UNIX FIXLIST 2006 - CA Technologies
{{search ? 'Close':'Search'}}

CA Access Control
UNIX CR FIXLIST 2006

Fix Description eAC versions Problem ID TestFix ID/Package ID Published ID OS Included in CR
5.1 5.3 8.0
If encryption method is triple des, data query from GUI got an error message saying "unpacking data failed". 5.0         CR Nov 05 CR Jan 06 CR Sep 05
     
5.1 764 T243397    
     
5.3 764 T243263   SUN
T243404   HP
8.0        
     
MEMORY LEAKS IN AC API 5.0         CR Nov 05 CR Jan 06  
     
5.1 1011 T365125   SUN
T365129   AIX
5.3   B532104   UNIX
B532105   UNIX
8.0        
     
This fix addresses a situation where selogrd was reporting errors in /var/adm/messages saying eTrust Audit file is corrupted 5.0         CR Nov 05 CR Jan 06 CR Dec 05
     
5.1 587 T386083   SUN
     
5.3   B531973   UNIX
     
8.0        
     
Deleted uid never be re-used for the new user 5.0         CR Nov 05 CR Jan 06 CR Dec 05
     
5.1 638 T243204   HP
     
5.3   B531665    
     
8.0   B801278   HP
     
Add option to preserve system flags for password. 5.0         CR Nov 05 CR Jan 06 CR Dec 05
     
5.1 607 T386090 QO59604 AIX
T243269   AIX
T243279   AIX
T243257   AIX
T243256   AIX
T243220   AIX
5.3   B531858   UNIX
     
8.0        
     
SEPASS LDAP INTEGRATION 5.0         CR Nov 05 CR Jan 06 GA
     
5.1 579 T313131   SUN
T313148   HP
5.3   B531850   UNIX
     
8.0        
     
SEREPORT REPORT 13 LEGEND 5.0         CR Nov 05 CR Jan 06 CR Dec 05
     
5.1   B512721   SUN
     
5.3   B532054    
B801629    
8.0        
     
FTP CONNECTION OPERATION
This fix addresses a situation where surrogate was not effective when non-root user runs ftp on AIX
5.0         CR Nov 05 CR Jan 06 CR Dec 05
     
5.1   B512723   AIX
     
5.3   B532021   AIX
     
8.0        
     
Prior to this fix outbound connection had no user when ACEEH=0 5.0         CR Nov 05 CR Jan 06 CR Dec 05
     
5.1   B512711   LINUX
     
5.3   B532077   LINUX
     
8.0   B801669   LINUX
     
LINUX - ITANIUM AS/ES 3.0 2.4.21-20 SUPPORTTHIS FIX IS FOR LINUX RHAT IA64
This fix provides support for the REDHAT 3.0 2.4.21-20 kernel.
5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3       LINUX
     
8.0 1067 T49C019 QO74424 LINUX
     
LINUX - SLES 9 SP2 SUPPORT FOR AMD64/EM64T
THIS FIX ISFOR LINUX SUSE 9.0 SP2
This fix provides support for SLES 9 SP2 on the AMD64/EM64T architecture.
5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3   B532083   LINUX
B532103    
8.0 1066 T49C018 QO74371 LINUX
     
This fix addresses a situation where on audit log, user field indicated as _undefined instead of significant user name 5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3 1064 T243407    
     
8.0   B801654    
     
This fix addresses a situation where baseline rules for programs were generated without warning mode 5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3   B532059    
     
8.0   B801641    
     
This fix addresses a situation where in very specific cases the DBMGR -dump, could bring inconsistent output for same object ID 5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3   B532055    
     
8.0   B801632    
     
This fix addresses a situation where in sereport 11 output for the FILE /bogus an ACL is reported correctly, but for _default this ACL appears to be carried down from what was reported for /bogus. 5.0           CR March 06 CR Dec 05
     
5.1        
     
5.3   B532047    
     
8.0   B801620    
     
This fix addresses a situation where on HP11.23 Itanium, a terminal IP was not retrieve correctly
5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3 1065 T3E7060    
     
8.0   B801618    
     
This fix addresses a situation where in sereport 11 ACL of a record have been carried down for wrong resource. 5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3   B532044   UNIX
     
8.0   B801617    
     
This fix addresses a situation where on Ape function, option to disable logging didn't work for sesudo 5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3 1046 T243400   SUN
     
8.0   B801587    
     
This fix addresses a situation where we didn't check the status WARNING of PACL authorization, 5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3 1074 T243408   SUN
     
8.0   B801677    
     
This fix addresses a situation where OSMIC for ES 3 Kernel 2.4.21-37.EL had to be corrected 5.0           CR Jan 06 CR Dec 05
     
5.1        
     
5.3   B532094   LINUX
     
8.0   B801703   LINUX
     
This fix addresses a situation where the command 'seaudit -a -detail' incorrectly reported all outbound connections as inbound 5.0           CR Jan 06  
     
5.1        
     
5.3 1049 TC73473   AIX
     
8.0        
     
This fix addresses a situation where sebuildla removed the wrong duplicate user name.
If there were duplicated uid's in the user-list it is possible that the original user-name was removed leaving the duplicated uid in its place
5.0           CR Jan 06 CR Feb 06
     
5.1        
     
5.3 1086 TC73476   AIX
TC73477   AIX
TC73478   HP
TC73479   SUN
8.0   B801775   UNIX
     
This fix addresses a situation where SEOS_load script had a CR symbol. 5.0           CR Jan 06  
     
5.1        
     
5.3 1060 T315082   SUN
     
8.0        
     
This fix addresses a situation where client logins to the PM standalone he uses his Unix user/password, and he logins with no problem. But when he reviewed the audit log there was a Denied Audit event for his Windows Domain user. 5.0           CR Jan 06  
     
5.1        
     
5.3 1068 T4A1028   UNIX
     
8.0        
     
This fix addresses a situation where sedb2scr -r -c LOGINAPPL
DBMGR -export -r -c LOGINAPPL
returned an incorrect value for the loginmethod if the loginmethod is PSEUDO
5.0           CR Jan 06 CR Feb 06
     
5.1        
     
5.3   B532134   UNIX
     
8.0        
     
This fix addresses a situation where DBMGR -E -R generated an error message when password rules is set to off 5.0           CR Jan 06 CR Feb 06
     
5.1        
     
5.3   B532135   UNIX
     
8.0   B801768    
     
This fix addresses a situation where some tokens were not copied to new seos.ini during upgrade 5.0         CR June 06 CR Jan 06 CR Feb 06
     
5.1 1123 T313208    
     
5.3   B532141   UNIX
     
8.0   B801776    
     
This fix addresses a situation where the audit.cfg file
is configured to exclude audit records the engine (seosd) will core dump. The records used in the audit.cfg file that resulted in this condition are:
LOGINAPPL; USR_SBIN_CRON;*;*;*;*;
TERMINAL; _CRON
5.0           CR Jan 06 CR Feb 06
     
5.1        
     
5.3   B532132   UNIX
     
8.0   B801778    
     
After SUN changed their pam.conf and PAM framework starting Solaris 9, after installation of AC with line dtlogin auth optional /usr/lib/security/pam_seos.so
in /etc/pam.conf file, instead of normal CDE login screen on console user got small error windows
5.0         CR June 06 CR Jan 06 CR Jul 06
     
5.1   B512781    
     
5.3   B532101   SUN
     
8.0   B801810    
     
This fix addresses a situation where client gets three audit entries for each SSH login when he expects only one according to the rules applied to the LOGINAPPL class 5.0           CR Jan 06 CR Feb 06
     
5.1        
     
5.3   B532117   UNIX
     
8.0   B801741    
     
This fix addresses a situation where selogrd had memory leak 5.0           CR Jan 06 CR April 06
     
