|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
Cobalt Updates
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
This update fixes security vulnerabilities with mutt.
Pre-Requisites:
None.
Reboot Required: No
MD5 Check Sum: fe2e3d069e5256f44fd56aa2efa30e64
ProFTPD Security Update 1.0.1
|
This update addresses a buffer overflow vulnerability with ProFTPD.
Pre-Requisites:
RaQXTR-All-Security-1.0.1-15823.pkg
Reboot Required: No
MD5 Check Sum: 5da13ed1822fc6ff8082e39986010574
Pine Security Update 1.0.1
|
This patch fixes security vulnerabilities in Pine.
Pre-Requisites:
None.
Reboot Required: No
MD5 Check Sum: 78a764a3e4477bd1adf450ba2c56dd3f
rsync Security Update 1.0.1
|
This update addresses a heap overflow security vulnerability with rsyn, a program for sychronizing files over the network.
Pre-Requisites:
None.
Reboot Required: No
MD5 Check Sum: 8bb35e1ba04d7513a4e31736c9cb74df
GnuPG Security Update 1.0.1
|
This package fixes a GnuPG vulnerability.
Pre-Requisites:
None.
Reboot Required: No
MD5 Check Sum: 6f84f67daf2b2ff766f01b88033b2307
Fileutils Security Update 1.0.1
|
This updates address a remote denial of services vulnerability in the ls program, a utility that is part of the fileutils package.
Pre-Requisites:
None.
Reboot Required: No
MD5 Check Sum: 439e9e955325e12ff69b2fec86f5bb82
BIND Security Update 1.0.1
|
This update addresses a vulnerability in BIND, that could allow an attacker to conduct cache poisoning attacks on the name servers by convincing the servers to retain invalid negative responses.
For more information, see: CAN-2003-0914
Pre-Requisites:
RaQXTR-All-Security-1.0.1-16311.pkg
Reboot Required: No
MD5 Check Sum: 57c479ba5366d9c62a2b57b2189a7139
Slocate Security Update 1.0.1
|
This update addresses a vulnerability in slocate where the heap management structures could be corrupted possibly lead to an
attacker gaining slocate group
privileges.
for more information, see: CAN-2003-0848
Reboot Required: No
MD5 Check Sum: 76068701170709f9d3b8e8fa09d480e0
Tcpdump Security Update 1.0.1
|
This update adresses a vulnerability in tcpdump, where the privileges were not dropped corrextly at startup time. for more information, see: CAN-2003-0194
Pre-Requisites:
RaQXTR-All-Security-1.0.1-14559.pkg
Reboot Required: No
MD5 Check Sum: f10e3e08e44141b1730186f6c3a93772
ProFTPD Security Update 1.0.2
|
This update addresses a buffer overflow discovered in ProFTPD, that could allow an attacker capable of uploading a file to the vilnerable system, to execute arbitrary code. For more information, see http://xforce.iss.net/xforce/alerts/id/154
Pre-Requisites:
RaQXTR-All-Security-1.0.1-15823.pkg
Reboot Required: No
MD5 Check Sum: 7c32242681535028e98b5101a0a02377
Bash Security Update 1.0.1
|
This update addresses a vulnerability in the bash shell. Temporary files were created with insecure permissions, which could
allow an attacker to launch a symlink attack to overwrite arbitrary files.
For more information, see: CAN-2000-1134
Reboot Required: No
MD5 Check Sum: 79b10f10072d20c8deda06506c1c717e
NFS-Utils Security Update 1.0.1
|
This update addresses a buffer overflow in nfs-utils that could be exploited by an attacker, causing a remote Denial of
Service.
For more information, see CAN-2003-0252
Reboot Required: No
MD5 Check Sum: 67890e5d0cc6a2fa433eac59a6797c70
Sendmail Security Update 1.0.1
|
This update addresses two vulnerabilities in Sendmail.
- The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks. See: CAN-2003-0694
- A potential buffer overflow in ruleset parsing. See: CAN-2003-0681
Pre-Requisites:
RaQXTR-All-Security-1.0.1-16429.pkg
Reboot Required: No
MD5 Check Sum: 8a738f04902d077e64004b083540a43d
Imap Clients Security Update 1.0.1
|
This update addresses multiple buffer overflow vulnerabilities discovered in various IMAP clients (Pine, Mutt, Imap).
Pre-Requisites:
RaQXTR-All-Security-1.0.1-14936.pkg
RaQXTR-All-Security-1.0.1-16306.pkg
Reboot Required: No
MD5 Check Sum: 205c20c9e92bb68ff809f410172da0c6
GnuPG Security Update 1.0.1
|
This update addresses a vulnerability in the GNU Privacy Guard (GnuPG) where it would incorrectly associate the trust value of the UID with the highest trust value with every UID assigned to that key.
For more information, see: CAN-2003-0255
Reboot Required: No
MD5 Check Sum: 0a30762bcf4a1cdba5eddcb8ac075960
BIND Security Update 1.0.1
|
This update addresses multiple vulnerabilities discovered in the Berkeley Internet Name Domain Server (BIND).
- BIND SIG Cached RR Overflow Vulnerability: CAN-2002-1219
- BIND OPT DoS: CAN-2002-1220
- BIND SIG Expiry Time DoS: CAN-2002-1221
Pre-Requisites:
RaQXTR-All-Security-1.0.1-13323.pkg
Reboot Required: No
MD5 Check Sum: 6854415a8f277672d892c86d577f3104
Unzip Security Update 1.0.1
|
Updated unzip packages resolve a vulnerability allowing arbitrary files to be overwritten. The original patch to fix this issue (16170) missed a case where the path component included a quoted slash. These updated packages contain a new patch that corrects this issue.
for more information, see: CAN-2003-0282
Reboot Required: No
MD5 Check Sum: 106e6d126ae4250a1b48217549994d3e
Zlib Security Update 1.0.2
|
This update addresses a buffer overflow vulnerability in the gzprintf function of the zlib compression package.
