What problems were fixed by Open UNIX 8.0.0 Maintenance Pack 7? KEYWORDS: fixes 800 8.0.0 ou8 Open UNIX maintenance pack 7 mpack7 mpack fix problem list bug fixed in latest RELEASE: Open UNIX 8 Release 8.0.0 PROBLEM: What problems were fixed by the Open UNIX 8.0.0 Maintenance Pack 7? SOLUTION: The list below contains details of the problems fixed by this Maintenance Pack: For Installation instructions for this Maintenance Pack, please see: ftp://ftp.sco.com/pub/openunix8/ou800pk/ou800pk7.txt or TA#125756. ---------------------------------------------------------------------------- Table Of Contents : I. Comprehensive List of Problems Fixed. A. Problems fixed in Maintenance Pack 1. B. Problems fixed in Maintenance Pack 2. C. Problems fixed in Maintenance Pack 3. D. Problems fixed in Maintenance Pack 4. E. Problems fixed in Maintenance Pack 5. F. Problems fixed in Maintenance Pack 6. G. Problems fixed in Maintenance Pack 7. II. Supplementary Documentation III. File Contents. IV. Escalation Fixes in this Maintenance Pack ---------------------------------------------------------------------------- I. Comprehensive List of Problems Fixed. =============================================================== A. Problems fixed in Maintenance Pack 1: VM Fixes: 1. System panic in hat_loadpte. fz517873. Networking Fixes: 2. Locking problems in socksys code may result in panics. fz518024. 3. NFS lockd daemon may never exit the grace period. fz516979. 4. If two "arp -d" are called in quick succession on an SMP machine, one of the entries may not be deleted. fz516107. 5. Some problems in setting up new modem configuration. fz516955. 6. Mailx is corrupted after OU800 ISL in non-English locale. fz518317. Mass Storage Fixes: 7. Tape drives with multiple LUNs are not supported. fz518061. LKP Fixes: 8. Panics crossing linux mount points. fz518139/fz517616. 9. The Linux getcwd system call is off by one. fz515727. 10. A panic in lx_socketcall, exhibited as a kernel mode address fault on a user address. fz518062. 11. Locking misuse in lx_ptrace path (strace). fz517812. 12. Linux mode directory "..", broken across mountpoints. fz518141. 13. Linux pread/pwrite fails for large files. fz516067. 14. Linux mode crossing NFS mount points is broken. fz518244. 15. LKP id limited to 9 processors. fz518320. Package Installation Fixes: 16. The pkginstall needs changes for supporting pkgadds using response files. fz517599. =============================================================== B. Problems fixed in Maintenance Pack 2: System Name Change Fix: 17. Some third party applications for UnixWare 7 could not be installed on Open UNIX 8.0.0 due to the installation requiring a system name (see uname -s) of UnixWare and/or a system version (see uname -v) of 7.X.X. The kernel module and application included allow the system name and/or version to be temporarily changed, and provide an option for restoring the default system name and version. For example, after installing this ptf, this command, executed by user "root" (superuser): # chsysinfo uw7 will replace the system name and version with "UnixWare" and "7.1.2" respectively. The command: # chsysinfo default (also run by user "root") will restore the default values of the system name and version, "OpenUNIX" and "8.0.0", respectively. These changes are effective system wide. Changes to the system name and version effected by this utility will not persist across a reboot of the system. Upon reboot, the system will always have the default values, as specified in the file: /etc/conf/pack.d/name/space.c. There are utilities that require the correct, default, settings for the system name and version, such as "pkgadd". After using this utility to allow installation of a specific third party product, "chsysinfo default" should be used to reset the system name and version to their default values. erg711813/fz518652. Security Fixes: 18. A buffer overflow in in.telnetd, the telnet server daemon, may allow unauthorized users to obtain root access. erg711792/fz518483. 19. A very long TERM environment variable caused the "su" command to have a segmentation violation. It is possible that this could be used by unauthorized users to gain privilege. erg711792/fz518483. 20. Long values of the TERM variable can cause the su command to have a segmentation violation. This might be exploited by an unauthorized user to gain privilege. erg711787/fz518445. 21. A very long -S argument caused the "uidadmin" command to have a segmentation violation. It is possible that this could be used by unauthorized users to gain privilege. erg711722/fz517644. 22. A long argument to lpsystem can cause lpsystem to have a segmentation violation. This might be used by an unauthorized user to gain privilege. erg711789/fz518450. 23. An exceedingly long argument to uux can cause a segmentation violation. This might be used by an unauthorized user to gain privilege. erg711724/fz517646. 24. Very long arguments to the line printer utilities accept, reject, enable and disable caused a segmentation violation. This could be used by an unauthorized user to gain privilege. erg711788/fz518448. 25. Fixed several security issues with packaging commands. erg711743/fz517933. VM Fixes: 26. Possible panic in physreq_met(). erg711842/fz518875. Networking Fixes: 27. Race condition between tcp_close() and tcp_uinput(). tcp_close can nullify a queue pointer without holding appropriate locks which results in a panic when tcp_uinput dereferences it. erg711797/fz518487. 28. IP_MULTICAST_LOOP option was not working. erg501536/fz148034. 29. Removing last configured NIC using ndcfg also removed the loopback driver. erg711211/fz510320. 30. The number of simultaneous rsh connections between two hosts was increased from 256 to over 500. erg711763/fz518153. 31. The rcp command fails to copy large files (>2GB). erg711469/fz513175. 32. The daemon lockd causes high CPU load if the remote file is blocked by somebody else for a long time. lockd may lose unlock requests when the network is highly congested. erg711654/fz516440. Mass Storage Fixes: 33. Adding a second IDE disk, process hangs. erg501537/fz518642. 34. The system is unable to read beyond 273MB on a DVD or DVD-RAM. erg711806/fz518480. 35. Fixed a problem in disksetup where it was rounding up slice sizes to cylinder boundaries when slice sizes were specified in M (for mega bytes) slice size specification. This was causing the last slice to run out of space. erg501262/fz176128. 36. ARCserve can not read tapes and operate the media changers. erg711848/fz518916. LKP Fixes: 37. Linux calls the signal handler on a synchronous trap even if this signal is masked. 38. When delivering a signal Linux unmasks the current signal if the flag SA_NODEFER is set while Open UNIX masks the current signal if this flag is not set. erg711795/fz518501. 39. LKP fsync error parsing differs from native Linux for read-only file descriptors. erg711808/fz518630. 40. The linux command getcwd gets confused, e.g. vi fails but vi ./ succeeds. erg711845/fz517494. 41. Linux setpriority fails with EPERM. erg711845/fz518379. 42. In the linux environment NIC MULTICAST fails. erg711845/fz518321. 43. LKP getsockname on unbound sockets should return linux behavior. This fix is required to install Informix 9.30. erg711855/fz518968. Printing Fixes: 44. Cannot print by using parallel port to Epson LP-8700, LP-8600FX and LP-1900. erg501510/fz517153. 45. Unisys printer types (AP*) were not fully recognized by the printer subsystem. One manifestation of this problem was that the Pound currency symbol was not being printed when a Unisys printer type was configured. erg711762/fz517998. 46. After canceling a print job from Open UNIX and switching off the printer & print server (to clear their buffers), when switching the printer/printserver back on - the print job magically starts over from the beginning. erg501497/fz516008. 47. Print scheduler (lpsched) appears to hang for the following reason: Two minutes after printing a job to a remote printer, lpsched sends a status request to that printer. If the printer is not available, it resends the status request. Moreover, after every 2 minutes, it generates a new status request message to be send to that printer. The end result is that first, a lot of bandwidth is wasted and second, when the printer becomes available, lpsched becomes busy in sending those duplicate status request messages. The actual print jobs thus got delayed and this can appear to be a hang to the user. erg711619/fz193896. 