Home / mailings SUN(SM) ALERT WEEKLY SUMMARY REPORT
Posted on 18 June 2007
Sun AlertsWeek of 10-Jun-2007 - 16-Jun-2007
Welcome to the Sun(SM) Alert Weekly Summary Report, the newsletter
that provides you with a weekly listing of newly released and
updated Sun Alert Notifications. It is being distributed
to inform you about critical hardware and software issues that
could impact the availability, security, and data integrity of
your computing environment.
==================================================================
ISSUE HIGHLIGHTS
* Newly Released Sun Alert Notifications
* Updated Sun Alert Notifications
* Additional Sun Alert Information
* Changes to Patch Access on SunSolve
==================================================================
-------------------------------------------------------------------
Newly Released Sun Alert Notifications
-------------------------------------------------------------------
(Total Released: 10)
Sun Alert ID: 102875 (RESOLVED)
Synopsis: Security Vulnerability in Sun Java System Directory
Server May Allow Unauthorized Data Modifications
Product: Sun Java System Directory Server 5.2, Sun Java
System Directory Server Enterprise Edition
Category: Security
Date Released: 13-Jun-2007
Date Closed: 13-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102875-1
-------------------------------------------------------------------
Sun Alert ID: 102876 (RESOLVED)
Synopsis: Security Vulnerability in Sun Java System Directory
Server Leaks Information About Existence of
Attributes
Product: Sun Java System Directory Server 5.2
Category: Security
Date Released: 13-Jun-2007
Date Closed: 13-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102876-1
-------------------------------------------------------------------
Sun Alert ID: 102917 (RESOLVED)
Synopsis: Security Vulnerability with Manipulated RTF Files
May Lead to Heap Overflows and Arbitrary Code
Execution
Product: StarOffice 7 Office Suite, StarOffice 6.0 Office
Suite, StarOffice 8 Office Suite
Category: Security
Date Released: 15-Jun-2007
Date Closed: 15-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102917-1
-------------------------------------------------------------------
Sun Alert ID: 102919 (RESOLVED)
Synopsis: Security Vulnerability in IPv6 Implementation
(ip6(7p)) Related to the Handling of IPsec Packets
may Lead to a System Panic, Resulting in a Denial
of Service (DoS)
Product: Solaris 10 Operating System
Category: Security
Date Released: 14-Jun-2007
Date Closed: 14-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102919-1
-------------------------------------------------------------------
Sun Alert ID: 102945
Synopsis: Security Vulnerabilities in the Network Security
Services (NSS) Library May Affect Sun Java System
Application Server, Web Server and Web Proxy Server
Product: Sun Java System Application Server Platform Edition
8.1 2005Q1, Sun Java System Web Server 7.0, Sun
Java System Web Proxy Server 4.0, Sun Java System
Web Server 6.1, Sun Java System Application Server
Enterprise Edition 8.1 2005Q1
Category: Security
Date Released: 11-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102945-1
-------------------------------------------------------------------
Sun Alert ID: 102959 (RESOLVED)
Synopsis: Possible System Stability Issues on Solaris 10
Systems Using e1000g as the Driver for Intel
Gigabit NIC When Configured to use Jumbo Frames
Product: Solaris 10 Operating System
Category: Availability, Availability
Date Released: 11-Jun-2007
Date Closed: 11-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102959-1
(before accessing this Sun Alert document please login to a
SunSolve Online Account with a Sun Spectrum Support Contract
at http://sunsolve.sun.com -> "Login")
-------------------------------------------------------------------
Sun Alert ID: 102960
Synopsis: Patches 121688-03, 121689-03, and 124460-02 are
WITHDRAWN - Certain Sun Fire Systems May Experience
"consistent dma sync timeout" or System Panic When
Using "Stop-A"
Product: Sun Fire 12K Server, Sun Fire E20K Server, Sun Fire
V880 Server, Sun Fire 15K Server, Sun Fire V490
Server, Sun Fire V890 Server, Sun Fire V480 Server,
Sun Fire E25K Server
Category: Availability
Date Released: 11-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102960-1
-------------------------------------------------------------------
Sun Alert ID: 102964
Synopsis: Multiple Security Vulnerabilities in samba(7) May
Allow Remote Code Execution, Elevation of
Privileges, or Remote Shell Command Execution
Product: Solaris 9 Operating System, Solaris 10 Operating
System, SAMBA
Category: Security
Date Released: 14-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102964-1
-------------------------------------------------------------------
