News, tips, partners, and perspectives for the Oracle Solaris operating system

  • October 25, 2017

Oracle Solaris not in latest CPU like a boss!

Scott Lynn
Director of Product Management GraalVM

OK.  Maybe that title is a bit much, but it really is true, and it means good things for you. Oracle Solaris wasn't listed in our Critical Patch Update this quarter.

We released Oracle Solaris 11.3 SRU 25 right on time just like the other 24 SRUs and CPUs before it. If you want to know what is new in Oracle Solaris, you can read Joost's blog about it here.

However, I wanted to address why Oracle Solaris wasn't listed in the CPU list. The answer is really quite simple, the number of security vulnerabilities in Oracle owned software in Oracle Solaris was 0. Yes, that's correct! In the last quarter there have been 0 security vulnerabilities fixed on the Oracle Solaris kernel or Oracle software that ships inside Oracle Solaris.

Now, that doesn't mean that there are not security fixes in Oracle Solaris (11.3 SRU 25).  For example, there is a new version of Samba that addresses several CVEs (CVE-2017-12150, CVE-2017-12151, and CVE-2017-12163). So, we're definitely doing what we need to do to give you the latest patched and updated software.

You definitely want to install the latest SRU to keep your systems secure.

That said, not seeing "Oracle Solaris" on the CPU list this quarter is really great news!


Join the discussion

Comments ( 1 )
  • Previn Edward Tuesday, September 11, 2018
Please enter your name.Please provide a valid email address.Please enter a comment.CAPTCHA challenge response provided was incorrect. Please try again.