 Release Notes for McAfee(R) ePolicy Orchestrator(R)
                   Version 3.0.2a
                       Patch 5
 Copyright (C) 2004 Networks Associates Technology,
                        Inc.
                 All Rights Reserved


==========================================================

This release was developed and tested with:

- ePolicy Orchestrator:3.0.2a

Make sure you have installed these versions before
using this release.

==========================================================


Thank you for using ePolicy Orchestrator(R)
software. This file contains important information
regarding this release. We strongly recommend that
you read the entire document.

The attached files are provided as is, and with no
warranty either expressed or implied as to their
suitability for any particular use or purpose.
Network Associates, Inc. assumes no liability for
damages incurred either directly or indirectly as a
result of the use of these files, including but not
limited to the loss or damage of data or systems,
loss of business or revenue, or incidental damages
arising from their use. Patch files should be
applied only on the advice of McAfee Security
Technical Support, and only when you are actually
experiencing the issue being addressed by the Patch.
Patch files should not be proactively applied in
order to prevent potential product issues. You are
responsible for reading and following all
instructions for preparation, configuration, and
installation of Patch files. Patch files are not a
substitute or replacement for product Service Packs
which may be released by Network Associates, Inc. It
is a violation of your software license agreement to
distribute or share these files with any other
person or entity without written permission from
Network Associates, Inc. Further, posting of McAfee
Security Patch files to publicly available Internet
sites is prohibited. Network Associates, Inc.
reserves the right to refuse distribution of Patch
files to any company or person guilty of unlawful
distribution of McAfee software products. Questions
or issues with McAfee Patch files should be directed
to McAfee Security Technical Support.



__________________________________________________________
WHAT'S IN THIS FILE

-   About This Release
   -   Purpose
   -   Resolved Issues
-   Installation
   -   Installation Requirements
   -   Installation Steps
   -   Removing This Release
-   Contacting McAfee Security and Network
    Associates
-   Copyright & Trademark Attributions
   -   Trademarks
   -   License Agreement and Attributions


__________________________________________________________
ABOUT THIS RELEASE


PURPOSE

This Patch replaces server files in ePolicy
Orchestrator to resolve the issues listed below.



RESOLVED ISSUES


1.  ISSUE:
    When using the local or remote console to run
    the Product Events by Severity report, the
    legend list may show a number instead of the
    correct text replacement.

    RESOLUTION:
    In certain cases, the report was defaulting to a
    number instead of getting the correct text
    replacement.  This report will now always get
    the correct text replacement.

2.  ISSUE:
    In rare cases, agents could not communicate to
    the McAfee ePolicy Orchestrator server due to
    the server passing the agents a sitelist file
    that erased the server IP address or the
    communication port, or both.

    RESOLUTION:
    This was being caused by the McAfee ePolicy
    Orchestrator server attempting to generate a new
    SITELIST.XML file when the SITEINFO.INI file was
    in use by other server processes.  The McAfee
    ePolicy Orchestrator server will only generate a
    new SITELIST.XML when SITEINFO.INI is not in use
    by other server processes.

3.  ISSUE:
    When using the local or remote console running
    coverage reports, "NO DATA FOUND" appears in the
    report.

    RESOLUTION:
    There were orphaned entries in the branch node
    tables.  The orphaned entries are now removed to
    allow the coverage reports to run correctly.

4.  ISSUE:
    When using the local or remote console with ePO
    authentication to log in to reporting, an error
    may occur, avimsnap pop-up error:

    "Subquery returned more than one value.  This is
    not permitted when the subquery follows =, !=,
    <, <=, >, >= or when the subquery is used as an
    expression.  The statement has been
    terminated."

    RESOLUTION:
    A stored procedure was unable to handle
    duplicate entries in the ReportVersionClient
    table. The stored procedure now handles
    duplicate entries correctly.

5.  ISSUE:
    Under certain conditions, NAIMSERV.EXE had
    instability issues, which resulted in an access
    violation error that could cause the server to
    crash.

    RESOLUTION:
    NAIMSERV.EXE has been modified and will no
    longer crash in these cases.