5.1        
     
5.3 1088 T4CC042   UNIX
     
8.0        
     
This fix addresses a situation where Network rules not enforced after SEOS_load -s and starting eAC without another inetd cycle 5.0           CR Jan 06  
     
5.1        
     
5.3   B532130   SUN
     
8.0        
     
This fix addresses a situation where sesu fails using own password (crypt issue) on Linux Itanium 5.0           CR Jan 06  
     
5.1        
     
5.3   B532064   LINUX
     
8.0        
     
This fix addresses a situation where when installing with baseline rules, the PROGRAM objects created by the via(pgm())rules were not in a warning mode 5.0           CR Jan 06 CR April 06
         
5.1        
     
5.3   B532081   AIX
     
8.0   B801686    
     
This fix addresses a situation where if you define a parent PMDB in seos.ini and start eAC, you will see an error (caused when seagent calls sepmdpull):
ERROR: You are not connected to any host or PMDB
5.0           CR Jan 06  
         
5.1        
     
5.3   B532088   UNIX
     
8.0        
     
This fix addresses a situation which detected on AIX 5.1 ML4 or above/AIX5.2 ML04 or above
-------------------
Vendor added a new undocumented reboot command option, it is 'reboot -p' , means reboot preparation.
After this command eAC goes down.
5.0           CR Jan 06 CR Jul 06
     
5.1        
     
5.3   B532089   AIX
     
8.0   B801687    
     
This fix addresses a situation where the command 'seaudit -a -detail' incorrectly reportsoutbound connections as inbound 5.0           CR Jan 06  
     
5.1        
     
5.3   B532029   UNIX
     
8.0        
     
This fix addresses a situation where during upgrade procedure, in case the /etc/pam.d/system-auth file was used, our pam_seos module would be added without restoring the previous setting 5.0           CR Jan 06  
     
5.1        
     
5.3   B532035   LINUX
     
8.0        
     
eAC Support for x86 Solaris 10(AMD) was added 5.0             CR Feb 06
     
5.1        
     
5.3        
     
8.0 1099 T313206   SUN
     
eAC Support for LINUX-SLES 9 SP3 X86,AMD64 was added 5.0             CR Feb 06
     
5.1        
     
5.3        
     
8.0 1107 T551007   LINUX
     
added AES encryption support as part of the product and installation 5.0             CR Feb 06
     
5.1        
     
5.3        
     
8.0   B801722   UNIX
     
eAC Support for SLES 9 SP3 on s390X was added 5.0           CR March 06 CR Feb 06
     
5.1        
     
5.3   B532169   LINUX
     
8.0   B801787   LINUX
     
This fix addresses a situation where When running seload, in some environments it returned a non-zero value (108, 116, 140) even though it run successfully. Now it will return 0 5.0           CR March 06 CR Feb 06
     
5.1        
     
5.3 1101 T313207   SUN
     
8.0   B801792    
     
This fix addresses a situation where "java -version" crashed after sesu to another user on AIX 5.3 5.0           CR March 06 CR Feb 06
     
5.1        
     
5.3 1107 T243409   AIX
     
8.0   B801820    
     
eAC Support for SLES 9 SP3 on Itanium (IA64) was added 5.0             CR Feb 06
     
5.1        
     
5.3        
     
8.0   B801787   LINUX
     
Added more description in seos.ini file for better understanding of fork synchronization.
value for synchronize_fork is set according to the platform during installation
5.0           CR March 06 CR Feb 06
     
5.1        
     
5.3   B532163
   
     
8.0   B801828   UNIX
     
eAC Support for SLES 9 SP1 on Linux Itanium (IA64) was added 5.0             CR Feb 06
     
5.1        
     
5.3        
     
8.0   B801835   LINUX
     
This fix addresses a situation with boundary check when SEPASS option is used to generate new password automatically 5.0         CR June 06 CR March 06 CR Feb 06
     
5.1   B512775    
     
5.3   B532174    
     
8.0   B801851   UNIX
     
This fix addresses a situation wherea new user was created in eAC Windows to allow Unix useradministrate eAC Windows, selang command: host <NT host> showed an error when it was connected from SUN box 5.0           CR March 06  
     
5.1        
     
5.3   B532175   SUN
     
8.0        
     
This fix addresses a situation where ServicePort token in seos.ini was set to a port number selogrd generates too many messages to syslog.
5.0           CR March 06 CR April 06
     
5.1        
     
5.3 1111 T243410   AIX
T243411   SUN
T243412   HP
8.0   B801850   AIX
     
This fix addresses a situation where on AIX a system hanged due to wakeup thread on event instead thread itself 5.0           CR March 06  
     
5.1        
     
5.3 1109 T315084   AIX
     
     
8.0        
     
This fix addresses a situation where CAWIN library for HP-UX IA64 did not look on the default path and caused some selang commands output to be incorrect on Japanese operating systems 5.0           CR March 06  
     
5.1        
     
5.3   B532151   HPUX-IA64
     
8.0        
     
This fix enables the ability to perform audit filtering for LOGINAPPL and LOGOUT. Previously if the audit.cfg file was updated to contain an entry for LOGINAPPL and LOGOUT.audit records for LOGINAPPL and LOGOUT would still occur 5.0           CR March 06 CR April 06
     
5.1        
     
5.3   B532148
B532157
  UNIX
     
8.0   B801836    
     
This fix addresses a situation where encryption type was not set correctly during install when using savesfg file and the chosen method is TRIPLEDES and the encryption key is 3DES 5.0           CR March 06  
     
5.1        
     
5.3   B532146   UNIX
     
8.0        
     
This fix addresses a situation where PAM_SEOS was crashing because we did not link it with libnsl and libsocket libraries appropriately 5.0           CR March 06 CR April 06
     
5.1        
     
5.3 965 T365141   SUN
     
8.0   B801883    
     
Fixed omission to compress device number when bypass_realpath is set to 1 in seos.ini file. 5.0           CR March 06  
     
5.1        
     
5.3 1114 T537016   SUN
     
8.0        
     
This fix addresses a situation where if somebody performed login through TERMINAL in WARNING
mode, graselogins count did not decrease.
5.0           CR March 06 CR April 06
     
5.1        
     
5.3 1119 T365140   AIX
     
8.0   B801873    
     
This fix addresses a problem where seaudit option "-delim" was applied to date format 5.0           CR March 06 CR Jul 06
     
5.1        
     
5.3 1116 T243414   LINUX
     
8.0   B801872    
     
This fix addresses a situation where client run Linux AMD64 (Red Hat AS & ES) 4.0 with kernel revision 2.6.9-22.EL an eAC R5.3 0601 (QO76383) and reported problems trying to load the eAC kernel module. 5.0           CR March 06  
     
5.1        
     
5.3 1121 TC73480   LNX-AMD64
     
8.0        
     
We added a note in the seos.ini file that synchronize_fork is not applicable for AIX. 5.0           CR March 06 CR April 06
     
5.1        
     
5.3   B532177   AIX
     
8.0   B801863    
     
Added support for Redhat AS 3.0 Update 6 for x86_64 5.0           CR March 06  
     
5.1        
     
5.3   B532187   LINUX
     
8.0        
     
This fix addresses a situation in case of panic call which used to cause crash when freeing a free request buffer, there will be error in the log messages instead 5.0           CR March 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532190   AIX
     
8.0 1153 T5BF005    
B811015    
This fix makes sure that when pam_seos.debug_mode_for_user = yes and there is a LOGINAPPL rule which should deny access, an eAC-related message will be displayed before closing connection 5.0           CR March 06 CR Jul 06
     
5.1        
     
5.3   B532195   UNIX
     
8.0   B801885    
     
This fix makes sure that when logging in through telnet, remote host is recognized and set to "console" 5.0           CR March 06  
     
