Internet security software downloads

»

HP Tru64 UNIX

Tru64 UNIX

» Tru64 UNIX V5.1B-6
» Tru64 UNIX V5.1B-5
» Documentation
» Information library
» Software web index
» Software products library
» Patch database
» Services
» Developer & Solution Partner Program
» Send us your comments
» Support Statements

Evolving business value

» Tru64 UNIX to HP-UX 11i transition benefits calculator
» Alpha RetainTrust Program
» Transition

Related links

» Alpha systems
» HP-UX 11i
» Integrity servers
» Linux
» HP storage
» HP solutions
HP-UX 11i: measurably better TCO!

» Overview

Downloads

» Best practices

» Services

» Partners

Additional security software                                                Year 2006 2005  2004, 2003

» cchwtest
» dirclean

 

» Non-security related Early Release Patches (ERPs)

To access most patch links on this page, please register on the HP IT Resource Center website. Registration is free.


Security advisories and associated patches - 2007  

Problem description Security patch kit for affected OS/Patch Kit or product Last update Summary Cross-reference Fixed in next mainstream patch kit
SSRT071452 5.1B-4
5.1B-3
20-Dec-07 HP Tru64 UNIX running FFM, Local Denial of Service (Dos) None 5.1B-5
(target)
SSRT071472 Apache
Tomcat on
IX 6.7
IX 6.6
IX 6.5
15-Oct-07 HP Tru64 UNIX Running Apache Tomcat, Remote Unauthorized Access, Remote Denial of Service (DoS) CVE-2007-3382
CVE-2007-3385
CVE-2007-3386
IX v 6.8
SSRT071449 5.1B-4
5.1B-3
IX 6.6
29-Aug-07 HP Tru64 UNIX or HP Tru64 Internet Express running BIND, Remote DNS Cache Poisoning CVE-2007-2926 5.1B-5
(target)

IX v 6.7

SSRT071424 Internet Express 6.6 running Samba  3.0.23 27-June-07 HP Tru64 UNIX Internet Express running Samba, Remote Arbitrary Code Execution or Local Unauthorized Privilege Elevation CVE-2007-2444
CVE-2007-2446
CVE-2007-2447
IX v 6.7
SSRT071429 HP Internet Express (IX) for Tru64 UNIX 6.6 and earlier

Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS)  6.6.4 and earlier

25-June-07 Secure Web Server for HP Tru64 UNIX Powered by Apache (SWS) or HP Internet Express for Tru64 UNIX running PHP, Remote Arbitrary Code Execution, Unauthorized Disclosure of Information, or Denial of Service (DoS CVE-2006-4625
CVE-2007-0988
CVE-2007-1286
CVE-2007-1380
CVE-2007-1700
CVE-2007-1701
CVE-2007-1710
CVE-2007-1835
CVE-2007-1884
CVE-2007-1885
CVE-2007-1886
IX v 6.7
SSRT061213
SSRT061239
SSRT071304

Rev. 2

New 5.1B-4 kit provided

5.1B-4
5.1B-3
5.1A PK6
4.0G PK4
4.0F PK8
Insight Mgt Agents patch v 3.6.1

IX v 6.6 customers should install the BIND 9.2.8 patch from the ERP kit appropriate for their base OS  version.

21-June-07
(Rev. 2)
HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) SSL:
VU#547300
VU#386964
CAN-2006-4339
CVE-2006-2937
CVE-2006-2940
CVE-2006-3738

BIND:
VU#697164
VU#915404
CVE-2007-0493
CVE-2007-0494

5.1B-5 (target)

IX 6.7

IM Agents patch 3.6.1 (already available)

SSRT071323 5.1B-4
5.1B-3
9-May-07 HP Tru64 UNIX Running Secure Shell (SSH), Remote Unauthorized Identification of Valid Users none 5.1B-5 (target)
SSRT071326 5.1B-4
5.1B-3
5.1A PK6
1-May-07 HP Tru64 UNIX Running the dop command, Local Execution of Arbitrary Code with Privilege Elevation none 5.1B-5 (target)
SSRT061135
Vers. 3

Vers 3: updated 5.1B-3 kit
provided

5.1B-3  
5.1A PK6
4.0G PK4
4.0F PK8
IX 6.5
25-Apr-07 HP Tru64 UNIX and HP Internet Express for Tru64 UNIX Running sendmail, Remote Execution of Arbitrary Code or Denial of Service (DoS) CVE-2006-0058
(VU# 834865)
CVE-2006-1173
(VU#146718)
IX 6.6
(already shipping)

5.1B-4

SSRT061256 5.1B-4
5.1B-3
5.1A PK6
4.0G PK4
4.0F PK8
25-Apr-07 HP Tru64 UNIX Running the ps command, Local Disclosure of Sensitive Information none 5.1B-5 (target)
SSRT061213
SSRT061239
SSRT071304
5.1B-4
5.1B-3
5.1A PK6
4.0G PK4
4.0F PK8
Insight Mgt Agents patch v 3.6.1

IX v 6.6 customers should install the BIND 9.2.8 patch from the ERP kit appropriate for their base OS  version.

12-Apr-07

Updated
21-June-07
with new 5.1B-4 kit

HP Tru64 UNIX SSL and BIND Remote Arbitrary Code Execution or Denial of Service (DoS) SSL:
VU#547300
VU#386964
CAN-2006-4339
CVE-2006-2937
CVE-2006-2940
CVE-2006-3738

BIND:
VU#697164
VU#915404
CVE-2007-0493
CVE-2007-0494

5.1B-5 (target)

IX 6.7

IM Agents patch 3.6.1 (already available)

 

MD5 checksums are available from the ITRC patch database main page http://www.itrc.hp.com/service/patch/mainPage.do. From the patch database main page, click Tru64 UNIX, then click verifying MD5 checksums under useful links.