48. Print scheduler (lpsched) retries to send status request messages to remote printer even if it is not responding. This wastes lot of bandwidth. Modified lpsched so that only one attempt is made to send a status request message. erg711570/fz515232. 49. Print scheduler hangs. erg711726/fz517671. Package Installation Fixes: 50. Using the commands pkgchk, pkgtrans, pkginfo on packages on a DAT drive fail with the following error message: "UX:cpio: HALT: Bad magic number/header. 1 error UX:pkginfo: ERROR: attempt to process package from failed" This was because bufsiz was being read from /etc/device.tab and was no longer fixed 512. Unfortunately this causes some tapes to fail (bufsiz 65536). Changed behavior such that if the value read from /etc/device.tab causes the cpio to fail, we retry with 512. Also added new option to these commands ( -b bufsize ) to specify bufsize. This problem does not occur with pkgadd as it was fixed in Open UNIX 8. However, the solution for pkgadd is now ported to the other commands. erg711602/fz515690. Shell Fixes: 51. Ksh may crash in the Emacs editing mode. erg501530/fz518348. 52. Ksh history file may grow to very large size (up to ulimit) if the account is used continuously by multiple users. erg711768/fz518242. Other Fixes: 53. The fs wio counter (reported by sar and rtpm) can get corrupted. erg711728/fz517761. 54. The command "sar -r" running in 1-second intervals may occasionally report double values. erg711620/fz515821. 55. The command wall -g only works with supplementary groups. It does not work with primary groups. erg501494/fz515717. 56. The dfspace command erroneously reports space in pseudo filesystems (e.g. /dev/_tcp). Also dfspace reports space within the same filesystem multiple times e.g. if /sbin & /usr are both contained within the root filesystem "dfspace /sbin /usr", will sum / twice. erg711776/fz518303. 57. The resmgr hangs in very large configurations under extreme load. erg711771/fz518090. 58. The ps process hangs. erg711845/fz518672. 59. Emergency restore diskette/tape does not re-create the raw slices. erg501521/fz517866. 60. The time zone CET has obsolete date of switch back from the summer (daylight saving) time. Its synonym MET is already fixed. erg501457/fz514186. 61. Static binaries mistakenly had stderr fully buffered. erg711787/fz518445. 62. The function copysign[fl]() failed to return the generated floating value. fz518190. 63. C++ binary compatibility problem the UDK Feature Supplement (VERSION 7.1.1b) and Open UNIX 8. erg711777/fz516670. 64. The header file /usr/include/pthread.h needed updating (failed to be included in the syshead package). fz516313. 65. MySql daemon fails to start. fz519152. 66. System hangs every 30 seconds when MS sends a large number of mails. erg711879/fz519190. =============================================================== C. Problems fixed in Maintenance Pack 3: Security Fixes: 67. Buffer overflow in pppattach. erg711869/fz519119. 68. Potential security vulnerability in ftpd. erg711908/fz519403. 69. Security fix for a buffer overflow in the DCE ToolTalk library, affecting dtmailpr. erg711870/fz519120. 70. Security fix for a buffer overflow in the DCE SPC library, affecting dtspcd. erg711881/fz519245. 71. CDE ToolTalk RPC server (rpc.ttdbserverd) format string vulnerability. erg711831/fz518746. 72. Dtterm argument buffer overflow vulnerability. erg711857/fz518986. 73. Fixed a dtaction argument buffer overflow. erg711711/fz517518. 74. Fixed a dtprintinfo environment buffer overflow. erg711816/fz518665. 75. Fixed a dtsession environment buffer overflow. erg711817/fz518666. 76. LD_LIBRARY_PATH ignored in xterms on re-login to CDE. erg711820/fz518679. 77. The daemon timed does not enforce null on strings passed around in tsp. erg711890/fz519311. VM Fixes: 78. FDDI saturates 1st processor when over 4 GB memory. erg711867/fz519092. Networking Fixes: 79. The function _xconnect() masks SIGWAITING thus disabling threads suspend() functionality. erg711885/fz519280. 80. When sending a file descriptor through an AF_UNIX socket and closing the sending side of the socket immediately afterwards, this file descriptor can't be received. erg711935/fz519762. 81. The commands rexec/rsh to LKP bash shell fails. erg711893/fz518970. 82. Fixed the script /etc/confnet.d/inet/configure. erg711630/fz516139. 83. NIS users logging on NIS client machines were experiencing noticable delays at the time of login. erg711888/fz519310. 84. DHCP Server does not work, fails with recvmsg: Bad address erg501540/fz518889. 85. Fixed the scoadmin DNS problem. Now, DNS can be configured using scoadmin on Open UNIX. A shell script /usr/sbin/ndc has been introduced to fix the problem. This shell script creates a default rndc configuration file in /etc/inet/rndc.conf. If the administrator wishes to change the rndc configuration, he has to do it manually (see BIND documentation). erg501532/fz518460. 86. Panic in cleanlist() when unsharing NFS exports. erg711862/fz519039. 87. NFS lockd can't communicate with Linux and other implementations which are not SVR4-derived. This happens because lockd uses high port numbers and thus is not RFC-compliant. erg711919/fz519604. 88. Increase the maximum TIDU size for communication via TCP/IP to 65273 bytes. erg711891/fz519313. 89. Stopping of PPP may hang. erg711866/fz519087. 90. The NetBIOS driver may panic the kernel under stress load. erg711497/fz513836. Mass Storage Fixes: 91. In some cases, when using MPIO, a failed path can result in rtpm and sar (sadc) failing after the sdipath command. erg711708/fz517440. 92. DCU only works on first 256 resmgr entries. erg711818/fz518671. File System Fixes: 93. Panic occurs when trying to access dosfs filesystem in Japanese environment. erg501547/fz519410. LKP Fixes: 94. Connect on an AF_UNIX, SOCK_DGRAM socket under LKP fails with EPROTO. erg711904/fz519327. 95. Linux free utility reports incorrect amounts of free memory. fz518166. 96. LKP lseek64 erroneously returns non zero on success. erg711901/fz518166 97. LKP ptrace setfpregs and kill functions write stack junk to proc control. fz518999. 98. The linux command ltrace doesn't work on lkp. fz518451. 99. Mozilla cannot connect to remote (non-file:/) URLs. fz519537. Shell Fixes: 100. Korn Shell (ksh) was memory faulting when the following script was executed. erg501553/fz519616. Script A: ksh.memfault Line Code 1 #!/bin/ksh 2 echo `ksh.memfault.2` Script B: ksh.memfault.2 Line Code 1 2 a_function () 3 { 4 ( echo hello 5 echo hello 6 ) 7 } 8 ps -f CDE fixes: 101. Dtterm crashes when opening 26th window. erg501502/fz516288. 102. dtlogin parent killed when child cleaned up erg711643/fz516290. Other Fixes: 103. Auditrpt always gives a warning that the log file and map file do not match because the log file contains the CPU ID string (like "Pentium II" or "AMD-K6") while map file always contains "i386". erg501431/fz181490. 104. The command ps -e -o etime, displays the days incorrectly. erg711755/fz518021. 105. Sometimes "at" jobs end in a ulimit error. fz518862. 106. The files utmp/utmpx were getting corrupted. Finger(1tcp) and who show users logged in, but 'ps -ef' does not. erg711637/fz516225. 107. Improved the recognition of Extended Standard parallel ports, in particular on the PC97317 Super I/O chip in SPP mode. Added support for the generic EPP- and ECP-capable parallel ports. No port address auto-detection is provided, so it must be configured properly with dcu. The port type should be properly set manually to MFPD_GENERIC_EPP or MFPD_GENERIC_ECP in /etc/conf/pack.d/mfpd/space.c. erg711448/fz512630. 108. Make fails on long dependency lists. erg711914/fz519540. 109. 8th processor isn't receiving interrupts on Intel Saber. erg711909/fz519474. 110. Added ability to import long (>8 characters) passwords from OSR5. erg711771/fz518288. 111. Fixes problem with /proc/N/cmdline mishandling spaces in arguments. fz519561. 112. Performance of close on large read-only files with many pages cached in memory is improved. erg711569/fz515210. 