Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > March 2007 > SUN(SM) ALERT WEEKLY SUMMARY REPORT Week of 11-Mar-2007 - 17-Mar-2007

March 2007

SUN(SM) ALERT WEEKLY SUMMARY REPORT Week of 11-Mar-2007 - 17-Mar-2007

ID: 98
Ref: 040/2007
Date: 21 March 2007:11:17:05
Version: 1
Title: SUN(SM) ALERT WEEKLY SUMMARY REPORT Week of 11-Mar-2007 - 17-Mar-2007
Abstract: A weekly listing of newly released and updated Sun Alert Notifications
Vendors affected: Sun
Operating systems affected: Sun
SUN(SM) ALERT WEEKLY SUMMARY REPORT

Week of 11-Mar-2007 - 17-Mar-2007

Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter that provides you with a weekly listing of newly released and updated Sun Alert Notifications. It is being distributed to inform you about critical hardware and software issues that could impact the availability, security, and data integrity of your computing environment.

==================================================================
ISSUE HIGHLIGHTS

* Newly Released Sun Alert Notifications

* Updated Sun Alert Notifications

* Additional Sun Alert Information

* Changes to Patch Access on SunSolve

==================================================================

-------------------------------------------------------------------
Newly Released Sun Alert Notifications
-------------------------------------------------------------------
(Total Released: 6)

Sun Alert ID: 102822 (RESOLVED)
Synopsis: Sun Java System Web Server May Allow A User with
Revoked Client Certificate to Access Server
Instance Under Certain Conditions
Product: Sun Java System Web Server 6.1
Category: Security
Date Released: 14-Mar-2007
Date Closed: 14-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102822-1

-------------------------------------------------------------------
Sun Alert ID: 102833 (RESOLVED)
Synopsis: Security Vulnerability in Sun Java System Web
Server May Allow Unauthorized Access to Host Data
With Certain URLs
Product: Sun Java System Web Server 6.0 Service Pack 10, Sun
Java System Web Server 6.1, Sun Java System Web
Server 6.0 Service Pack 8
Category: Security
Date Released: 15-Mar-2007
Date Closed: 15-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102833-1

-------------------------------------------------------------------
Sun Alert ID: 102840 (RESOLVED)
Synopsis: Installing Patch 118833-36 on Solaris 10 SPARC
Platforms May Cause Dynamic Reconfiguration to
Fail
Product: Solaris 10 Operating System
Category: Availability
Date Released: 14-Mar-2007
Date Closed: 14-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102840-1

-------------------------------------------------------------------
Sun Alert ID: 102843
Synopsis: Data Integrity Issues May Occur for Advanced File
Type Devices With Enterprise Backup Software
Product: Sun StorageTek Enterprise Backup Software 7.2, Sun
StorageTek Enterprise Backup Software 7.3
Category: Data Loss
Date Released: 13-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102843-1

-------------------------------------------------------------------
Sun Alert ID: 102846
Synopsis: Security Vulnerability in the Mozilla js_dtoa()
Routine May Result in Denial of Service
Product: Mozilla v1.7, Solaris 9 Operating System, Solaris
10 Operating System, Solaris 8 Operating System
Category: Security
Date Released: 15-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102846-1

-------------------------------------------------------------------
Sun Alert ID: 102847
Synopsis: Multiple Security Vulnerabilities in Adobe Reader
May Lead to Execution of Arbitrary Code
Product: Solaris 10 Operating System
Category: Security
Date Released: 14-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102847-1


-------------------------------------------------------------------
Updated Sun Alert Notifications
-------------------------------------------------------------------
(Total Updated: 3)

Sun Alert ID: 102127 (RESOLVED)
Synopsis: Performance Degradation Reported in Controller
Firmware Releases 4.1x on Sun StorEdge 3310/351x
Arrays for All RAIDTypes and Certain Patterns of
I/O
Product: Sun StorageTek 3310 SCSI Array, Sun StorageTek 3510
FC Array, Sun StorageTek 3511 SATA Array
Category: Availability
Date Released: 12-Jan-2006, 14-Mar-2007
Date Closed: 14-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102127-1

