Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > June 2007 > SUN(SM) ALERT WEEKLY SUMMARY REPORT - Week of 17-Jun-2007 - 23-Jun-2007

June 2007

SUN(SM) ALERT WEEKLY SUMMARY REPORT - Week of 17-Jun-2007 - 23-Jun-2007

ID: 145
Ref: 90/2007
Date: 30 June 2007:23:23:04
Version: 1
Title: SUN(SM) ALERT WEEKLY SUMMARY REPORT - Week of 17-Jun-2007 - 23-Jun-2007
Abstract: This newsletter provides a weekly listing of newly released and updated Sun Alert Notifications.
Vendors affected: MIT
Operating systems affected: MIT
Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter that
provides you with a weekly listing of newly released and updated Sun Alert
Notifications. It is being distributed to inform you about critical
hardware and software issues that could impact the availability, security,
and data integrity of your computing environment.

==================================================================
ISSUE HIGHLIGHTS

* Newly Released Sun Alert Notifications

* Updated Sun Alert Notifications

* Additional Sun Alert Information

* Changes to Patch Access on SunSolve

==================================================================

-------------------------------------------------------------------
Newly Released Sun Alert Notifications
-------------------------------------------------------------------
(Total Released: 5)

Sun Alert ID: 102969 (RESOLVED)
Synopsis: Security Vulnerability in Solaris 10 BIND DNSSEC
May Cause a Denial of Service
Product: Solaris 10 Operating System
Category: Security
Date Released: 18-Jun-2007
Date Closed: 18-Jun-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102969-1

-------------------------------------------------------------------
Sun Alert ID: 102970 (RESOLVED)
Synopsis: Security Vulnerability in RSA Signature
Verification Affects GnuTLS Library Versions Prior
to 1.4.4
Product: Solaris 10 Operating System
Category: Security
Date Released: 21-Jun-2007
Date Closed: 21-Jun-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102970-1

-------------------------------------------------------------------
Sun Alert ID: 102972
Synopsis: Multiple Security Vulnerabilities in the Solaris
Gnome PDF Viewer (gpdf(1)) may Allow a Denial of
Service (DoS) Condition or Lead to Execution of
Arbitrary Code
Product: Solaris 10 Operating System
Category: Security
Date Released: 20-Jun-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102972-1

-------------------------------------------------------------------
Sun Alert ID: 102973
Synopsis: Patch 120811-06 is WITHDRAWN - May Cause System to
Hang When Writing Data to Disk Array or Tape System
Product: Solaris 10 Operating System
Category: Availability
Date Released: 20-Jun-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102973-1

-------------------------------------------------------------------
Sun Alert ID: 102975 (RESOLVED)
Synopsis: Sun Fire 12K/15K/20K/25K System Controller
Management (scman) Networks May Fail After
Applying Patch 122608-01 through 122608-03
Product: Sun Fire 12K Server, Solaris Security Toolkit 4.2,
Sun Fire E20K Server, Sun Fire 15K Server, Sun Fire
E25K Server
Category: Availability
Date Released: 20-Jun-2007
Date Closed: 20-Jun-2007

To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102975-1


-------------------------------------------------------------------
Updated Sun Alert Notifications
-------------------------------------------------------------------
(Total Updated: 0)

------------------------------------------------------------------
Additional Sun Alert Information
------------------------------------------------------------------

* Accessing Sun Alert Notifications

Sun Alert Notifications are accessed on http://sun.com/sunsolve under
SunSolve Collections, Advanced Search, Browse Documents or Security Sun
Alerts


* Sun Alert Patch Report

http://sun.com/sunsolve/sunalert_patches.html

This is a comprehensive report of patches mentioned in the Resolution
section of Sun Alert documents and is available from SunSolve on the Patch
Portal page. It is updated daily and organized by product.


-------------------------------------------------------------------
*IMPORTANT UPDATE* Changes to Solaris 8 and 9 Patch Access on SunSolve
-------------------------------------------------------------------

Beginning March 31, 2007, Sun is changing the way users will access
Solaris 8 and 9 Software Updates (patches) to be consistent with the way
users access Solaris 10 Software Updates.

Users will still be required to have a Sun Online Account and accept a
Software License Agreement in order to access any Software Updates, but in
addition users will be required to purchase a Solaris Subscription or Sun
System Service Plan in order to access Solaris 8 and 9 Software Updates.

No Solaris Subscription or Sun System Service Plan will be required for
security patches and device drivers, which will remain available without
charge.

For more information, go to:

http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1

For questions, contact: patchpolicy@sun.com


******************************************************************

Thanks for tuning in to the Sun Alert Weekly Summary Report!

Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.


ALSO ON SUN.COM --------------------------------------------------
My Sun Connection: http://sun.com/mysunconnection
Products & Services: http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training: http://sun.com/supportraining/
Downloads: http://sun.com/download
Documentation: http://sun.com/documentation
Research: http://sun.com/research
News: http://sun.com/news
Sun[sm] Store: http://sun.com/store

Resources for
* Developers: http://sun.com/developers
* System Admins: http://sun.com/bigadmin
* Partners: http://sun.com/partners
* Executives: http://sun.com/executives
* Investors: http://sun.com/investors
------------------------------------------------------------------

Copyright 2007 Sun Microsystems, Inc. All rights reserved.

Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and Sun
StorEdge are trademarks or registered trademarks of Sun Microsystems, Inc.
in the United States and other countries. All SPARC trademarks are used
under license and are trademarks or registered trademarks of SPARC
International, Inc. in the United States and other countries. Products
bearing SPARC trademarks are based upon an architecture developed by Sun
Microsystems, Inc.

:::::::::::::::::::::: We make the net work ::::::::::::::::::::::

__________________________________________________________________________

CPNI values your feedback.

1. Which of the following most reflects the value of the advisory to you?
(Place an 'X' next to your choice)

Very useful:__ Useful:__ Not useful:__

2. If you did not find it useful, why not?


3. Any other comments? How could we improve our advisories?


Thank you for your contribution.
___________________________________________________________________________

CPNI wishes to acknowledge the contributions of Sun for the
information contained in this advisory.
___________________________________________________________________________

This advisory contains information released by the original author. Some
of the information may have changed since it was released. If the issue
affects you, it may be prudent to retrieve the advisory from the site of
the original source to ensure that you receive the most current
information concerning that problem.

Reference to any specific commercial product, process, or service by trade
name, trademark manufacturer, or otherwise, does not constitute or imply
its endorsement, recommendation, or favouring by CPNI. The views and
opinions of authors expressed within this notice shall not be used for
advertising or product endorsement purposes.

CPNI shall not accept responsibility for any errors or omissions contained
within this advisory. In particular, they shall not be liable for any loss
or damage whatsoever, arising from or in connection with the usage of
information contained within this advisory.

CPNI is a member of the Forum of Incident Response and Security Teams
(FIRST) and has contacts with other international Incident Response Teams
(IRTs) in order to foster cooperation and coordination in incident
prevention, to prompt rapid reaction to incidents, and to promote
information sharing amongst its members and the community at large.
___________________________________________________________________________

  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |