[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 745/06 - SUN(SM) ALERT WEEKLY SUMMARY REPORT - Week of 05-Nov-2006 - 11-Nov-2006



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

 UNIRAS (UK Government CERT) Briefing - 745/06 dated 14.11.06 time 13:30
 UNIRAS is part of NISCC (the UK National Infrastructure Security
 Co-ordination Centre)
______________________________________________________________________________

 UNIRAS material is available from the NISCC website at www.niscc.gov.uk
______________________________________________________________________________

Title
=====

SUN(SM) ALERT WEEKLY SUMMARY REPORT - Week of 05-Nov-2006 - 11-Nov-2006

Detail
======

Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications.  It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.

==================================================================
ISSUE HIGHLIGHTS

* Newly Released Sun Alert Notifications

* Updated Sun Alert Notifications

* Additional Sun Alert Information

* Changes to Patch Access on SunSolve

==================================================================

- - - -------------------------------------------------------------------
Newly Released Sun Alert Notifications
- - - -------------------------------------------------------------------
(Total Released: 4)

Sun Alert ID:  102452
Synopsis:      Logical Drives May be Lost if "auto-global-spare"
               is Enabled
Product:       Sun StorEdge 3310 SCSI Array, Sun StorEdge 3510 FC
               Array, Sun StorEdge 3320 SCSI Array, Sun StorEdge
               3511 SATA Array
Category:      Data Loss
Date Released: 09-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102452-1
(before accessing this Sun Alert document please login to a
SunSolve Online Account with a Sun Spectrum Support Contract
at http://sunsolve.sun.com -> "Login")

- - - -------------------------------------------------------------------
Sun Alert ID:  102690
Synopsis:      Certain Solaris 9 and 10 "mpt" Driver Patches may
               Cause a System Panic on Reboot or Fail to Recognize
               Drives
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System
Category:      Availability
Date Released: 09-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102690-1
(before accessing this Sun Alert document please login to a
SunSolve Online Account with a Sun Spectrum Support Contract
at http://sunsolve.sun.com -> "Login")

- - - -------------------------------------------------------------------
Sun Alert ID:  102711
Synopsis:      Security Vulnerabilities in OpenSSL May Lead to a
               Denial of Service (DoS)  to Applications or
               Execution of Arbitrary Code With Elevated
               Privileges
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System
Category:      Security
Date Released: 09-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102711-1

- - - -------------------------------------------------------------------
Sun Alert ID:  102712
Synopsis:      Possible Data Integrity Issues on Solaris 10
               Systems Using the e1000g Driver for the Intel
               Gigabit Network Interface Card (NIC)
Product:       Solaris 10 Operating System
Category:      Data Loss
Date Released: 10-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102712-1


- - - -------------------------------------------------------------------
Updated Sun Alert Notifications
- - - -------------------------------------------------------------------
(Total Updated: 2)

Sun Alert ID:  102656 (RESOLVED)
Synopsis:      Security Vulnerability Issue of Forged RSA
               Signatures for Java Enterprise System and Solaris
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System, Sun Java Enterprise System 2003Q4, Sun Java
               Enterprise System 2005Q1, Solaris 8 Operating
               System, Sun Java Enterprise System 2005Q4, Sun Java
               Enterprise System 2004Q2
Category:      Security
Date Released: 25-Oct-2006, 09-Nov-2006
Date Closed:   09-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102656-1

- - - -------------------------------------------------------------------
Sun Alert ID:  102688 (RESOLVED)
Synopsis:      Issue with eri(7d) Network Driver May Compromise
               Data Transfer or Data Integrity
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System, Sun eri FastEthernet Device Driver, Solaris
               8 Operating System
Category:      Data Loss
Date Released: 27-Oct-2006, 09-Nov-2006
Date Closed:   09-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102688-1

- - - ------------------------------------------------------------------
Additional Sun Alert Information
- - - ------------------------------------------------------------------

* Accessing Sun Alert Notifications

Sun Alert Notifications are accessed on http://sun.com/sunsolve
under SunSolve Collections, Advanced Search, Browse Documents or
Security Sun Alerts


* Sun Alert Patch Report

http://sun.com/sunsolve/sunalert_patches.html

This is a comprehensive report of patches mentioned in the Resolution
section of Sun Alert documents and is available from SunSolve on the
Patch Portal page. It is updated daily and organized by product.

- - - -------------------------------------------------------------------
*UPDATED* Changes to Patch Access on SunSolve
- - - -------------------------------------------------------------------

On Monday, September 18, 2006, customers will no longer be able to 
access Sun patches through Anonymous FTP. The ability to transport
large support files to Sun will remain via ftp or http://supportfiles.sun.com.

For more information, go to:

* http://sunsolve.sun.com/search/document.do?assetkey=1-9-82023-1

* http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1

For questions, contact: patchpolicy@xxxxxxx


******************************************************************

Thanks for tuning in to the Sun Alert Weekly Summary Report!

Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.


ALSO ON SUN.COM --------------------------------------------------
My Sun Connection:             http://sun.com/mysunconnection
Products & Services:           http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training:            http://sun.com/supportraining/
Downloads:                     http://sun.com/download
Documentation:                 http://sun.com/documentation
Research:                      http://sun.com/research
News:                          http://sun.com/news
Sun[sm] Store:                 http://sun.com/store

Resources for
* Developers:                  http://sun.com/developers
* System Admins:               http://sun.com/bigadmin
* Partners:                    http://sun.com/partners
* Executives:                  http://sun.com/executives
* Investors:                   http://sun.com/investors
- - - ------------------------------------------------------------------

Copyright 2006 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and
Sun StorEdge are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States and other countries. All
SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. in the United
States and other countries. Products bearing SPARC trademarks are
based upon an architecture developed by Sun Microsystems, Inc.

:::::::::::::::::::::: We make the net work ::::::::::::::::::::::

______________________________________________________________________________

NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
______________________________________________________________________________

For additional information or assistance, please contact our help desk
by telephone.  You may send Not Protectively Marked information via
e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

______________________________________________________________________________

UNIRAS wishes to acknowledge the contributions of Sun for the
information contained in this briefing.
______________________________________________________________________________

This notice contains information released by the original author.
Some of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory
from the site of the original source to ensure that you receive the most
current information concerning that problem.

Reference to any specific commercial product, process, or service by
trade name, trademark manufacturer, or otherwise, does not constitute or
imply its endorsement, recommendation, or favouring by UNIRAS or NISCC.
The views and opinions of authors expressed within this notice shall not
be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they
shall not be liable for any loss or damage whatsoever, arising from or
in connection with the usage of information contained within this
notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response
Teams (IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
______________________________________________________________________________

<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRVnEsWl7oeQsXfKvEQLDegCg1ufIyPKWQ5BIyMUsB3vgO5Fp9XsAoKjK
3OAzS/iK5s4UQMY9+Iy2y4BB
=tAzV
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________