This recent Sun Security Bulletin included some incorrect patch revisions (see below) that could easily lead folks to install outdated patches. Dave Foster > ________________________________________________________________________________ > Sun Microsystems, Inc. Security Bulletin > > Bulletin Number: #00207 > Date: August 30, 2001 > Cross-Ref: CERT Advisory CA-2001-05 > Title: snmpXdmid > <snip> ________________________________________________________________________________ > > 1. Bulletins Topics > > Sun announces the release of patches for Solaris(tm) 8, 7, and > 2.6 (SunOS(tm) 5.8, 5.7, and 5.6) which relate to an snmpXdmid > vulnerability reported in CERT CA-2001-05. > > Sun recommends that you install the patches listed in section 4 > immediately on systems running SunOS 5.8, 5.7, and 5.6 which > use snmpXdmid. > <snip> > 4. List of Patches > > The following patches are available in relation to the above problem. > > OS Version Patch ID > __________ _________ > SunOS 5.8 108869-07 > SunOS 5.8_x86 108870-07 > SunOS 5.7 107709-15 > SunOS 5.7_x86 107710-15 > SunOS 5.6 106787-15 > SunOS 5.6_x86 106872-15 > THE CORRECT PATCHES ARE: OS Version Patch ID __________ _________ SunOS 5.8 108869-09 * SunOS 5.8_x86 108870-09 * SunOS 5.7 107709-15 SunOS 5.7_x86 107710-15 SunOS 5.6 106787-16 * SunOS 5.6_x86 106872-15 <snip> > > APPENDICES > > A. Patches listed in this bulletin are available to all Sun customers at: > > http://sunsolve.sun.com/securitypatch > > B. Checksums for the patches listed in this bulletin are available at: > > ftp://sunsolve.sun.com/pub/patches/CHECKSUMS > > C. Sun security bulletins are available at: > > http://sunsolve.sun.com/security > > D. Sun Security Coordination Team's PGP key is available at: > > http://sunsolve.sun.com/pgpkey.txt > > E. To report or inquire about a security problem with Sun software, contact > one or more of the following: > > - Your local Sun answer centers > - Your representative computer security response team, such as CERT > - Sun Security Coordination Team. Send email to: > > security-alertat_private > > F. To receive information or subscribe to our CWS (Customer Warning System) > mailing list, send email to: > > security-alertat_private > > with a subject line (not body) containing one of the following commands: > > Command Information Returned/Action Taken > _______ _________________________________ > > help An explanation of how to get information > > key Sun Security Coordination Team's PGP key > > list A list of current security topics > > query [topic] The email is treated as an inquiry and is forwarded to > the Security Coordination Team > > report [topic] The email is treated as a security report and is > forwarded to the Security Coordination Team. Please > encrypt sensitive mail using Sun Security Coordination > Team's PGP key > > send topic A short status summary or bulletin. For example, to > retrieve a Security Bulletin #00138, supply the > following in the subject line (not body): > > send #138 > > subscribe Sender is added to our mailing list. To subscribe, > supply the following in the subject line (not body): > > subscribe cws your-email-address > > Note that your-email-address should be substituted > by your email address. > > unsubscribe Sender is removed from the CWS mailing list. > ________________________________________________________________________________ > > Copyright 2000 Sun Microsystems, Inc. All rights reserved. Sun, > Sun Microsystems, Solaris and SunOS are trademarks or registered trademarks > of Sun Microsystems, Inc. in the United States and other countries. This > Security Bulletin may be reproduced and distributed, provided that this > Security Bulletin is not modified in any way and is attributed to > Sun Microsystems, Inc. and provided that such reproduction and distribution > is performed for non-commercial purposes. > > -----BEGIN PGP SIGNATURE----- > Version: 2.6.2 > > iQCVAwUBO46hQ7dzzzOFBFjJAQGvgwQAtlaSsDmaRwEk7Dww+H0V55DW+8++mWOo > BqwLaOtlvolLT3OVn+Sh4IbXgMRTSVZayMCMzIhzqFNoJxrx0uJOnJet2vRf+rhW > xTtZnRyUratLVLyBdby7+J4BMS5zF2fRPWnSac39opd5kA6Jcj0HmsYu+BuvkHLH > bzCDsv260wY= > =CoJt > -----END PGP SIGNATURE----- > > To use our one-click unsubscribe facility, select the following URL: > http://hermes.java.sun.com/unsubscribe?-6744347743761108529 << All opinions expressed are mine, not the University's >> =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= David Foster National Center for Microscopy and Imaging Research Programmer/Analyst University of California, San Diego dfosterat_private Department of Neuroscience, Mail 0608 (858) 534-7968 http://ncmir.ucsd.edu/ =-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-=-= "The reasonable man adapts himself to the world; the unreasonable one persists in trying to adapt the world to himself. Therefore, all progress depends on the unreasonable." -- George Bernard Shaw
This archive was generated by hypermail 2b30 : Sat Sep 01 2001 - 09:33:15 PDT