5.1        
     
5.3   B532203   HP-UX
     
8.0        
     
This fix addresses following situations on Japanese OS:
1.support.sh displayed incorrect location to place support.tar
2.file name support.sh was incorrectly translated
5.0           CR March 06 CR Jul 06
     
5.1        
     
5.3   B532204   UNIX
     
8.0   B801897    
     
This fix addresses a situation where on HPUX-IA64 selogrd, selogrcd, and serevu daemons didn't start when they were invoked from another machine
5.0             CR April 06
     
5.1        
     
5.3        
     
8.0   B801899   HPUX-IA64
     
This fix addresses a situation where eAC failed to intercept inbound network connection for IPv6, with the following SSH rule, the access is not denied.
nr TCP SSH defacc(n) owner(nobody)
so class+(TCP)
5.0           CR May 06 CR April 06
     
5.1        
     
5.3 1130 T4CC044   LINUX
     
8.0   B801907    
     
This fix is an addition of LDAP support for user lookaside tables in sebuildla. We now use a separate file for storing LDAP user password (ldapcred.dat) 5.0             CR April 06
     
5.1        
     
5.3        
     
8.0   B801812   UNIX
     
This fix represent PAM 64 support. It resolve PAM issues on 64 bit machines with 32 bit user mode 5.0             CR April 06
     
5.1        
     
5.3        
     
8.0   B801818   LINUX390
    LINUX-IA64
This fix addresses a situation where there was a need to add priority for user and group in creating new data store such as Active Directory for SSO product usage
5.1             CR April 06
     
5.2        
     
8.0   D800463   UNIX
     
This fix addresses a situation where there was an error in the Policy Manager SDO configuration file that would stop it from working when trying to deploy the install to a remote machine
5.1             CR April 06
     
5.2        
     
8.0   D800465   UNIX
     
This fix addresses a situation where using SEAM GUI, on resources tab and after selecting login application, segmentation fault occurred at random intervals and the window was getting closed 5.0             CR April 06
     
5.1        
     
5.3        
     
8.0   G800045   UNIX
     
This fix enables Policy Manager to:
1. Support user name with "()".
2. Returns a proper error message when entering
an incorrect password.
3. Support conversion from EBCDIC to ASCII.
5.0             CR Apr 06
     
5.1        
     
5.3        
       
8.0 2012 T243413   UNIX
     
This fix addresses a situation where during upgrade from 5.3 to 8.0 etc files were updated 5.0           CR May 06 CR Dec 05
     
5.1        
     
5.3   B532214    
     
8.0   B801710   HP-UX
B801716    
Japanese message now appear when running "seaudit -t | grep ^17" 5.0           CR May 06  
     
5.1        
     
5.3   B532215   UNIX
     
8.0        
     
This fix addresses a situation where on a multi-processor system under heavy stress, a seosd thread might panic when ficallback() attempts to acquire a spinlock that is released by another thread calling ficlose(). 5.0         CR June 06 CR May 06 CR Jul 06
     
5.1 1133 T3E7064   HP-UX
     
5.3   B532205    
     
8.0   B801946    
     
New token "bypass_services = ftp" was added in seos.ini.
This token determines which services (applications) will be bypassed by PAM_SEOS.
By default ftp is specified by the token to be bypassed. You can remove the token to enable our Pam authenticate so that you will see attempt login for ftp if it happens.
5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532228
B532153
  UNIX
     
8.0   B801931    
     
This fix addresses a situation where on AIX, Since 5.3, the LOGINAPPL for RLOGIN and TELNET should have had flags set to "no login".
A clean install sets the flags correctly, but an upgrade from 5.1SP2 (where these flags did not exist) to 5.3 doesn't set them. It causes problems with login.
5.0           CR May 06 CR Jul 05
     
5.1        
     
5.3   B532172   AIX
     
8.0   B801844    
     
eAC/Unicenter event integration and logs were enhanced:
* The user column in the Unicenter console now contains the user that generated the violation on the eAC side.
* The message column now includes the level of detail that the Access Control seaudit file have.
5.0           CR May 06  
     
5.1        
     
5.3   B532188   UNIX
     
8.0        
     
This fix addresses a situation when using eAC with eAudit Security Monitor. Where the events forwarded via selogrd to eAudit for seoswd events didn't contain the same informative content available when using seaudit. In case that file information was changed on file system, on eTrust Audit side it appeared as "Unknown Reason" instead of "File information changed on file system" 5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532202   LINUX
     
8.0   B801942    
     
This fix addresses a problem that happens if a client is attempting to upgrade to a newer eAC release and test fix number T365104 is installed on his Solaris box- upgrade will fail due to a validation error that occurs while processing MinVer information 5.0           CR May 06  
     
5.1        
     
5.3 1122 TC73481   SOLARIS
     
8.0        
     
RSV can be install now only through install_base script.
The option to install it manually through install_rsv is now disabled.
5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532211   UNIX
     
8.0   B801963    
     
This fix is related to SSO where memory leak were found using AZN Access Token. The problem was that although Policy Server called SEOSROUTE_CloseRequestAzn() to free AC AZN handle, it didn't get freed because seosd reported that this handle doesn't exist in its handles table 5.0         CR June 06 CR May 06 CR Jul 06
     
5.1 1126 T365142   HP
T365143   SUN
T365144   AIX
T365145   AIX
T365146   HP-UX
5.3   B532219   UNIX
     
8.0   B801917    
     
This enhancement allows a logged in user executing "exec login" in a script to be identified as a login event. Currently on some operating systems when user john telnet's into a system, and then executes a script to "exec login" as user Dave, eTrust Access Control does not recognize the login event 5.0           CR May 06 CR Jul 05
     
5.1        
     
5.3   B532216   UNIX
     
8.0   B801908    
     
This fix addresses a situation where customer complained that he does not get failed SSH login events on HP-UX 5.0         CR June 06 CR May 06 CR Jul 06
     
5.1   B512785    
     
5.3   B532222   HP-UX
     
8.0   B801932    
     
This fix addresses a situation where until now when shutting down, SEOS_syscall eAC didn't check if ENF is also intercepting syscalls 5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532223   AIX
     
8.0   B801939    
     
This fix addresses a situation where if executing "SEOS_load -u" to unload the SEOS kernel extension, it restarts inet and sshd even if it is not using the SEOS STREAMS module.(SEOS_use_streams token in seos.ini is set to "no").
5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3 1132 T3E7063   HP-UX
     
8.0   B801947    
     
This fix addresses a situation where if any process in the system has seagent name then SEOS_laod refuses to unload kernel module 5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532225   LINUX
     
8.0   B801937    
     
This fix addresses a situation where seos.audit permissions could not have been be specified even if "secaudit" was defined as audit group during installation 5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532226   UNIX
     
8.0   B801938    
     
This fix addresses a situation where if client is connected from a stand alone GUI, selection on Today's audit log doesn't work. With this fix the information is displayed on TODAY's selection. 5.0         CR June 06 CR May 06 CR Jul 06
     
5.1 1134 T243417   HP-UX
     
5.3        
     
8.0   B801941    
     
This fix addresses a situation where due to a previous fix, sesudo don't return denial when denial is found; sesudo continues checking with allow parameters. According to the design, sesudo should return as it is denial when denial parameters are found or matched. 5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532231   UNIX
     
8.0   B801945    
     
This fix addresses a situation whereseos.collect files are not owned by audit_grp after upgrade 5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532232   UNIX
     
8.0   B801968    
     
This fix addresses a situation where a client failed to install 64 bit pam_seos.so on Solaris 9 5.0           CR May 06  
     
5.1        
     
5.3   B532234   SUN
     
8.0        
     
Fixed a panic situation in remove_OPTMGMT_REQ_msg() 5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532236   SUN
     