113. Doing nlist with a deeply recursive glob argument in an ftpd session consumes a very large amount of disk and CPU resources on the server, thus constituting a denial of service attack. erg501215/fz228396 =============================================================== D. Problems fixed in Maintenance Pack 4: Security fixes: 114. snmpd has many memory faults; major security vulnerability. erg711937/fz519781 115. The sort(1M) command creates tmp files insecurely. erg711766/fz518198 116. /var/dt mode is now changed from 0777 to 1777. erg711939/fz519804 117. /usr/dt/bin/rpc.cmsd can be remotely exploited. erg711942/fz519829 118. SECURITY - uudecode does not validate the filename, it should not write to pipes or symbolic links. CSSA-2002-SCO.44/erg712093/fz521051. LKP: 119. Oracle encounters Java exception under LKP when piping data from standard input. erg711964/fz520190. 120. After a seemingly successful installation of StarOffice 5.2 on OpenLinux 3.1.1 on LKP, running office52/soffice fails giving the following message: "There are files missing. Please check application setup. Aborted." This problem is caused by a bug in the proc file system processing code caused some applications invoked with multiple null options to fail. fz519783 121. Under LKP, Java 1.3.1 multicast sockets fail to bind to a port already in use even if both applications set SO_REUSEADDR socket option. When a Multicast port is already in use under LKP, subsequent attempts to bind to this port failed. erg711991/fz520365. 122. The device nodes under LKP may point to wrong OpenUNIX device if the major numbers of the underlying OpenUnix devices change dynamically. erg712039/fz520195. 123. Under MP, a threads race condition occasionally hung LKP applications. What happened was that one thread would suspend and then quickly resume a second thread, and the second signal would arrive while the first signal was being processed. As a result, a sigsuspend would never return. This would cause Java, and other various application hangs under LKP. erg712027/fz520699 . 124. After running Linux programs in LKP, the OpenUNIX command "tty" gives a incorrect result. erg712044/fz520297. 125. Repaired a memory leak in LKP. erg712047/fz520574. 126. The Linux XF86 server dumps core during access to I/O ports. erg712046/fz520460. 127. The library glibc gets confused when brk returns -1. fz520171. Mass Storage: 128. The commands sdiadd and pdi_hot can result in a panic. erg711994/fz520208. 129. If the disk device returns the block size that is not a multiple of 512 bytes, the vtoc code may panic. erg712005/fz520513. 130. Added support for PCI SubDeviceID, SubVendorID and ProgIf in the Drvmap and Bcfg driver configuration files. Please see the Section VIII. Additional Documentation for more information. erg711563/fz515175. Networking: 131. Fixed a memory leak in the inet driver. erg711998/fz529425. 132. The default value for xipttl is zero. erg711955/fz520093. 133. If an explicit setsockopt call is not made, the Open UNIX getsockopt system call did not set default socket and UDP buffer sizes. Applications that depend on default values being set for these buffer sizes would then fail. erg712024/fz520666. 134. Installation of Tarantella 3.2 hangs on OU8 + mpack3 due to connect() restart issues. erg501611/fz520990. 135. Unable to start KDE2 fz521110. 136. The system may experience an extremely rare panic when a socket is reused after an unsuccessfull connection attempt to do another connection attempt. erg712031/fz520798. Printing Fixes: 137. The printing system does not properly handle lines longer than 1024 bytes in the printjob request files. Printjob request files are: /var/spool/lp/requests// erg711957/fz520136. 138. After failing to fork child process, Connection Server is no longer accepting connection requests from clients. This was manifesting as print failure since lpsched uses cs_connect() to make network connections. erg501555/fz519741. OKP Fixes: 139. User level OpenServer ELF binary could panic the system. fz514721. 140. Corrected a problem setting O_NDELAY on sockets created with socksys() interface by OSR5 binary. fz519576. 141. The function stat() fails with EOVERFLOW when: inode # > USHRT_MAX. fz519536. Filesystems Fixes: 142. Fixed a panic in dounmount+37 when closing fifo stream. erg711929/fz519727. 143. VXFS may panic when a large write request is performed on a highly fragmented filesystem. erg711945/fz519905. 144. Replacing a failed root disk mirror via vxdiskadm does not make it bootable. erg501390/fz224459. VM Fixes: 145. Multi-threaded applications generating excessive TLB shootdowns will panic/hang very fast Pentium IV systems in PAE mode. erg501595/fz520652. Backup/Restore Fixes: 146. The cpio option '-r' (rename files during restore) fails when the file being restored is larger than 2Gb. erg711883/fz519251. 147. When cpio is used with -G option has a timing issue. erg711961/fz520133. Misc. Fixes: 148. The utility /usr/bin/passwd limits the password length to 6 characters if PASSLENGTH > 8 in /etc/default/passwd file. erg711993/fz520177. 149. Intermittent hangs during APIC initialization after reboot. erg501576/fz520203. 150. Fixed a core dump by prof if it encounters a shared object that uses a .dynsym symbol table rather than a .symtab symbol table. erg711860/fz519005. 151. Added two new options to syslogd to reduce the disk thrashing by reducing the frequency of fsync: -k fsync only kernel messages -l in addition to kernel messages, fsync any of specified priority level or above. Usage: syslogd [-d] [-k [-l<0-7>]] [-mmarkinterval] [-ppath] [-fcon ffile] For priority levels see /usr/include/sys/syslog.h. erg501108/fz172739. 152. Added a new option -D to sar to report separate read/write metrics. sar -D shows: device, MB, %busy, avque, r/s, r_blks/s, w/s, w_blks/s sar -D -R (for raw information shows) device, MB, busy, r, r_blks, w, w_blks where r/w is number of reads/writes and r_blks/w_blks is number of read/write in blocks. erg711814/fz518658. 153. While restoring account profiles with long passwds, ap(1M) puts the full encrypted passwd in /etc/shadow as opposed to the first 13 characters. erg711992/fz520373. 154. The rtpm utility fails to report some metrics on large systems. erg711815/fz518659. 155. The program ttymon has a memory leak. erg711861/fz519008. 156. The devices /dev/random & /dev/urandom need a poll entry point. fz520405. =============================================================== E. Problems fixed in Maintenance Pack 5: Networking Fixes: 157. With the NIS package installed, getgrnam() and getgrgid() were failing with large /etc/group files (> 200 entries in one group). erg711621/fz515908. 158. On NIS clients, useradd adds user at the end of file after the "+" entry. fz521536. 159. Telnet shows system as "Open UNIX" even after it is changed to "UnixWare" through /usr/sbin/chgsysinfo. erg712043/fz520866. 160. Improved network printing performance. erg712041/fz520932. 161. When receiving data from a TCP socket it may lock up indefinitely with data buffered up in the kernel but never returned to the process. erg501604/fz520887. Utility Fixes: 162. Several OS commands (groupadd, groupmod, groupdel, grpck) fail when /etc/group file has many users (1000+) in one group. erg711623/fz515951. 163. The command emergency_rec(1M) does not work with large block sizes. Note: You must recreate the Disaster Recovery Floppies and the Backup tape after installing this fix. erg711575/fz515294. 164. The command emergency_rec(1M) fails to restore files from /home2 on 2nd disk. fz516809. 165. The utility vxdump -n fails to notify users in operater group. erg712091/fz521398. 166. The utility sac(1M) limits the number of portmonitors to 50. erg712150/fz519426. 167. The command pwck(1M) does not display the line being processed when encountering errors. erg712157/fz518020. 168. Dump would hang forever when the dump device was attached to an I2O controller. erg711958/fz520138. PPP Fixes: 169. PPP daemon does not attempt to make a connection using other links in a bundle, after it fails to make a connection using the first link in that bundle. erg501649/fz525848. 170. On a huge ppp configuration, pppd is dying with the following messages on the ppp.log: "Oct 01 12:43:39 : Bundle NO0063 : act_lock: lock timeout, m 8348da8 Oct 01 12:43:39 : ERROR ASSERT FAILED: 0, file act.c, line 106" erg501668/fz526254. 171. Repaired a panic in the PPP driver - pppwsrv() - due to race condition. erg501673/fz526330. 172. Repaired a communication problem between ppp and pcid drivers. erg501678/fz526352. 173. Due to race condition, pppd was exiting with the following: "ASSERT FAILED: ab == al->ah_link.al_bundle, file cd.c, line 660" erg501674/fz526341. 