6.  ISSUE:
    When using an FTP repository on a Microsoft
    Windows 2003 Sever running Microsoft IIS version
    6.0 FTP services, and the banner started with
    four or more blank spaces, replication would
    fail due to a login failure.

    RESOLUTION:
    The four or more extra spaces were processed as
    an FTP status code.  McAfee ePolicy Orchestrator
    now correctly determines FTP status codes.

7.  ISSUE:
    When viewing disk space and free disk space in
    the system section on the Properties tab in the
    console from localized clients, 0 would be shown
    instead of the true disk space and free disk
    space.

    RESOLUTION:
    The McAfee ePolicy Orchestrator server was not
    correctly parsing the localized language number
    separators.  The server now correctly parses the
    number separators.


8.  ISSUE:
    After checking in McAfee GroupShield 6.0 NAP to
    the repository, then using the console to
    administer the McAfee GroupShield 6.0 product,
    the console would become non-responsive.

    RESOLUTION:
    When the McAfee GroupShield 6.0 NAP was checked
    into the repository, Java Runtime Environment
    (Spell out the first time) version 1.4.1 was
    installed.  The JRE 1.4.1 version experienced
    compatibility problems with McAfee ePolicy
    Orchestrator.  McAfee ePolicy Orchestrator is
    now compatible with version 1.4.1 of JRE.

9.  ISSUE:
    McAfee ePolicy Orchestrator may stop replicating
    to repositories and displays the error "DAL ePO
    3.0 DAL exit" in the SITEMGR.LOG.

    RESOLUTION:
    This issue stemmed from two causes.

    The first cause was that NAREPL32.EXE used
    default DCOM permissions to operate correctly.
    If default DCOM permissions were altered,
    NAREPL32.EXE would not function correctly.
    NAREPL32.EXE is now registered with explicit
    DCOM permissions.

    The second cause concerned the state in
    SITEMGR.INI setting the task status to a value
    that resulted in replication tasks freezing when
    they were scheduled too close together, causing
    the running task to be terminated by the
    scheduler without resetting the status in the
    SITEMGR.INI file. This would cause future tasks
    not to run.  This issue no longer occurs.

10. ISSUE:
    When replicating to repositories using McAfee
    ePolicy Orchestrator, replications may fail with
    "Error occurred while verifying file delta.ini."
    placed in the SITEMGR.LOG.

    RESOLUTION:
    On rare occasions, when repositories were being
    replicated, it was possible that extra
    characters were appended to the end of the files
    in the repository.  Repository replication no
    longer appends extra characters to the end of
    files in the repositories.

11. ISSUE:
    The DAT version for Norton Antivirus was not
    being reported correctly to McAfee ePolicy
    Orchestrator; this resulted in incorrect
    properties and reports.

    RESOLUTION:
    This patch places a new NAP file and plug-in for
    Norton Antivirus in the repository that now
    correctly formats the DAT version from the
    Norton Antivirus products.

12. ISSUE:
    This release addresses the McAfee ePolicy
    Orchestrator Remote Command Execution
    Vulnerability; vulnerability identifier:
    CAN-2004-0038.

    RESOLUTION:
    This vulnerability no longer exists.

13. ISSUE:
    When the ePolicy Orchestrator server is busy,
    the remote console login process may be slow.

    RESOLUTION:
    The console login and package check-in have been
    changed so that they now process synchronously.

14. ISSUE:
    In certain low bandwidth environments, the
    ePolicy Orchestrator server did not process
    socket I/O optimally, causing the HTTP
    connections to reach the limit specified in the
    server settings and start rejecting any
    additional connections.

    RESOLUTION:
    The ePolicy Orchestrator server now handles all
    socket I/O in blocking mode. Now when agent
    connections come to the server, the worker
    thread picks up the connection and waits on read
    or write operations for 15 seconds. If data
    doesn't come in during that period, the server
    puts the socket back in the work queue and the
    worker thread processes the next request.

    ADDITIONAL INFORMATION:
    There are now four new performance counters for
    tracking socket read and write time-outs.

    The following new performance counters have been
    added:

   -   Number of socket read watches
   -   Number of socket read time-outs
   -   Number of sockets write watches
   -   Number of sockets write time-outs

15. ISSUE:
    The time-out connection logic sometimes caused
    the HTTP connections to build up over extended
    periods of time.

