[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 724/06 - SUN(SM) ALERT WEEKLY SUMMARY REPORT



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

 UNIRAS (UK Government CERT) Briefing - 724/06 dated 07.11.06 time 13:50
 UNIRAS is part of NISCC (the UK National Infrastructure Security
 Co-ordination Centre)
______________________________________________________________________________

 UNIRAS material is available from the NISCC website at www.niscc.gov.uk
______________________________________________________________________________

Title
=====

SUN(SM) ALERT WEEKLY SUMMARY REPORT
Week of 29-Oct-2006 - 04-Nov-2006

Detail
======

Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications.  It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.


SUN(SM) ALERT WEEKLY SUMMARY REPORT

     Week of 29-Oct-2006 - 04-Nov-2006

Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications.  It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.

==================================================================
ISSUE HIGHLIGHTS

* Newly Released Sun Alert Notifications

* Updated Sun Alert Notifications

* Additional Sun Alert Information

* Changes to Patch Access on SunSolve

==================================================================

- -------------------------------------------------------------------
Newly Released Sun Alert Notifications
- -------------------------------------------------------------------
(Total Released: 6)

Sun Alert ID:  102670 (RESOLVED)
Synopsis:      A Vulnerability in Network Security Services (NSS)
               Affects Sun Java System Web Server and Sun ONE
               Application Server
Product:       Sun ONE Application Server 7, Standard Edition, Sun
               Java System Web Server 6.0 Service Pack 8
Category:      Security
Date Released: 31-Oct-2006
Date Closed:   31-Oct-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102670-1

- -------------------------------------------------------------------
Sun Alert ID:  102689 (RESOLVED)
Synopsis:      Installing Certain Solaris 9 Patches Without Others
               May Cause a System Panic
Product:       Solaris 9 Operating System
Category:      Availability
Date Released: 30-Oct-2006
Date Closed:   30-Oct-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102689-1

- -------------------------------------------------------------------
Sun Alert ID:  102692
Synopsis:      Solaris 10 Patch 124020-01 WITHDRAWN,  May Fail to
               Install
Product:       Solaris 10 Operating System
Category:      Availability
Date Released: 02-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102692-1

- -------------------------------------------------------------------
Sun Alert ID:  102693 (RESOLVED)
Synopsis:      Security Vulnerability With Graphics Driver for
               Solaris 10 and Linux on Certain Systems
Product:       Sun Ultra 20 Workstation, Sun Ultra 20 M2
               Workstation, Sun Ultra 40 Workstation
Category:      Security
Date Released: 02-Nov-2006
Date Closed:   02-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102693-1

- -------------------------------------------------------------------
Sun Alert ID:  102694
Synopsis:      Solaris cron(1M) Jobs and Logins May Fail
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System
Category:      Availability
Date Released: 02-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102694-1
(before accessing this Sun Alert document please login to a
SunSolve Online Account with a Sun Spectrum Support Contract
at http://sunsolve.sun.com -> "Login")

- -------------------------------------------------------------------
Sun Alert ID:  102696
Synopsis:      A Security Vulnerability in RSA Signature
               Verification Affects Sun Java System Application
               Server, Proxy Server and Web Server
Product:       Sun Java System Application Server Standard Edition
               7 2004Q2, Sun Java System Application Server
               Platform Edition 8.1 2005Q1, Sun Java System Web
               Server 6.1, Sun Java System Application Server
               Enterprise Edition 7 2004Q2, Sun ONE Web Server
               6.0, Sun Java System Web Proxy Server 3.6
Category:      Security
Date Released: 03-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102696-1


- -------------------------------------------------------------------
Updated Sun Alert Notifications
- -------------------------------------------------------------------
(Total Updated: 0)

- ------------------------------------------------------------------
Additional Sun Alert Information
- ------------------------------------------------------------------

* Accessing Sun Alert Notifications

Sun Alert Notifications are accessed on http://sun.com/sunsolve
under SunSolve Collections, Advanced Search, Browse Documents or
Security Sun Alerts


* Sun Alert Patch Report

http://sun.com/sunsolve/sunalert_patches.html

This is a comprehensive report of patches mentioned in the Resolution
section of Sun Alert documents and is available from SunSolve on the
Patch Portal page. It is updated daily and organized by product.

- -------------------------------------------------------------------
*UPDATED* Changes to Patch Access on SunSolve
- -------------------------------------------------------------------

On Monday, September 18, 2006, customers will no longer be able to 
access Sun patches through Anonymous FTP. The ability to transport
large support files to Sun will remain via ftp or http://supportfiles.sun.com.

For more information, go to:

* http://sunsolve.sun.com/search/document.do?assetkey=1-9-82023-1

* http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1

For questions, contact: patchpolicy@xxxxxxx


******************************************************************

Thanks for tuning in to the Sun Alert Weekly Summary Report!

Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.


ALSO ON SUN.COM --------------------------------------------------
My Sun Connection:             http://sun.com/mysunconnection
Products & Services:           http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training:            http://sun.com/supportraining/
Downloads:                     http://sun.com/download
Documentation:                 http://sun.com/documentation
Research:                      http://sun.com/research
News:                          http://sun.com/news
Sun[sm] Store:                 http://sun.com/store

Resources for
* Developers:                  http://sun.com/developers
* System Admins:               http://sun.com/bigadmin
* Partners:                    http://sun.com/partners
* Executives:                  http://sun.com/executives
* Investors:                   http://sun.com/investors
- ------------------------------------------------------------------

Copyright 2006 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and
Sun StorEdge are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States and other countries. All
SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. in the United
States and other countries. Products bearing SPARC trademarks are
based upon an architecture developed by Sun Microsystems, Inc.

:::::::::::::::::::::: We make the net work ::::::::::::::::::::::




______________________________________________________________________________

NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
______________________________________________________________________________

For additional information or assistance, please contact our help desk
by telephone.  You may send Not Protectively Marked information via
e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

______________________________________________________________________________

UNIRAS wishes to acknowledge the contributions of Sun for the
information contained in this briefing.
______________________________________________________________________________

This notice contains information released by the original author.
Some of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory
from the site of the original source to ensure that you receive the most
current information concerning that problem.

Reference to any specific commercial product, process, or service by
trade name, trademark manufacturer, or otherwise, does not constitute or
imply its endorsement, recommendation, or favouring by UNIRAS or NISCC.
The views and opinions of authors expressed within this notice shall not
be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they
shall not be liable for any loss or damage whatsoever, arising from or
in connection with the usage of information contained within this
notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response
Teams (IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
______________________________________________________________________________

<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRVCOYml7oeQsXfKvEQL1bgCdH+82GtmyODV7Y9hBXfRSZ5OwnyoAoKiY
smALgiH9sVjtIIkegNJf9chg
=rR8s
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________