174. PPP Demon was giving the following error: "Bundle xxx : IPCP ERROR Interface pppx - Failed to set netmask, 22" erg501669/fz526275. 175. Repaired a panic in the PPP pcid driver. erg501650/fz525867. 176. The ttymon(1M) sometimes stops listening to a port after PPP disconnect. erg501634/fz525626. 177. The ioctl TCSETAW hangs if an XOFF character has been received on serial port. erg710968/fz228419. Security Fixes: 178. SECURITY - Closing file descriptors 0, 1 and/or 2 before exec'ing a setuid program can make this program open files under these file descriptors, which have special meanings for libc (stdin/out/err). This makes it possible to read or write to root owned files. CSSA-2002-SCO.43/erg712059/fz526562. 179. SECURITY - A rogue talk client is able to cause talk demon to overrun a buffer, and could be able to compromise privilege of the machine running talkd. CSSA-2002-SCO.42/erg712055/fz521053. 180. SECURITY - uudecode does not validate the filename, it should not write to pipes or symbolic links. CSSA-2002-SCO.44. 181. SECURITY - A command line buffer overflow in ps can be exploited. CSSA-2003-SCO.1/erg712109/fz525923. 182. SECURITY - The implementation of xdr_array can be tricked into writing beyond the buffers it allocated when deserializing the XDR stream. erg501642/fz525725. 183. SECURITY - Buffer overflow in XDR portion of libnsl library. erg712182/fz526861. 184. SECURITY - ftpd data connection hijacking using PASV mode CSSA-2002-SCO.23/erg712065/fz520882. 185. SECURITY - dtprintinfo buffer overflow with Help search CSSA-2002-SCO.30/erg712032/fz520821. 186. SECURITY - ppptalk root privilege vulnerability CSSA-2002-SCO.27.1/erg712071/fz521199. 187. SECURITY - rcp of /proc causes denial-of-service CSSA-2002-SCO.41/erg712112/fz525927. 188. SECURITY - command line buffer overflow in ndcfg. CSSA-2002-SCO.36/erg712108/fz525920. 189. SECURITY - in.rarpd format string vulnerability in error() and syserr(). CSSA-2002-SCO.29/erg712062/fz521092. 190. SECURITY - An improved fix for open relay in sendmail. erg501486/fz515369. 191. SECURITY - Introduced new tunable COREFILE_SECURE. To enable privileged or setuid/setgid processes to dump core, containing potentially sensitive data, tune COREFILE_SECURE to 0. erg712163/fz526524. Misc. Fixes: 192. Fixed an issue where v86bios panics. erg712098/fz525652. 193. If an escape sequence is sent to /dev/vt** with the cat(1) command it could cause a panic. erg711952/fz520009. 194. Multi-threaded application may hang in an unkillable sleep, when exec'ing. erg712172/fz526750. 195. Fixed issues that could cause a panic in the xcstat, cstat, lxstat family of calls. erg501616/fz521097. 196. Fixed a panic caused by kma corruption in tcp code. erg712086/fz521356. 197. Fixed a panic in dlpi_send_ioctl_reply+21. erg712069/fz521165. 198. Fixed a panic in lock_nodbg. erg712060/fz521088. 199. Fixed a panic in dlpi_send_iocack during stress test. erg501622/fz521411. 200. System panicked with a kernel page fault while executing spec_close(). erg712065/fz520688. 201. Connection server fails with the following error: "10/24/02 17:14:51; 27209; cs: ioctl() set signal error; errno=22" erg712153/fz526540. 202. Fixed a panic when switching from run level 3 to level 1. erg501704/fz527067. 203. A process may block indefinitely in freezeprocs(). erg501701/fz526796. LKP Fixes: 204. The uname command in linux mode did not identify P4 CPUs. erg501689/fz521238. Filesystem Fixes: 205. Added undocumented option "noquota" to the vxfs mount command to fix the problem where the output of `mount -p` when used in /etc/vfstab, is rejected by mount with the message: UX:vxfs mount: ERROR: illegal -o suboption -- noquota erg712190/fz526894. =============================================================== F. Problems fixed in Maintenance Pack 6: 206. If an ftp client host was reset (as in cycling the power) during the data transmission to the server, the ftp-data connection never times out on the server. If the client tries to use again the same port after reboot for an ftp transmission, the server responds with EADDRINUSE. erg501703/fz526973. 207. After removing a network interface, "pkgchk nics" complains about missing files. erg712152/fz526505. 208. Repeated logins on virtual terminals (/dev/vt02 ... /dev/vt08) result in file descriptor leakage in ttymon. erg501636/fz525650. 209. When excessive short-lived rlogin sessions are being created, /var/adm/wtmp and /var/adm/wtmpx get out of sync and must be rewritten. While these files are being rewritten, no one can rlogin to the system. If these files grow quite large, this can take up to 20-30 minutes. Also under heavy load the short-lived rlogin sessions may leave in utmp the entries from sessions that have actually completed. erg712151/fz526496. 210. System hangs in pcid driver. erg712215/fz527244. 211. cs daemon dies unexpectedly upon fork failure. erg501710/fz527253. 212. Panic in ticots driver. erg712156/fz526585. erg712230/fz527439. 213. Occasionally bind() returns EADDRINUSE for no apparent reason. erg712209/fz527217. 214. SECURITY: Fixed a security vulnerability in sendmail binary that can be exploited by remote users to gain root access. erg712247/fz527484. 215. SECURITY: Ftp'ing a file with a pipe as the first character in its name (for example, |xyz) executes the file on client machine. CSSA-2003-SCO.3/erg712227/fz527425. 216. Race condition in stropen, resulting in system hang. or panic. erg501706/fz527158. erg712340/fz527991. 217. write(2) on a raw socket erroneously returns EISCONN. erg501681/fz526404. 218. Status requests are not being automatically generated for a network printer if is very busy resulting in job ids not being freed. erg501666/fz526164. 219. Hangs and delays in streams caused by streams routines unnecessarily allocating large physically contiguous buffers. erg712266/fz527550. 220. ksh95 built in pwd can output pathnames starting with // fz199364. 221. System may refuse to take console input after 248 days, thereby appearing to hang, due to invalid time stamps in the cmux driver. erg501720/fz527517. 222. ps -o time prints the wrong number of days if CPU time exceeds 24 hours. erg712295/fz527776. 223. SECURITY: Short Ethernet frames are now padded with octets of zero to prevent information leakage. erg712090/fz521367. 224. System hangs in vxfs filesystem. Processes blocked waiting on a call to vx_iget. erg712184/fz526355. 225. System panic due to a race condition in tcp timers code. erg501722/fz527554. 226. Lpsched performs poorly when a large number of jobs (200+) are submitted at once. erg501718/fz527462. 227. If the name of remote system for a remote printer is not found in /etc/lp/Systems, lpsched does not complain at startup and later on coredumps when a status or cancel request is sent to that printer. fz527931. 228. Remote print requests remain indefinitely in queue if remote system is down. They do not timeout even if timeout parameter is specified in /etc/lp/Systems for the corresponding remote system. fz527934. WARNING: Since by default the timeout is set to 10 minutes, print setups with large network delays may suddenly experience timed-out jobs. For such systems, system administrators should either increase the timeout value or set timeout to "never" to restore old behavior. 229. sar -d displays greater than 100% activity. erg501658/fz521100. 230. Display per-processor callouts as well as global callouts from the callout command in crash. fz527802. 231. Kernel panics with a bad read pointer in a STREAMS message block, caused by mishandling of the message block in the STREAMS utility msgpullup and in the IP protocol handling routine ip_input. erg712321/fz527939. 232. SECURITY - sendmail char sign extension buffer overflow. Upgraded to Sendmail 8.12.9. erg712276/fz527629. 233. add new option -s to dlpid, to specify the wait time if repeated "hardware fail" indications are sent by the driver. erg712267/fz527520. 234. SECURITY - Fixed exploitable buffer overflows in metamail. erg712265/fz527543. 235. Panic in specfs, NULL pointer dereference (s_cp). erg712337/fz528010. 236. When pkgadd fails early on, before any package has been selected, it gives the following message: UX:mailx: WARNING: No message !?! This message was confusing to users and is now not displayed. fz527750. 237. ksh93 autoload functions invoked within command substitution fail to execute. erg712312/fz527879:3. 