Home / mailings SUN ALERT WEEKLY SUMMARY REPORT
Posted on 09 November 2009
Sun AlertsWeek of 01-Nov-2009 to 07-Nov-2009
Welcome to the Sun Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications. It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.
==================================================================
ISSUE HIGHLIGHTS - New http://wikis.sun.com/x/EAF9B
* New and Updated Sun Alerts for 3 Release Phases:
Preliminary, Workaround and Resolved
Note: To read past newsletters go to sunsolve.sun.com,
hit Accept, use Advanced Search with keywords "weekly
summary report newsletter", Sort by Date, and select the
Sun Alert Notifications collection.
=================================================================
New Preliminary Sun Alert Notifications
(Total Preliminary: 1)
Sun Alert ID: 272230
Title: Security Vulnerabilities in the Apache 2 "mod_perl2"
Module Components "PerlRun.pm" and "Status.pm" May Lead
to Denial of Service (DoS) or Unauthorized Access to
Data
Product: Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Preliminary
Preliminary Date: 05-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-272230-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
=================================================================
New Workaround Sun Alert Notifications
(Total Workaround: 1)
Sun Alert ID: 271519
Title: Solaris 10 Kernel Patches 141444-09 and 141445-09 May
Cause Interface Failure in IP Multipathing (IPMP)
Product: Solaris 10 Operating System
Category: Availability
Release Phase: Workaround
Workaround Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-271519-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
=================================================================
New Resolved Sun Alert Notifications
(Total Resolved: 11)
Sun Alert ID: 264730
Title: A Security Vulnerability in Solaris Sockets Direct
Protocol (SDP) Driver (sdp(7D)) may Allow Users to
Exhaust Kernel Memory
Product: Solaris 10 Operating System, OpenSolaris
Category: Availability, Security
Release Phase: Resolved
Resolved Date: 02-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-264730-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 266348
Title: Security Vulnerability in the w(1) Utility may Lead to
Execution of Arbitrary Code
Product: Solaris 8 Operating System, Solaris 9 Operating System,
Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 02-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266348-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 266388
Title: Security Vulnerability in Solaris SCTP (Stream Control
Transmission Protocol (see sctp(7P)) and SDP (Sockets
Direct Protocol driver (see sdp(7D)) sockets May Allow
Unprivileged Users to Cause a Denial of Service (DoS)
Condition
Product: OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 04-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-266388-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 268328
Title: A Security Vulnerability in Sun Virtual Desktop
Infrastructure (VDI) Software 3.0 may Lead to
Unauthorized Access to the VirtualBox Web Service
Product: Sun Virtual Desktop Infrastructure (VDI) Software 3.0
Category: Security
Release Phase: Resolved
Resolved Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-268328-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 269868
Title: The Java Update Mechanism on Non-English Versions Does
Not Update the JRE When a New Version is Available
Product: Java Platform, Standard Edition (Java SE)
Category: Security
Release Phase: Resolved
Resolved Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269868-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 269869
Title: Command Execution Vulnerability in the Java Runtime
Environment Deployment Toolkit May be Leveraged to
Execute Arbitrary Code
Product: Java Platform, Standard Edition (Java SE)
Category: Security
Release Phase: Resolved
Resolved Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269869-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 269870
Title: Security Vulnerability in the Java Web Start Installer
May be Leveraged to Allow Untrusted Java Web Start
Application to Run As Trusted Application
Product: Java Platform, Standard Edition (Java SE)
Category: Security
Release Phase: Resolved
Resolved Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-269870-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 270408
Title: Security Vulnerabilities in PostgreSQL Shipped with
Solaris may Allow a Denial of Service (DoS) or
Privilege Escalation
Product: Solaris 10 Operating System, OpenSolaris
Category: Security
Release Phase: Resolved
Resolved Date: 02-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270408-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 270474
Title: Buffer and Integer Overflow Vulnerabilities in the Java
Runtime Environment With Processing Audio and Image
Files May Allow Privileges to be Escalated
Product: Java Platform, Standard Edition (Java SE)
Category: Security
Release Phase: Resolved
Resolved Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270474-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 270475
Title: A Security Vulnerability in the Java Runtime Environment
With Verifying HMAC Digests may Allow Authentication to
be Bypassed
Product: Java Platform, Standard Edition (Java SE)
Category: Security
Release Phase: Resolved
Resolved Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270475-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
-----------------------------------------------------------------
Sun Alert ID: 270476
Title: Two Security Vulnerabilities in the Java Runtime
Environment With Decoding DER Encoded Data and Parsing
HTTP Headers may Result in a Denial of Service (DoS)
Product: Java Platform, Standard Edition (Java SE)
Category: Security
Release Phase: Resolved
Resolved Date: 03-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-270476-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
=================================================================
Updated Sun Alert Notifications
(Total Updated: 1 )
Sun Alert ID: 265688
Title: Solaris 10 BIND Patches, T-patches and IDRs may Fail to
Install in Deferred-Activation Patching (DAP) Context
as a Result of Having Malformed pkgmap Files Caused by
a pkgmk(1) Regression
Product: Solaris 10 Operating System
Category: Availability
Release Phase: Workaround
Workaround Date: 11-Aug-2009
Last Updated: 02-Nov-2009
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-66-265688-1
If this Sun Alert document is not publicly available, go to the
SunSpectrum Member Support Center at www.sun.com/support and
search for the Sun Alert ID above.
==================================================================
For more information on the Sun Alert program, please visit:
http://wikis.sun.com/x/EAF9B
RSS Feed :
http://www.sun.com/rss/?t=3&pgID=1&trss=Sun%20Alerts%20-%20New&uri=http:
//cds-srv.sun.com:8700/rss/insert/public/sunalert_insert.xml
Sun Alert Patch Report -- TEXT version is available at:
https://supportuploads.sun.com/download?directory=downloads&file=SApatches%2dpub%2etxt
or go to http://supportfiles.sun.com/download and enter the following
file name, SApatches-pub.txt, from the directory named "downloads".
==================================================================
Thanks for tuning in to the Sun Alert Weekly Summary Report!
Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.
sunalert-newsletter@sun.com
