======================================================================= Hewlett-Packard OpenVMS ECO Release Notes ======================================================================= 1 KIT NAME: VMS84I_MUP-V0400 2 KIT DESCRIPTION: 2.1 Installation Rating: MUP : Must be installed by all customers. This patch kit is a Mandatory Update kit (MUP). It corrects a critical issue which, if left uncorrected, could result in a non-privileged user compromising system security. All users must install this patch as early as possible. This installation rating, based upon current CLD information, is provided to serve as a guide to which customers should apply this remedial kit. (Reference attached Disclaimer of Warranty and Limitation of Liability Statement) 2.2 Reboot Requirement: No reboot is necessary after installation of this kit, however, there are additional steps that must be performed in order to use the images provided by this kit. Refer to the section titled Special Installation Instructions for required post-installation actions. 2.3 Version(s) of OpenVMS to which this kit may be applied: OpenVMS for Integrity Servers V8.4 2.4 New functionality or new hardware support provided: No 3 KITS SUPERSEDED BY THIS KIT: - VMS84I_MUP-V0300 4 KIT DEPENDENCIES: Page 2 4.1 The following remedial kit(s), or later, must be installed BEFORE installation of this, or any required kit: - VMS84I_PCSI-V0400 - VMS84I_UPDATE-V0600 4.2 In order to receive all the corrections listed in this kit, the following remedial kits, or later, should also be installed: - None 5 NEW FUNCTIONALITY AND/OR PROBLEMS ADDRESSED IN THE VMS84I_MUP-V0400 KIT 5.1 New functionality addressed in this kit Not Applicable 5.2 Problems addressed in this kit 5.2.1 Logins can be stalled causing local/remote denial of service 5.2.1.1 Problem Description: The logins can be stalled causing local/remote denial of service. This stall is seen for both SYS$ACM and non SYS$ACM based logins (i.e. both ACME and non ACME based logins). In the case of non SYS$ACM (non ACME) based login, only specific users might be affected. This problem has been fixed. Images Affected: - [SYSLIB]VMS$VMS_ACMESHR.EXE 5.2.1.2 Quix and PTR cases reporting this problem: Page 3 5.2.1.2.1 Quix Cases QXCM1001244224 5.2.1.2.2 PTR(S) None 5.2.1.3 Release Version of OpenVMS that will contain this change: Next release of OpenVMS Integrity after V8.4 5.2.1.4 Work-arounds: None 6 PROBLEMS ADDRESSED IN PREVIOUS KITS Problems addressed by previously released VMS84I_MUP patch kits can be found in the following files: o VMS84I_MUP-V0100.RELEASE_NOTES o VMS84I_MUP-V0200.RELEASE_NOTES o VMS84I_MUP-V0300.RELEASE_NOTES Before kit installation, these files can be extracted from the kit via the following commands: o To extract all release notes files at once use: PRODUCT EXTRACT RELEASE_NOTES VMS84I_MUP /VERSION=V4.0 - [/file=destination_directory] o To extract a single release notes file use: PRODUCT EXTRACT FILE VMS84I_MUP /VERSION=V4.0 - /SELECT=release_note_name[/DESTINATION=destination_directory] The names of individual RELEASE_NOTES files in the kit can be found with: PRODUCT LIST VMS84I_MUP /VERSION=V4.0 /SELECT = *.RELEASE_NOTES Page 4 7 FILES PATCHED OR REPLACED: o [SYSMSG]CLIUTLMSG.EXE (new image) Image Identification Information Image name: "CLIUTLMSG" Image file identification: "X-3" Image build identification: "0100000068" linker identification: "Linker I02-37" Link Date/Time: 2-MAR-2012 10:35:25.65 Overall Image Checksum: 7B9DF1AC o [SYSEXE]SET.EXE (new image) Image Identification Information Image name: "SET" Image file identification: "X02-00" Image build identification: "0100000068" linker identification: "Linker I02-37" Link Date/Time: 2-MAR-2012 10:36:35.09 Overall Image Checksum: D9FAA0C1 o [SYSMSG]SYSMGTMSG.EXE (new image) Image Identification Information Image name: "SYSMGTMSG" Image file identification: "X-4" Image build identification: "0100000068" linker identification: "Linker I02-37" Link Date/Time: 2-MAR-2012 10:35:26.73 Overall Image Checksum: F5F818D0 o [SYSLIB]VMS$VMS_ACMESHR.EXE (new image) Image Identification Information Image name: "VMS$VMS_ACMESHR" Image file identification: "V1.0" Image build identification: "0100000090" linker identification: "Linker I02-38" Link Date/Time: 29-OCT-2012 14:37:17.25 Overall Image Checksum: 2BDD6483 8 INSTALLATION INSTRUCTIONS Page 5 8.1 Test/Debug Image Loss In the course of debugging problems reported to OpenVMS Engineering, customers may be given debug or point-fix images to install. Typically, these images do not have the same image generation flags contained in images released via the OpenVMS remedial patch process. Because of this, any debug or point-fix image that is in the SYS$COMMON area, will be replaced by any image of the same name installed by this kit. If this occurs, you will lose any functionality that is provided by the replaced image. If you wish to retain these debug or point-fix images, you can take the following steps: o Prior to installing this kit, move the test/debug image(s) to be saved to the SYS$SPECIFIC area. o During kit installation, you will be asked if you wish to delete the image(s) in SYS$SPECIFIC. You should answer NO for each image that you want to keep. o After installation completes, but before rebooting the system (if required), move the image(s) from SYS$SPECIFIC back to SYS$COMMON. 