238. The ps command triggers a panic in prgetlwpsinfo. erg712084/fz521297. 239. SECURITY - Drop TCP packets with both SYN and FIN bits set. erg712274/fz527623 =============================================================== G. Problems fixed in Maintenance Pack 7: 240. /u95/bin/ksh users' `w` idle time resets every 10 min. erg712362/fz528070. 241. Fixed failures mounting/creating vxfs snapshots which indicated that the filesystem is either already mounted, busy, or the allowable number of mount point exceeded when none of these failure conditions were true. erg712361/fz528100:1. 242. Some STREAMS ioctls involving multiple message exchanges with the driver may timeout prematurely and return EAGAIN erroneously. erg712396/fz528199. 243. syslogd fails to respond to SIGHUP. erg712414/fz528159. 244. flock() hangs when the NFS server is Microsoft SFU (3.0) erg712347/fz528048. 245. code generation error in ppp library. fz528222. 246. sendmail remotely exploitable vulnerability. erg712433/fz528320. 247. SECURITY CRLF (Carriage Return, Line Feed) injection vulnerability in lynx. erg712379/fz528144:2. 248. traceroute core dumps. fz528035. 249. The date command core dumps. erg712397/fz528056 250. The userdel command core dumps. fz528409. 251. The rtpm command incorrectly reports it is out of memory and exits; the time reported by rtpm gets out of sync with the system clock. erg712441/fz528135. erg712393/fz528133. 252. Shared memory that is in use by a process experiencing a fork failure might not be released. erg712399/fz528204. 253. The change to ndcfg for PCI device recognition, introduced a bug which prevented some serial port boards from being recognized. erg712319/fz527935. 254. System hang; infinite loop in deadflck. erg712154/fz526541. 255. Ksh sleep call is waiting forever due to missed SIGALRM. erg712386/fz528169. 256. The multibyte to wide-character conversion code for EUC was broken. erg712507/fz528536. 257. cs daemon bug allows 2 child processes to talk to the same device. erg501731/fz527737. 258. Fix libDtHelp buffer overflow problem. erg712445/fz528372. 259. netconfig fails to configure network card properly in certain situations with multiple NICS. erg712451/fz528400. 260. Request to make MAXRUN tuneable in /etc/default/cron MAXRUN can be added to the file /etc/default/cron as MAXRUN= This will set the maximum number of jobs which could be run with cron. If MAXRUN is absent or some invalid value is given then a default value of 25 is used. erg712469/fz528435. 261. The compress command dies with a SIGSEGV, and fails to compress the file. erg712220/fz527292. 262. sysi86 doesn't validate selector when clearing a descriptor. fz521540. 263. System call entry handler for linux binaries will panic if a real device is attached to the same vector or if a spurious interrupt is received on that vector. erg712348/fz528051. 264. memmove treats pointers as signed integers, results in memory corruption when crossing 2GB. erg712358/fz528079. 265. Race condition in inet driver that can cause panic in tcp_close() or tcp_qremque(). fz528895 266. Panic in tco_unconnect() when closing OpenOffice 1.1 under LKP. erg712444/fz528361. 267. Panic in socksys driver (ss_send_recv_tpi routine trying to free memory that has already been freed by ss_rput_socket.) This can happen when a client closes a Unix Domain socket after server has just accepted the connection but not yet returned to user. erg712480/fz528467. 268. Deadlock condition in VxFS filesystem code. erg712419/fz528238. 269. qsort had serious performance problems. erg712331/fz527984. 270. hrStorageUsed field from 'hrStorage' table reports negative values erg712384/fz528152. 271. alarm signal fires without delay when clock set backwards in applications linked with libthread erg712390/fz527957. 272. kernel deadlock involving the prepblock and unblock system calls erg712542/fz528770. 273. dumpcheck dumps core if PANICBOOT is missing from /etc/default/init fz528905. 274. null pointer used in cond_broadcast after fork1 in libthread fz528714. 275. SNMP trap_rece utility exits with "Couldn't assign the requested address" erg712289/fz527728. 276. allocb_physreq returns failure in some cases when memory is actually available. erg712501/fz528513. 277. panic adding & removing logical drives when mpio is installed. erg712236/fz527456. 278. runacct updates wtmp[x] utmp[x] without holding record locks. This can trigger "synchronize" operations, which may take a long time to complete if the files are large. The effect is that other commands e.g. telnet and rlogin are blocked waiting for the housekeeping to finish. erg712428/fz528292. 279. System fails to mount vxfs filesystems with large numbers of inodes (>8M) and marks them bad and sets "full fsck" flag. Full fsck of the filesystems which is required to mount them, fails with the following message: fileset 1 primary inode 65 has invalid size (4194762752) fileset 1 primary inode 97 has invalid size (4194762752) 1 primary inode 97 has invalid size (4194762752) no valid ILISTs for fileset 999 file system check failure, aborting ... Note: The updated fsdb utility now prints IAU headers and summaries independantly. erg712524/fz528656. 280. rcp slow down problem. erg712177/fz526823. 281. Security fix for chroot system call. This is fixed by adding a new tunable parameter, CHROOT_SECURITY. Default value is 1 which eliminates the security problem by causing chroot to fail when neither the old nor new root are real root; a value of 0 restores traditional chroot behavior. erg712509/fz528555. 282. ftpd hangs on UnixWare 7.1.1, OU8, and possibly later versions The problem was fixed in waitid(). erg712596/fz529361. 283. Added checks for STREAMS flow control to UDP multicast/broadcast single receiver code-path to prevent panics/system freeze. erg712484/fz528479. 284. Fix for libnsl deadlock in do_snddis(). erg712327/fz527968. 285. Fix for libthread deadlock, observed in KDE, while handling a signal. fz528522. 286. Fix proc security vulnerability. erg712482/fz528474. 287. Latest Intel microcode update (5/13/04) erg712621 fz529619 288. The siginfo structure contains two new members, si_iaddr (the address of the instruction that caused the trap) and si_raddr (an associated memory reference address, if there is one, otherwise the same as si_iaddr). erg712550 fz528887 289. TCP data corruption. erg712389 fz528172 ptf8008 ---------------------------------------------------------------------------- II. Supplementary Documentation I. PCI VendorID, DeviceID, SubVendorID, and SubDeviceID configuration. =================================================================== ------------------------ Files: Drvmap and Bcfg(network drivers) driver configuration files ------------------------ Parameters: Required: [vendorid,deviceid] Optional: [subvendorid, subdeviceid] ------------------------ Syntax: 0xAAAAAAAA[.0xBBBBBBBB] Where: 0xAAAAAAA = represents a hex digit of [vendorid,deviceid], 0xBBBBBBB = represents a hex digit of [subvendorid,subdeviceid]. NOTE: The leading zeros(0) in both these hex numbers may be either omitted or specified, see the Compatibility section for more information on the effects. 1. More than one record of this format may be specified if the driver supports devices with multiple [vendorid,deviceid] and/or [subvendorid,subdeviceid]. 2. The files for some drivers may include entries both with and without [subvendorid,subdeviceid]. ------------------------ Compatibility with previous versions of OpenUNIX/UnixWare: 1. For backwards compatibility it is recommended to always include an entry without [subvendorid, subdeviceid]. An example Bcfg file entry for a hypothetical device: "0x123456 0x00123456.0x07654321 0x00123456.0xABCDAA55" 2. Previous versions of UnixWare/OpenUNIX require no leading zeros(0). 3. Omit the leading zeros(0) in the [vendorid,deviceid] if [subvendorid,subdeviceid] is not specified. 4. It is recommended to use leading zeros(0) if both [vendorid,deviceid] and [subvendorid,subdeviceid] are specified for consistency with other fields. 5. Previous versions of UnixWare/OpenUNIX will ignore the entries with both [vendorid,deviceid] and [subvendorid,subdeviceid] specified. 