Home / mailings SUN(SM) ALERT WEEKLY SUMMARY REPORT
Posted on 02 July 2007
Sun AlertsWeek of 24-Jun-2007 - 30-Jun-2007
Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications. It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.
==================================================================
ISSUE HIGHLIGHTS
* Newly Released Sun Alert Notifications
* Updated Sun Alert Notifications
* Additional Sun Alert Information
* Changes to Patch Access on SunSolve
==================================================================
-------------------------------------------------------------------
Newly Released Sun Alert Notifications
-------------------------------------------------------------------
(Total Released: 12)
Sun Alert ID: 102914
Synopsis: A Security Vulnerability in the Implementation of
the RPCSEC_GSS API Affects the Kerberos
Administration Daemon (kadmind(1M))
Product: Solaris 9 Operating System, Solaris 10 Operating
System, Solaris 8 Operating System
Category: Security
Date Released: 26-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102914-1
-------------------------------------------------------------------
Sun Alert ID: 102918 (RESOLVED)
Synopsis: Security Vulnerabilities in the KSSL Kernel Module
May Lead to a System Panic
Product: Solaris 10 Operating System
Category: Security, Availability
Date Released: 27-Jun-2007
Date Closed: 27-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102918-1
-------------------------------------------------------------------
Sun Alert ID: 102926 (RESOLVED)
Synopsis: Security Vulnerability in the Solaris libsldap
Library May Allow a Denial of Service to nscd(1M)
Product: Solaris 9 Operating System, Solaris 10 Operating
System, Solaris 8 Operating System
Category: Security
Date Released: 26-Jun-2007
Date Closed: 26-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102926-1
-------------------------------------------------------------------
Sun Alert ID: 102954 (RESOLVED)
Synopsis: dtsession(1X) Contains a Buffer Overflow
Vulnerability
Product: Solaris 9 Operating System, Solaris 10 Operating
System, Solaris 8 Operating System
Category: Security
Date Released: 27-Jun-2007
Date Closed: 27-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102954-1
-------------------------------------------------------------------
Sun Alert ID: 102957 (RESOLVED)
Synopsis: Security Vulnerability With Java Web Start May
Allow Application to Escalate Privileges
Product: Java 2 Platform, Standard Edition
Category: Security
Date Released: 28-Jun-2007
Date Closed: 28-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102957-1
-------------------------------------------------------------------
Sun Alert ID: 102958 (RESOLVED)
Synopsis: Cross-site Scripting Vulnerability (XSS) Affecting
Pages Generated with JavaDoc Tool
Product: Java 2 Platform, Standard Edition
Category: Security
Date Released: 28-Jun-2007
Date Closed: 28-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102958-1
-------------------------------------------------------------------
Sun Alert ID: 102963 (RESOLVED)
Synopsis: A Security Vulnerability in the TCP Loopback/Fusion
Code May Lead to a System Hang Resulting in a
Denial of Service (DoS)
Product: Solaris 10 Operating System
Category: Security
Date Released: 27-Jun-2007
Date Closed: 27-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102963-1
-------------------------------------------------------------------
Sun Alert ID: 102968 (RESOLVED)
Synopsis: The NetBackup 6.0 MP4 Installer for Windows x86
Systems Installs to "C:Program FilesVERITAS"
Regardless of the Path Specified During
Installation
Product: VERITAS NetBackup 6.0
Category: Availability
Date Released: 27-Jun-2007
Date Closed: 27-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102968-1
(before accessing this Sun Alert document please login to a
SunSolve Online Account with a Sun Spectrum Support Contract
at http://sunsolve.sun.com -> "Login")
-------------------------------------------------------------------
Sun Alert ID: 102971
Synopsis: Multiple Memory Corruption Vulnerabilities in
Mozilla 1.7 for Solaris 8, 9 and 10
Product: Mozilla v1.7, Solaris 9 Operating System, Solaris
10 Operating System, Solaris 8 Operating System
Category: Security
Date Released: 26-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102971-1
-------------------------------------------------------------------
Sun Alert ID: 102985
Synopsis: Security Vulnerability in the Kerberos
Administration Daemon (kadmind(1M)) May Lead to
Arbitrary Code Execution
Product: Solaris 9 Operating System, Solaris 10 Operating
System, Solaris 8 Operating System
Category: Security
Date Released: 27-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102985-1
-------------------------------------------------------------------
Sun Alert ID: 102986
Synopsis: Sun Fire Midrange Server Time Jumps when SC Uptime
Exceeds 828 Days
Product: Sun Fire 3800 Server, Sun Fire 4800 Server, Sun
Fire 4810 Server, Sun Fire 6800 Server, Sun Fire