8.0   B801956    
     
This fix addresses a situation where API whoami showed several compilation errors while
compiling. Now compilation is successful and a binary are created by the name sample_WhoAmI
5.0           CR May 06  
     
5.1        
     
5.3   B532238   LINUX
     
8.0        
     
This fix addresses a situation where aproblem in loading SEOS_syscall for Linux 4 was found 5.0           CR May 06  
     
5.1        
     
5.3 1131 T243416   LINUX
     
8.0        
     
This fix addresses a situation where API mymode showed several compilation errors while
compiling. Now compilation is successful and a binary by the name sample_mymode is created
5.0           CR May 06  
     
5.1        
     
5.3   B532239   LINUX
     
8.0        
     
This fix addresses a situation where API musexamp showed several compilation errors while
compiling. Now compilation is successful and a binary by the name musexamp is created
5.0           CR May 06  
     
5.1        
     
5.3   B532240   LINUX
     
8.0        
     
This fix addresses a situation where eTrust Access Control is running on HP-UX 11.23, execute the following:
mount /dev/vg00/lvol5 /mnt
mount /dev/vg00/lvol6 /mnt/test
umount /mnt/test
umount /mnt
The second umount, "umount /mnt", will fail with "Device busy". This only occurs on HP-UX version greater than 11.11
5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   B532241   HP-UX
     
8.0   B802024    
     
This fix addresses a situation where sepassapi API showed several compilation errors while compiling. Now compilation is successful and a binary by the name sepass_sample is created
5.0           CR May 06  
     
5.1        
     
5.3   B532246   LINUX
     
8.0        
     
SEOS_load fails to restart inetd when inetd previously started with a option. i.e.: inetd -l
SEOS_load fails to retrieve inetd process id when a process named "xxxinetd" like "ajsinetd" is running.
5.0           CR May 06 CR Jul 06
     
5.1 1110 T4CC043   HP-UX
     
5.3   B532229    
     
8.0   B801940    
     
SSO - This fix addresses a problem where Policy Manager didn't support username with "," for Active Directory data store. 5.0           CR May 06  
     
5.1        
     
5.3   D200733   UNIX
     
8.0        
     
RSV can be installed now on Linux S390 through the install_base script 5.0         CR June 06    
     
5.1   B512763   LINUX S390
     
5.3        
     
8.0        
     
SEOS_load script did not stop inetd and restart it on HP Itanuim when "SEOS_use_streams = yes" in seos.ini and inetd is used with arguments 5.0         CR June 06    
     
5.1   B512776   HP-UX
     
5.3        
     
8.0        
     
FILE class rules defined in '/' are not being parsed correctly by get_realname. The problem addressed by this fix is specific to the creation of new files defined in the database. If a file is defined to SeOS with defaccess(none) attempts to create a file in '/' fail to prevent the file creation. Once the file is created then get_realname will parse the file properly and the rules defined for the file will be enforced. 5.0         CR June 06 CR Aug 06 CR Jul 06
     
5.1   B512778   LINUX
     
5.3   B532199    
     
8.0   B801888    
     
When starting eAC on HP-UX using seload, it prompted "ERROR timeout waiting for eTrust daemon". The seosd daemon delayed in the dbserv_ini() call. The delay was caused by unnecessary database rebuild. If the database is large enough and also depending on the system load, it could cause seload to timeout 5.0         CR June 06    
     
5.1 1125 T3E7062   HP-UX
     
5.3        
     
8.0        
     
On Solaris 9 32bit we had 2 versions of kernel extensions: SEOS_syscall.29.v7 and SEOS_syscall.29.v9 instead of only SEOS_syscall.29.
Installation script was changed since it created wrong symbolic link for SEOS_syscall
5.0         CR June 06    
     
5.1   B512784   SUN
     
5.3        
     
8.0        
     
This fix address a situation where SEOS_load fails to retrieve inetd process id when a process named "xxxinetd" like "ajsinetd" exist. 5.0         CR June 06    
     
5.1 1110 T4CC043   HP-UX
     
5.3        
     
8.0        
     
ps command sometimes reported incorrectly process ID when using both STOP and non-STOP modules 5.0         CR June 06    
     
5.1   B512767   LINUX S390
     
5.3        
     
8.0        
     
KERNEL PANIC - 2 PAGE FAULT
This fix addresses a situation where when a user passed many arguments on command line the system might have crashed
5.0         CR June 06 CR Oct 05 CR Dec 05
     
5.1   B512777    
     
5.3 1033 T3D8017   LINUX
TC73471    
8.0   B801657    
B801550    
Before this fix, even though in seos.ini it was specified that /bin/passwd is the default password for DefaultPasswdCmd, it wasn't used as default password 5.0         CR June 06 CR Aug 06 CR Jul 06
     
5.1   B512792   UNIX
     
5.3   B532261    
     
8.0   B801995    
     
This fix addresses a situation where an error message appeared when subscribing a host named: "localhost" to a PMDB while connected to UNIX eAC box from Policy Manager as a user with admin authority.
5.0           CR May 06 CR Jul 06
     
5.1        
     
5.3   D200732   UNIX
     
8.0   D800468    
     
This fix addresses a situation where sereport -r 8 truncated accessor 5.0         CR Jun 06   CR Jul 06
     
5.1   B512793   UNIX
     
5.3        
     
8.0   B801997    
     
Analysis of core dumping file from SEOSD showed that we need to increase internal buffer 5.0         CR Jun 06 CR Aug 06  
     
5.1   B512796   UNIX
     
5.3        
     
8.0   B532245    
     
This fix addresses a situation where setting the value for silent_deny via seini caused two different tokens/values to appear in seos.ini" 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801926   UNIX
     
This fix addresses a situation where user was unable to rename users via Win32 Policy Manager 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801927   UNIX
     
This fix addresses wrong stage code of audit record for login by HOLIDAY class permission, which displayed as "13 Too many logins for user". Now it displays the right stage code: "3 Terminal checking for login terminal source.
5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532016    
     
8.0   B801993   UNIX
     
This fix addresses a situation where on AIX install_base completed without showing warnings although tar command failed, Now this kind of failure will output "Warning: Tar error, rv=1"
5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532235    
     
8.0   B801955   AIX
     
This fix addresses a situation where on 64-bit systems which also
run 64-bit user-mode utilities and libraries there was a bug in converting port number to 64 bit.
5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532243    
     
8.0   B801958   LINUX-IA64
     
This fix addresses a situation where incoming TCP event were showed as outgoing in seaudit detailed view 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801971   UNIX
     
This fix addresses a situation where some errors appeared when changing default sechkey during installation.
5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801974   UNIX
     
This fix addresses a situation where failed logins via SSH on HPUX platforms were not recorded in pam_seos_failed_logins.log 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801979   HP-UX
     
Some changes were done to a script that brings security daemons up during system startup to allow more than one parameter for tokens in the [daemons] section of seos.ini 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801965   UNIX
     
HP-UX swapper and SUN scheduler has pid=0. Since It is not real process we have to skip this pid while creating eAC process table 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801983   HP-UX
     
This fix addresses a situation where on systems with physical memory larger than 2GB eAC causes panic when trying to load.
5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532276    
     
8.0 1142 T537046   LINUX S390
     
This fix addresses a situation where installation sometimes performed TNG integration when not required 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801987   UNIX
     
This fix addresses a situation where two temporary files created by access control, were not deleted after the create user task was completed.
The files are /etc/passwd.tmp and /etc/service.bak
5.0           CR Sep 06 CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801988   UNIX
     
Capitalization error in RPM script was fixed 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B801991   LINUX
     
This fix addresses a situation where user was unable to delete a PMDB that has a name >= 32 characters long 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532307    
     
8.0   B802073   UNIX
     
This fix addresses a situation where secmon was not removed while running uninstall -admin option 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B802054   UNIX
     
