Home / mailings SUN ALERT WEEKLY SUMMARY REPORT
Posted on 17 November 2008
Sun AlertsWeek of 09-Nov-2008 to 15-Nov-2008
Welcome to the Sun Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications. It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.
==================================================================
ISSUE HIGHLIGHTS
* New and Updated Sun Alerts for 3 Release Phases:
Preliminary, Workaround and Resolved
Note: To read past newsletters go to sunsolve.sun.com,
hit Accept, use Advanced Search with keywords "weekly
summary report newsletter", Sort by Date, and select the
Sun Alert Notifications collection.
=================================================================
New Preliminary Sun Alert Notifications
None
=================================================================
New Workaround Sun Alert Notifications
(Total Workaround: 2)
Sun Alert ID: 245626
Title: ZFS Pool Corruption May Occur With Sun Cluster 3.2
Running Solaris 10 with patch 137137-09 or 137138-09
Product: Solaris 10 Operating System, OpenSolaris
Category: Data Loss, Availability
Release Phase: Workaround
Workaround Date: 12-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-245626-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 245806
Title: A Buffer Overflow Security Vulnerability in the Solaris
sadmind(1M) Daemon May Lead to Execution of Arbitrary
Code
Product: Solaris 8 Operating System, Solaris 9 Operating System
Category: Security
Release Phase: Workaround
Workaround Date: 14-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-245806-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
=================================================================
New Resolved Sun Alert Notifications
(Total Resolved: 9)
Sun Alert ID: 242186
Title: Cross-Site Scripting (XSS) Vulnerability in Sun Java
Messaging Server
Product: Sun Java Messaging Server 6.2, Sun Java Messaging Server
6.3
Category: Security
Release Phase: Resolved
Resolved Date: 12-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-242186-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 242627
Title: Security Vulnerability in StarOffice Related to .wmf
Files May Lead to Heap Overflows and Arbitrary Code
Execution
Product: StarOffice 7 Software, StarSuite 7 Software, StarOffice
8 Software, StarSuite 8 Software
Category: Security
Release Phase: Resolved
Resolved Date: 13-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-242627-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 242806
Title: A Security Vulnerability in the Solaris Socket(3SOCKET)
Function May Allow Unprivileged Users to Panic the
System
Product: Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 13-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-242806-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 243226
Title: Security Vulnerability in StarOffice/StarSuite Related
to EMF Files May Lead to Heap Overflows and Arbitrary
Code Execution
Product: StarOffice 7 Software, StarSuite 7 Software, StarOffice
8 Software, StarSuite 8 Software
Category: Security
Release Phase: Resolved
Resolved Date: 13-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-243226-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 243386
Title: Multiple Security Vulnerabilities in Sun Java System
Identity Manager
Product: Sun Java System Identity Manager 6.0, Sun Java System
Identity Manager 6.0 SP1, Sun Java System Identity
Manager 6.0 SP2, Sun Java System Identity Manager 6.0
SP3, Sun Java System Identity Manager 6.0 SP4, Sun Java
System Identity Manager 7.0, Sun Java System Identity
Manager 7.1
Category: Security
Release Phase: Resolved
Resolved Date: 11-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-243386-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 243606
Title: A Security Vulnerability in the Logical Domains (LDoms)
Manager May Allow Unauthorized System Access and
Escalation of Privileges
Product: Logical Domain Manager 1.0, Logical Domain Manager
1.0.1, Logical Domain Manager 1.0.2, Logical Domain
Manager 1.0.3
Category: Security
Release Phase: Resolved
Resolved Date: 12-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-243606-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 244606
Title: Solaris 10 SPARC Kernel patch 137111-01 through
137111-08 Enforces Mutex Alignment Rules and May Cause
Some Applications to Fail
Product: Solaris 10 Operating System, OpenSolaris
Category: Availability
Release Phase: Resolved
Resolved Date: 13-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-244606-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 245206
Title: Security Vulnerability in Solaris IP Filter Network
Address Translation (NAT) May Lead to DNS Cache
Poisoning
Product: Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 11-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-245206-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 245846
Title: A Security Vulnerability in the Solaris i915 DRM Driver
May Cause a Kernel Panic
Product: OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 14-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-245846-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
=================================================================
Updated Sun Alert Notifications
(Total Updated: 1)
Sun Alert ID: 243486
Title: A Security Vulnerability in the Sun Integrated
Lights-Out Manager (ILOM) may Allow Unauthorized Access
Through the Web Interface
Product: Sun SPARC Enterprise T5120 Server, Sun SPARC Enterprise
T5220 Server, Sun SPARC Enterprise T5140 Server, Sun
SPARC Enterprise T5240 Server, Sun SPARC Enterprise
T5440 Server, Sun Blade T6320, Sun Netra T5220, Sun
Netra T5440, Sun Netra CP3260, Sun Netra CT900 ATCA
Blade Server, Sun Fire X2250, Sun Fire X4100, Sun Fire
X4100 M2 , Sun Fire X4140, Sun Fire X4150, Sun Fire
X4200, Sun Fire X4200 M2, Sun Fire X4240, Sun Fire
X4250, Sun Fire X4440
Category: Security
Release Phase: Resolved
Resolved Date: 21-Oct-2008
Last Updated: 10-Nov-2008
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-243486-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
==================================================================
* NEW RSS Feed
http://www.sun.com/rss/?t=3&pgID=1&trss=Sun%20Alerts%20-%20New&uri=http:
//cds-srv.sun.com:8700/rss/insert/public/sunalert_insert.xml
* Sun Alert Patch Report
This report is no longer available on SunSolve, however a new TEXT version is
available at:
https://supportuploads.sun.com/download?directory=downloads&file=SApatches%2dpub%2etxt
or go to http://supportfiles.sun.com/download and enter the following
file name, SApatches-pub.txt, from the directory named "downloads".
==================================================================
Thanks for tuning in to the Sun Alert Weekly Summary Report!
Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.
sunalert-newsletter@sun.com