E6900 Server, Sun Fire E2900 Server, Sun Fire V1280
Server, Sun Fire E4900 Server, Netra 1290 Server,
Netra 1280 Server
Category: Availability, Availability
Date Released: 28-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102986-1
(before accessing this Sun Alert document please login to a
SunSolve Online Account with a Sun Spectrum Support Contract
at http://sunsolve.sun.com -> "Login")
-------------------------------------------------------------------
Sun Alert ID: 102987
Synopsis: libpng(3) Contains a Denial of Service (DoS)
Vulnerability
Product: Solaris 9 Operating System, Solaris 10 Operating
System, Solaris 8 Operating System
Category: Security
Date Released: 28-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102987-1
-------------------------------------------------------------------
Updated Sun Alert Notifications
-------------------------------------------------------------------
(Total Updated: 3)
Sun Alert ID: 102934 (RESOLVED)
Synopsis: Security Vulnerabilities in the Java Runtime
Environment Image Parsing Code may Allow a
Untrusted Applet to Elevate Privileges
Product: Java 2 Platform, Standard Edition
Category: Security
Date Released: 31-May-2007, 29-Jun-2007
Date Closed: 29-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102934-1
-------------------------------------------------------------------
Sun Alert ID: 102961 (RESOLVED)
Synopsis: Security Vulnerability in scp(1) May Allow
Execution of Unintended Commands
Product: Solaris 9 Operating System, Solaris 10 Operating
System
Category: Security
Date Released: 08-Jun-2007, 27-Jun-2007
Date Closed: 27-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102961-1
-------------------------------------------------------------------
Sun Alert ID: 102962 (RESOLVED)
Synopsis: Security Vulnerability in the sshd(1M) Protocol
Version 1 Implementation May Allow a Denial of
Service to the Host
Product: Solaris 9 Operating System, Solaris 10 Operating
System
Category: Security
Date Released: 08-Jun-2007, 29-Jun-2007
Date Closed: 29-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102962-1
------------------------------------------------------------------
Additional Sun Alert Information
------------------------------------------------------------------
* Accessing Sun Alert Notifications
Sun Alert Notifications are accessed on http://sun.com/sunsolve
under SunSolve Collections, Advanced Search, Browse Documents or
Security Sun Alerts
* Sun Alert Patch Report
http://sun.com/sunsolve/sunalert_patches.html
This is a comprehensive report of patches mentioned in the Resolution
section of Sun Alert documents and is available from SunSolve on the
Patch Portal page. It is updated daily and organized by product.
-------------------------------------------------------------------
*IMPORTANT UPDATE* Changes to Solaris 8 and 9 Patch Access on SunSolve
-------------------------------------------------------------------
Beginning March 31, 2007, Sun is changing the way users will access
Solaris 8 and 9 Software Updates (patches) to be consistent with the way users access Solaris 10 Software Updates.
Users will still be required to have a Sun Online Account and accept
a Software License Agreement in order to access any Software Updates,
but in addition users will be required to purchase a Solaris Subscription or Sun System Service Plan in order to access Solaris 8
and 9 Software Updates.
No Solaris Subscription or Sun System Service Plan will be required for security patches and device drivers, which will remain available without charge.
For more information, go to:
http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1
For questions, contact: patchpolicy@sun.com
******************************************************************
Thanks for tuning in to the Sun Alert Weekly Summary Report!
Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.
ALSO ON SUN.COM --------------------------------------------------
My Sun Connection: http://sun.com/mysunconnection
Products & Services: http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training: http://sun.com/supportraining/
Downloads: http://sun.com/download
Documentation: http://sun.com/documentation
Research: http://sun.com/research
News: http://sun.com/news
Sun[sm] Store: http://sun.com/store
Resources for
* Developers: http://sun.com/developers
* System Admins: http://sun.com/bigadmin
* Partners: http://sun.com/partners
* Executives: http://sun.com/executives
* Investors: http://sun.com/investors
------------------------------------------------------------------
Copyright 2007 Sun Microsystems, Inc. All rights reserved.
Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and
Sun StorEdge are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States and other countries. All
SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. in the United
States and other countries. Products bearing SPARC trademarks are
based upon an architecture developed by Sun Microsystems, Inc.