[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]

UNIRAS Brief - 803/06 - SUN(SM) ALERT WEEKLY SUMMARY REPORT



-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

______________________________________________________________________________

 UNIRAS (UK Government CERT) Briefing - 803/06 dated 05.12.06 time 14:10
 UNIRAS is part of NISCC (the UK National Infrastructure Security
 Co-ordination Centre)
______________________________________________________________________________

 UNIRAS material is available from the NISCC website at www.niscc.gov.uk
______________________________________________________________________________

Title
=====

SUN(SM) ALERT WEEKLY SUMMARY REPORT
Week of 26-Nov-2006 - 02-Dec-2006

Detail
======

Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter that provides you with a weekly listing of newly released and
updated Sun Alert Notifications.  It is being distributed to inform you about critical hardware and software issues that could
impact the availability, security, and data integrity of your computing environment.



SUN(SM) ALERT WEEKLY SUMMARY REPORT

     Week of 26-Nov-2006 - 02-Dec-2006

Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter that provides you with a weekly listing of newly released and
updated Sun Alert Notifications.  It is being distributed to inform you about critical hardware and software issues that could
impact the availability, security, and data integrity of your computing environment.

==================================================================
ISSUE HIGHLIGHTS

* Newly Released Sun Alert Notifications

* Updated Sun Alert Notifications

* Additional Sun Alert Information

* Changes to Patch Access on SunSolve

==================================================================

- -------------------------------------------------------------------
Newly Released Sun Alert Notifications
- -------------------------------------------------------------------
(Total Released: 7)

Sun Alert ID:  102574 (RESOLVED)
Synopsis:      A Security Vulnerability in the Solaris Kernel May
               Allow a Denial of Service (DoS) Condition to Occur
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System, Solaris 8 Operating System
Category:      Security
Date Released: 30-Nov-2006
Date Closed:   30-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102574-1

- -------------------------------------------------------------------
Sun Alert ID:  102722
Synopsis:      Security Vulnerability With RSA Signature Affects
               Solaris Applications Utilizing the libike Library
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System
Category:      Security
Date Released: 27-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102722-1

- -------------------------------------------------------------------
Sun Alert ID:  102733 (RESOLVED)
Synopsis:      Security Vulnerability With HTTP Requests in Sun
               Java System Server(s)
Product:       Sun Java System Web Server 6.0 Service Pack 10, Sun
               Java System Application Server Platform Edition 8.1
               2005Q1, Sun ONE Application Server 7, Enterprise
               Edition, Sun ONE Application Server 7, Standard
               Edition, Sun Java System Application Server
               Platform Edition 8.1 2005Q1 Update Release 1, Sun
               Java System Web Proxy Server 4.0, Sun Java System
               Web Server 6.1, Sun Java System Application Server
               Enterprise Edition 8.1 2005Q1, Sun Java System Web
               Proxy Server 3.6
Category:      Security
Date Released: 30-Nov-2006
Date Closed:   30-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102733-1

- -------------------------------------------------------------------
Sun Alert ID:  102736 (RESOLVED)
Synopsis:      Installing Solaris 9 Patches 113335-01 or 113335-02
               or 113124-01 May Cause a System Panic
Product:       Solaris 9 Operating System
Category:      Availability
Date Released: 30-Nov-2006
Date Closed:   30-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102736-1

- -------------------------------------------------------------------
Sun Alert ID:  102738
Synopsis:      Solaris 10 on Sun Fire T1000/T2000 Systems may
               Panic When Low on Memory
Product:       Sun Fire T2000 Server, Sun Fire T1000 Server
Category:      Availability
Date Released: 01-Dec-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102738-1
(before accessing this Sun Alert document please login to a SunSolve Online Account with a Sun Spectrum Support Contract at
http://sunsolve.sun.com -> "Login")

- -------------------------------------------------------------------
Sun Alert ID:  102739
Synopsis:      Certain Solaris 10 Patches May Cause usermod(1M)
               and Related Commands to Terminate With an Error
Product:       Solaris 10 Operating System
Category:      Availability
Date Released: 01-Dec-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102739-1

- -------------------------------------------------------------------
Sun Alert ID:  102741
Synopsis:      IGMP(1) Packets do not Contain IP Router Alert
               Option When Sent From Solaris 10 Systems With Patch
               118822-21 (SPARC) or 118844-21 (x86/x64) or Later
               Installed
Product:       Solaris 10 Operating System
Category:      Availability, Availability
Date Released: 01-Dec-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102741-1


- -------------------------------------------------------------------
Updated Sun Alert Notifications
- -------------------------------------------------------------------
(Total Updated: 4)

Sun Alert ID:  101880 (RESOLVED)
Synopsis:      Delayed Recovery of NFS Client Locks May Lead to
               HA-NFS Start Failure
Product:       Solaris 9 Operating System, Solaris 10 Operating
               System
Category:      Availability, Availability
Date Released: 19-Aug-2005, 01-Dec-2006
Date Closed:   01-Dec-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101880-1