6. More than one record of this format may be specified if the driver supports devices with multiple [vendorid,deviceid] and/or [subvendorid,subdeviceid]. The files for some drivers may include entries both with and without [subvendorid, subdeviceid]. ---------------------------------------------------------------------------- II. PCI ClassId and ProgIf configuration =================================================================== ------------------------ Files: Drvmap and Bcfg(network drivers) driver configuration files ------------------------ Parameters: Required: [classid] Optional: [progif] ------------------------ Syntax: CLASS0xAAAA[.0xBB] Where: CLASS = Literal string 0xAAAA = Hex digit of ClassId 0xBB = Hex digit of ProgIf. 1. The leading zeros(0) in both of these numbers must be specified if the values are smaller than 4 or 2 hex digits accordingly. 2. The ProgIf may be omitted only if the driver is able to support any device of the class, regardles of its programming interface. 3. Older versions of UnixWare/OpenUNIX will ignore the entries with both A and B parts present. 4. More than one entry of this format may be specified in the Drvmap file, for example, if a driver supports multiple classes or progifs. ------------------------ Compatibility with previous versions of OpenUNIX/UnixWare: 1. Entries that have the ProgIf specified will be ignored by previous versions. 2. If a driver wants to be recognised by previous versions, it must include the old-style entries without [subvendorid,subdeviceid] or ProgIf in its Drvmap and bcfg files along with the new-style extended entries. 3. The general recommendation is to continue NOT using [subvendorid, subdeviceid] and ProgIf unless some problem comes from not using them, such as system hang/panic when a driver is trying to access a wrong card. ------------------------ DCU Changes: When the DCU looks up a driver for a device, it loops through an array of records in all the drvmaps. It gives preference to the entries in the following order (highest to lowest): 1. Entries that match both [vendorid,deviceid] and [subvendorid,subdeviceid]. 2. Entries that match [vendorid,deviceid] and have NO [subvendorid,subdeviceid] specified. 3. Entries that match both ClassId and ProgIf. 4. Entries that match ClassId but have NO ProgIf specified. 5. If there is more than one entry of equal priority, one random entry is selected. ------------------------ Netconfig Changes: Netcfg gets the list of all the matching drivers with the ndcfg(1M) command "resshowunclaimed". It gives preference to the entries in the following order (highest to lowest): 1. Entries that match both [vendorid,deviceid] and [subvendorid,subdeviceid]. 2. Entries that match [vendorid,deviceid] and have NO [subvendorid,subdeviceid] specified. Then it presents this list to the user in a menu. Netcfg may mark the entries of the preference 1 with an asterisk and present them before the entries of the preference 2, but no such guarantee is made and this may change in the future. ---------------------------------------------------------------------------- III. File Contents. /etc/TZ/CET /etc/conf/autotune.d/mem /etc/conf/bin/idinstall /etc/conf/dtune.d/fs /etc/conf/dtune.d/proc /etc/conf/interface.d/system.3 /etc/conf/mdevice.d/lxdevfs /etc/conf/mdevice.d/osocket /etc/conf/mdevice.d/psm_apic /etc/conf/mdevice.d/rand /etc/conf/mtune.d/fs /etc/conf/mtune.d/proc /etc/conf/node.d/osocket /etc/conf/pack.d/asyc/Driver_mp.o /etc/conf/pack.d/asyc/space.c /etc/conf/pack.d/async/Driver_atup.o /etc/conf/pack.d/async/Driver_mp.o /etc/conf/pack.d/audit/Driver_atup.o /etc/conf/pack.d/audit/Driver_mp.o /etc/conf/pack.d/bfs/Driver_mp.o /etc/conf/pack.d/ca/Driver_mp.o /etc/conf/pack.d/char/Driver_atup.o /etc/conf/pack.d/char/Driver_mp.o /etc/conf/pack.d/cmux/Driver_atup.o /etc/conf/pack.d/cmux/Driver_mp.o /etc/conf/pack.d/confmgr/Driver_mp.o /etc/conf/pack.d/dlpi/Driver.o /etc/conf/pack.d/dosfs/Driver_mp.o /etc/conf/pack.d/elf/Driver_mp.o /etc/conf/pack.d/fd/Driver_mp.o /etc/conf/pack.d/fifofs/Driver_mp.o /etc/conf/pack.d/fpe/Driver_mp.o /etc/conf/pack.d/fs/Driver_atup.o /etc/conf/pack.d/fs/Driver_mp.o /etc/conf/pack.d/fs/space.c /etc/conf/pack.d/hpci/Driver_mp.o /etc/conf/pack.d/iasy/Driver_atup.o /etc/conf/pack.d/iasy/Driver_mp.o /etc/conf/pack.d/inet/Driver_atup.o /etc/conf/pack.d/inet/Driver_mp.o /etc/conf/pack.d/intmap/Driver_mp.o /etc/conf/pack.d/intp/Driver_mp.o /etc/conf/pack.d/io/Driver_atup.o /etc/conf/pack.d/io/Driver_mp.o /etc/conf/pack.d/ipc/Driver_atup.o /etc/conf/pack.d/ipc/Driver_mp.o /etc/conf/pack.d/ipc/Modstub.o /etc/conf/pack.d/ipc/stubs.c /etc/conf/pack.d/kdb/Driver_atup.o /etc/conf/pack.d/kdb/Driver_mp.o /etc/conf/pack.d/kdb_util/Driver_atup.o /etc/conf/pack.d/kdb_util/Driver_mp.o /etc/conf/pack.d/kernel/Driver_atup.o /etc/conf/pack.d/kernel/Driver_mp.o /etc/conf/pack.d/klm/Driver_atup.o /etc/conf/pack.d/klm/Driver_mp.o /etc/conf/pack.d/kma/Driver_mp.o /etc/conf/pack.d/krpc/Driver_atup.o /etc/conf/pack.d/krpc/Driver_mp.o /etc/conf/pack.d/ldterm/Driver_mp.o /etc/conf/pack.d/linux/Driver_atup.o /etc/conf/pack.d/linux/Driver_mp.o /etc/conf/pack.d/linux/Modstub.o /etc/conf/pack.d/linux/space.c /etc/conf/pack.d/log/Driver_mp.o /etc/conf/pack.d/lp/Driver_atup.o /etc/conf/pack.d/lp/Driver_mp.o /etc/conf/pack.d/lxdevfs/Driver_atup.o /etc/conf/pack.d/lxdevfs/Driver_mp.o /etc/conf/pack.d/lxdevfs/Modstub.o /etc/conf/pack.d/lxdevfs/stubs.c /etc/conf/pack.d/lxprocfs/Driver_atup.o /etc/conf/pack.d/lxprocfs/Driver_mp.o /etc/conf/pack.d/lxuwfs/Driver_atup.o /etc/conf/pack.d/lxuwfs/Driver_mp.o /etc/conf/pack.d/m320/Driver_mp.o /etc/conf/pack.d/mem/Driver_atup.o /etc/conf/pack.d/mem/Driver_mp.o /etc/conf/pack.d/mem/space.c /etc/conf/pack.d/memfs/Driver_mp.o /etc/conf/pack.d/mfpd/Driver_atup.o /etc/conf/pack.d/mfpd/Driver_mp.o /etc/conf/pack.d/mod/Driver_mp.o /etc/conf/pack.d/modksym/Driver_mp.o /etc/conf/pack.d/mpio/Driver.o /etc/conf/pack.d/mps/Driver_mp.o /etc/conf/pack.d/mtrr/Driver_mp.o /etc/conf/pack.d/name/Driver_atup.o /etc/conf/pack.d/name/Driver_mp.o /etc/conf/pack.d/namefs/Driver_atup.o /etc/conf/pack.d/namefs/Driver_mp.o /etc/conf/pack.d/nb/Driver_atup.o /etc/conf/pack.d/nb/Driver_mp.o /etc/conf/pack.d/nfs/Driver_atup.o /etc/conf/pack.d/nfs/Driver_mp.o /etc/conf/pack.d/nullzero/Driver_mp.o /etc/conf/pack.d/osocket/Driver_atup.o /etc/conf/pack.d/osocket/Driver_mp.o /etc/conf/pack.d/osocket/space.c /etc/conf/pack.d/osocket/stubs.c /etc/conf/pack.d/passthru/Driver.o /etc/conf/pack.d/pci/Driver_mp.o /etc/conf/pack.d/pcid/Driver.o /etc/conf/pack.d/ppp/Driver.o /etc/conf/pack.d/pppml/Driver.o /etc/conf/pack.d/proc/Driver_atup.o /etc/conf/pack.d/proc/Driver_mp.o /etc/conf/pack.d/proc/space.c /etc/conf/pack.d/processorfs/Driver_mp.o /etc/conf/pack.d/procfs/Driver_atup.o /etc/conf/pack.d/procfs/Driver_mp.o /etc/conf/pack.d/pse/Driver_mp.o /etc/conf/pack.d/psm_apic/Driver_mp.o /etc/conf/pack.d/psm_cfgtables/Driver_mp.o /etc/conf/pack.d/pstart/Driver_mp.o /etc/conf/pack.d/rand/Driver_atup.o /etc/conf/pack.d/rand/Driver_mp.o /etc/conf/pack.d/s5/Driver_mp.o /etc/conf/pack.d/sc01/Driver.o /etc/conf/pack.d/scodb/Driver_atup.o /etc/conf/pack.d/scodb/Driver_mp.o /etc/conf/pack.d/sd01/Driver.o /etc/conf/pack.d/sdi/Driver_atup.o /etc/conf/pack.d/sdi/Driver_mp.o /etc/conf/pack.d/segdev/Driver_mp.o /etc/conf/pack.d/sfs/Driver_mp.o /etc/conf/pack.d/socksys/Driver_atup.o /etc/conf/pack.d/socksys/Driver_mp.o /etc/conf/pack.d/specfs/Driver_atup.o /etc/conf/pack.d/specfs/Driver_mp.o /etc/conf/pack.d/svc/Driver_atup.o /etc/conf/pack.d/svc/Driver_mp.o /etc/conf/pack.d/sysdump/Driver_atup.o /etc/conf/pack.d/sysdump/Driver_mp.o /etc/conf/pack.d/ticlts/Driver_atup.o /etc/conf/pack.d/ticlts/Driver_mp.o /etc/conf/pack.d/ticots/Driver_atup.o /etc/conf/pack.d/ticots/Driver_mp.o /etc/conf/pack.d/ticotsor/Driver_atup.o /etc/conf/pack.d/ticotsor/Driver_mp.o /etc/conf/pack.d/udev/Driver_atup.o /etc/conf/pack.d/udev/Driver_mp.o /etc/conf/pack.d/util/Driver_mp.o /etc/conf/pack.d/vtoc/Driver.o /etc/conf/pack.d/vxfs/Driver_atup.o /etc/conf/pack.d/vxfs/Driver_mp.o /etc/conf/sdevice.d/osocket /etc/confnet.d/inet/configure /etc/crash /etc/dcu.d/locale/C/txtstrings /etc/dcu.d/scripts/dculib.sh /etc/dcu.d/scripts/dcurc /etc/default/envpaths /etc/dfspace /etc/fs/vxfs/fsck /etc/fs/vxfs/mount /etc/getty /etc/init.d/rpc /etc/inst/nd/dlpi/Driver.o /etc/mail/cf/README /etc/mail/cf/README.SCO /etc/mail/cf/cf/Build /etc/mail/cf/cf/Makefile /etc/mail/cf/cf/README /etc/mail/cf/cf/chez.cs.mc /etc/mail/cf/cf/clientproto.mc /etc/mail/cf/cf/cs-hpux10.mc /etc/mail/cf/cf/cs-hpux9.mc /etc/mail/cf/cf/cs-osf1.mc /etc/mail/cf/cf/cs-solaris2.mc /etc/mail/cf/cf/cs-sunos4.1.mc /etc/mail/cf/cf/cs-ultrix4.mc /etc/mail/cf/cf/cyrusproto.mc /etc/mail/cf/cf/generic-bsd4.4.cf /etc/mail/cf/cf/generic-bsd4.4.mc /etc/mail/cf/cf/generic-hpux10.cf /etc/mail/cf/cf/generic-hpux10.mc /etc/mail/cf/cf/generic-hpux9.cf /etc/mail/cf/cf/generic-hpux9.mc /etc/mail/cf/cf/generic-linux.cf /etc/mail/cf/cf/generic-linux.mc /etc/mail/cf/cf/generic-mpeix.cf /etc/mail/cf/cf/generic-mpeix.mc /etc/mail/cf/cf/generic-nextstep3.3.cf /etc/mail/cf/cf/generic-nextstep3.3.mc /etc/mail/cf/cf/generic-osf1.cf /etc/mail/cf/cf/generic-osf1.mc /etc/mail/cf/cf/generic-solaris.cf /etc/mail/cf/cf/generic-solaris.mc /etc/mail/cf/cf/generic-sunos4.1.cf /etc/mail/cf/cf/generic-sunos4.1.mc /etc/mail/cf/cf/generic-ultrix4.cf /etc/mail/cf/cf/generic-ultrix4.mc /etc/mail/cf/cf/huginn.cs.mc /etc/mail/cf/cf/knecht.mc /etc/mail/cf/cf/mail.cs.mc /etc/mail/cf/cf/mail.eecs.mc /etc/mail/cf/cf/mailspool.cs.mc /etc/mail/cf/cf/python.cs.mc /etc/mail/cf/cf/s2k-osf1.mc /etc/mail/cf/cf/s2k-ultrix4.mc /etc/mail/cf/cf/sco.uw.svr5.cf /etc/mail/cf/cf/sco.uw.svr5.mc /etc/mail/cf/cf/submit.cf /etc/mail/cf/cf/submit.mc /etc/mail/cf/cf/tcpproto.mc /etc/mail/cf/cf/ucbarpa.mc /etc/mail/cf/cf/ucbvax.mc /etc/mail/cf/cf/uucpproto.mc /etc/mail/cf/cf/vangogh.cs.mc /etc/mail/cf/domain/Berkeley.EDU.m4 /etc/mail/cf/domain/CS.Berkeley.EDU.m4 /etc/mail/cf/domain/EECS.Berkeley.EDU.m4 /etc/mail/cf/domain/S2K.Berkeley.EDU.m4 /etc/mail/cf/domain/berkeley-only.m4 /etc/mail/cf/domain/generic.m4 /etc/mail/cf/feature/accept_unqualified_senders.m4 /etc/mail/cf/feature/accept_unresolvable_domains.m4 /etc/mail/cf/feature/access_db.m4 /etc/mail/cf/feature/allmasquerade.m4 /etc/mail/cf/feature/always_add_domain.m4 /etc/mail/cf/feature/authinfo.m4 /etc/mail/cf/feature/bestmx_is_local.m4 /etc/mail/cf/feature/bitdomain.m4 /etc/mail/cf/feature/blacklist_recipients.m4 /etc/mail/cf/feature/compat_check.m4 /etc/mail/cf/feature/delay_checks.m4 /etc/mail/cf/feature/dnsbl.m4 /etc/mail/cf/feature/domaintable.m4 /etc/mail/cf/feature/enhdnsbl.m4 /etc/mail/cf/feature/generics_entire_domain.m4 /etc/mail/cf/feature/genericstable.m4 /etc/mail/cf/feature/ldap_routing.m4 /etc/mail/cf/feature/limited_masquerade.m4 /etc/mail/cf/feature/local_lmtp.m4 /etc/mail/cf/feature/local_no_masquerade.m4 /etc/mail/cf/feature/local_procmail.m4 /etc/mail/cf/feature/lookupdotdomain.m4 /etc/mail/cf/feature/loose_relay_check.m4 /etc/mail/cf/feature/mailertable.m4 /etc/mail/cf/feature/masquerade_entire_domain.m4 /etc/mail/cf/feature/masquerade_envelope.m4 /etc/mail/cf/feature/msp.m4 /etc/mail/cf/feature/no_default_msa.m4 /etc/mail/cf/feature/nocanonify.m4 /etc/mail/cf/feature/nodns.m4 /etc/mail/cf/feature/notsticky.m4 /etc/mail/cf/feature/nouucp.m4 /etc/mail/cf/feature/nullclient.m4 /etc/mail/cf/feature/preserve_local_plus_detail.m4 /etc/mail/cf/feature/preserve_luser_host.m4 /etc/mail/cf/feature/promiscuous_relay.m4 /etc/mail/cf/feature/queuegroup.m4 /etc/mail/cf/feature/redirect.m4 /etc/mail/cf/feature/relay_based_on_MX.m4 /etc/mail/cf/feature/relay_entire_domain.m4 /etc/mail/cf/feature/relay_hosts_only.m4 /etc/mail/cf/feature/relay_local_from.m4 /etc/mail/cf/feature/relay_mail_from.m4 /etc/mail/cf/feature/smrsh.m4 /etc/mail/cf/feature/stickyhost.m4 /etc/mail/cf/feature/use_ct_file.m4 /etc/mail/cf/feature/use_cw_file.m4 /etc/mail/cf/feature/uucpdomain.m4 /etc/mail/cf/feature/virtuser_entire_domain.m4 /etc/mail/cf/feature/virtusertable.m4 /etc/mail/cf/hack/cssubdomain.m4 /etc/mail/cf/m4/cf.m4 /etc/mail/cf/m4/cfhead.m4 /etc/mail/cf/m4/proto.m4 /etc/mail/cf/m4/version.m4 /etc/mail/cf/mailer/cyrus.m4 /etc/mail/cf/mailer/cyrusv2.m4 /etc/mail/cf/mailer/fax.m4 /etc/mail/cf/mailer/local.m4 /etc/mail/cf/mailer/mail11.m4 /etc/mail/cf/mailer/phquery.m4 /etc/mail/cf/mailer/pop.m4 /etc/mail/cf/mailer/procmail.m4 /etc/mail/cf/mailer/qpage.m4 /etc/mail/cf/mailer/smtp.m4 /etc/mail/cf/mailer/usenet.m4 /etc/mail/cf/mailer/uucp.m4 /etc/mail/cf/ostype/a-ux.m4 /etc/mail/cf/ostype/aix3.m4 /etc/mail/cf/ostype/aix4.m4 /etc/mail/cf/ostype/aix5.m4 /etc/mail/cf/ostype/altos.m4 /etc/mail/cf/ostype/amdahl-uts.m4 /etc/mail/cf/ostype/bsd4.3.m4 /etc/mail/cf/ostype/bsd4.4.m4 /etc/mail/cf/ostype/bsdi.m4 /etc/mail/cf/ostype/bsdi1.0.m4 /etc/mail/cf/ostype/bsdi2.0.m4 /etc/mail/cf/ostype/darwin.m4 /etc/mail/cf/ostype/dgux.m4 /etc/mail/cf/ostype/domainos.m4 /etc/mail/cf/ostype/dynix3.2.m4 /etc/mail/cf/ostype/freebsd4.m4 /etc/mail/cf/ostype/freebsd5.m4 /etc/mail/cf/ostype/gnu.m4 /etc/mail/cf/ostype/hpux10.m4 /etc/mail/cf/ostype/hpux11.m4 /etc/mail/cf/ostype/hpux9.m4 /etc/mail/cf/ostype/irix4.m4 /etc/mail/cf/ostype/irix5.m4 /etc/mail/cf/ostype/irix6.m4 /etc/mail/cf/ostype/isc4.1.m4 /etc/mail/cf/ostype/linux.m4 /etc/mail/cf/ostype/maxion.m4 /etc/mail/cf/ostype/mklinux.m4 /etc/mail/cf/ostype/mpeix.m4 /etc/mail/cf/ostype/nextstep.m4 /etc/mail/cf/ostype/openbsd.m4 /etc/mail/cf/ostype/osf1.m4 /etc/mail/cf/ostype/powerux.m4 /etc/mail/cf/ostype/ptx2.m4 /etc/mail/cf/ostype/qnx.m4 /etc/mail/cf/ostype/riscos4.5.m4 /etc/mail/cf/ostype/sco-uw-2.1.m4 /etc/mail/cf/ostype/sco.uw.svr5.m4 /etc/mail/cf/ostype/sco3.2.m4 /etc/mail/cf/ostype/sinix.m4 /etc/mail/cf/ostype/solaris2.m4 /etc/mail/cf/ostype/solaris2.ml.m4 /etc/mail/cf/ostype/solaris2.pre5.m4 /etc/mail/cf/ostype/solaris8.m4 /etc/mail/cf/ostype/sunos3.5.m4 /etc/mail/cf/ostype/sunos4.1.m4 /etc/mail/cf/ostype/svr4.m4 /etc/mail/cf/ostype/ultrix4.m4 /etc/mail/cf/ostype/unixware7.m4 /etc/mail/cf/ostype/unknown.m4 /etc/mail/cf/ostype/uxpds.m4 /etc/mail/cf/sendmail.schema /etc/mail/cf/sh/makeinfo.sh /etc/mail/cf/siteconfig/uucp.cogsci.m4 /etc/mail/cf/siteconfig/uucp.old.arpa.m4 /etc/mail/cf/siteconfig/uucp.ucbarpa.m4 /etc/mail/cf/siteconfig/uucp.ucbvax.m4 /etc/mail/convertcf /etc/mail/hoststat /etc/mail/mailq /etc/mail/mailstats /etc/mail/makemap /etc/mail/newaliases /etc/mail/praliases /etc/mail/purgestat /etc/mail/sendmail /etc/mail/sendmail.hf /etc/mail/sendmailcf.factory /etc/mail/sendmailrc /etc/mail/smrsh /etc/mail/smtpd /etc/memsize /etc/p6updata /etc/rc1 /etc/rc2.d/S75rpc /etc/scsi/sdipath /etc/security/audit/auditrpt/auditfltrv1 /etc/security/audit/auditrpt/auditfltrv4 /etc/security/audit/auditrpt/auditrptv1 /etc/security/audit/auditrpt/auditrptv4 /etc/wall /sbin/dfspace /sbin/dumpcheck /sbin/emergency_rec /sbin/init /sbin/memsize /sbin/metreg /sbin/ps /sbin/rc1 /sbin/resmgr /sbin/su /sbin/sulogin /u95/bin/ksh /u95/bin/sh /usr/bin/at /usr/bin/atq /usr/bin/atrm /usr/bin/batch /usr/bin/chsysinfo /usr/bin/compress /usr/bin/cpio /usr/bin/crontab /usr/bin/dfspace /usr/bin/disable /usr/bin/enable /usr/bin/ftp /usr/bin/ksh /usr/bin/login /usr/bin/lp /usr/bin/lynx /usr/bin/mailx /usr/bin/metamail /usr/bin/passwd /usr/bin/pkginfo /usr/bin/pkgparam /usr/bin/pkgtrans /usr/bin/posix/sh /usr/bin/ppp /usr/bin/pppattach /usr/bin/pppdetach /usr/bin/ppplinkadd /usr/bin/ppplinkdrop /usr/bin/pppstatus /usr/bin/ppptalk /usr/bin/ps /usr/bin/rcp /usr/bin/rmail /usr/bin/sar /usr/bin/sort /usr/bin/su /usr/bin/uidadmin /usr/bin/uncompress /usr/bin/uudecode /usr/bin/uux /usr/bin/zcat /usr/ccs/bin/make /usr/ccs/bin/prof /usr/ccs/lib/libC.a /usr/ccs/lib/libC.so /usr/ccs/lib/libc.a /usr/ccs/lib/libc.so /usr/ccs/lib/libcudk70.a /usr/ccs/lib/libm.a /usr/ccs/lib/libp/libC.a /usr/ccs/lib/libp/libC.so /usr/ccs/lib/libp/libC.so.1 /usr/ccs/lib/libp/libc.a /usr/ccs/lib/libp/libc.so /usr/ccs/lib/libp/libc.so.1 /usr/ccs/lib/libp/libm.a /usr/ccs/lib/libp/libm.so /usr/ccs/lib/libp/libm.so.1 /usr/dt/bin/dtaction /usr/dt/bin/dtprintinfo /usr/dt/bin/dtsession /usr/dt/bin/rpc.cmsd /usr/dt/bin/rpc.ttdbserverd /usr/dt/config/Xsession.d/0030.dttmpdir /usr/dt/lib/libDtHelp.so /usr/dt/lib/libDtHelp.so.1 /usr/dt/lib/libDtLogin.so /usr/dt/lib/libDtLogin.so.1 /usr/dt/lib/libDtSvc.a /usr/dt/lib/libDtSvc.so /usr/dt/lib/libDtSvc.so.1 /usr/dt/lib/libDtTerm.a /usr/dt/lib/libDtTerm.so /usr/dt/lib/libDtTerm.so.1 /usr/dt/lib/libtt.a /usr/dt/lib/libtt.so /usr/dt/lib/libtt.so.1 /usr/gnu/bin/lynx /usr/include/crypt.h /usr/include/mas.h /usr/include/netinet/in_pcb.h /usr/include/pthread.h /usr/include/sys/exec.h /usr/include/sys/fp.h /usr/include/sys/fs/memfs_mnode.h /usr/include/sys/lxki.h /usr/include/sys/metrics.h /usr/include/sys/mfpd.h /usr/include/sys/mfpdhw.h /usr/include/sys/plocal.h /usr/include/sys/socksys.h /usr/include/sys/sysmacros.h /usr/include/sys/ticots.h /usr/include/sys/ticotsord.h /usr/include/sys/time.h /usr/include/sys/trap.h /usr/include/sys/vfs.h /usr/lib/.ns.so /usr/lib/accept /usr/lib/acct/acctwtmp /usr/lib/acct/closewtmp /usr/lib/acct/runacct /usr/lib/acct/utmp2wtmp /usr/lib/drf/cut_flop /usr/lib/drf/diskop /usr/lib/drf/drf_inst.gen /usr/lib/drf/mini_kernel /usr/lib/fs/vxfs/fsdb /usr/lib/fs/vxfs/vxdump /usr/lib/iaf/in.login/scheme /usr/lib/iaf/login/scheme /usr/lib/iconv/kmods/437/Modstub.o /usr/lib/iconv/kmods/437/Stubs.c /usr/lib/iconv/kmods/850/Modstub.o /usr/lib/iconv/kmods/850/Stubs.c /usr/lib/iconv/kmods/863/Modstub.o /usr/lib/iconv/kmods/863/Stubs.c /usr/lib/iconv/kmods/865/Modstub.o /usr/lib/iconv/kmods/865/Stubs.c /usr/lib/iconv/kmods/sjis/Driver.o /usr/lib/iconv/kmods/sjis/Modstub.o /usr/lib/iconv/kmods/sjis/Stubs.c /usr/lib/libcrypt.a /usr/lib/libcrypt.so /usr/lib/libcrypt.so.1 /usr/lib/libmas.a /usr/lib/libmas.so /usr/lib/libnsl.so /usr/lib/libnsl.so.1 /usr/lib/libsnmp.so /usr/lib/libsocket.so /usr/lib/libsocket.so.1 /usr/lib/libsocket.so.2 /usr/lib/libxti.so /usr/lib/libxti.so.1 /usr/lib/lp/locale/88591/LCL_PRINT /usr/lib/lp/locale/88592/LCL_PRINT /usr/lib/lp/locale/88595/LCL_PRINT /usr/lib/lp/locale/88597/LCL_PRINT /usr/lib/lp/locale/88599/LCL_PRINT /usr/lib/lp/locale/PC437/LCL_PRINT /usr/lib/lp/locale/PC850/LCL_PRINT /usr/lib/lp/locale/PC860/LCL_PRINT /usr/lib/lp/locale/PC863/LCL_PRINT /usr/lib/lp/locale/PC865/LCL_PRINT /usr/lib/lp/lpNet /usr/lib/lp/lpsched /usr/lib/lpsched /usr/lib/mail/execmail /usr/lib/netcfg/bin/ndcfg /usr/lib/netcfg/control/tcp /usr/lib/nfs/lockd /usr/lib/nfs/pcnfsd /usr/lib/ppp/psm/ip_rt /usr/lib/ppp/psm/lcp_rt /usr/lib/reject /usr/lib/saf/sac /usr/lib/saf/ttymon /usr/lib/scoadmin/modem/modemGUI /usr/lib/scoadmin/netosa/serialOsa /usr/lib/scoadmin/serial/serialGUI /usr/lib/sendmail /usr/lib/vxvm/bin/vxbootsetup /usr/lib/vxvm/voladm.d/lib/vxadm_syslib.sh /usr/sadm/install/bin/pkginstall /usr/sadm/install/scripts/i_exit /usr/sbin/accept /usr/sbin/ap /usr/sbin/arp /usr/sbin/crash /usr/sbin/cron /usr/sbin/cs /usr/sbin/disksetup /usr/sbin/dlpid /usr/sbin/getty /usr/sbin/groupadd /usr/sbin/groupdel /usr/sbin/groupmod /usr/sbin/grpck /usr/sbin/hostmibd /usr/sbin/in.ftpd /usr/sbin/in.otalkd /usr/sbin/in.rarpd /usr/sbin/in.rexecd /usr/sbin/in.rlogind /usr/sbin/in.talkd /usr/sbin/in.telnetd /usr/sbin/in.timed /usr/sbin/init /usr/sbin/lpsystem /usr/sbin/ndc /usr/sbin/ndcfg /usr/sbin/pkgadd /usr/sbin/pkgask /usr/sbin/pkgcat /usr/sbin/pkgchk /usr/sbin/pkginstall /usr/sbin/pkgrm /usr/sbin/pppd /usr/sbin/pwck /usr/sbin/reject /usr/sbin/rtpm /usr/sbin/sar /usr/sbin/sulogin /usr/sbin/syslogd /usr/sbin/traceroute /usr/sbin/trap_rece /usr/sbin/useradd /usr/sbin/userdel /usr/sbin/vxdump /usr/sbin/wall /usr/ucb/grpck /var/yp/ypbuild ---------------------------------------------------------------------------- IV. Escalation Fixes in this Maintenance Pack Fixes in Maintenance Packs 1, 2, and 3: fz517873, fz518024, fz516979, fz518061, fz516313, fz516107, fz516955, fz517599, fz518139, fz517616, fz515727, fz518062, fz517812, fz518141, fz518190, fz516067, fz518244, fz518320, fz518317, fz519152, fz518862, fz518166, fz518999, fz519537, fz519561, fz518451, fz520171, fz519576, erg711728/fz517761, erg501510/fz517153, erg711762/fz517998, erg501262/fz176128, erg711792/fz518483, erg711792/fz518483, erg711602/fz515690, erg711743/fz517933, erg711722/fz517644, erg711789/fz518450, erg711724/fz517646, erg711813/fz518652, erg711797/fz518487, erg501536 fz148034, erg711211/fz510320, erg501497/fz516008, erg501494/fz515717, erg711795/fz518501, erg711808/fz518630, erg711788/fz518448, erg711619/fz193896, erg711776/fz518303, erg501530/fz518348, erg711768/fz518242, erg711763/fz518153, erg711469/fz513175, erg711771/fz518090, erg501537/fz518642, erg711806/fz518480, erg711845/fz517494, erg711845/fz518379, erg711845/fz518672, erg711845/fz518321, erg711570/fz515232, erg711726/fz517671, erg711848/fz518916, erg711620/fz515821, erg711654/fz516440, erg501521/fz517866, erg711842/fz518875, erg711855/fz518968, erg501457/fz514186 erg711787/fz518445, erg711787/fz518445, erg711777/fz516670, erg711879/fz519190, erg711866/fz519087, erg501431/fz181490, erg711755/fz518021, erg711497/fz513836, erg711862/fz519039, erg711869/fz519119, erg501540/fz518889, erg711904/fz519327, erg711870/fz519120, erg711881/fz519245, erg501502/fz516288, erg711893/fz518970, erg711637/fz516225, erg711888/fz519310, erg711448/fz512630, erg711630/fz516139, erg711901/fz518166, erg501532/fz518460, erg711914/fz519540, erg501547/fz519410, erg711909/fz519474, erg711820/fz518679, erg711771/fz518288, erg711908/fz519403, erg711643/fz516290, erg711919/fz519604, erg711818/fz518671, erg711569/fz515210, erg711885/fz519280, erg711890/fz519311, erg711708/fz517440, erg711891/fz519313, erg711867/fz519092, erg711831/fz518746, erg711857/fz518986, erg711711/fz517518, erg711816/fz518665, erg711817/fz518666, erg501553/fz519616, erg711935/fz519762, erg711964 fz520190, erg501555/fz519741 New in Maintenance Pack 4: erg711964/fz520190, erg711815/fz518659, erg711861/fz519008 erg711991/fz520365, erg711993/fz520177, erg711883/fz519251 erg711955/fz520093, erg501576/fz520203, erg711961/fz520133 erg711937/fz519781, erg711929/fz519727, erg711994/fz520208 erg712027/fz520699, erg712024/fz520666, erg711766/fz518198 erg711860/fz519005, erg501108/fz172739, erg711563/fz515175 erg712005/fz520513, erg711939/fz519804, erg711945/fz519905 erg501390/fz224459, erg711957/fz520136, erg712039/fz520195 erg711814/fz518658, erg711992/fz520373, erg711942/fz519829 erg712044/fz520297, erg712047/fz520574, erg712046/fz520460 erg501595/fz520652, erg501611/fz520990, erg712031/fz520798 erg711952/fz520009, erg712157/fz518020, erg712172/fz526750 erg712093/fz521051 fz519576, fz519536, fz519783, fz520405, fz514721, fz520171 fz521110 New in Maintenance Pack 5: erg712086/fz521356 erg712069/fz521165 erg712060/fz521088 erg501622/fz521411 erg712065/fz520882 erg712065/fz520882 erg712032 fz520821 erg712071/fz521199 erg712112/fz525927 erg712108/fz525920 erg711621/fz515908 erg711623/fz515951 erg711575/fz515294 fz516809 fz521536 erg712091/fz521398 erg712098/fz525652 erg501649/fz525848 erg501668/fz526254 erg501673/fz526330 erg501678/fz526352 erg501674/fz526341 erg501669/fz526275 erg712150/fz519426 erg712043/fz520866 erg711952/fz520009 erg712059/fz526562 erg712055/fz521053 erg712157/fz518020 erg712172/fz526750 erg501616/fz521097 erg712041/fz520932 erg501650/fz525867 erg712153/fz526540 erg712109/fz525923 erg501642/fz525725 erg501689/fz521238 erg712182/fz526861 erg712190/fz526894 erg501604/fz520887 erg501486/fz515369 erg710968/fz228419 erg501634/fz525626 erg501704/fz527067 erg501602/fz520882 erg712062/fz521092 erg712163/fz526524 New CSSA (Security) fixes in Maintenance Pack 5: CSSA-2002-SCO.42 CSSA-2002-SCO.43 CSSA-2002-SCO.44 CSSA-2003-SCO.1 CSSA-2002-SCO.23 CSSA-2002-SCO.30 CSSA-2002-SCO.41 CSSA-2002-SCO.27 CSSA-2002-SCO.36 CSSA-2002-SCO.29 New in Maintenance Pack 6: erg501636/fz525650 erg501658/fz521100 erg501666/fz526164 erg501681/fz526404 erg501703/fz526973 erg501706/fz527158 erg501710/fz527253 erg501718/fz527462 erg501720/fz527517 erg501722/fz527554 erg711958/fz520138 erg712090/fz521367 erg712084/fz521297 erg712093/fz521051/CSSA-2002-SCO.44 erg712151/fz526496 erg712152/fz526505 erg712156/fz526585 erg712184/fz526355 erg712209/fz527217 erg712215/fz527244 CSSA-2003-SCO.3/erg712227/fz527425 erg712230/fz527439 erg712247/fz527484 erg712266/fz527550 erg712267/fz527520 erg712274/fz527623 erg712276/fz527629 erg712295/fz527776 erg712312/fz527879 erg712321/fz527939 erg712337/fz528010 erg712340/fz527991 fz199364 fz527750 fz527802 fz527931 fz527934 New in Maintenance Pack 7: erg501731/fz527737 erg712154/fz526541 erg712177/fz526823 erg712220/fz527292 erg712236/fz527456 erg712289/fz527728 erg712319/fz527935 erg712327/fz527968 erg712331/fz527984 erg712347/fz528048 erg712348/fz528051 erg712358/fz528079 erg712361/fz528100 erg712362/fz528070 erg712379/fz528144 erg712384/fz528152 erg712386/fz528169 erg712389 fz528172 erg712390/fz527957 erg712393/fz528133 erg712396/fz528199 erg712397/fz528056 erg712399/fz528204 erg712414/fz528159 erg712419/fz528238 erg712428/fz528292 erg712433/fz528320 erg712441/fz528135 erg712444/fz528361 erg712445/fz528372 erg712451/fz528400 erg712469/fz528435 erg712480/fz528467 erg712482/fz528474 erg712484/fz528479 erg712501/fz528513 erg712507/fz528536 erg712509/fz528555 erg712524/fz528656 erg712542/fz528770 erg712550 fz528887 erg712596/fz529361 fz521540 fz528035 fz528222 fz528409 fz528522 fz528714 fz528895 fz528905 ---------------------------------------------------------------------------- (c) Copyright 2004 The SCO Group, Inc. All rights reserved.