-------------------------------------------------------------------
Sun Alert ID: 102788 (RESOLVED)
Synopsis: DST Changes May Affect Switch Products From Brocade
(McDATA), Cisco, Qlogic, and Sun StorageTek
Product: Cisco MDS 9509 Multilayer Director, Brocade 3800 2
GB 16-Port Switch, Brocade SilkWorm 3850 Fabric
Switch, Brocade SilkWorm 24000 Director, QLogic
SANbox 5602 FC Stackable Switch, Sun StorageTek 2
Gb 64-Port Switch, Cisco MDS 9513, Brocade SilkWorm
3250 Fabric Switch, Brocade 12000 2 GB Switch,
Brocade 2800 1 GB 16-Port Switch, McDATA Sphereon
4500 Fabric Switch, Sun StorageTek 2 Gb 8-Port
Switch, QLogic SANbox 5200 FC Stackable Switch,
RoHS McData 1620 iSCSI to FC Bridge, Cisco MDS
9216i, McDATA Intrepid 10000 Director, Sun
StorageTek 1 GB 16-Port Switch, McDATA Intrepid
6140 Director, Brocade 48000 Director, McDATA
Sphereon 4300 Fabric Switch, McDATA Intrepid 6064
Director, McDATA Sphereon 4400 Fabric Switch, Cisco
MDS 9506, Brocade 4100 Switch, Brocade 6400 64-Port
Switch, Brocade SilkWorm 3900 Switch, Brocade
SilkWorm 4900 Fibre Channel Switch, McDATA Sphereon
4700 Fabric Switch, Cisco MDS 9216A
Category: Availability
Date Released: 28-Feb-2007, 13-Mar-2007
Date Closed: 13-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102788-1

-------------------------------------------------------------------
Sun Alert ID: 102797 (RESOLVED)
Synopsis: Notification to Upgrade Sun StorageTek 6920 System
Firmware to Version 3.0.1.26 to Incorporate
Daylight Saving Time (DST) Changes
Product: Sun StorageTek 6920 System
Category: Availability
Date Released: 08-Feb-2007, 14-Mar-2007
Date Closed: 14-Mar-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102797-1

------------------------------------------------------------------
Additional Sun Alert Information
------------------------------------------------------------------

* Accessing Sun Alert Notifications

Sun Alert Notifications are accessed on http://sun.com/sunsolve under SunSolve Collections, Advanced Search, Browse Documents or Security Sun Alerts


* Sun Alert Patch Report

http://sun.com/sunsolve/sunalert_patches.html

This is a comprehensive report of patches mentioned in the Resolution section of Sun Alert documents and is available from SunSolve on the Patch Portal page. It is updated daily and organized by product.


-------------------------------------------------------------------
*IMPORTANT UPDATE* Changes to Solaris 8 and 9 Patch Access on SunSolve
-------------------------------------------------------------------

Beginning March 31, 2007, Sun is changing the way users will access Solaris 8 and 9 Software Updates (patches) to be consistent with the way users access Solaris 10 Software Updates.

Users will still be required to have a Sun Online Account and accept a Software License Agreement in order to access any Software Updates, but in addition users will be required to purchase a Solaris Subscription or Sun System Service Plan in order to access Solaris 8 and 9 Software Updates.

No Solaris Subscription or Sun System Service Plan will be required for security patches and device drivers, which will remain available without charge.

For more information, go to:

http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1

For questions, contact: patchpolicy@sun.com


******************************************************************

Thanks for tuning in to the Sun Alert Weekly Summary Report!

Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.


ALSO ON SUN.COM --------------------------------------------------
My Sun Connection: http://sun.com/mysunconnection
Products & Services: http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training: http://sun.com/supportraining/
Downloads: http://sun.com/download
Documentation: http://sun.com/documentation
Research: http://sun.com/research
News: http://sun.com/news
Sun[sm] Store: http://sun.com/store

Resources for
* Developers: http://sun.com/developers
* System Admins: http://sun.com/bigadmin
* Partners: http://sun.com/partners
* Executives: http://sun.com/executives
* Investors: http://sun.com/investors
------------------------------------------------------------------

Copyright 2007 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and Sun StorEdge are trademarks or registered trademarks of Sun Microsystems, Inc. in the United States and other countries. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. in the United States and other countries. Products bearing SPARC trademarks are based upon an architecture developed by Sun Microsystems, Inc.

:::::::::::::::::::::: We make the net work ::::::::::::::::::::::

PRIVACY STATEMENT:
Sun respects your online time and privacy (http://sun.com/privacy).
You have received this email because our records indicate you requested it from Sun. If you would prefer not to receive this information, please follow the steps at the bottom of this message to unsubscribe.

HOW TO CONTACT US:
If you have questions or comments about this newsletter, please reply to this message or write to us at:

sunalert-newsletter@sun.com

______________________________________________________________________________

CPNI values your feedback.

1. Which of the following most reflects the value of the advisory to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our advisories?


Thank you for your contribution.
______________________________________________________________________________

CPNI wishes to acknowledge the contributions of Sun for the information contained in this advisory.
______________________________________________________________________________
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |