Patch Name: PHNE_28767 Patch Description: s700_800 10.26 yppasswdd(1M) patch Creation Date: 03/04/26 Post Date: 03/06/02 Hardware Platforms - OS Releases: s700: 10.26 s800: 10.26 Products: N/A Filesets: NFS.NIS-SERVER Automatic Reboot?: No Status: General Release Critical: No Path Name: /hp-ux_patches/s700_800/10.X/PHNE_28767 Symptoms: PHNE_28767: 1. The rpc.yppasswdd process dies. 2. rpc.yppasswdd deamon does not handle signals properly. PHNE_17603: If yppasswdd(1M) is launched from a non-root user, there is a potential for corrupting the NIS protected password database. Defect Description: PHNE_28767: 1. Buffer overflow in rpc.yppasswdd. Resolution: Code has been modified to fix the buffer overflow. 2. rpc.yppasswdd daemon started by other programs,which does not honor certain signals can't be terminated as rpc.yppasswdd daemon does not reinitilalize the signal mask. Resolution: Code has been modified to reinitialize the signal mask of rpc.yppasswdd daemon. PHNE_17603: yppasswdd(1M) does not raise cvtlabel. Resolution: Raise cvtlabel and add cvtlabel to the FCDB. SR: 8606276016 Patch Files: /usr/lib/netsvc/yp/rpc.yppasswdd /etc/auth/system/files.fcdb/15.net/PHNE_17603.fcdb what(1) Output: /usr/lib/netsvc/yp/rpc.yppasswdd: 2003/05/06 Hewlett-Packard HP-UX 10.26 TOS [ ic5hw - DAV17 ] 03/05/05 services/NFS/cmds/usr.etc/rpc.ypprpassd.c, hpux, hpux_10.26, ic5hw Revision 1.18 PATCH_ 10.26 (PHNE_28767) 03/04/25 services/NFS/cmds/usr.etc/logging.c, hpux, hpux_10.26, ic5hw Revision 1.5 PATCH_10.26 ( PHNE_28907) /etc/auth/system/files.fcdb/15.net/PHNE_17603.fcdb: 99/02/10 etc/auth/system/files.fcdb/15.net/PHNE_1760 3.fcdb, hpux, hpux_10.26, ic5au Revision 1.1 PATCH_10.26 (PHNE_17603) cksum(1) Output: 2921500864 24576 /usr/lib/netsvc/yp/rpc.yppasswdd 2230452253 452 /etc/auth/system/files.fcdb/15.net/ PHNE_17603.fcdb Patch Conflicts: None Patch Dependencies: None Hardware Dependencies: None Other Dependencies: None Supersedes: PHNE_17603 Equivalent Patches: None Patch Package Size: 70 KBytes Installation Instructions: Please review all instructions and the Hewlett-Packard SupportLine User Guide or your Hewlett-Packard support terms and conditions for precautions, scope of license, restrictions, and, limitation of liability and warranties, before installing this patch. ------------------------------------------------------------ 1. Back up your system before installing a patch. 2. Login as root. 3. Copy the patch to the /tmp directory. 4. Move to the /tmp directory and unshar the patch: cd /tmp sh PHNE_28767 5a. For a standalone system, run swinstall to install the patch: swinstall -x autoreboot=true -x match_target=true \ -s /tmp/PHNE_28767.depot By default swinstall will archive the original software in /var/adm/sw/patch/PHNE_28767. If you do not wish to retain a copy of the original software, you can create an empty file named /var/adm/sw/patch/PATCH_NOSAVE. WARNING: If this file exists when a patch is installed, the patch cannot be deinstalled. Please be careful when using this feature. It is recommended that you move the PHNE_28767.text file to /var/adm/sw/patch for future reference. To put this patch on a magnetic tape and install from the tape drive, use the command: dd if=/tmp/PHNE_28767.depot of=/dev/rmt/0m bs=2k Special Installation Instructions: None