Home / mailings SUN(SM) ALERT WEEKLY SUMMARY REPORT
Posted on 16 July 2007
Sun AlertsWeek of 08-Jul-2007 - 14-Jul-2007
NOTE: We did not send out a newsletter for the week of July 1, 2007
to July 7, 2007. Apologies for any inconvenience this may have caused.
Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications. It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.
==================================================================
ISSUE HIGHLIGHTS
* Newly Released Sun Alert Notifications
* Updated Sun Alert Notifications
* Additional Sun Alert Information
* Changes to Patch Access on SunSolve
==================================================================
-------------------------------------------------------------------
Newly Released Sun Alert Notifications
-------------------------------------------------------------------
(Total Released: 8)
Sun Alert ID: 101918
Synopsis: Security Vulnerability in the Logging Output of Sun
Java System Access Manager
Product: Sun Java System Access Manager 2004Q2, Sun Java
System Access Manager 6 2005Q1, Sun Java System
Identity Server 6.1
Category: Security
Date Released: 10-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-101918-1
-------------------------------------------------------------------
Sun Alert ID: 102978 (RESOLVED)
Synopsis: Security Vulnerability in the rcp(1) Command May
Allow Execution of Unintended Commands
Product: Solaris 9 Operating System, Solaris 10 Operating
System, Solaris 8 Operating System
Category: Security
Date Released: 10-Jul-2007
Date Closed: 10-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102978-1
-------------------------------------------------------------------
Sun Alert ID: 102992
Synopsis: Security Vulnerability in Processing XSLT
Stylesheets Affects Sun Java System Application
Server and Web Server
Product: Sun Java System Application Server Standard Edition
8.2, Sun Java System Application Server Enterprise
Edition 8.2, Sun Java System Application Server PE
9 , Sun Java System Web Server 7.0
Category: Security
Date Released: 10-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102992-1
-------------------------------------------------------------------
Sun Alert ID: 102993 (RESOLVED)
Synopsis: Java Runtime Environment Does Not Securely Process
XSLT Stylesheets Contained in XML Signatures
Product: Java 2 Platform, Standard Edition
Category: Security
Date Released: 10-Jul-2007
Date Closed: 10-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102993-1
-------------------------------------------------------------------
Sun Alert ID: 102996 (RESOLVED)
Synopsis: Security Vulnerability in Java Web Start URL
Parsing Code May Allow Untrusted Applications to
Elevate Privileges
Product: Java 2 Platform, Standard Edition
Category: Security
Date Released: 10-Jul-2007
Date Closed: 10-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102996-1
-------------------------------------------------------------------
Sun Alert ID: 102997 (RESOLVED)
Synopsis: Java Secure Socket Extension Does Not Correctly
Process SSL/TLS Handshake Requests Resulting in a
Denial of Service (DoS) Condition
Product: Java 2 Platform, Standard Edition
Category: Security
Date Released: 10-Jul-2007
Date Closed: 10-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102997-1
-------------------------------------------------------------------
Sun Alert ID: 103005
Synopsis: Entering Array WWPN or WWNN Values as an Initiator
via Sun StorageTek CAM May Cause Loss of Management
and Data Access to the Array
Product: Sun StorageTek 2530 Array, Sun StorageTek 6130
Array, Sun StorageTek 6140 Array, Sun StorageTek
2540 Array, Sun StorageTek Common Array Manager
Software 5.1, Sun StorageTek 6540 Array
Category: Availability
Date Released: 13-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103005-1
(before accessing this Sun Alert document please login to a
SunSolve Online Account with a Sun Spectrum Support Contract
at http://sunsolve.sun.com -> "Login")
-------------------------------------------------------------------
Sun Alert ID: 103006 (RESOLVED)
Synopsis: Installation of JDK and JRE 6 Update 2 (Build 05)
May Cause Internet Explorer to Exit When
Subsequently Launched
Product: Java Platform, Standard Edition 6
Category: Availability
Date Released: 13-Jul-2007
Date Closed: 13-Jul-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-103006-1
-------------------------------------------------------------------
Updated Sun Alert Notifications
-------------------------------------------------------------------
(Total Updated: 0)
------------------------------------------------------------------
Additional Sun Alert Information
------------------------------------------------------------------
* Accessing Sun Alert Notifications
Sun Alert Notifications are accessed on http://sun.com/sunsolve
under SunSolve Collections, Advanced Search, Browse Documents or
Security Sun Alerts
* Sun Alert Patch Report
http://sun.com/sunsolve/sunalert_patches.html
This is a comprehensive report of patches mentioned in the Resolution
section of Sun Alert documents and is available from SunSolve on the
Patch Portal page. It is updated daily and organized by product.
-------------------------------------------------------------------
*IMPORTANT UPDATE* Changes to Solaris 8 and 9 Patch Access on SunSolve
-------------------------------------------------------------------
Beginning March 31, 2007, Sun is changing the way users will access
Solaris 8 and 9 Software Updates (patches) to be consistent with the way users access Solaris 10 Software Updates.
Users will still be required to have a Sun Online Account and accept
a Software License Agreement in order to access any Software Updates,
but in addition users will be required to purchase a Solaris Subscription or Sun System Service Plan in order to access Solaris 8
and 9 Software Updates.
No Solaris Subscription or Sun System Service Plan will be required for security patches and device drivers, which will remain available without charge.
For more information, go to:
http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1
For questions, contact: patchpolicy@sun.com
******************************************************************
Thanks for tuning in to the Sun Alert Weekly Summary Report!
Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.
ALSO ON SUN.COM --------------------------------------------------
My Sun Connection: http://sun.com/mysunconnection
Products & Services: http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training: http://sun.com/supportraining/
Downloads: http://sun.com/download
Documentation: http://sun.com/documentation
Research: http://sun.com/research
News: http://sun.com/news
Sun[sm] Store: http://sun.com/store
Resources for
* Developers: http://sun.com/developers
* System Admins: http://sun.com/bigadmin
* Partners: http://sun.com/partners
* Executives: http://sun.com/executives
* Investors: http://sun.com/investors
------------------------------------------------------------------
Copyright 2007 Sun Microsystems, Inc. All rights reserved.
Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and
Sun StorEdge are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States and other countries. All
SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. in the United
States and other countries. Products bearing SPARC trademarks are
based upon an architecture developed by Sun Microsystems, Inc.