Re: [pca] Solaris 10 1/13 preinstalled patches
Thanks for the further investigation Martin! I'll follow up. There is nothing to prevent those patches being added to a system installed with s10u11, so it would seem prudent to add the Security fixes indicated below in the case where the patch pkgs are installed systems. (I've provided details of the pkgs delivered in the 2 patches that you've pointed out below for ease of reference.) As a general rule of thumb, it is always advisable to apply the latest Recommended Patchset after installing/upgrading to the latest Solaris Update to get any fixes relesed after the Solaris Update (or in this case not delivered as part of the update itself). Best, -Don On 02/13/13 07:12, Martin Paul wrote: Hi Don, Am 12.02.2013 20:00, schrieb Don O'Malley: I'll take a look into this one and get back to you. Thanks for the information you already provided. Apart from that, it might be worth to at least take a look at these two patches: Patch IR CR RSB Age Synopsis -- -- - -- --- --- --- 119213 26 27 RS- 369 NSS_NSPR_JSS 3.13.1: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 149453 -- 02 RS- 133 SunOS 5.10: CCR Update Both of them are "S"ecurity patches, and both of them contain actual security fixes (which Oracle nowadays often paraphrases as "problem with X"): -- 119213-27: 13341290 DIS-TRUST DIGINOTAR ROOT CERTIFICATE 13341314 (CVE-2011-3389) RIZZO/DUONG CHOSEN PLAINTEXT ATTACK (BEAST) ON SSL/TLS 1.0 PKG=SUNWjss ARCH=sparc VERSION=4.0,REV=2004.11.05.02.31 PKG=SUNWpr ARCH=sparc VERSION=4.5.1,REV=2004.11.05.02.30 PKG=SUNWprd ARCH=sparc VERSION=4.5.1,REV=2004.11.05.02.30 PKG=SUNWtls ARCH=sparc VERSION=3.9.5,REV=2005.01.14.17.27 PKG=SUNWtlsd ARCH=sparc VERSION=3.9.5,REV=2005.01.14.17.27 PKG=SUNWtlsu ARCH=sparc VERSION=3.9.5,REV=2005.01.14.17.27 -- 149453-02 7194816 problem with smpatch / updatemanager 6914463 problem with smpatch / updatemanager PKG=SUNWr ARCH=sparc VERSION=001.000.000 It's kind of strange to get a Solaris release in Feb 2013 with existing security fixes from up to a year ago not being fixed out of the box. Martin. -- Don O'Malley Manager, Software Maintenance Engineering Revenue Product Engineering | Solaris | Hardware Block C, East Point Business Park, Dublin 3, Ireland Phone: +353 1 8033883 Team Alias: rpe_sme_ww_...@oracle.com
Re: [pca] Solaris 10 1/13 preinstalled patches
Hi Don, Am 12.02.2013 20:00, schrieb Don O'Malley: I'll take a look into this one and get back to you. Thanks for the information you already provided. Apart from that, it might be worth to at least take a look at these two patches: Patch IR CR RSB Age Synopsis -- -- - -- --- --- --- 119213 26 27 RS- 369 NSS_NSPR_JSS 3.13.1: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 149453 -- 02 RS- 133 SunOS 5.10: CCR Update Both of them are Security patches, and both of them contain actual security fixes (which Oracle nowadays often paraphrases as problem with X): -- 119213-27: 13341290 DIS-TRUST DIGINOTAR ROOT CERTIFICATE 13341314 (CVE-2011-3389) RIZZO/DUONG CHOSEN PLAINTEXT ATTACK (BEAST) ON SSL/TLS 1.0 -- 149453-02 7194816 problem with smpatch / updatemanager 6914463 problem with smpatch / updatemanager It's kind of strange to get a Solaris release in Feb 2013 with existing security fixes from up to a year ago not being fixed out of the box. Martin.
[pca] Solaris 10 1/13 preinstalled patches
Hi Don/all, A PCA user, who already installed Solaris 10 1/13, wondered why some rather old patches are not pre-installed (see below). As I've seen that happen with previous update releases, too, I've wondered about the same thing - does anybody have an idea about why certain - really old - patches are excluded? Martin. Patch IR CR RSB Age Synopsis -- -- - -- --- --- --- 118666 34 41 RS- 7 JavaSE 5.0: update 39 patch (equivalent to JDK 5.0u39) 118667 34 41 RS- 7 JavaSE 5.0: update 39 patch (equivalent to JDK 5.0u39), 64bit 118683 07 08 --- 200 SunOS 5.10: Patch for profiling libraries and assembler 119213 26 27 RS- 369 NSS_NSPR_JSS 3.13.1: NSPR 4.8.9 / NSS 3.13.1 / JSS 4.3.2 119788 -- 12 --- 119 SunOS 5.10: Sun Update Connection Proxy 1.0.9 119963 24 27 R-- 145 SunOS 5.10: Shared library patch for C++ 121081 06 08 R-- 999 SunOS 5.10: Connected Customer Agents 1.1.0 121118 19 20 RS- 173 SunOS 5.10: Update Connection System Client 1.0.20 123893 50 52 R-- 76 SunOS 5.8 5.9 5.10 Common Agent Container (cacao) runtime 2.3.1.2 125136 39 42 RS- 4 JavaSE 6: update 39 patch (equivalent to JDK 6u39) 125137 39 42 RS- 4 JavaSE 6: update 39 patch (equivalent to JDK 6u39), 64bit 145078 -- 01 --- 829 SunOS 5.10: Firefox plugins patch 148150 02 03 --- 124 SunOS 5.10: Tomcat 4 removal patch 148861 -- 01 --- 129 SunOS 5.10: Sun XVR-2500 Graphics Accelerator Patch (post-S10U8) 149453 -- 02 RS- 133 SunOS 5.10: CCR Update