Craig Bell wrote:
Q: How do I prove that I applied fixes for all vulnerabilities mentioned in the CPU? Is it reasonable to expect transparent documentation?
I just saw that link in a comment from Gerry Haskins on his blog entry you mentioned:
http://blogs.sun.com/security/entry/cpu_july_2010 Mapping between CVE numbers and Solaris patches for CPU July 2010 So Oracle seems to have listened .. Martin.
