Home / mailings SUN ALERT WEEKLY SUMMARY REPORT
Posted on 16 November 2009
Sun AlertsWeek of 08-Nov-2009 to 14-Nov-2009
Welcome to the Sun Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications. It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.
==================================================================
ISSUE HIGHLIGHTS - New http://wikis.sun.com/x/EAF9B
* New and Updated Sun Alerts for 3 Release Phases:
Preliminary, Workaround and Resolved
Note: To read past newsletters go to sunsolve.sun.com,
hit Accept, use Advanced Search with keywords "weekly
summary report newsletter", Sort by Date, and select the
Sun Alert Notifications collection.
=================================================================
New Preliminary Sun Alert Notifications
None
=================================================================
New Workaround Sun Alert Notifications
(Total Workaround: 4)
Sun Alert ID: 271169
Title: Multiple Security Vulnerabilities in the Common Unix
Printing System (CUPS) Web Interface in OpenSolaris May
Lead to Cross-Site Scripting (XSS) and HTTP Response
Splitting Attacks
Product: OpenSolaris
Category: Security
Release Phase: Workaround
Workaround Date: 10-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-271169-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 272289
Title: HIPER - Sun StorageTek HSC and MVS/CSC Initialization
Fails with ABEND S0C4 After the Execution Key is
Changed
Product: Sun StorageTek Host Software Component Software, Sun
StorageTek Client System Component Software
Category: Availability
Release Phase: Workaround
Workaround Date: 11-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272289-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 272351
Title: Solaris Emlxs (emlxs(7D)) Patches May Cause Excessive
and Spurious Errors
Product: Solaris 10 Operating System, OpenSolaris
Category: Availability
Release Phase: Workaround
Workaround Date: 11-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272351-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 272489
Title: Security Vulnerability in the OSCAR Protocol Plugin for
pidgin(1) may Lead to a Denial of Service (DoS)
Condition
Product: Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Workaround
Workaround Date: 10-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272489-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
=================================================================
New Resolved Sun Alert Notifications
(Total Resolved: 6)
Sun Alert ID: 263388
Title: Security Vulnerabilities in Solaris IP(7P) Module and
STREAMS Framework May Lead to a Denial of Service (DoS)
Condition
Product: Solaris 8 Operating System, Solaris 9 Operating System,
Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 11-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-263388-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 264388
Title: Solaris 8 and Solaris 9 Systems may Hang After
Installing Certain Kernel Patches
Product: Solaris 8 Operating System, Solaris 9 Operating System
Category: Availability
Release Phase: Resolved
Workaround Date: 22-Jul-2009
Resolved Date: 12-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264388-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 265968
Title: HIPER - Sun StorageTek ELS 7.0 is not Automating Mount
Requests for Certain Mounted "in-use" Cartridges
Product: Sun StorageTek Enterprise Library Software (ELS) 7.0 ???
SMC Component
Category: Availability
Release Phase: Resolved
Resolved Date: 13-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265968-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 266488
Title: Security Vulnerability in Solaris TCP sockets May Allow
Unprivileged Users to Cause a Denial of Service (DoS)
Condition
Product: OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 10-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266488-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 266548
Title: HIPER - Sun StorageTek VTCS may Continue to Request
Synchronous Replications to a Target VTSS System in an
Offline State
Product: Sun StorageTek VTCS 6.1, Sun StorageTek VTCS 6.2, Sun
StorageTek VTCS 7.0
Category: Data Loss
Release Phase: Resolved
Resolved Date: 13-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266548-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 271149
Title: Security Vulnerability in VirtualBox Guest Additions May
Lead to Denial of Service against the Virtual Machine
Product: Sun xVM VirtualBox 1.6, Sun xVM VirtualBox 2.0, Sun xVM
VirtualBox 2.1, Sun xVM VirtualBox 2.2, Sun VirtualBox
3.0
Category: Security
Release Phase: Resolved
Resolved Date: 13-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-271149-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
=================================================================
Updated Sun Alert Notifications
(Total Updated: 2 )
Sun Alert ID: 269788
Title: Security Vulnerability in Solaris libpng(3) May Allow a
Remote User to Disclose Potentially Sensitive
Information from Applications Linked to libpng(3)
Product: Solaris 8 Operating System, Solaris 9 Operating System,
Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Workaround
Workaround Date: 14-Oct-2009
Last Updated: 10-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269788-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 270089
Title: On Solaris 10 AES192/AES256 Encryption Enabled sshd(1M)
Support May Fail
Product:
Category: Availability
Release Phase: Workaround
Workaround Date: 15-Oct-2009
Last Updated: 13-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270089-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
==================================================================
For more information on the Sun Alert program, please visit:
http://wikis.sun.com/x/EAF9B
RSS Feed :
http://www.sun.com/rss/?t=3&pgID=1&trss=Sun%20Alerts%20-%20New&uri=http:
//cds-srv.sun.com:8700/rss/insert/public/sunalert_insert.xml
Sun Alert Patch Report -- TEXT version is available at:
https://supportuploads.sun.com/download?directory=downloads&file=SApatches%2dpub%2etxt
or go to http://supportfiles.sun.com/download and enter the following
file name, SApatches-pub.txt, from the directory named "downloads".
==================================================================
Thanks for tuning in to the Sun Alert Weekly Summary Report!
Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.
sunalert-newsletter@sun.com
