Patch-ID# 123376-01
Download this patch from My Oracle Support
Your use of the firmware, software and any other materials contained
in this update is subject to My Oracle Support Terms of Use, which
may be viewed at My Oracle Support.
|
For further information on patching best practices and resources, please
see the following links:
|
Copyright (c) 2012, Oracle and/or its affiliates. All rights reserved.
|
Keywords: security bootconfchk openssl
Synopsis: SunOS 5.9: bootconfchk patch
Date: Sep/19/2007
Install Requirements: NA
Solaris Release: 9
SunOS Release: 5.9
Unbundled Product:
Unbundled Release:
Xref: This patch available for x86 as patch 123377
Topic: SunOS 5.9: bootconfchk patch
Relevant Architectures: sparc
Bugs fixed with this patch:
Changes incorporated in this version:
Patches accumulated and obsoleted by this patch:
Patches which conflict with this patch:
Patches required with this patch: 117123-08 (or greater)
Obsoleted by:
Files included with this patch:
/usr/sbin/bootconfchk
Problem Description:
6466370 security vulnerabilities in OpenSSL may lead to DoS or code execution
(CVE-2006-3738,CVE-2006-4343)
6467218 fix RSA signature forgery (CVE-2006-4339)
6476279 multiple vulnerabilities in OpenSSL (CVE-2006-2937, CVE-2006-2940)
6476772 update OpenSSL version string with information about security patches included
Patch Installation Instructions:
--------------------------------
For Solaris 2.0-2.6 releases, refer to the Install.info file and/or
the README within the patch for instructions on using the generic
'installpatch' and 'backoutpatch' scripts provided with each patch.
For Solaris 7-10 releases, refer to the man pages for instructions
on using 'patchadd' and 'patchrm' scripts provided with Solaris.
Any other special or non-generic installation instructions should be
described below as special instructions. The following example
installs a patch to a standalone machine:
example# patchadd /var/spool/patch/104945-02
The following example removes a patch from a standalone system:
example# patchrm 104945-02
For additional examples please see the appropriate man pages.
Special Install Instructions:
-----------------------------
NOTE 1: To get the complete fix for multiple vulnerabilities in OpenSSL,
please make sure to install the following patches:
113273-14 (or greater) sshd patch
113713-24 (or greater) pkg utilities patch
114356-11 (or greater) ssh patch
117123-08 (or greater) wanboot patch
README -- Last modified date: Saturday, November 10, 2012