Hi Don,
Am 12.02.2013 20:00, schrieb Don O'Malley:
I'll take a look into this one and get back to you.
Thanks for the information you already provided. Apart from that, it
might be worth to at least take a look at these two patches:
Patch IR CR RSB Age Synopsis
------ -- - -- --- --- -------------------------------------------------------
119213 26 < 27 RS- 369 NSS_NSPR_JSS 3.13.1: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2
149453 -- < 02 RS- 133 SunOS 5.10: CCR Update
Both of them are "S"ecurity patches, and both of them contain actual
security fixes (which Oracle nowadays often paraphrases as "problem with
X"):
-- 119213-27:
13341290 DIS-TRUST DIGINOTAR ROOT CERTIFICATE
13341314 (CVE-2011-3389) RIZZO/DUONG CHOSEN PLAINTEXT ATTACK (BEAST) ON
SSL/TLS 1.0
-- 149453-02
7194816 problem with smpatch / updatemanager
6914463 problem with smpatch / updatemanager
It's kind of strange to get a Solaris release in Feb 2013 with existing
security fixes from up to a year ago not being fixed out of the box.
Martin.
