HPlogo Communicator e3000 MPE/iX Release 7.5 (Software Release C75.00): HP e3000 MPE/iX Computer Systems > Chapter 2 Announcements

Obtaining Software Security Patches for your HP Computer System

MPE documents

Complete PDF
Table of Contents
Index

Hewlett-Packard would like to make you aware of a special free service provided for all customers of HP e3000 and HP 9000 computer systems. This service gives customers a direct route to Hewlett-Packard for obtaining information relating to the security of their Hewlett-Packard Computer System(s).

Hewlett-Packard issues information on the availability of Software security patches via Security Bulletins to subscribers of the HP Security Bulletin Digest e-mail service, a part of the IT Resource Center (formerly the HP Electronic Support Center). A Hewlett-Packard support contract is NOT required to subscribe to this service to obtain information or security patches. Any purchaser of an HP e3000 or HP 9000 Computer System can make use of the HP Security Bulletin services at no charge.

Customers may also obtain information and Security Bulletin services via the World Wide Web.

A security problem is a software defect that allows unauthorized personnel to gain access to a Computer System or to circumvent any of the mechanisms that protect the confidentiality, integrity or availability of the information stored on the system. When such problems in Hewlett-Packard software are brought to the attention of the company, their resolution is given a very high priority. This resolution is usually in the form of a Security Bulletin which may explain how to correct the problem or describe how to obtain a software security patch that will correct the problem.

Hewlett-Packard has introduced this service as the primary mechanism to alert subscribers to security problems and provide corrections. Hewlett-Packard will not analyze the relevance of any security patch to any individual customer site within the scope of the HP Security Bulletin service. The responsibility for obtaining and applying security patches resides with the customer.

The remainder of this letter outlines the various security related services offered by Hewlett-Packard IT Resource Center and the methods for subscribing to and retrieving information from it. It also outlines how you can inform Hewlett-Packard of potential security concerns you may have with your Hewlett-Packard Computer System.

HP IT Resource Center Security-Related Services


HP IT Resource Center offers subscribers the following benefits:
  • Receive Security Bulletins automatically when they are published.
  • Retrieve the archive list of bulletins issued prior to subscription.
  • Download security patches if the subscriber configuration supports it.
Remember, an HP support contract is not required to subscribe to HP Security Bulletin services.

Subscribing to HP IT Resource Center Security Bulletin Services


Once you have placed your name on the subscriber list for future Security Bulletins (see instructions below), you will receive them via e-mail on the day they are issued by HP.

As referenced below, you can also view a list of past Security Bulletins issued in the "HP Security Bulletins Archive."

Instructions


To subscribe to automatically receive future NEW HP Security Bulletins from the Hewlett-Packard Electronic Support Center via electronic mail, do the following (instructions subject to change without notice):
  1. Use your browser to access the HP IT Resource Center web page at:
    http://us-support.external.hp.com US, Canada, Asia-Pacific, and Latin-America
    http://europe-support.external.hp.com >Europe
  2. Logon with your User ID and password (or register for one). Remember to save the User ID assigned to you, and your password.
  3. Once you are on the Hewlett-Packard IT Resource Center home page, click on "Support Information Digests." On this page, you can subscribe to many different digest services, including the Security Bulletin Digests.
To review Security Bulletins that have already been released, click on "Search Technical Knowledge Base (Security Bulletins only)" on the HP Electronic Support Center home page. Near the bottom of the next page, click on "Browse the HP Security Bulletins Archive."

Once in the archive, click on "HP-UX Security Patch Matrix" to get a patch matrix of current HP-UX and BLS security patches. Updated daily, this matrix categorizes security patches by platform/OS release, and by Security Bulletin topic.

If You Discover a Security Problem


To report new security vulnerabilities, send e-mail to

security-alert@hp.com

Please encrypt any explicit information using the security-alert PGP key, available from your local key server, or by sending a message with a -subject- (not body) of 'get key' (no quotes) to security-alert@hp.com.




HP 5000 Printers and HP e3000 A-/N-Class Support Update


Chapter 3 Internet and Interoperability