Tuesday Jun 09, 2015

Warts and All!

A customer once said to me that "bad news, delivered early, is relatively good news, as it enables me to plan for contingencies". 

That need to manage expectations has stuck with me over the years.

And in that spirit, we issue Docs detailing known issues with Solaris 11 SRUs (Doc ID 1900381.1) and Solaris 10 CPU patchsets (Doc ID 1943839.1).

Many issues only occur in very specific configuration scenarios which won't be seen by the vast majority of customers.

A few will be subtle issues which have proved hard to diagnose and hence may impact a number of releases.

But providing the ability to read up on known issues before upgrading to a particular Solaris 11 SRU or Solaris 10 CPU patchset enables customers to make more informed and hence better decisions.

BTW: The Solaris 11 Support Repository Update (SRU) Index (Doc ID 1672221.1) provides access to SRU READMEs summarizing the goodness that each SRU provides.  (As do the bugs fixed lists in Solaris 10 patch and patchset READMEs.)

For example, from the Solaris 11.2 SRU10.5 ( README:


Why Apply Oracle Solaris

Oracle Solaris provides improvements and bug fixes that are applicable for all the Oracle Solaris 11 systems. Some of the noteworthy improvements in this SRU include:

  • Bug fix to prevent panics when using zones configured with exclusive IP networking, and DR has been used to add and remove CPUs from the domain (Bug 19880562).
  • Bug fix to improve NFS stability when under stress (Bug 20138331).
  • Bug fix to address the generation of FMA events on the PCIEX bus on T5-2 (Bug 20245857).
  • Bug fix to improve the performance of the zoneadm list command for systems running a large number of zones (Bug 20386861).
  • Bug fix to remove misleading warning messages seen while booting the Oracle VM Server for SPARC guests (Bug 20341341).
  • Bug fix to address NTP security issues, which includes the new slew always mode for leap second processing (Bug 20783962).
  • OpenStack components have been updated to Juno. For more information, see OpenStack Upgrade Procedures.
  • The Java 8, Java 7, and Java 6 packages have been updated. For more information, see Java 8 Update 45 Release Notes, Java 7 Update 80 Release Notes, and Java 6 Update 95 Release Notes.

Best Wishes,


Friday Feb 07, 2014

Heads up! Regression in Solaris 10 Kernel patch 15040[01]-0[67] - now fixed in 15040[01]-09

Update:  Bug 17628036 is fixed in Solaris 10 patch 15040[01]-09 and Solaris 11.1 SRU16, both of which are now available on MOS.  Customers with 15040[01]-0[78] installed are recommended to install 15040[01]-09.  The Solaris 10 January CPU (Critical Patch Update) has been respun to included 15040[01]-09 and is available from MOS:

https://updates.oracle.com/download/18074667.html (SPARC)
https://updates.oracle.com/download/18074668.html (x86)
The issue is far less common on Solaris 11, so you only need to update to SRU16 if you experience the issue.  There will be a further "mop-up" fix in 15040[01]-10 and a later SRU, but 15040[01]-09 resolves the main issue and should be sufficient for most customers (addresses 95%+ of the instances reported).

Original post:

Please note that there's an issue with revs -06 and -07 of the Solaris 10 Kernel patches 15040[01].

Please see Sun Alert 1619580.1 on MOS for further details.  A number of Solaris 10 customers have hit the 2nd of the reported issues. 

We've respun the Solaris 10 January CPU (Critical Patch Update) to revert to rev-05 (now available from MOS), we're expediting a fixed rev-09 (rev-08 won't be released), and have withdrawn revs -06 and -07 from release.  Update: The Solaris 10 January CPU and Recommended patchset have been respun to include the fixed rev-09.

15040[01]-09 will address Bug 17628036 and the current ETA for expedited release is Feb 21.

The Solaris 11 fix is also being expedited in Solaris 11.1 SRU16, but seems to be less prone to the issue.

I apologize for the inconvenience caused.

Tuesday Oct 12, 2010

Oct 2010 Solaris OS CPU now available

The October 2010 Solaris OS CPU (Critical Patch Updates) containing all available Security, Data Corruption, and System Availability fixes are now available from My Oracle Support (MOS) and SunSolve.

See http://www.oracle.com/technetwork/topics/security/alerts-086861.html and in particular Document 1446032.1 on My Oracle Support (MOS), http://support.oracle.com, which includes CVE mappings for Oracle Sun products. 

To access the Solaris OS CPUs on MOS, login, select the "Patches & Updates" tab and in the "Patch Search" box, click on "Product or Family (Advanced Search)".  Select "Solaris Operating System" from the product drop down menu, select the Release(s) you are interested in, e.g. "Solaris 10 Operating System", select "Type" and "Patchset" from the drop down menus on the next line, and click "Search".  This will show all the available patch clusters and bundles for your search criteria.  The October 2010 CPUs have titles of the form "CPU OS Cluster 2010/10".

The Solaris OS CPUs are archived copies of the Solaris OS Recommended Patch Clusters.  See http://blogs.sun.com/patch/entry/solaris_critical_patch_updates_cpus for further details.

Best Wishes,

Gerry Haskins
Director, Software Patch Services

Tuesday Jul 13, 2010

Solaris Critical Patch Updates (CPUs)

It's Oracle standard practice to release quarterly Critical Patch Updates (CPUs) containing security fixes.  These scheduled releases enable customers to plan maintenance windows.

Solaris now conforms to this practice and Solaris OS CPUs are now available.

The Solaris OS CPU is an archived snapshot of the Solaris OS Recommended Patch Cluster.

Please note that the Solaris OS bug fixing processes have not changed.  Security and other bugs continue to be fixed as soon as possible, patches containing such fixes for the Solaris OS will continue to be released as quickly as possible, and they will continue to be included in the Recommended Solaris OS Patch Clusters as soon as they become available. 

The Solaris OS CPU simply provides another, archived, patch collation option for customers.

See http://www.oracle.com/technetwork/topics/security/alerts-086861.html and in particular Document 1446032.1 on My Oracle Support (MOS), http://support.oracle.com, which includes CVE mappings for Oracle Sun products. 


  1. The CPUs were created on July 6th and released on July 13th.
  2. Solaris 8 is in Vintage support so no patch clusters are updated for Solaris 8.  Instead, the above document lists Solaris 8 patches released in the last quarter which address Security issues.  A Solaris 8 Vintage support contract is needed to access some of them.
Update: CVE to patch mappings are now available for the Solaris CPU from July.  Please see http://blogs.sun.com/security/entry/cpu_july_2010

This blog is to inform customers about patching best practice, feature enhancements, and key issues. The views expressed on this blog are my own and do not necessarily reflect the views of Oracle. The Documents contained within this site may include statements about Oracle's product development plans. Many factors can materially affect these plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material code, or functionality, and SHOULD NOT BE RELIED UPON IN MAKING PURCHASING DECISIONS. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle. THIS INFORMATION MAY NOT BE INCORPORATED INTO ANY CONTRACTUAL AGREEMENT WITH ORACLE OR ITS SUBSIDIARIES OR AFFILIATES. ORACLE SPECIFICALLY DISCLAIMS ANY LIABILITY WITH RESPECT TO THIS INFORMATION. ~~~~~~~~~~~~ Gerry Haskins, Director, Software Lifecycle Engineer


« November 2015