8.2 Compressed File This kit is provided as a Self Extracting ZIPEXE kit. To expand this file to the installable .PCSI file, run the file with the following command: $ RUN VMS84I_MUP-V0400.ZIPEXE 8.3 Installation Command Install this kit with the POLYCENTER Software installation utility by logging into the SYSTEM account, and typing the following at the DCL prompt: PRODUCT INSTALL VMS84I_MUP[/SOURCE=location of Kit] Note that this kit will install with the /SAVE_RECOVERY_DATA option turned on. Using this qualifier will allow easy removal of the kit from the system in the event of problems. If you wish to disable this option you must use the /NOSAVE_RECOVERY_DATA qualifier on the PRODUCT INSTALL command. The /SAVE_RECOVERY_DATA qualifier is optional but highly recommended. Using this qualifier will allow easy removal of the kit from the system in the event of problems. The kit location may be a tape drive, CD, or a disk directory that contains the kit. The /SOURCE qualifier is not needed if the PRODUCT INSTALL command is executed from the same directory as the kit location. Page 6 Additional help on installing PCSI kits can be found by typing HELP PRODUCT INSTALL at the system prompt. 8.4 Scripting of Answers to Installation Questions During installation, this kit will ask and require user response to several questions. If you wish to automate the installation of this kit and avoid having to provide responses to these questions, you must create a DCL command procedure that includes the following logical name definitions and commands: o To avoid the BACKUP question, define the following: $ DEFINE/SYS NO_ASK$BACKUP TRUE o To save replaced files as *.*_OLD define the following logical name as YES. If you do not wish to save replaced files, define the logical name as NO. Note that if you use the /SAVE_RECOVERY_DATA qualifier (recommended) on the PRODUCT INSTALL command all replaced files will be saved as part of that operation. There is no need to also save files as *.*_OLD: $ DEFINE/JOB ARCHIVE_OLD NO o Add the following qualifiers to the PRODUCT INSTALL command and add that command to the DCL procedure. /PROD=HP/BASE=I64VMS/VER=V4.0 [/SOURCE=location of Kit] o De-assign the logical names assigned For example, a sample command file to install the VMS84I_MUP-V0400 kit would be: $ DEFINE/SYS NO_ASK$BACKUP TRUE $ DEFINE/JOB ARCHIVE_OLD NO $! $ PROD INSTALL VMS84I_MUP/PRODUCER=HP/BASE=I64VMS/VER=V4.0 $! $ DEASSIGN/SYS NO_ASK$BACKUP $! $ exit $! 8.5 Special Installation Instructions: After installing this patch restart the ACME_SERVER process by the command: $ SET SERVER ACME_SERVER/RESTART Page 7 9 COPYRIGHT AND DISCLAIMER: (C) Copyright 2012 Hewlett-Packard Development Company, L.P. Confidential computer software. Valid license from HP and/or its subsidiaries required for possession, use, or copying. Consistent with FAR 12.211 and 12.212, Commercial Computer Software, Computer Software Documentation, and Technical Data for Commercial Items are licensed to the U.S. Government under vendor's standard commercial license. Neither HP nor any of its subsidiaries shall be liable for technical or editorial errors or omissions contained herein. The information in this document is provided "as is" without warranty of any kind and is subject to change without notice. The warranties for HP products are set forth in the express limited warranty statements accompanying such products. Nothing herein should be construed as constituting an additional warranty. DISCLAIMER OF WARRANTY AND LIMITATION OF LIABILITY THIS PATCH IS PROVIDED AS IS, WITHOUT WARRANTY OF ANY KIND. ALL EXPRESS OR IMPLIED CONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIED WARRANTY OF MERCHANTABILITY, FITNESS FOR PARTICULAR PURPOSE, OR NON-INFRINGEMENT, ARE HEREBY EXCLUDED TO THE EXTENT PERMITTED BY APPLICABLE LAW. IN NO EVENT WILL HP BE LIABLE FOR ANY LOST REVENUE OR PROFIT, OR FOR SPECIAL, INDIRECT, CONSEQUENTIAL, INCIDENTAL OR PUNITIVE DAMAGES, HOWEVER CAUSED AND REGARDLESS OF THE THEORY OF LIABILITY, WITH RESPECT TO ANY PATCH MADE AVAILABLE HERE OR TO THE USE OF SUCH PATCH.