASU (Advanced Server for UNIX) API calls when ASU is in use on the server.

  • Updates the SysMan Menu layout in the online help.

  • Corrects a problem in which extra leading and trailing spaces from the FIND dialog box in dxaccounts are not trimmed before being used, which results in a search failure.

  • Modifies dxaccounts to display the account expiration date at first view.

  • Fixes a condition in which a disabled I/O port incorrectly reports 100% utilization.

  • Causes the display of instructions for creating the /dev/marvel_pfm file when the file is not present on the system.

  • Fixes a condition in which the menu does not wrap around when the window width is too small to accommodate all the menu items.

  • Adds the xmesh resource file /usr/lib/X11/app-defaults/Xmesh to customize xmesh.

  • Allows the adjustment of the color key to change the percentage range for each color.

  • Modifies the dxaccounts application to prevent core dumps under the following circumstances:

    • When a UNIX login name is modified and its corresponding PC account is not remapped to the new login name.

    • When a user tries to modify the UNIX and PC account login names and then tries to see information in PC user view.

    • When the root user is selected from the drop-down list for modification.

    • During a copy-and-paste operation of the Local/NIS template

    • In the Retire function.

  • Fixes a problem where, under certain circumstances, the Display Window application (dxdw) displays garbled characters in the transcript area of the application.

  • Modifies dxaccounts to allow it to change the local user password in Enhanced Security environment.

  • Corrects a problem in which the locking and unlocking of multiple selected users did not happen under C2 security.

  • Fixes the cause of a core dump that occurs during copy/paste operations of Local/NIS template.

  • Corrects a problem in which the dxaccounts application incorrectly creates a default expiration date of Feb 1, 1995 for new user accounts.

  • Fixes a problem with copy/paste operations using dxaccounts.

  • Fixes a problem that occurs when creating a new user with useradd.

Patch 27102.00

OSFCDSABASE540

  • Corrects a potential security vulnerability where, under certain circumstances, system integrity may be compromised. This may be in the form of compromised private RSA keys.

  • Corrects a problem in which during a CDSA configuration the mod_install program core dumps.

Patch 27106.00

OSFIPSECBASE540

  • Corrects multiple potential vulnerabilities identified on HP Tru64 UNIX operating systems running IPSec, which uses the Internet Security Association and Key Management Protocol (ISAKMP). The vulnerabilities could be exploited remotely to cause Denial of Service (DoS).

  • Corrects a potential security vulnerability in IPsec.

Patch 27107.00

OSFLDPAUTH540

  • Allows the ldapcd to exit when there is a permanent error. When ldapcd exits, init respawns the daemon allowing ldapcd to recover and function normally.

  • Modifies ldapcd to prevent it from crashing under the following conditions:

    • When resolving group codes with very large GIDs.

    • When the LDAP Directory Server is unavailable.

  • Corrects a condition in which the login process may crash when LDAP users, or users belonging to an LDAP group, attempt to log in.

  • Fixes a problem with ldapcd that prevents LDAP users from being authenticated, even when they are providing the correct password.

  • Changes the use of the configuration file /etc/svc.conf to /etc/nsswitch.conf to allow netgroup data to be provided from LDAP, rather than only from NIS.

  • Fixes problems caused when the UID/GID of an Active Directory user is zero.

  • Corrects a condition in which the su command issues multiple "Sorry" messages when multiple SIA mechanisms are in use; for example, when LDAP is configured for user accounts.

  • Ensures that login sessions are properly established for LDAP and BSD accounts when multiple authentication mechanisms are configured.

  • Addresses the way that the ldapcd handles when the ldap server becomes unavailable.

Patch 27110.00

OSFOPENGL540

  • Fixes a problem in which the OpenGL glTexCoordPointerEXT() command can cause a segmentation fault.

  • Restores two extensions missing from OpenGL library to the list of GL extensions it supports for indirect rendering.

Patch 27113.00

OSFSSHBASE540

  • Corrects a potential issue with scp2 and sftp2.

  • Fixes the cause of memory leaks in sshd.

  • Provides protection against a class of potential security vulnerabilities called buffer overflows. Buffer overflows are sometimes exploited in an attempt to subvert the function of a privileged program and possibly execute commands at the elevated privileges if the program file has the setuid privilege. This patch allows a system administrator to enable memory management protections that limit potential buffer overflow vulnerabilities.

  • Fixes the error "Xauth data does not match fake data." that can occur when multiple SSH sessions from the same client are open on different cluster member nodes.

  • Modifies the ssh-pubkeymgr script to change the default keyfile name to user-host, and to simplify the procedure for enabling a key for a remote login.

  • Fixes a problem in SSH in which when attempting SSH TCP port forwarding the SSH server handling the forwarding would die.

  • Corrects a problem that occurs when booting a during a file system full situation in which the ssh-validate-conf utility attempts to write to the files /etc/ssh2/sshd2_config and /etc/ssh2/ssh2_config, thereby causing them to be zeroed out.

  • Corrects a potential security vulnerability.

  • Corrects a misspelling in the ssh-hostbased-setup utility message "is not running a compatible sshd, skipping."

  • Corrects a problem in which scp does not check whether the source and destination were the same file, thereby causing the file to be truncated to zero bytes.

  • Corrects a condition in which if a user connects to a cluster, performs two SSH localhost, and then tries to start an X application, an error message of X connection is broken is displayed.

  • Corrects a problem in which the SSH-hostbased-setup utility does not handle host names containing a hyphen (-).

  • Corrects the handling of chroot users via ssh with Enhanced Security enabled.

  • Fixes a problem with scp where, in some cases, the source file could be cleared.

  • Fixes an issue with SSH V3.2.3 host-based authentication when using the MapFile configuration option.

Patch 27114.00

OSFSSOSSL540

  • Corrects a potential security vulnerability in SSL.

  • Corrects a potential security vulnerability when using the Secure Sockets Layer (SSL). The potential vulnerability may be remotely exploitable, resulting in a denial of service (DOS).

Patch 27115.00

OSFSSOW2K540

  • Fixes memory leaks in the libgssldap library used by ldapcd. The leaks caused intermittent SSO SIA authentication failures.

  • Corrects an "address already in use" problem with klogin and kshell.

  • Fixes a problem that occurs when running a GSSAPI application, where instead of returning error-specific strings, generic error-strings are returned.