    RESOLUTION:
    Now, if a value is defined for
    "ConnectionTimeout=" in SERVER.INI, the time-out
    for inactive sockets uses this figure.
    Otherwise, 15 minutes is the time-out value.

    ADDITIONAL INFORMATION:
    To specify a connection time-out in SERVER.INI,
    do the following:

   1.  In a text editor, open SERVER.INI. This file
       is located in the DB folder in the
       installation directory. The default
       installation directory is:

       C:\PROGRAM FILES\NETWORK ASSOCIATES\EPO\3.0.1

   2.  Type the following line in SERVER.INI, then
       save the file:

       ConnectionTimeout=NNN

       Where NNN equals the number of seconds. For
       example, ConnectionTimeout=900

   3.  In the "Service" dialog box, select the
       "McAfee ePolicy Orchestrator 3.0.1 Server"
       service, click "Stop," then click "Start" to
       restart the service.


16. ISSUE:
    Replication tasks using FTP would result in
    partial or incomplete replications.

    RESOLUTION:
    Changes to the FTP communication subsystems make
    them more reliable and fault tolerant in a
    variety of environments.

17. ISSUE:
    A limitation on the number of sites within the
    directory tree caused the console to close when
    someone clicked "Create user" or "Modify user."

    RESOLUTION:
    There is no longer a limit on the number of
    sites in the directory tree.

18. ISSUE:
    A duplicate path delimiter was being added
    during the generation of all agent file paths,
    which caused an entry in the sitemgr.log, such
    as "Failed to verify file size for agent.ini".

    RESOLUTION:
    The agent file paths are generated correctly.


__________________________________________________________
INSTALLATION

INSTALLATION REQUIREMENTS

To use this release, you must have ePolicy
Orchestrator 3.0 and Service Pack 2a software
installed on the computer you intend to update with
this release.

    NOTE:
    This release does not work with earlier versions
    of ePolicy Orchestrator software.


INSTALLATION STEPS

1.  Create a temporary folder on the hard drive of
    the ePolicy Orchestrator server.

2.  Extract the EPO3025.ZIP file to the temporary
    folder that you created in Step 1.

       WARNING
       Close the Windows Services dialog box to
       avoid installation issues.

3.  Back up ePolicy Orchestrator databases.

    If you are using Microsoft SQL Server as the
    ePolicy Orchestrator database, see the SQL
    Server product documentation.

    If you are using Microsoft Data Engine (MSDE) as
    the ePolicy Orchestrator database, you can use
    the Database Backup Utility (DBBAK.EXE) to back
    up ePolicy Orchestrator MSDE databases on the
    database server. For instructions, see "Backing
    up ePolicy Orchestrator MSDE databases" in the
    ePolicy Orchestrator 3.0 Product Guide.

4.  Log on to the desired computer using a user
    account with local administrator permissions.

5.  Close all ePolicy Orchestrator consoles.

6.  On the taskbar, click the "Start" button, then
    select "Run" from the start menu. The "Run"
    dialog box appears.

7.  In "Open," type the path where the Setup program
    (SETUP.EXE) is located, then click "OK." The
    "ePolicy Orchestrator 3.0.2 Patch 5 Setup"
    wizard appears.

8.  Click "Next" to begin the installation.

9.  Click "Finish" to complete the installation.

10. In the "Services" dialog box, select the "McAfee
    ePolicy Orchestrator 3.0.2 Server" service and
    edit the service to change the account back to
    the original setting. For example, if you
    specified a domain administrator account during
    the initial installation, you need to provide
    that account information again. The account is
    not automatically restored.

11. For all remote consoles, perform Steps 4  9.


REMOVING THIS RELEASE

To remove this Patch from your computer, uninstall,
and then reinstall ePolicy Orchestrator.

    NOTE:
    We recommend that you do NOT remove the Patch
    files once you install them. If you reinstall
    the ePolicy Orchestrator software, we recommend
    that you also reinstall the Patch.