- -------------------------------------------------------------------
Sun Alert ID:  102094 (RESOLVED)
Synopsis:      Under Certain Conditions, Power Cycling Sun
               StorEdge 6920 Rack May Cause Array to Become
               Inaccessible
Product:       Sun StorEdge 6920 System
Category:      Availability
Date Released: 13-Dec-2005, 30-Nov-2006
Date Closed:   30-Nov-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102094-1

- -------------------------------------------------------------------
Sun Alert ID:  102548 (RESOLVED)
Synopsis:      ld(1) and ld.so.1(1) May Behave Unexpectedly or
               Cause Applications to Behave Unexpectedly
Product:       Solaris 9 Operating System, Solaris 8 Operating
               System
Category:      Availability
Date Released: 03-Aug-2006, 01-Dec-2006
Date Closed:   01-Dec-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102548-1

- -------------------------------------------------------------------
Sun Alert ID:  102692 (RESOLVED)
Synopsis:      Solaris 10 Patch 124020-01 WITHDRAWN,  May Fail to
               Install
Product:       Solaris 10 Operating System
Category:      Availability
Date Released: 02-Nov-2006, 01-Dec-2006
Date Closed:   01-Dec-2006

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102692-1

- ------------------------------------------------------------------
Additional Sun Alert Information
- ------------------------------------------------------------------

* Accessing Sun Alert Notifications

Sun Alert Notifications are accessed on http://sun.com/sunsolve under SunSolve Collections, Advanced Search, Browse Documents or
Security Sun Alerts


* Sun Alert Patch Report

http://sun.com/sunsolve/sunalert_patches.html

This is a comprehensive report of patches mentioned in the Resolution section of Sun Alert documents and is available from SunSolve
on the Patch Portal page. It is updated daily and organized by product.

- -------------------------------------------------------------------
*UPDATED* Changes to Patch Access on SunSolve
- -------------------------------------------------------------------

On Monday, September 18, 2006, customers will no longer be able to access Sun patches through Anonymous FTP. The ability to
transport large support files to Sun will remain via ftp or http://supportfiles.sun.com.

For more information, go to:

* http://sunsolve.sun.com/search/document.do?assetkey=1-9-82023-1

* http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1

For questions, contact: patchpolicy@xxxxxxx


******************************************************************

Thanks for tuning in to the Sun Alert Weekly Summary Report!

Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.


ALSO ON SUN.COM --------------------------------------------------
My Sun Connection:             http://sun.com/mysunconnection
Products & Services:           http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training:            http://sun.com/supportraining/
Downloads:                     http://sun.com/download
Documentation:                 http://sun.com/documentation
Research:                      http://sun.com/research
News:                          http://sun.com/news
Sun[sm] Store:                 http://sun.com/store

Resources for
* Developers:                  http://sun.com/developers
* System Admins:               http://sun.com/bigadmin
* Partners:                    http://sun.com/partners
* Executives:                  http://sun.com/executives
* Investors:                   http://sun.com/investors
- ------------------------------------------------------------------

Copyright 2006 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and Sun StorEdge are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States and other countries. All SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. in the United States and other countries. Products bearing SPARC trademarks are
based upon an architecture developed by Sun Microsystems, Inc.

:::::::::::::::::::::: We make the net work ::::::::::::::::::::::


______________________________________________________________________________

NISCC values your feedback.

1. Which of the following most reflects the value of the briefing to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__ 

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our briefings?


Thank you for your contribution.
______________________________________________________________________________

For additional information or assistance, please contact our help desk
by telephone.  You may send Not Protectively Marked information via
e-mail to uniras@xxxxxxxxxxxxx

Office hours:

Mon - Fri: 08:30 - 17:00 hours
Tel: +44 (0) 870 487 0748 and follow the voice prompts
Fax: +44 (0) 870 487 0749

On-call duty officer outside office hours:
Tel: +44 (0) 870 487 0748 and follow the voice prompts

______________________________________________________________________________

UNIRAS wishes to acknowledge the contributions of Sun for the
information contained in this briefing.
______________________________________________________________________________

This notice contains information released by the original author.
Some of the information may have changed since it was released. If the
vulnerability affects you, it may be prudent to retrieve the advisory
from the site of the original source to ensure that you receive the most
current information concerning that problem.

Reference to any specific commercial product, process, or service by
trade name, trademark manufacturer, or otherwise, does not constitute or
imply its endorsement, recommendation, or favouring by UNIRAS or NISCC.
The views and opinions of authors expressed within this notice shall not
be used for advertising or product endorsement purposes.

Neither UNIRAS or NISCC shall also accept responsibility for any errors
or omissions contained within this briefing notice. In particular, they
shall not be liable for any loss or damage whatsoever, arising from or
in connection with the usage of information contained within this
notice.

UNIRAS is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response
Teams (IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
______________________________________________________________________________

<End of UNIRAS Briefing>

-----BEGIN PGP SIGNATURE-----
Version: PGP 8.1

iQA/AwUBRXV7xGl7oeQsXfKvEQI+ngCeMcrm/A8LfXumb78RXgFLA8QKffMAnjdV
5hSWt9aUegxLKgBRy1BDCNv5
=9Xte
-----END PGP SIGNATURE-----


______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________

______________________________________________________________________
This email has been scanned by the MessageLabs Email Security System.
For more information please visit http://www.messagelabs.com/email 
______________________________________________________________________