Sun Alert ID: 102965 (RESOLVED)
Synopsis: A Security Vulnerability in Solaris 10 NFS XDR
Handling May Allow a Denial of Service to NFS
Servers
Product: Solaris 10 Operating System
Category: Security
Date Released: 13-Jun-2007
Date Closed: 13-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102965-1
-------------------------------------------------------------------
Sun Alert ID: 102967 (RESOLVED)
Synopsis: Integer Overflow and Heap-Based Buffer Overflow
Vulnerability in 3rd Party Module (Freetype)
Product: StarOffice 7 Office Suite, StarOffice 6.0 Office
Suite, StarOffice 8 Office Suite
Category: Security
Date Released: 15-Jun-2007
Date Closed: 15-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102967-1
-------------------------------------------------------------------
Updated Sun Alert Notifications
-------------------------------------------------------------------
(Total Updated: 2)
Sun Alert ID: 102777 (RESOLVED)
Synopsis: Services Which Use Multicast or UDP Broadcast (Sun
Ray) May Hang if Certain Network Interfaces are
Plumbed Up but Link is Down
Product: Solaris 10 Operating System
Category: Availability
Date Released: 18-Jan-2007, 11-Jun-2007
Date Closed: 11-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102777-1
-------------------------------------------------------------------
Sun Alert ID: 102920 (RESOLVED)
Synopsis: Initial Activation of Auto Service Request (ASR)
with Sun StorageTek Common Array Manager (CAM) Does
Not Properly Set Up the Activation
Product: Sun StorageTek Common Array Manager Software 5.1
Category: Availability
Date Released: 30-May-2007, 11-Jun-2007
Date Closed: 11-Jun-2007
To view this Sun Alert document please go to the following URL:
http://sunsolve.sun.com/search/document.do?assetkey=1-26-102920-1
------------------------------------------------------------------
Additional Sun Alert Information
------------------------------------------------------------------
* Accessing Sun Alert Notifications
Sun Alert Notifications are accessed on http://sun.com/sunsolve
under SunSolve Collections, Advanced Search, Browse Documents or
Security Sun Alerts
* Sun Alert Patch Report
http://sun.com/sunsolve/sunalert_patches.html
This is a comprehensive report of patches mentioned in the Resolution
section of Sun Alert documents and is available from SunSolve on the
Patch Portal page. It is updated daily and organized by product.
-------------------------------------------------------------------
*IMPORTANT UPDATE* Changes to Solaris 8 and 9 Patch Access on SunSolve
-------------------------------------------------------------------
Beginning March 31, 2007, Sun is changing the way users will access
Solaris 8 and 9 Software Updates (patches) to be consistent with the way users access Solaris 10 Software Updates.
Users will still be required to have a Sun Online Account and accept
a Software License Agreement in order to access any Software Updates,
but in addition users will be required to purchase a Solaris Subscription or Sun System Service Plan in order to access Solaris 8
and 9 Software Updates.
No Solaris Subscription or Sun System Service Plan will be required for security patches and device drivers, which will remain available without charge.
For more information, go to:
http://sunsolve.sun.com/search/document.do?assetkey=1-9-83061-1
For questions, contact: patchpolicy@sun.com
******************************************************************
Thanks for tuning in to the Sun Alert Weekly Summary Report!
Best regards,
Sun Alert Program Office
Sun Microsystems, Inc.
ALSO ON SUN.COM --------------------------------------------------
My Sun Connection: http://sun.com/mysunconnection
Products & Services: http://sun.com/products
Business & Industry Solutions: http://sun.com/solutions
Support & Training: http://sun.com/supportraining/
Downloads: http://sun.com/download
Documentation: http://sun.com/documentation
Research: http://sun.com/research
News: http://sun.com/news
Sun[sm] Store: http://sun.com/store
Resources for
* Developers: http://sun.com/developers
* System Admins: http://sun.com/bigadmin
* Partners: http://sun.com/partners
* Executives: http://sun.com/executives
* Investors: http://sun.com/investors
------------------------------------------------------------------
Copyright 2007 Sun Microsystems, Inc. All rights reserved.
Sun, Sun Microsystems, the Sun Logo, My Sun, iForce, Sun Fire, and
Sun StorEdge are trademarks or registered trademarks of Sun
Microsystems, Inc. in the United States and other countries. All
SPARC trademarks are used under license and are trademarks or
registered trademarks of SPARC International, Inc. in the United
States and other countries. Products bearing SPARC trademarks are
based upon an architecture developed by Sun Microsystems, Inc.