__________________________________________________________
PARTICIPATING IN THE MCAFEE SECURITY BETA PROGRAM

To download new beta software or to read about the
latest beta information, visit the beta web site:

       http://www.networkassociates.com/us/downloads/beta/

To submit your feedback on any McAfee Security beta
product, send e-mail to:

       avbeta@nai.com

McAfee Security is devoted to providing solutions
based on your input.


__________________________________________________________
CONTACTING MCAFEE SECURITY & NETWORK ASSOCIATES

Technical Support
    Home Page
       http://www.networkassociates.com/us/support/

    KnowledgeBase Search
       https://knowledgemap.nai.com/phpclient/homepage.aspx

    PrimeSupport Service Portal
       http://mysupport.nai.com

Login credentials required.


McAfee Security Beta Program
    Beta Web Site
       http://www.networkassociates.com/us/downloads/beta/

    E-mail
       avbeta@nai.com


Security Headquarters -- AVERT (Anti-Virus Emergency
Response Team)
    Home Page
       http://www.networkassociates.com/us/security/home.asp

    Virus Information Library
       http://vil.nai.com

    Submit a Virus Sample  AVERT WebImmune
       https://www.webimmune.net/default.asp

    AVERT DAT Notification Service
       http://vil.nai.com/vil/join-DAT-list.asp


Download Site
    Home Page
       http://www.networkassociates.com/us/downloads/

    DAT File and Engine Updates
       http://www.networkassociates.com/us/downloads/updates/

       ftp://ftp.nai.com/pub/antivirus/datfiles/4.x

    Product Upgrades
       https://secure.nai.com/us/forms/downloads/upgrades/login.asp

Valid grant number required.
Contact Network Associates Customer Service


Training
    McAfee Security University
       http://www.networkassociates.com/us/services/education/mcafee/university.htm



Network Associates Customer Service
    US, Canada, and Latin America toll-free:
   Phone:     +1-888-VIRUS NO or +1-888-847-8766
              Monday - Friday, 8 a.m. - 8 p.m.,
              Central Time

   E-mail:    services_corporate_division@nai.com
   Web:       http://www.nai.com/us/index.asp
              http://www.networkassociates.com/us/index.asp


For additional information on contacting Network
Associates and McAfee Security  including toll-free
numbers for other geographic areas - see the CONTACT
file that accompanied your original product
release.



__________________________________________________________
COPYRIGHT & TRADEMARK ATTRIBUTIONS

Copyright (C) 2004 Networks Associates Technology,
Inc. All Rights Reserved. No part of this
publication may be reproduced, transmitted,
transcribed, stored in a retrieval system, or
translated into any language in any form or by any
means without the written permission of Networks
Associates Technology, Inc., or its suppliers or
affiliate companies. To obtain this permission,
write to the attention of the Network Associates
legal department at: 5000 Headquarters Drive, Plano,
Texas 75024, or call +1-972- 963-8000.


TRADEMARK ATTRIBUTIONS
Active Firewall, Active Security, ActiveSecurity (in
Katakana), ActiveHelp, ActiveShield, AntiVirus
Anyware and design, Bomb Shelter, Certified Network
Expert, Clean-Up, CleanUp Wizard, ClickNet, CNX, CNX
Certification Certified Network Expert and design,
Covert, Design (Stylized E), Design (Stylized N),
Disk Minder, Distributed Sniffer System, Distributed
Sniffer System (in Katakana), Dr Solomons, Dr
Solomons label, Entercept, Enterprise SecureCast,
Enterprise SecureCast (in Katakana), ePolicy
Orchestrator, EZ SetUp, First Aid, ForceField, GMT,
GroupShield, GroupShield (in Katakana), Guard Dog,
HomeGuard, Hunter, IntruShield, Intrusion Prevention
Through Innovation, IntruVert Networks, LANGuru,
LANGuru (in Katakana), M and Design, McAfee, McAfee
(in Katakana), McAfee and design, McAfee.com, McAfee
VirusScan, NA Network Associates, Net Tools, Net
Tools (in Katakana), NetCrypto, NetOctopus, NetScan,
NetShield, NetStalker, Network Associates, Network
Associates Coliseum, NetXray, NotesGuard, Nuts &
Bolts, Oil Change, PC Medic, PCNotary, PrimeSupport,
Recoverkey, Recoverkey - International, Registry
Wizard, RingFence, Router PM, SecureCast,
SecureSelect, Sniffer, Sniffer (in Hangul),
SpamKiller, Stalker, TIS, TMEG, Total Network
Security, Total Network Visibility, Total Network
Visibility (in Katakana), Total Virus Defense,
Trusted Mail, UnInstaller, Virex, Virus Forum,
ViruScan, VirusScan, WebScan, WebShield, WebShield
(in Katakana), WebSniffer, WebStalker, WebWall,
Whats The State Of Your IDS?, Whos Watching Your
Network, WinGauge, Your E-Business Defender, Zip
Manager are registered trademarks or trademarks of
Network Associates, Inc. and/or its affiliates in
the US and/or other countries.  Sniffer(R) brand
products are made only by Network Associates, Inc.
All other registered and unregistered trademarks
herein are the sole property of their respective
owners.


LICENSE INFORMATION
License Agreement
NOTICE TO ALL USERS: CAREFULLY READ THE APPROPRIATE
LEGAL AGREEMENT CORRESPONDING TO THE LICENSE YOU
PURCHASED, WHICH SETS FORTH THE GENERAL TERMS AND
CONDITIONS FOR THE USE OF THE LICENSED SOFTWARE. IF
YOU DO NOT KNOW WHICH TYPE OF LICENSE YOU HAVE
ACQUIRED, PLEASE CONSULT THE SALES AND OTHER RELATED
LICENSE GRANT OR PURCHASE ORDER DOCUMENTS THAT
ACCOMPANIES YOUR SOFTWARE PACKAGING OR THAT YOU HAVE
RECEIVED SEPARATELY AS PART OF THE PURCHASE (AS A
BOOKLET, A FILE ON THE PRODUCT CD, OR A FILE
AVAILABLE ON THE WEB SITE FROM WHICH YOU DOWNLOADED
THE SOFTWARE PACKAGE). IF YOU DO NOT AGREE TO ALL OF
THE TERMS SET FORTH IN THE AGREEMENT, DO NOT INSTALL
THE SOFTWARE. IF APPLICABLE, YOU MAY RETURN THE
PRODUCT TO NETWORK ASSOCIATES OR THE PLACE OF
PURCHASE FOR A FULL REFUND.