This fix addresses a problem with seaudit delimiter, when it had more than one character truncate output of the date strings was presented. E.g.: seaudit -a -delim "||" 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532297    
     
8.0   B802062   UNIX
     
This fix addresses a situation where after unhook, the kernel's TOC may still point to eAC code. This may cause server crash. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532269    
     
8.0   B802060   AIX
     
This fix addresses a situation where seaudit -a -st now-59 retrieves records from the previous 20 minutes only rather than last 59 minutes 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532290    
     
8.0   B802043   UNIX
     
This fix addresses a cases where a user who does not have own password do sesu - "Unable to allocate memory." is generated.
5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532288    
     
8.0   B802040   UNIX
     
This fix addresses a situation where dbmgr -export does not recognize group-name defined by gowner property so as the result it exports as owner and not gowner
5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532284    
     
8.0   B802033   UNIX
     
This fix addresses a situation where if WARNING was set for TERMINAL, then check for LOGINAPPL was skipped. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532285    
     
8.0   B802030   UNIX
     
This fix made sure that su failed logins were logged in our failed login file ($SEOSDIR/log/pam_seos_failed_logins.log). 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B802017   UNIX
     
This fix addresses a situation where user was getting error messages at the time of importing the user/Groups during installation and at the time of enabling encryption, 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B802015   UNIX
     
This fix addresses a situation where in huge database sereport –r 8 (Print all the accesors’ privileges) may produce hang. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532253    
B532258    
8.0   B801989   UNIX
     
CR Readme is now available only in English. Wrong CR readme provided in Japanese were removed. 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B802035   UNIX
B802014    
when a program becomes untrusted because of touch command, a corresponding entry in seaudit with error code 256 is now displayed (and not with error code 254) 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532287    
     
8.0   B802032   UNIX
     
This fix addresses a situation where sebuildla -e produced duplicated of domain name. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532286    
     
8.0   B802031   UNIX
     
For HP-UX 11 when getting the source socket address for SSH, the process lock was not properly held and released 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532247    
     
8.0   B802025   HP-UX
     
This fix addresses a situation where failed SSH logins were not caught by eAC, on HP-UX when hidden character in pam.skeleton.HPUX omits the 'OTHER auth' line for pam_seos.sl in the /etc/pam.conf file. 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0   B802009   HP-UX
     
This fix addresses a situation where tracing users who are member of gorup_SURROGATE was not done, using seaudit -tr. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532271    
     
8.0   B802007   UNIX
     
In install_base, there is function called Setup_SelogrdFiles() that convert selogrd.cfg from an older format to a newer format. The old format of selogrd.cfg could be from the version older than 2.5. There is really no need to do that in version newer than 2.5. Most of the upgrade now is from 5.1 to a higher version. Therefore, Setup_SelogrdFiles is commented out now. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532270    
     
8.0   B802006   UNIX
     
This fix addresses a situation where "showres regkey" returned an error. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532267    
     
8.0   B802005   UNIX
     
A crash occurred because of installation of the wrong kernel module version, when trying to install on kernel version 2.6.5-7-257 (which was not supported). Now Linux kernel version 2.6.5-7.257 for SUSE 9 SP3 is supported. 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0 1141 T537044   LINUX
     
This fix addresses a situation where passwd_format token got disabled after upgrade. 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532266    
     
8.0   B802000   UNIX
     
Debug message of selogrd were improved 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532257    
     
8.0   B801992   UNIX
     
This fix addresses a situation with upgrading from eAC5.3 to eAC8.0 by install_base without -g option, group owner of files under bin/, lbin/ and other dir were not inheriting old value but newly set as the primary group of root.

5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532304    
     
8.0   B802069   UNIX
     
Added zones support for Sun Solaris SPARC 10 5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0 1113 T540006 QO80244  
     
This fix addresses a situation with NetBackup when it tries to set files access times, it failed in following ways: on 64-bit RH4.0 the process UID became garbage, and on 64bit RH3.0
the files mtime field became garbage.
5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0 1149 T5BF004   LINUX
     
On LINUX SUSE 9 SP3 eAC load failed because of a corrupted kernel module version. This fix includes corrected versions of the kernel module files.

5.0             CR Jul 06
     
5.1        
     
5.3        
     
8.0 1144 T537053   LINUX
     
This fix addresses a situation where is_loaded was not activated on Linux. With this fix is_loaded for Linux for S95seos was added. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532259    
     
8.0       LINUX
     
This fix addresses a mismatch between descriptions in seos.ini file in English and Japanese. Now the same description appears in the Japanese file for synchronize_fork for Aix and Linux and allow_exec_login token. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532260   UNIX
B532283    
8.0        
     
This fix addresses a situation where sepmdd generated Garbled Japanese strings in pmd_log 5.0           CR Aug 06  
     
5.1        
     
5.3   B532275   UNIX
     
8.0        
     
This fix addresses a situation where installation with -g parameter removed setuid bit from binaries 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B532281   UNIX
     
8.0   B802021    
     
Before this fix a ";" was missing from a UseridResolution token description, in seos.ini file in Japanese 5.0           CR Aug 06  
     
5.1        
     
5.3   B532291   UNIX
     
8.0        
     
That fix was created to prevent identification mismatch of foreign processes called "seagent" (or any seos process name); This fix allows handling more than one of these. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532289   UNIX
     
8.0        
     
This fix addresses a situation where sebuildla command with parameter -h didn't retrieve DNS host 5.0           CR Aug 06 CR Jul 06
     
5.1        
     
5.3   B810503   UNIX
     
8.0   B802049    
     
This fix addresses a rare situation where a timeout and a swap out occur in close proximity in time, in the same function and causes a crash. 5.0           CR Aug 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532310   AIX
     
8.0   B811000    
     
This fix addresses a situation where due to a memory leak and in cases there are lots of users in the database a core dump file is produced using Sereport -r 3 and Sereport -r 4 5.0           CR Aug 06  
     
5.1        
     
5.3   B532314   UNIX
     
8.0        
     
SEOS_unloadcheck script was added for SUN and AIX to identify processes that are executing in the SEOS kernel space and prevent the SEOS kernel extension from being unloaded. 5.0           CR Aug 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532312   SUN
B532313   AIX
8.0   B811229    
B811230    
This fix addresses a situation where in case of an upgrade between eAC 5.1 to 5.3 if the user in 51.dump does not existed in seosdb, then dbmgr -m -w 51.dump -v 5 will skip the user and continue to process the rest of the users. 5.0           CR Aug 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532318   UNIX
     
8.0   B810998    
     
Japanese messages were added to support SEOS_unloadcheck script in Japanese. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532319   UNIX
     
8.0        
     
This fix addresses a situation where in case that Palloc function on AIX returns Null pointer it may cause a crash. From now on it will be checked by eAC. 5.0           CR Aug 06 SP1 CR Sep 06
     
5.1        
     
5.3 1154 T315085   AIX
     
8.0   B811044    
     
A previous fix (B532190) lacked an unlock operation, causing AIX to get stuck on heavy loads. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532326   AIX
     
8.0        
     
This fix addresses a situation where on Solaris10 U2(OS patch level 118833-17 or above) audit displays IP address 0.0.0.0 and port 0 for inbound network connection. 5.0           CR Aug 06  
     
5.1        
     
5.3 1161 T4CC046   SUN
     
8.0        
     
SSO - This fix addresses a situation where in seadmapi_FetchSinglePropVal_UTF8 there was a double freeing of a variable. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532350   UNIX
     
8.0 1159 T365152   HP
     
This fix addresses a situation where on a SuSE SMP kernel we were unable to load SEOS_syscall on 5.0           CR Aug 06  
     
