 |
≫ |
|
|
|
パッチ名: PHCO_36760
パッチ摘要: 11.31 libpam_unix累積パッチ
作成日: 07/07/02
公開日: 07/08/21
ハードウェアプラットフォームおよびOSリリース:
11.31
現象:
PHCO_36760:
(SR:8606490020 CR:JAGag42501)
PAMアプリケーションでのメモリーリーク。
問題点の説明:
PHCO_36760:
(SR:8606490020 CR:JAGag42501)
pam_authenticate(3)インタフェースを使用するマルチスレッドアプリケーシ
ョンで、メモリーリークが起きることがありました。
解決方法:
メモリーリークが起きないようにlibpam_unixライブラリを修正しました。
-----------------------------------------------------------------------------
Patch Name: PHCO_36760
Patch Description: 11.31 libpam_unix cumulative patch
Creation Date: 07/07/02
Post Date: 07/08/21
Hardware Platforms - OS Releases:
11.31
Products: N/A
Filesets:
OS-Core.CORE-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP
OS-Core.CORE-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP
Automatic Reboot?: No
Status: General Release
Critical:
Yes
PHCO_36760: MEMORY_LEAK
Category Tags:
defect_repair enhancement general_release critical
memory_leak
Path Name: /hp-ux_patches/11.X/PHCO_36760
Symptoms:
PHCO_36760:
( SR:8606490020 CR:JAGag42501 )
Memory leak in a PAM application.
PHCO_36482:
( SR:8606447411 CR:JAGag04752 )
This patch is a member of a set needed to enable the
optional HP-UX AccessControl bundle, version B.11.31.04.
Upon installation, the AccessControl bundle will install
the full set of patches (including this one) required to
enable the AccessControl B.11.31.04 features. If the HP-UX
RBACExt product is not installed, these changes will have no
impact on your system.
( SR:8606472428 CR:JAGag27306 )
When changing passwords, some passwords that should be
rejected are permitted.
Defect Description:
PHCO_36760:
( SR:8606490020 CR:JAGag42501 )
A multi-threaded application can experience a memory
leak when using the pam_authenticate(3) interface.
Resolution:
Fixed a memory leak in the libpam_unix library.
PHCO_36482:
( SR:8606447411 CR:JAGag04752 )
This patch contains enhancements that support the
features included in the HP-UX RBACExt product.
Resolution:
When the HP-UX RBACExt product is installed, this module
implements new security features in PAM.
( SR:8606472428 CR:JAGag27306 )
Passwords that should be rejected by libpam_unix are
incorrectly evaluated as valid.
Resolution:
The problem has been fixed in the libpam_unix library.
Enhancement:
No (superseded patches contained enhancements)
PHCO_36482:
Support added for the HP-UX Role-Based Access
Control Extensions (RBACExt) product, version
B.11.31.04.
SR:
8606490020 8606447411 8606472428
Patch Files:
OS-Core.CORE-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP:
/usr/lib/security/pa20_64/libpam_unix.so.1
OS-Core.CORE-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP:
/usr/lib/security/libpam_unix.so.1
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP:
/usr/lib/security/hpux64/libpam_unix.so.1
/usr/lib/security/pa20_64/libpam_unix.1
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP:
/usr/lib/security/hpux32/libpam_unix.so.1
/usr/lib/security/libpam_unix.1
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP:
/usr/lib/security/pa20_64/libpam_unix.1
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP:
/usr/lib/security/libpam_unix.1
what(1) Output:
OS-Core.CORE-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP:
/usr/lib/security/pa20_64/libpam_unix.so.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
OS-Core.CORE-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP:
/usr/lib/security/libpam_unix.so.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP:
/usr/lib/security/hpux64/libpam_unix.so.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
/usr/lib/security/pa20_64/libpam_unix.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP:
/usr/lib/security/hpux32/libpam_unix.so.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
/usr/lib/security/libpam_unix.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP:
/usr/lib/security/pa20_64/libpam_unix.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP:
/usr/lib/security/libpam_unix.1:
$Revision: @(#) hpux R11.31_BL2007_0702_3 PATCH_11.3
1 PHCO_36760
cksum(1) Output:
OS-Core.CORE-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP:
605204711 180472 /usr/lib/security/pa20_64/libpam_unix.so.1
OS-Core.CORE-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA/PA,v=HP:
1402154970 172032 /usr/lib/security/libpam_unix.so.1
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP:
1345765535 447360 /usr/lib/security/hpux64/libpam_unix.so.1
605204711 180472 /usr/lib/security/pa20_64/libpam_unix.1
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_IA,v=HP:
122663962 438612 /usr/lib/security/hpux32/libpam_unix.so.1
1402154970 172032 /usr/lib/security/libpam_unix.1
OS-Core.CORE2-64SLIB,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP:
605204711 180472 /usr/lib/security/pa20_64/libpam_unix.1
OS-Core.CORE2-SHLIBS,fr=B.11.31,fa=HP-UX_B.11.31_PA,v=HP:
1402154970 172032 /usr/lib/security/libpam_unix.1
Patch Conflicts: None
Patch Dependencies: None
Hardware Dependencies: None
Other Dependencies: None
Supersedes:
PHCO_36482
Equivalent Patches:
PHCO_36759:
s700: 11.23
s800: 11.23
Patch Package Size: 660 KBytes
Installation Instructions:
Please review all instructions and the Hewlett-Packard
SupportLine User Guide or your Hewlett-Packard support terms
and conditions for precautions, scope of license,
restrictions, and, limitation of liability and warranties,
before installing this patch.
------------------------------------------------------------
1. Back up your system before installing a patch.
2. Login as root.
3. Copy the patch to the /tmp directory.
4. Move to the /tmp directory and unshar the patch:
cd /tmp
sh PHCO_36760
5. Run swinstall to install the patch:
swinstall -x autoreboot=true -x patch_match_target=true \
-s /tmp/PHCO_36760.depot
By default swinstall will archive the original software in
/var/adm/sw/save/PHCO_36760. If you do not wish to retain a
copy of the original software, include the patch_save_files
option in the swinstall command above:
-x patch_save_files=false
WARNING: If patch_save_files is false when a patch is installed,
the patch cannot be deinstalled. Please be careful
when using this feature.
For future reference, the contents of the PHCO_36760.text file is
available in the product readme:
swlist -l product -a readme -d @ /tmp/PHCO_36760.depot
To put this patch on a magnetic tape and install from the
tape drive, use the command:
dd if=/tmp/PHCO_36760.depot of=/dev/rmt/0m bs=2k
Special Installation Instructions: None
|
