'wget', 'pca', and TLP users need to accept updated software license

As the software license agreement terms were updated last week upon Sun becoming a wholly owned subsiduary of Oracle, customers who use 'wget' to automate patch downloads from SunSolve will need to login in once to SunSolve and accept the updated software license agreement before they can continue to use 'wget'.   Please note that some popular patch automation tools such as Traffic Light Patching (TLP) and the 3rd party 'pca' tool use 'wget' and hence this notice is applicable to them too.

http://sunsolve.sun.com currently has the following message at the top of the SunSolve home page:

Alert: wget customers ~ Please log into SunSolve to re-accept the new Software License Agreement prior to running any wget scripts. You can also look under "Update Account" and refer to:
Step 5: Register for patch download automation
Check the box to confirm that you read the license and save the changes. Downloads will work as normal at this point.
Comments:

Awesome! Thanks for the heads up.

Posted by Stephen Bunn on February 01, 2010 at 07:20 PM GMT #

Gerry,

Thanks a lot mentioning this here as well!

Posted by Martin Paul on February 01, 2010 at 11:24 PM GMT #

So dare I ask... what's changed in the software license agreement terms?

BTW.. pca is awesome!

Posted by guest on February 02, 2010 at 05:07 AM GMT #

Please don't take this the wrong way, but RTFM! ;)

I'm not aware of the precious changes but expect the license terms and conditions to reflect Oracle policies. Worth reading.

Posted by Gerry Haskins on February 02, 2010 at 05:15 AM GMT #

In my reply above, please:

s/precious/precise

Posted by Gerry Haskins on February 02, 2010 at 05:16 AM GMT #

Gerry, do you have any thoughts regarding this report?

http://www.mail-archive.com/pca@lists.univie.ac.at/msg01614.html

Thanks... -cheers, CSB

Posted by Craig S. Bell on February 12, 2010 at 10:05 AM GMT #

So.... Kernel patches are contract only now?

Posted by Stephen Bunn on February 15, 2010 at 07:39 PM GMT #

Hi Craig/Stephen!

Apologies for my delay in responding - I'm just back from vacation.

Yes, the referenced document, http://sunsolve.sun.com/search/document.do?assetkey=1-61-203648-1, is correct. A support contract is required to access patches.

Best Wishes,

Gerry.

Posted by Gerry Haskins on February 23, 2010 at 07:22 AM GMT #

Thanks Gerry. This doesn't affect us, since we already have a contract. Even so, I read that some potential customers are concerned that new security fixes are no longer freely available. Entitlement strategy aside, I hope that this does not harm future Solaris adoption.

On an unrelated note, I have a question about how Patchfinder identifies Security or Recommended patches.

I searched for all Solaris 10 patches (any platform) to see if Patchfinder came up with the same list that pca identified. From what I can tell, there were a couple of applicable patches that didn't appear in Patchfinder's results:

119280-22 CDE 1.6: Runtime library patch for Solaris 10
141874-07 SunOS 5.10: fp patch

In the first case, I was searching for all security (new or accumulated) patches, with no additional filters. When I pull it up by ID number, it does seem to have the security flag set.

In the second case, I was searching for all recommended-only patches, with no other filters. This rev supersedes a withdrawn, bad revision. When I pull it up individually, it is marked as recommended.

Should these two have showed up in my search results? Thanks as always... -cheers, CSB

Posted by Craig S. Bell on March 05, 2010 at 01:56 PM GMT #

Hi Craig,

This is related to how PatchFinder interprets the selection criteria you provide.

If you select both "New Security Fix" & "Accumulated Security Fix" you will only be returned the patches that match both criteria (as opposed to either).

Worked example:
Only "New Security Fix" selected (143 patches returned):
http://sunsolve.sun.com/patchfinder/?uiForm=Y&uiAdvForm=Y&securityFilter=newSecurityFix&releasedFrom=2010-01-25&state=AVAILABLE&max=20&

Only "Accumulated Security Fix" selected (226 patches returned):
http://sunsolve.sun.com/patchfinder/?uiForm=Y&uiAdvForm=Y&securityFilter=accumulatedSecurityFix&releasedFrom=2010-01-25&state=AVAILABLE&max=20&

Both "New Security Fix" & "Accumulated Security Fix" selected (143 patches returned):
http://sunsolve.sun.com/patchfinder/?uiForm=Y&uiAdvForm=Y&securityFilter=newSecurityFix%20accumulatedSecurityFix%20&releasedFrom=2010-01-25&state=AVAILABLE&max=20&

I can see that it may be more intuitive if the search were to match either as opposed to both criteria, if you select both "New Security Fix" & "Accumulated Security Fix". I've started discussion with my colleague Brian Kidney, who wrote and maintains PatchFinder regarding this.
For now, as all new security fixes will also be flagged as new security fixes, just searching for accumulated security fixes should give you the desired result.

I cannot reproduce your second example, where patch 141874-07 is missing if you search for all "Recommended Only" patches.
It is showing up on the first page when I search for all "Recommended Only" patches:
http://sunsolve.sun.com/patchfinder/?uiForm=Y&uiAdvForm=Y&isRecommended=TRUE&state=AVAILABLE&max=20&

Regards,

Don O'Malley
Software Patch Services

Posted by Don Omalley on March 10, 2010 at 06:42 AM GMT #

Post a Comment:
  • HTML Syntax: NOT allowed
About

This blog is to inform customers about patching best practice, feature enhancements, and key issues. The views expressed on this blog are my own and do not necessarily reflect the views of Oracle. The Documents contained within this site may include statements about Oracle's product development plans. Many factors can materially affect these plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material code, or functionality, and SHOULD NOT BE RELIED UPON IN MAKING PURCHASING DECISIONS. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle. THIS INFORMATION MAY NOT BE INCORPORATED INTO ANY CONTRACTUAL AGREEMENT WITH ORACLE OR ITS SUBSIDIARIES OR AFFILIATES. ORACLE SPECIFICALLY DISCLAIMS ANY LIABILITY WITH RESPECT TO THIS INFORMATION. ~~~~~~~~~~~~ Gerry Haskins, Director, Software Lifecycle Engineer

Search

Categories
Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today