5.1        
     
5.3 1150 T243421   LINUX
     
8.0        
     
The argument parsing didn't take into account the selang command that was received by the exit scripts.
The fix contains senable in order to resolve a specific problem on AIX. Prior to the fix senable did not generate
the env Unix; cu xxxx enable command. This has been added
5.0           CR Aug 06 SP1 CR Nov 06
     
5.1        
     
5.3   T313209   AIX
     
8.0   B810951    
     
SSO - This fix addresses a situation with memory leak in tcpcomm_InitPackage() where we always allocate memory for TCPCOMM_CTX context 5.0           CR Aug 06  
     
5.1        
     
5.3   B532244   UNIX
     
8.0        
     
This fix addresses a situation where an attempt log displayed ::ffff:155.35.105.162 when tcp6 is specified for telnet in /etc/inetd.conf 5.0           CR Aug 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532316   UNIX
     
8.0 1152 T4CC045    
B810982    
This fix addresses GUI build problem since we used to build GUI executables with instruction set for higher end computers and it was not working on 32bit computers with PA-RISC 1.1 architecture. 5.0           CR Aug 06 SP1 CR Sep 06
     
5.1        
     
5.3   G530048   UNIX
B532323    
8.0   B811009    
     
This fix addresses a situation where on AIX wrong stage code in seaudit was displayed (59 instead of 202) while in "warning" mode. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532308   AIX
     
8.0        
     
This fix addresses a situation where serevu does not resume a user in eAC automatically after suspending the user 5.0           CR Aug 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532331   UNIX
     
8.0 1162 T4CC047
T4CC048
T4CC049
T4CC050
  HP
SUN
LINUX
AIX
B811017    
This fix addresses a situation with the following scenario: Install eAC5.1SP2, start eAC (seload). Stop eAC (secons -s). When Installing eAC53 (install_base -all -autocfg -verbose -command Proceed). Before this fix it did not display on the screen that you need to reboot though the 5.1 SEOS_syscall was still loaded. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532252   UNIX
B532230    
8.0   B532230    
     
This fix addresses a situation with Installation which sometimes does TNG integration when it is not required. The install_base script now has a new command line parameter. When it is used, no TNG integration will be done. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532256   UNIX
     
8.0        
     
This fix addresses a situation where on Solaris 10 an administrator user couldn't uninstall eAC although ADMIN
and AUDITOR attributes. Instead an error message would appear: "root user is not ADMIN / OPERATOR in eTrustAC, can not continue..."
5.0           CR Aug 06  
     
5.1        
     
5.3   B532268   UNIX
B532274    
8.0   B802003    
B802013    
This fix addresses a situation where some of selogrd debug output was incorrect. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532282   UNIX
     
8.0   B801855    
     
This fix addresses a situation where selogrd failed to send audit events to Unicenter because the pinfo field was not built correctly to fit EM requirements. 5.0           CR Aug 06  
     
5.1        
     
5.3   B532302   UNIX
     
8.0        
     
This fix addresses a situation where no audit LOGIN record was created for an un defined user login while _undefined audit mode is "login-success". 5.0           CR Aug 06  
     
5.1        
     
5.3   B532305   UNIX
B532332    
8.0        
     
This fix addresses a situation where on Solaris 10 (without zones) a deadlock between "automountd" and eTrust Access Control occurred due to race condition between automount and SEOS.
Agent does lstat() on monitored files to make sure they are auto-mounted, but did not check if it succeeds.
5.0           CR Sep 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532327   SUN
   
8.0   B811023    
     
This fix addresses a situation where on LINUX core dump is produced as a results of running issec command while there are many daemons monitored by issec. The cause of the problem was memory leak in look_for() function. 5.0           CR Sep 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532346   LINUX
     
8.0   B811031    
     
This fix addresses a situation where on HPUX and Solaris other than10) during the shutting down of eAC we try to remove all SEOS stream modules from TCP/IP sockets. Then we run into race condition while trying to close the socket and remove the SEOS stream module simultaneously. This fix enhance eAC lock mechanism to access SEOS stream correctly. 5.0           CR Sep 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532355   HPUX
    SOLARIS
8.0   B811038    
     
This fix addresses a situation where after user created a PMDB using createpmd command , pmd.ini , seos_* , socket files were not created. Now that it fixed the files are shown in the output of find file command. 5.0           CR Sep 06  
     
5.1        
     
5.3   B532358   UNIX
     
8.0        
     
This fix addresses a situation with Solaris 10 which introduced SMF, Service Management Facility to manage services including network services. AC uses this facility to add remote AC startup.
There is set of commands to define, enable and disable service. AC installation on Solaris 10 was lack of service enable command.
5.0           CR Sep 06  
     
5.1        
     
5.3   B532367   SUN
     
8.0        
     
This fix addresses a situation with sebuildla -h which couldn't get the IP/HOST names from DNS, seos.audit contained all IP instead of hostname. Now we are converting IP to hostname inside seaudit. 5.0           CR Sep 06 SP1 CR Sep 06
     
5.1        
     
5.3 1167 T243423   SUN
T243424   HP
T243425   LINUX
T243426   AIX
8.0 T243435   LINUX
T243434   AIX
T243433   HP
T243432   SUN
B811053    
This fix addresses a situation where 'utimes' system call impact other values like user ID or file modification time.
In case we call intercepted utimes32 the AC interception passes execution to irrelevant system call. Syscall indexes in AC code for Linux where reorganized
5.0           CR Sep 06  
     
5.1        
     
5.3   B532370   LINUX
     
8.0        
     
This fix addresses a situation where seaudit -detail showed outbound connection as inbound connection and inbound connection as outbound connection.
This fix is replacing B532029.
5.0           CR Sep 06  
     
5.1        
     
5.3   B532372   UNIX
     
8.0        
     
With this fix eAC now supports PAM on Linux X86 64 bit machines. 5.0           CR Sep 06  
     
5.1        
     
5.3   B532373   LINUX
     
8.0        
     
This fix addresses a situation where wrong SSH loginappl path on HPUX 11.23 PA-RISC was used, because we used a compile time osver.
On AIX5.2 sshd defaults to a different location (/usr/local/sbin). Though
sometimes there is a link from /usr/local/sbin/sshd to /usr/local/sbin/sshd2
it is not always exist, so at run time we attempts to create the right loginappl for SSH2.
5.0           CR Sep 06  
     
5.1        
     
5.3   B532374   AIX
    HPUX
8.0        
     
This fix addresses a situation where eAC iRecorder got NULL pointer from eAC API eacIR_LogGetNext() when the API failed to convert Japanese strings to Unicode. 5.0           CR Sep 06 SP1 CR Sep 06
     
5.1        
     
5.3   B532376   UNIX
     
8.0   B811092    
     
This fix addresses a situation with serevu, when two bad logins occur at the same time, serevu failed to disable the user. 5.0           CR Sep 06 SP1 CR Sep 06
     
5.1        
     
5.3 1172
T243431   SUN
T243442   LINUX
8.0   B811078    
     
This fix addresses a problem found after upgrading to CR 0608 one gets duplicated entry for pam_seos in /etc/pam.conf. 5.0           CR Sep 06  
     
5.1        
     
5.3   B532383   SUN
     
8.0        
     
This fix addresses a situation where AC didn't detect LOGIN events for different Kerberos logins via programs such as:
/opt/krb5/sbin/ftpd
/opt/krb5/sbin/login.krb5
/opt/krb5/sbin/kshd
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0 1170 T3E7066   SUN
B811043    
This fix addresses a situation where if token "bypass_NFS" is enabled then any attempt to run NFS executable returns an error "command not found" (ENOENT)
There was a bug in my_exec() incorrectly handling an error of name resolving.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811097   SUN
     
Advanced Policy Management was certified for internationalization (I18N). 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   C810281    
C810298    
C810301   UNIX
C810300    
C810299    
This fix addresses a situation with running devcalc, User did not get any deny message for user _seagent in audit records. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   C810302   UNIX
B811059    
This fix addresses a situation with wrong definition of multiple DMS nodes provided during installation. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811024   UNIX
     