Attributions
This product includes or may include:
*Software developed by the OpenSSL Project for use
in the OpenSSL Toolkit (http://www.openssl.org/).
*Cryptographic software written by Eric A. Young
and software written by Tim J. Hudson. * Some
software programs that are licensed (or sublicensed)
to the user under the GNU General Public License
(GPL) or other similar Free Software licenses which,
among other rights, permit the user to copy, modify
and redistribute certain programs, or portions
thereof, and have access to the source code. The GPL
requires that for any software covered under the GPL
which is distributed to someone in an executable
binary format, that the source code also be made
available to those users. For any such software
covered under the GPL, the source code is made
available on this CD. If any Free Software licenses
require that Network Associates provide rights to
use, copy or modify a software program that are
broader than the rights granted in this agreement,
then such rights shall take precedence over the
rights and restrictions herein. *Software
originally written by Henry Spencer, Copyright 1992,
1993, 1994, 1997 Henry Spencer. *Software
originally written by Robert Nordier, Copyright (C)
1996-7 Robert Nordier. *Software written by Douglas
W. Sauder. * Software developed by the Apache
Software Foundation (http://www.apache.org/). A copy
of the license agreement for this software can be
found at www.apache.org/licenses/LICENSE-2.0.txt. *
International Components for Unicode ("ICU")
Copyright (C) 1995-2002 International Business
Machines Corporation and others. * Software
developed by CrystalClear Software, Inc., Copyright
(C) 2000 CrystalClear Software, Inc. * FEAD(R)
Optimizer(R)  technology, Copyright Netopsystems AG,
Berlin, Germany. * Outside In(R)  Viewer Technology
(C) 1992-2001 Stellent Chicago, Inc. and/or Outside
In(R)  HTML Export, (C) 2001 Stellent Chicago, Inc.
* Software copyrighted by Thai Open Source Software
Center Ltd. and Clark Cooper, (C) 1998, 1999, 2000.
* Software copyrighted by Expat maintainers. *
Software copyrighted by The Regents of the
University of California, (C) 1989.
* Software copyrighted by Gunnar Ritter. * Software
copyrighted by Sun Microsystems(R), Inc. (C) 2003.
* Software copyrighted by Gisle Aas. (C) 1995-2003.
* Software copyrighted by Michael A. Chase, (C)
1999-2000. * Software copyrighted by Neil Winton,
(C) 1995-1996.
* Software copyrighted by RSA Data Security, Inc.,
(C) 1990-1992. * Software copyrighted by Sean M.
Burke, (C) 1999, 2000. * Software copyrighted by
Martijn Koster, (C) 1995. * Software copyrighted by
Brad Appleton, (C) 1996-1999.  * Software
copyrighted by Michael G. Schwern, (C) 2001. *
Software copyrighted by Graham Barr, (C) 1998.
* Software copyrighted by Larry Wall and Clark
Cooper, (C) 1998-2000. * Software copyrighted by
Frodo Looijaard, (C) 1997. * Software copyrighted by
the Python Software Foundation, Copyright (C) 2001,
2002, 2003. A copy of the license agreement for this
software can be found at www.python.org. * Software
copyrighted by Beman Dawes, (C) 1994-1999, 2002. *
Software written by Andrew Lumsdaine, Lie-Quan Lee,
Jeremy G. Siek (C) 1997-2000 University of Notre
Dame. * Software copyrighted by Simone Bordet &
Marco Cravero, (C) 2002. * Software copyrighted by
Stephen Purcell, (C) 2001. * Software developed by
the Indiana University Extreme! Lab
(http://www.extreme.indiana.edu/). * Software
copyrighted by International Business Machines
Corporation and others, (C) 1995-2003. * Software
developed by the University of California, Berkeley
and its contributors. * Software developed by Ralf
S. Engelschall <rse@engelschall.com> for use in the
mod_ssl project (http://www.modssl.org/). * Software
copyrighted by Kevlin Henney, (C) 2000-2002. *
Software copyrighted by Peter Dimov and Multi Media
Ltd. (C) 2001, 2002. * Software copyrighted by David
Abrahams, (C) 2001, 2002. See
http://www.boost.org/libs/bind/ bind.html for
documentation. * Software copyrighted by Steve
Cleary, Beman Dawes, Howard Hinnant & John Maddock,
(C) 2000.
* Software copyrighted by Boost.org, (C) 1999-2002.
* Software copyrighted by Nicolai M. Josuttis, (C)
1999.
* Software copyrighted by Jeremy Siek, (C)
1999-2001.
* Software copyrighted by Daryle Walker, (C) 2001.
* Software copyrighted by Chuck Allison and Jeremy
Siek, (C) 2001, 2002. * Software copyrighted by
Samuel Krempp, (C) 2001. See http://www.boost.org
for updates, documentation, and revision history. *
Software copyrighted by Doug Gregor
(gregod@cs.rpi.edu), (C) 2001, 2002. * Software
copyrighted by Cadenza New Zealand Ltd., (C) 2000. *
Software copyrighted by Jens Maurer, (C) 2000, 2001.
* Software copyrighted by Jaakko Jrvi
(jaakko.jarvi@cs.utu.fi), (C) 1999, 2000. * Software
copyrighted by Ronald Garcia, (C) 2002. * Software
copyrighted by David Abrahams, Jeremy Siek, and
Daryle Walker, (C) 1999-2001. * Software copyrighted
by Stephen Cleary (shammah@voyager.net), (C) 2000. *
Software copyrighted by Housemarque Oy <http://
www.housemarque.com>, (C) 2001. * Software
copyrighted by Paul Moore, (C) 1999. * Software
copyrighted by Dr. John Maddock, (C) 1998-2002. *
Software copyrighted by Greg Colvin and Beman Dawes,
(C) 1998, 1999. * Software copyrighted by Peter
Dimov, (C) 2001, 2002. * Software copyrighted by
Jeremy Siek and John R. Bandela, (C) 2001. *
Software copyrighted by Joerg Walter and Mathias
Koch, (C) 2000-2002.





V2.3.2





