Mapping between CVE numbers and Solaris patches for CPU July 2010

Oracle updated the July 2010 Critical Patch Update documentation to provide the mapping between CVE numbers and Solaris patches. This mapping is also provided in the table below.

We encourage customers to contact secalert_us@oracle.com to ensure that Oracle's updated documentation meets the needs of its customers, particularly as they relate to the CVE to patch mapping.

Your feedback will help Oracle understand the specific requirements of your organization, and for example, will help determine if such mapping should be included in all CPU advisories. Below is the mapping table between CVE numbers and Solaris patches. This information will also be available in the updated patch availability document referenced in the Critical Patch Update.

You can find the July 2010 Critical Patch Update at http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujul2010.html.

CVE # Component Solaris 8 Solaris 9 Solaris 10
SPARC X86 SPARC X86 SPARC X86
CVE-2010-0083 ToolTalk 110286-17 110287-17 112808-11 113797-09 143733-01 143734-01
CVE-2008-4247 FTP Server 111606-08 111607-08 114564-15 114565-15 140399-03 140400-03
CVE-2010-0916 rdist 140159-03 140160-03
CVE-2010-2392 ZFS 142900-12 142901-12
CVE-2010-2386 GigaSwift Ethernet Driver 111883-37 112817-33 117714-17 118777-14 118778-12
CVE-2010-2394 TCP/IP 142900-12 142901-12
CVE-2010-2399 Kernel/VM 142900-07 142901-07
CVE-2010-2400 Kernel/Filesystem 122300-50 122301-50 142900-08 142901-08
CVE-2010-2393 Kernel/RPC 144254-01 144255-01
CVE-2010-2376 Solaris Management Console 113749-04 113750-04 114503-17 114504-17 119315-21 119316-21
CVE-2010-2382 Install Software 109318-40 109319-39 113434-38 114196-36 119534-19 119535-19
CVE-2010-2383 NFS 119819-03 119820-03 122300-53 122301-52 144106-01 144107-01
CVE-2010-2384 Solaris Management Console 144323-01 144324-01 144325-01 144326-01

Note: Releases or platforms where there is no patch listed are not vulnerable to corresponding issue.

Comments:

Post a Comment:
Comments are closed for this entry.
About

This blog provides security vulnerability fix notifications relevant to third party software components distributed and supported as part of Oracle Products.
Summarized version of this blog is available as a mapping of CVEs and solutions.

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
9
10
11
12
13
14
16
18
19
20
21
22
23
24
25
26
27
28
29
30
   
       
Today