This fix addresses a situation with dbexport. dbexport lost POLICY data.
This occured because class POLICY is a case-insensitive class.
A specific order between objects exists in the database, e.g.
Define two policies, <Policy 1> and <Policy 2> where if you compare case-insensitively Policy 2 should appear after Policy 1 (i.e. Policy 1 < Policy 2) but if you compare them case-sensitively the order is the other was around. For example:
'ppp' and 'RRR'. When you ran 'dbexport -e -l' you got the following error:
"# NOTE: Loop in database" and some POLICY objects were not exported.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811041   UNIX
B811047    
This fix addresses a situation on Solaris 10. While handling request of "AGENT FORK" AC looks if process has Agent among its parents. It takes parent pids one by one until finds agent or "1". On fast machine some processes are already finished. AC failed to idenitfy process as a descendant of Agent despite the process was born in chain of agent forks.
eAC now keeps a flag in process table entry showing that this pid is descendant of agent.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811046   SUN
     
This fix addresses a situation where license files appeared in RPM package.
The license installaion is now a prerequisite.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811062   LINUX
     
With this fix the option to change the encryption key with RPM installation got disabled. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811065   LINUX
     
This fix addresses a situation where AC didn't clean ACEE entry if associated process has been killed with termination signal. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0 1175 T540009   SUN
B811085    
B811110    
B811115    
It is now documented in selang help that multiple parent PMD should be defined using "". 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811094   UNIX
     
This fix addresses a situation where seosd crashed after a while and not authorize message appeared for "sepmd -L" command (after a while). 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811045   UNIX
     
This fix addresses a situation of wrong displaying ruleset by sr ruleset command. The result of the output of KANJI characters was not correct. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B810978   UNIX
     
This fix addresses HNODE and RULESET properties that now support UTF8 strings. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811095   UNIX
     
Added few alternatives for SSH loginappl on AIX that are chossen In run time according to what installed on OS 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811066   AIX
     
This fix addresses a situation where in case a non eAC user was authorized to a protected file audit event was not created. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811086   UNIX
     
This fix addresses a situation where system hang detected on different stages on Solaris 10/AMD 4-way;
since authorization message list (AC_auth[]) was spoiled.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811107   SUN
     
Solaris native package now support TNG component. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811002   SUN
     
This fix addresses a situation where rlogin, telnet, ssh logout events were not audited in some of solaris machines if the
user was logged in and logout immediately. If the user logout after 3 or 4 minutes, then the logout events were audited properly.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0 1166 T3DB017   SUN
B811011    
This fix addresses a situation where on solaris 10. eAC protects file by name and by i-node number.
AC does renaming of protected seos.audit file, while protected i-node is not deleted from table. Result - some new file picks this i-node number and AC interprets this file as a protected, dispite this file is not defined in AC database.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811014   SUN
     
This fix addresses a situation where sometimes serevue failed to disable users on solaris 10. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811025   SUN
     
This fix addresses a situation with the special way to logon from global zone to non-global zone using "zlogin". In case of such login eAC fails to detect initial login program because zlogin starts in global zone and finishes in internal zone. Special handling of "zlogin" is now in place to detect initial login program. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811030   SUN
     
This fix addresses a situation where onSolaris 10 SSH login of root gave double LOGIN record. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811077   SUN
     
This fix purpose is to ensure that after installation of the GUI there are no files with world writeable permission. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   G810010   UNIX
     
Improved the Solaris package by:
1.Added documentation as part of the package.
2. support installing with a none default locale.
5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811049   SUN
     
Solaris package now supports installing on a machine with a none default locale. 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0   B811060   SUN
     
With this fix we put tcp6 and kernel thread output to tripAccept (Linux) program 5.0             SP1 CR Sep 06
     
5.1        
     
5.3        
     
8.0 1163 T315088   LINUX
     
The problem addressed by this fix is with sereport –r 8 (Print all the accesors’ privileges). The command hangs when the database is large and huge numbers of accessors are assigned to certain object. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3   B532385   UNIX
     
8.0   B811116    
     
The problem addressed a situation with SSH on Linux. When using SSH login to a Linux box, and then executing seload - seload will start up seosd, selogrd and serevu.
If IsolatedDaemon = no, then the daemons (seosd, selogrd and serevu) will open the terminal as descriptor 2 and write output to the terminal session (SSH session).
when the user is trying to exit the SSH session, it would hangs.
5.0           CR Oct 06  
     
5.1        
     
5.3   B532394   LINUX
     
8.0        
     
This fix addresses a situation where specialpgm was not limited to 512 files as it should have been, 5.0           CR Oct 06  
     
5.1        
     
5.3   B532397   UNIX
     
8.0        
     
This fix addresses a situation where removing a generic rule via "selang -l" generated an error message saying "ERROR: Failed updating runtime tables.". 5.0           CR Oct 06  
     
5.1        
     
5.3   B532398   UNIX
     
8.0        
     
This fix addresses a situation where two LOGINAPPL resource for SSH were created. 5.0           CR Oct 06  
     
5.1        
     
5.3   B532403   HP-UX
     
8.0        
     
This fix addresses a situation where on HPUX eAC always recognized the logging in user by "exec login" as root. First entry showed by telnet login and second one is exec login event. Before this fix second one was always root user. 5.0           CR Oct 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532404   HP-UX
     
8.0   B811169    
     
The problem addressed by this fix is an error in sesu and sepass sample wrappers 5.0           CR Oct 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532405   UNIX
     
8.0   B811170    
     
This fix addresses a situation where upgrade replaced nfsdevs.init sereport.cfg files with new ones instead of keeping these configuration files untouched. 5.0           CR Oct 06  
     
5.1        
     
5.3   B532396   UNIX
     
8.0        
     
This fix addresses a situation where 32bit libraries were installed instead of 64bit Pam libraries on Solaris 8. 5.0           CR Oct 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532365   SUN
     
8.0   B811204    
     
This fix removes 'n' in the middle of SELOGRD_ERR_LOCK. 5.0           CR Oct 06  
     
5.1        
     
5.3   B532393   UNIX
     
8.0        
     
This fix addresses a situation where specialpgm PBN did not work on Solaris 10, therefore before the fix you got the TCP record for inetd as not bypassed. 5.0           CR Oct 06  
     
5.1        
     
5.3   B532395   SUN
     
8.0        
     
This fix addresses a situation where the SPECIALPGM PBN bypass was not working properly on x86_64 platforms. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811020   LINUX
     
Pam 64bit library is now supported on Solaris 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811050   LINUX
     
Upgrade using Linux RPM, should keep the same program with setuid flag, as they were before the upgrade 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811067   LINUX
     
This fix addresses a Panic situation at set_connection+0x28 on HP-UX 11.x 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0 1174 B811088   HP-UX
T3E7067    
This fix addresses a situation where during deleting Policy Model eAC tried to delete the database rules twice and it caused errors in the Audit file. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811106   UNIX
     
Port to Linux of the feature 'bypass incoming TCPIP ports' 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811096   LINUX
     
Pam is now supported on linux S390x (2.4 kernels) 5.0           CR Dec 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532415    
     
8.0   B811118   LINUX
B811218    
This fix addresses a situation where there was no program name for HOST record in audit log using specific network applications. 5.0           CR Dec 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532424    
     
8.0   B811217   SUN
     
Motif GUI RPM package was added to generate successful installation message 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811114   LINUX
     
Now we set the Doc token in the seos.ini package section, when installing with Doc option 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811120   UNIX
     
This fix addresses a situation where eAC failed to properly detect login application as zlogin on Solaris 10 internal zones 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811123   SUN
     
