Tuesday Jul 13, 2010

Solaris Critical Patch Updates (CPUs)

It's Oracle standard practice to release quarterly Critical Patch Updates (CPUs) containing security fixes.  These scheduled releases enable customers to plan maintenance windows.

Solaris now conforms to this practice and Solaris OS CPUs are now available.

The Solaris OS CPU is an archived snapshot of the Solaris OS Recommended Patch Cluster.

Please note that the Solaris OS bug fixing processes have not changed.  Security and other bugs continue to be fixed as soon as possible, patches containing such fixes for the Solaris OS will continue to be released as quickly as possible, and they will continue to be included in the Recommended Solaris OS Patch Clusters as soon as they become available. 

The Solaris OS CPU simply provides another, archived, patch collation option for customers.

See http://www.oracle.com/technetwork/topics/security/alerts-086861.html and in particular Document 1446032.1 on My Oracle Support (MOS), http://support.oracle.com, which includes CVE mappings for Oracle Sun products. 

Notes:

  1. The CPUs were created on July 6th and released on July 13th.
  2. Solaris 8 is in Vintage support so no patch clusters are updated for Solaris 8.  Instead, the above document lists Solaris 8 patches released in the last quarter which address Security issues.  A Solaris 8 Vintage support contract is needed to access some of them.
Update: CVE to patch mappings are now available for the Solaris CPU from July.  Please see http://blogs.sun.com/security/entry/cpu_july_2010
About

This blog is to inform customers about patching best practice, feature enhancements, and key issues. The views expressed on this blog are my own and do not necessarily reflect the views of Oracle. The Documents contained within this site may include statements about Oracle's product development plans. Many factors can materially affect these plans and the nature and timing of future product releases. Accordingly, this Information is provided to you solely for information only, is not a commitment to deliver any material code, or functionality, and SHOULD NOT BE RELIED UPON IN MAKING PURCHASING DECISIONS. The development, release, and timing of any features or functionality described remains at the sole discretion of Oracle. THIS INFORMATION MAY NOT BE INCORPORATED INTO ANY CONTRACTUAL AGREEMENT WITH ORACLE OR ITS SUBSIDIARIES OR AFFILIATES. ORACLE SPECIFICALLY DISCLAIMS ANY LIABILITY WITH RESPECT TO THIS INFORMATION. ~~~~~~~~~~~~ Gerry Haskins, Director, Software Lifecycle Engineer

Search

Categories
Archives
« April 2014
MonTueWedThuFriSatSun
 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
    
       
Today