Document ID: 279947
http://support.veritas.com/docs/279947
E-Mail this document to a colleague
http://support.veritas.com/docs/279947
E-Mail this document to a colleague
Security fix for VERITAS Cluster Server 3.5 (all versions) for HP-UX - Symantec Security Advisory SYM05-023
Details:
This patch resolves a buffer overflow vulnerability in VERITAS Cluster Server 3.5 Update 3 for HP-UX.
This patch can be applied to Update 3 only. All other 3.5 versions must first be upgraded to 3.5 Update 3:http://support.veritas.com/docs/272933
All versions of VERITAS Cluster Server 3.5 on HP-UX are affected and must be upgraded to Update 3 and this patch applied. For further information on this vulnerability, refer to http://support.veritas.com/docs/279870 which also contains links to patches for other platforms and versions.
This patch also contains a number of fixes for incidents not related to security (see below).
Refer to the information included in the patch file for installation instructions
Download Now - 24145 K
File Name: HPUX_VCS3.5U3l+i18n-secfix-e418977a_279947.tar.Z
File Type: Patch
Click Below to Browse the FTP files by Product:
ftp.support.veritas.com/pub/support/products
This patch resolves a buffer overflow vulnerability in VERITAS Cluster Server 3.5 Update 3 for HP-UX.
This patch can be applied to Update 3 only. All other 3.5 versions must first be upgraded to 3.5 Update 3:http://support.veritas.com/docs/272933
All versions of VERITAS Cluster Server 3.5 on HP-UX are affected and must be upgraded to Update 3 and this patch applied. For further information on this vulnerability, refer to http://support.veritas.com/docs/279870 which also contains links to patches for other platforms and versions.
This patch also contains a number of fixes for incidents not related to security (see below).
Refer to the information included in the patch file for installation instructions
Download Now - 24145 K
File Name: HPUX_VCS3.5U3l+i18n-secfix-e418977a_279947.tar.Z
File Type: Patch
Click Below to Browse the FTP files by Product:
ftp.support.veritas.com/pub/support/products
Supplemental Material:
| System: Ref.# | Description |
| ETrack: 251650 | Reject setting frozen = 1 and tfrozen = 1 at same time. |
| ETrack: 254859 | HAD assert failure when remaining node in 3-node cluster is stuck in LEAVING state. |
| ETrack: 256416 | Maintain AutoStart state across failovers. |
| ETrack: 267994 | HAD core when group is changed from Parallel to Failover. |
| ETrack: 284786 | When server returns ECONREFUSED, localhost should retry before exit. |
| ETrack: 312812 | Modify halog for UTF8 encoding. |
| ETrack: 368367 | Modify ha commands to show output when debug log tag is set. |
| ETrack: 322217 | Removed unnecessary call from hacf. |
| ETrack: 426545 | Add engine check for username password length. |
| ETrack: 426548 | Packaging changes to remove root suid in some binaries. |
Products Applied:
Cluster Server for UNIX 3.5 (HP-UX), 3.5 U1 (HP-UX), 3.5 U2 (HP-UX), 3.5 U3 (HP-UX)
Cluster Server for UNIX 3.5 (HP-UX), 3.5 U1 (HP-UX), 3.5 U2 (HP-UX), 3.5 U3 (HP-UX)
Last Updated: November 08 2005 06:48 PM GMT
Expires on: 365 days from publish date
Subscribe to receive critical updates about this document
Expires on: 365 days from publish date
Subscribe to receive critical updates about this document
Subjects:
Cluster Server for UNIX
Application: Patches
HP-UX
Application: Patches
Cluster Server for UNIX
Application: Patches
HP-UX
Application: Patches
Languages:
English (US)
English (US)
Operating Systems:
HP-UX
HP-UX
11.0.
Symantec World Headquarters:
20330 Stevens Creek Blvd. Cupertino, CA 95014
World Wide Web: http://www.symantec.com,
Tech Support Web: http://entsupport.symantec.com,
E-Mail Support: http://seer.entsupport.symantec.com/email_forms,
FTP: ftp://ftp.entsupport.symantec.com or http://ftp.entsupport.symantec.com
20330 Stevens Creek Blvd. Cupertino, CA 95014
World Wide Web: http://www.symantec.com,
Tech Support Web: http://entsupport.symantec.com,
E-Mail Support: http://seer.entsupport.symantec.com/email_forms,
FTP: ftp://ftp.entsupport.symantec.com or http://ftp.entsupport.symantec.com
THE INFORMATION PROVIDED IN THE SYMANTEC SOFTWARE KNOWLEDGE BASE IS PROVIDED "AS IS" WITHOUT WARRANTY OF ANY KIND. SYMANTEC SOFTWARE DISCLAIMS ALL WARRANTIES, EITHER EXPRESS OR IMPLIED, INCLUDING THE WARRANTIES OF MERCHANTABILITY AND FITNESS FOR A PARTICULAR PURPOSE. IN NO EVENT SHALL SYMANTEC SOFTWARE OR ITS SUPPLIERS BE LIABLE FOR ANY DAMAGES WHATSOEVER INCLUDING DIRECT, INDIRECT, INCIDENTAL, CONSEQUENTIAL, LOSS OF BUSINESS PROFITS OR SPECIAL DAMAGES,EVEN IF SYMANTEC SOFTWARE OR ITS SUPPLIERS HAVE BEEN ADVISED OF THE POSSIBILITY OF SUCH DAMAGES. SOME STATES DO NOT ALLOW THE EXCLUSION OR LIMITATION OF LIABILITY FOR CONSEQUENTIAL OR INCIDENTAL DAMAGES SO THE FOREGOING LIMITATION MAY NOT APPLY.