This fix addresses a situation with a crash, related to network on HP11.11 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0 1178 T3E7068   UNIX
T3E7069    
Upgrade is allowed now from old mode Solaris native package (first Solaris 10 native package from eAC 8.0 mainly) to new ones (8.0 SP1 and later) 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811128   SUN
     
This fix addresses a situation that where the login application is ssh, exiting the shell hangs the session if serevu and/or selogrd are configured to start automatically 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0 1182 T243443   UNIX
     
This fix addresses a situation where the audit.cfg, sereport.cfg, serevu.cfg and nfsdevs.init were backed up during upgrade. The files will now remain unchanged during upgrade 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811138   UNIX
     
The message "ERROR: Failed updating runtime tables." will no longer be seen when removing a generic rule in selang local mode (selang -l) 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811140   UNIX
     
This fix addresses a panic situation with SEOS_free_reqbuf on AIX platforms 5.0           CR Dec 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532416    
     
8.0   B811141   AIX
     
This fix addresses a situation where free index check was skipped when running 'dbmgr -u -all' 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811143   UNIX
     
Installing using a different language then the locale currently running with, only supported for the English language 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811150   UNIX
     
customizing RPM with the SEOS_GROUP option did not work properly before. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811151   LINUX
     
This fix addresses a situation where eAC failed deleting file rule that had symbolic link in the middle on Solaris 10 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811166   SUN
     
This fix addresses a potential deadlock situation with seosd on single CPU HP-UX systems. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811177   HP-UX
     
This fix addresses a situation where inetd was not reloaded by SEOS_load when another process was named similarly to inetd. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811178   SUN
     
Documented the sleep calls in the eAC system startup scripts and the implication changing their values have on the system startup process. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811180   UNIX
B811191    
This fix addresses a situation where Sereport run out of memory. The design now is to handle more data, but not unlimited. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3   B532410    
     
8.0   B811172   UNIX
     
This fix corrects a problem where the install COMMAND was not displayed in the eACLicenseAgreement file for 8.0 SP1 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811184   UNIX
B811205    
This fix corrects the seaudit -delim option to add a delimeter between the date and time. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811193   UNIX
     
SSO - This fix modified some attributes in ACL like User Attributes to be case insensitive. 5.0           CR Dec 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532417    
     
8.0 1186 T365161   SUN
T365162   AIX
T365163   HP
T365164   LINUX
This fix addresses a situation where eAC, on Solaris 10 internal zones, always installed with english, when installing with Sun native package. Now its default is to install according to what's under /etc/default/init in internal zones. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811207   SUN
     
On Solaris 10 - install on newly created zone will ignore checkinstall. It will always propagate the package, postinstall still needs to be run manually in this case, once the new internal zone is up. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811213   SUN
     
Added sebuildla support for getting users directly from LDAP server over SSL on Solaris 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   B811145   SUN
B811153   AIX
Policyreport displayed incorrect link in case report is generated by -no rec switch 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   C810305   UNIX
     
SSO - This fix addresses memory leak in rgetxentty.c and rgetentty.c 5.0           CR Sep 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532378    
B532380    
8.0 1176 T365157   SUN
T365159   LINUX
T365160   HP
T365158   AIX
Policyreport displays incorrect link when Policy report in generated in h mode with -dev swicth 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   C810306   UNIX
     
Sereport produced core file when storing report on read-only drive. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   C810334   UNIX
     
SSO - increased the number of allowed characters in the web user password field 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   D810200   UNIX
     
SSO - Import updated files from SSO. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   D810201   UNIX
     
SSO - eAC will not convert EBCDic to ASCII in PM side; SSO will do the conversion. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0   D810202   UNIX
     
Interception of utime() in 32-bit mode for 64-bit on LINUX S390X made bad modification date for the system files. 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0 1181 T315089   LINUX
     
A crash occurred on Linux since we missed the call of intent_init() macro in our code (handler for umount system call). 5.0             SP1 CR Nov 06
     
5.1        
     
5.3        
     
8.0 1156 T315086   LINUX
T315087    
This is a supplemental fix to: B810951
At the moment the lang_exit.sh script ignores the COMMAND parameter. This parameter is now added as it is needed in the exits called by lang_exit.sh.
5.0             SP1 CR Dec 06
     
5.1        
     
5.3        
     
8.0   B810907   UNIX
     
This fix addresses a situation where sedbpchk.sh failed to run when eAC is down. 5.0             SP1 CR Dec 06
     
5.1        
     
5.3        
     
8.0   B811259   UNIX
     
During start up of seosd, all running processes or daemons are being registered in a process table. Some of the path name appears to be "?". As there is no path name. With this fix, if the path name exists, we will include it in the process table.
5.0           CR Dec 06 SP1 CR Dec 06
     
5.1        
     
5.3   B532433    
     
8.0   B811264   UNIX
     
This addresses a situation where the message "ERROR: Failed updating run-time tables" was seen when removing generic resources in selang local mode. 5.0             SP1 CR Dec 06
     
5.1        
     
5.3        
     
8.0   B811272    
C810354    
This addresses a situation where console login through 'DTLOGIN' crashed in our PAM module. 5.0           CR Dec 06 SP1 CR Dec 06
     
5.1        
     
5.3   B532436    
     
8.0   B811273   UNIX
     
Usage message for sereport utility was corrected. i.e.: Usage: sereport -r|-report <report number> -f|-file <output file> -host <host name...>
where instead of <output file> it should be <configuration file>
5.0             SP1 CR Dec 06
     
5.1        
     
5.3        
     
8.0   B811282   UNIX
     
Upgrade from 5.1SP2 to 8.0SP1 displays these errors:
seini: ERROR opening input ini file '/usr/seos/etc/sereport.cfg'
This happened since etc directory is not a symbolic link in 5.1. This has been fixed.
5.0             SP1 CR Dec 06
     
5.1        
     
5.3        
     
8.0   B811270   UNIX
     
Policy Manager "OK" button for specialpgm when logicaluser is empty is now enabled 5.0             SP1 CR Dec 06
     
5.1        
     
5.3        
     
8.0   D810203   UNIX
     
SSO - i18n issue with backslash characters in the PM SSO related screens is fixed 5.0             SP1 CR Dec 06
     
5.1        
     
5.3        
     
8.0   D810204   UNIX
     
If at the time the log file exceeding the max file size and is backed up in another file, iRecorder is not running, next time when the iRec starts, it's unable to fetch the events. 5.0           CR Dec 06 SP1 CR Nov 06
     
5.1        
     
5.3   B532422   UNIX
     
8.0        
     
No specialpgm resource without a name is being created.
dbmgr -e -l does not give "Loop in the database"
5.0           CR Dec 06  
     
5.1        
     
5.3   B532425   UNIX
     
8.0        
     
This addresses a situation where on Japanese OS the selang returned "Failed to get description" when SPECIALPGM rules exceed 512 record 5.0           CR Dec 06  
     
5.1        
     
5.3   B532438   UNIX
     
8.0        
     

Chat with CA

Just give us some brief information and we'll connect you to the right CA Expert.

Our hours of availability are 8AM - 5PM CST.

All Fields Required

connecting

We're matching your request.

Unfortunately, we can't connect you to an agent. If you are not automatically redirected please click here.

  • {{message.agentProfile.name}} will be helping you today.

    View Profile


  • Transfered to {{message.agentProfile.name}}

    {{message.agentProfile.name}} joined the conversation

    {{message.agentProfile.name}} left the conversation

  • Your chat with {{$storage.chatSession.messages[$index - 1].agentProfile.name}} has ended.
    Thank you for your interest in CA.


    How Did We Do?
    Let us know how we did so that we can maintain a quality experience.

    Take Our Survey >

    Rate Your Chat Experience.

    {{chat.statusMsg}}

agent is typing