Internet security software downloads

»

HP Tru64 UNIX

Tru64 UNIX

» Tru64 UNIX V5.1B-6
» Tru64 UNIX V5.1B-5
» Documentation
» Information library
» Software web index
» Software products library
» Patch database
» Services
» Developer & Solution Partner Program
» Send us your comments
» Support Statements

Evolving business value

» Tru64 UNIX to HP-UX 11i transition benefits calculator
» Alpha RetainTrust Program
» Transition

Related links

» Alpha systems
» HP-UX 11i
» Integrity servers
» Linux
» HP storage
» HP solutions
HP-UX 11i: measurably better TCO!

» Overview

Downloads

» Best practices

» Services

» Partners

Additional security software                                             Year 2006 2005 2004, 2003

» cchwtest
» Common Data Security Architecture
» dirclean
» IPsec
» SSH

» Non-security related Early Release Patches (ERPs)

To access most patch links on this page, please register on the HP IT Resource Center website. Registration is free.


Security advisories and associated patches - 2004  

Problem description Security patch kit for affected OS/Patch Kit or product Last update Summary Cross-reference Fixed in next mainstream patch kit
SSRT4696
Rev. 1
V5.1B-2 /PK4
V5.1B PK3
V5.1A PK6
V4.0G PK4
V4.0F PK8
Original release: 22-Dec-04

Update of 16-Feb-05
4 of 5 kits updated to install over previous inet.mod ERPs.

TCP Stack Remote Denial of Service (DoS)

Reboot
Required:Yes

 

CAN-2004-0230

NISCC
#236929

5.1B-3
(PK5)
SSRT4876 SWS based on Apache 2.0.52 and earlier (IX 6.3 and earlier; SWS standalone versions earlier than 6.3.6a)

Secure Web Server 6.3.6a
available for download
here.

Distributes patched version of Apache 2.0.52

22-Dec-2004 SWS (Apache) Secure Web Server Remote Denial of Service (DoS) CAN-2004-0942 HP Internet Express for Tru64 UNIX (IX) version 6.4
SSRT4831 V5.1B-2 /PK4
V5.1B PK3
V5.1A PK6
V4.0G PK4
V4.0F PK8
11-Nov-04 Potential Buffer Overflow in the Motif Library and Image Viewer VU#882750 CAN-2004-0687 5.1B-3
(PK5)
SSRT4812 Affected:Apache:
SWS 2.0.49 or earlier
(IX 6.3 or earlier; SWS 6.3 or earlier)

PHP:
PHP module from any SWS from IX 6.3 or earlier or SWS 6.3 or earlier.

Secure Web Server 6.3.2a
available for download
here.

28-Oct-04 Tru64 IX (Internet Express) PHP / Apache Multiple Local and Remote Unauthorized Access NISCC #403518
CAN-2004-0786
CAN-2004-0747
CAN-2004-0811
Apache bug #30134
HP Internet Express for Tru64 UNIX (IX) version 6.4
SSRT4802 V5.1B PK4
V5.1B PK3
V5.1A PK6
V4.0G PK4
V4.0F PK8
18-Oct-04 X Window System - Unauthorized Privilege

Reboot
Required:Yes

VU#820006
VU#667502
VU#106238
5.1B-3
(PK5)
SSRT4826 Mozilla versions earlier than 1.7.3

The Mozilla  Application Suite for HP
Tru64 UNIX
1.7.3 can be obtained HERE.

29-Sep-04 Mozilla Application Suite for HP Tru64 UNIX Multiple Potential Security
Vulnerabilities
VU#651928
VU#847200
VU#460528
VU#808216
VU#113192
VU#327560
VU#125776
VU#414240
VU#653160
Corrections have been incorporated into the 1.7.3 version of Mozilla, which is available for download.
SSRT4778 Mozilla versions earlier than 1.7.2

The Mozilla  Application Suite for HP
Tru64 UNIX
1.7.2 can be obtained HERE.

23-Aug-04 Mozilla Application Suite for HP Tru64 UNIX  libpng Potential Overflows VU#388984
VU#817368
VU#236656
VU#477512
VU#160448
VU#286464

Mozilla bug reports:
249004
250906
251381
253121

Corrections have been incorporated into the 1.7.2 version of Mozilla, which is available for download.
SSRT4718 V5.1B PK4
V5.1B PK3
V5.1B PK2 
V5.1A PK6
V4.0G PK4
V4.0F PK8
02-Jul-04 NTP Integer Overflow

Reboot
Required:Yes

VU#584606 V5.1B PK5
V5.1A PK7
SSRT4741 DCE for Tru64 UNIX
from
Entegrity Solutions.
14-Jun-04 RPC Buffer Overrun in DCE

Reboot
Required:Yes

VU#568148
VU#326746
VU#377804
DCE code and support is owned by Entegrity Solutions.

All future updates should be obtained via Entegrity Solutions.

SSRT4717 V5.1B
Kit can be installed on PK4, PK3 and PK2.

IX Kits
 BIND
 SWS
 LDAP
 SENDMAIL

Insight
   Manager
 IMA 3.2.3

10-Jun-04

10-Aug-04:
New 5.1B ERP kit added

SSL/TLS Potential Remote Denial of Service (DoS)

Reboot
Required:
Varies by product.

 

CAN-2003-0020
CAN-2004-0113
CAN-2004-0174
V5.1B PK5

Internet Express version 6.3

Insight Management Agents 3.3
 

SSRT4722 Mozilla Versions V1.6 are earlier are affected.

The Mozilla 1.6 Application Suite for
Tru64 UNIX
can be obtained HERE.
 

29-Apr-04 HP Tru64 UNIX  Mozilla Potential Denial of Service (DoS)

Reboot
Required:No

 

CAN-2003-0564
CAN-2003-0594
CAN-2004-0191
Corrections have been incorporated into the 1.6 version of Mozilla available for download.

These corrections will also be included in the HP Tru64 UNIX 5.1B-2 AP CDs.

SSRT4721 V5.1B PK3
V5.1B PK2 
V5.1A PK6
V4.0G PK4
V4.0F PK8
 
21-Apr-04

HP Tru64 UNIX dtlogin and XDM Potential Denial of Service

Reboot
Required:Yes
 

VU#179804 5.1B PK4
5.1A PK7
SSRT4704
SSRT4705
V5.1B
V5.1A

WU-FTPD is shipped with Internet Express(IX)

07-Apr-04 HP Tru64 UNIX denial of service, elevated
privileges in WU-FTPD

Reboot
Required:No
 

CAN-2004-0148
CAN-2004-0185

 
Internet Express(IX) V6.3
SSRT3674 V5.1B*
*Kit can be installed on both PK3 and PK2.

V5.1A
Webkit 
05-Mar-04 HP Tru64 UNIX IPsec/IKE Potential Remote Unauthorized Access

Note: Please follow special instructions in the HP Security Bulletin.

Reboot
Required:Yes
 

5.1B
Tech Update


See the Configuring IPsec Section.
5.1B PK4

5.1A PK6 and later are corrected by applying the current IPsec Webkit.

MD5 checksums are available from the ITRC patch database main page http://www.itrc.hp.com/service/patch/mainPage.do. From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links.