Tuesday Aug 03, 2010

Mapping between CVE numbers and Solaris patches for CPU July 2010

Oracle updated the July 2010 Critical Patch Update documentation to provide the mapping between CVE numbers and Solaris patches. This mapping is also provided in the table below.

We encourage customers to contact secalert_us@oracle.com to ensure that Oracle's updated documentation meets the needs of its customers, particularly as they relate to the CVE to patch mapping.

Your feedback will help Oracle understand the specific requirements of your organization, and for example, will help determine if such mapping should be included in all CPU advisories. Below is the mapping table between CVE numbers and Solaris patches. This information will also be available in the updated patch availability document referenced in the Critical Patch Update.

You can find the July 2010 Critical Patch Update at http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html.

CVE # Component Solaris 8 Solaris 9 Solaris 10
SPARC X86 SPARC X86 SPARC X86
CVE-2010-0083 ToolTalk 110286-17 110287-17 112808-11 113797-09 143733-01 143734-01
CVE-2008-4247 FTP Server 111606-08 111607-08 114564-15 114565-15 140399-03 140400-03
CVE-2010-0916 rdist 140159-03 140160-03
CVE-2010-2392 ZFS 142900-12 142901-12
CVE-2010-2386 GigaSwift Ethernet Driver 111883-37 112817-33 117714-17 118777-14 118778-12
CVE-2010-2394 TCP/IP 142900-12 142901-12
CVE-2010-2399 Kernel/VM 142900-07 142901-07
CVE-2010-2400 Kernel/Filesystem 122300-50 122301-50 142900-08 142901-08
CVE-2010-2393 Kernel/RPC 144254-01 144255-01
CVE-2010-2376 Solaris Management Console 113749-04 113750-04 114503-17 114504-17 119315-21 119316-21
CVE-2010-2382 Install Software 109318-40 109319-39 113434-38 114196-36 119534-19 119535-19
CVE-2010-2383 NFS 119819-03 119820-03 122300-53 122301-52 144106-01 144107-01
CVE-2010-2384 Solaris Management Console 144323-01 144324-01 144325-01 144326-01

Note: Releases or platforms where there is no patch listed are not vulnerable to corresponding issue.

Thursday May 17, 2007

reference monthly calendar of postings

This is a posting in the Security Community 'Reference' Category ; the function of postings that are placed in this category is to aggregate links to other, useful postings in a single meta-posting which can be referenced via a link in the Security Community Blog sidebar, and which will be re-posted on the blog each time it is refreshed by a member of the security community.

This posting is a list of monthly postings to the security community blog; this is posted here as a move towards a simpler method of navigating past blog postings without necessarily resorting to the sidebar calendar. Dates in the future are included as a convenience to the administrators.

2007

jan 2007, feb 2007, mar 2007, apr 2007, may 2007, jun 2007, jul 2007, aug 2007, sep 2007, oct 2007, nov 2007, dec 2007.

2006

jan 2006, feb 2006, mar 2006, apr 2006, may 2006, jun 2006, jul 2006, aug 2006, sep 2006, oct 2006, nov 2006, dec 2006.

2005

jan 2005, feb 2005, mar 2005, apr 2005, may 2005, jun 2005, jul 2005, aug 2005, sep 2005, oct 2005, nov 2005, dec 2005.

reference security videos

This is a posting in the Security Community 'Reference' Category ; the function of postings that are placed in this category is to aggregate links to other, useful postings in a single meta-posting which can be referenced via a link in the Security Community Blog sidebar, and which will be re-posted on the blog each time it is refreshed by a member of the security community.

This posting is a list of security video blogs which have been posted to the community.

reference security blueprints

This is a posting in the Security Community 'Reference' Category ; the function of postings that are placed in this category is to aggregate links to other, useful postings in a single meta-posting which can be referenced via a link in the Security Community Blog sidebar, and which will be re-posted on the blog each time it is refreshed by a member of the security community.

This posting is a list of Sun Security Blueprints.

As-per the description at the BluePrints Home Page

Sun BluePrints OnLine articles are maintained in this archive for the benefit and historical reference of our readers. Details of the recommendations set forth in these articles may not reflect Sun's latest hardware and software releases. Caution, careful analysis and common sense should be exercised when applying these Sun BluePrints articles to newer products and software releases.

Nonetheless, the provision of the entire, historical archive of BluePrints makes a useful corpus of security reference material, certain themes of IT security being invariant through time.

See the security blueprint full listing for the master copy of this list, with article synopses.

2008

2007

2006

2005

2004

2003

2002

2001

2000

1999

About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Categories
Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today