Operating System - OpenVMS
cancel
Showing results for 
Search instead for 
Did you mean: 

What did VMS83A_RMS-V1000 break (that RMS-V1100 fixed)?

 
SOLVED
Go to solution
EdgarZamora
Trusted Contributor

What did VMS83A_RMS-V1000 break (that RMS-V1100 fixed)?

Anyone know exactly what the "unexpected behavior change" introduced in VMS83A_RMS-V1000 is (that RMS-V1100 fixes)?

Here's the note from RMS-V1100:

5.2 Problems addressed in this kit

5.2.1 An attempt to fix a timing window that could cause a
system crash introduced an unexpected behavior change
to RMS

5.2.1.1 Problem Description:

A coding error in a previous fix inadvertently introduced
a change of behavior. This has been corrected with this
fix.

Images Affected:

- [SYS$LDR]RMS.EXE



5.2.1.2 Quix and PTR cases reporting this problem:

5.2.1.2.1 Quix Cases

None.


5.2.1.2.2 PTR(s)

75-13-2222

I have a couple of systems that have RMS-V1000 installed and it's very hard to get approval for the downtime. I'd like to know the urgency of moving to RMS-V1100. Thanks.
5 REPLIES 5
John Gillings
Honored Contributor
Solution

Re: What did VMS83A_RMS-V1000 break (that RMS-V1100 fixed)?

Edgar,

Oh well... there was a time when I'd look forward to getting RMS patches for their entertainment value. The release notes used to read like a detective novel, giving precise details of the (usually) multiple coincidences that had to line up to trigger the fault. Engineering at its finest.

It looks like they've hired someone from the west coast to do their copy now :-(

Reading between the lines, given the maturity of the product, any timing windows would have to be exceptionally rare, so I'd say unless you're observing unexpected behaviour, it's probably not "production downtime" urgency.

What's the patch rating?
A crucible of informative mistakes
Hoff
Honored Contributor

Re: What did VMS83A_RMS-V1000 break (that RMS-V1100 fixed)?

It's a local escalation of privileges security bug that was found in this OpenVMS Alpha V8.3 RMS V10.0 patch and in the UPDATE V11.0 patch.

You'll find more information via CVE-2010-0443.

http://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2010-0443

Hoff
Honored Contributor

Re: What did VMS83A_RMS-V1000 break (that RMS-V1100 fixed)?

It seems ever so slightly odd that the one time you'd expect to see an ECO release note changed - a security bug - and given how regularly the release notes revisions have occurred in recent times - that the V11 release notes haven't been revised. Not that I'm looking to encourage these revisions; I'm not.
lokanath bagh
Occasional Advisor

Re: What did VMS83A_RMS-V1000 break (that RMS-V1100 fixed)?

Edgar,

RMS patch RMS-V1100 is mandatory patch in case your system is patched with RMS-V1000.
Even if customer system(s) is/are patched with it and running without problem, HP would still recommend to patch the system(s) with RMS patch version RMS-V1100.

More information can be found at below link -
http://h20000.www2.hp.com/bizsupport/TechSupport/Document.jsp?objectID=c02001423

Regards,
Lokanath
EdgarZamora
Trusted Contributor

Re: What did VMS83A_RMS-V1000 break (that RMS-V1100 fixed)?

Thanks all. I don't recall getting that security bulletin. I may have just deleted it inadvertently.