Oracle Solaris 11.3 SRU 31

We’ve just released Oracle Solaris 11.3 SRU 31. This is the April Critical Patch update and contains some important security fixes as well as enhancements to Oracle Solaris. SRU31 is now available from My Oracle Support Doc ID 2045311.1, or via ‘pkg update’ from the support repository at https://pkg.oracle.com/solaris/support .

The following components have been updated to address security issues:

• The Solaris kernel has been updated to mitigate against CVE-2017-5753 aka spectre v1. See Oracle Solaris on SPARC – Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Vulnerabilities (Doc ID 2349278.1) and Oracle Solaris on x86 – Spectre (CVE-2017-5753, CVE-2017-5715) and Meltdown (CVE-2017-5754) Vulnerabilities (Doc ID 2383531.1) for more information.
• Apache Tomcat has been updated to 8.5.28
• Firefox has been updated to 52.7.3esr
• Thunderbird has been updated to 52.7.0
• unzip has been updated to 6.1 beta c23
• NTP has been updated to 4.2.8p11
• TigerVNC has been updated to 1.7.1
• Updated versions of PHP:
  • PHP has been updated to 5.6.34
  • PHP has been updated to 7.1.15
• Updated versions of MySQL:
  • MySQL has been updated to 5.5.59
  • MySQL has been updated to 5.6.39
• irssi has been updated to 1.0.7
• Security fixes are also included for quagga, gimp, GNOME remote desktop, vinagre and NSS.

These enhancements have also been added:

• Oracle VM Server for SPARC has been updated to version 3.5.0.2. For more information including What’s New, Bug Fixes, and Known Issues, see Oracle VM Server for SPARC 3.5.0.2 Release Notes.
• The TigerVNC update introduces the new fltk component in Oracle Solaris 11.3
• libidn has been updated to 2.0.4
• pam_list support for wildcard and comment lines
• The Java 8, Java 7, and Java 6 packages have been updated. See Note 5 for the location and details on how to update Java. For more information and bugs fixed, see Java 8 Update 172 Release Notes, Java 7 Update 181 Release Notes, and Java 6 Update 191 Release Notes.

Full details of this SRU can be found in My Oracle Support Doc 2385753.1.
For the list of Service Alerts affecting each Oracle Solaris 11.3 SRU, see Important Oracle Solaris 11.3 SRU Issues (Doc ID 2076753.1).