>> This vulnerability was patched over a month ago. >> >> Patch 106793-01 SPARC >> Patch 106794-01 x86 >Great work! My Solaris 7 (X86) bought in december 1998 >is vulnerable to ufsdump sploit. If there is a patch out since >early November for Solaris 2.6 why is nobody implenting it in >Solaris 7? The patches listed above are the Solaris 7 patches NOT the Solaris 2.6 patches. >Confused and dissappointed, Maybe I can thow some light on your confusion.... There is a cut off date for fixes well before the CD's are actually cut to allow full system testing and many other distribution related things to happen. The fixes for ufsdump missed that cut off date and were thus released as a patch just after Solaris 7. Though you bought your copy of Solaris 7 x86 in December it was actually released on the 27th October 98 (I had my CD on the 4th November). The CD's being shipped in december (and indeed now) don't have any patches included in them. There will be futher hardware releases of Solaris 7 each quarter - things like the ufsdump patch will be included on those CDs or the patches are available to contract customers as part of SunSolve Online or SunSolve CD. Given that this particular patch is a security patch it is available in the public section of SunSolve Online as well (http://sunsolve.sun.com) Hope this helps. -- Darren J Moffat
This archive was generated by hypermail 2b30 : Fri Apr 13 2001 - 14:27:28 PDT