For more information, see CAN-2003-0107
Version 2 corrects dependency on update 13323
Pre-Requisites:
RaQXTR-All-Security-1.0.1-13323.pkg
Reboot Required: No
MD5 Check Sum: c18b27a526dbccc5967559b6c7d68342
Kernel Update C37 1.0.1
|
This updated kernel fixes a vulnerability in ptrace that could allow local users to obtain full privileges. Remote exploitation of this hole is not possible. For more information see: CAN-2003-0127
This kernel also fixes a problem with the I2C driver where the locks were not IRQ safe. This could cause problems including the system reporting false fan failures, repeated raid syncs, and random reboots.
Reboot Required: Yes
MD5 Check Sum: e877c89e464fbd418b5d8c637b38fd92
Vim Security Update 1.0.1
|
This update addresses a vulnerability found in the Vim editor, that could allow attackers to execute arbitrary commands using the libcall feature in modelines. For more information, see CAN-2002-1377
Reboot Required: No
MD5 Check Sum: b53cb761d61fccfbb69eea996aea1645
Apache & SSL Security 1.0.1
|
This update addresses multiple vulnerabilities found in Apache and OpenSSL.
- Timing attack on OpenSSL, ref:CAN-2003-0078
- Buffer overflows in ApacheBench, ref:CAN-2002-0843
- Cross-site scripting vulnerability in the mod_ssl Apache module, ref:CAN-2002-1157
- Cross-site scripting (XSS) vulnerability, ref:CAN-2002-0840
- Shared memory scoreboard vulnerability, ref:CAN-2002-0839
- OpenSSL does not use RSA blinding by default, ref:CAN-2003-0147
- Information Leak in OpenSSL, ref:CAN-2003-0131
Reboot Required: Yes
MD5 Check Sum: 864fba8f0771ed5874cb98ab34676810
Qpopper Security Update 1.0.1
|
This update addresses a buffer overflow vulnerability found in Qpopper.
For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0143
Reboot Required: No
MD5 Check Sum: fad0af5704030edc7cf9ddbcd590f9bf
Wget Security Update 1.0.1
|
This update addresses a directory traversal vulnerability in wget.
For more information see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344
Reboot Required: No
MD5 Check Sum: 6d34f36c1d77e0d487efba8ff18ca36e
Turbo UI Update 1.0.1
|
This will update the xtr's turbo-ui with a version that has file permissions corrected so that various UI files (perl scripts, .gif files, etc) are not world writable.
Reboot Required: No
MD5 Check Sum: 860e87d58c28d2ada95e6a080031bbd6
Pine & File Security Update 1.0.1
|
This update addresses vulnerabilities found in the pine mail program and the file program.
Pine was vulnerable to a remote denial of service. For more information, see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320
File was vulnerable to a local buffer overflow. For more information, see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0102
Reboot Required: No
MD5 Check Sum: d16d5cf4872040b6aca017ece8f4ff63
Glibc Security Update 1.0.1
|
This update addresses a security vulnerability in the glibc resolver. For more information, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1146
Reboot Required: Yes
MD5 Check Sum: 51e06ee2a70add4711249a6daceb5c4e
Sendmail Security Update 1.0.1
|
This patch updates the Sendmail program on your server to address a buffer overflow vulnerability. See http://www.cert.org/advisories/CA-2003-12.html for more information.
Pre-Requisites:
RaQXTR-All-Security-1.0.1-16402.pkg
Reboot Required: No
MD5 Check Sum: 22435c24a20a19077a647947f6e7789c
Kernel Update 1.0.1 C35
|
*** NOTICE ***
This update has been removed from our download site to address problems identified after its release. A revised update is
currently in development. We apologize for the inconvenience.
Reboot Required: Yes
MD5 Check Sum: ca3df657d6621ad93124d99b45f87e1e
Sendmail Security Update 1.0.1
|
This patch updates the Sendmail program on your server to address a remote buffer overflow vulnerability. See http://www.cert.org/advisories/CA-2003-07.html for more information.
Reboot Required: No
MD5 Check Sum: b31309bdf79c2d88244d0b9810dd6a46
PHP & PostgreSQL Security Update 1.0.1
|
This package addresses several issues with PHP and postgresql. Two PHP bugs have been fixed; the first is arbitrary command execution via the 5th parameter of mail() and the second is URL redirection using fopen(). In Postgresql, multiple buffer overruns have been recently identified and patched. In addition, Postgresql debugging is now disabled by default.
Reboot Required: Yes
MD5 Check Sum: 2217601ce541bcfdccf2c3508490e402
Root DNS server update 1.0.1
|
The IP address of one of the root DNS servers (J.ROOT-SERVERS.NET) has been changed. This patch updates the list of root DNS servers on your appliance.
Reboot Required: No
MD5 Check Sum: bc51ab8cc2d619e8785fcd19e462e620
Tar & Unzip Security update 1.0.1
|
The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. See http://www.securityfocus.com/archive/1/196445 for more information.
Reboot Required: No
MD5 Check Sum: 5b0791f4a99601d520fd2d2645554cbe
Cgiwrap Update 1.0.1
|
This package addresses a cross-site scripting vulnerablity with cgiwrap when used with browsers that ignore input before the HTML and BODY tags.
Reboot Required: No
MD5 Check Sum: 308813a63d7b20eef28a549c6021a4d9
Proftpd Security Update 1.0.1
|
This patch fixes an upload file permission issue in proftpd. It also adds an extra security measure by preventing some default system accounts from logging in via ftp
Reboot Required: No
MD5 Check Sum: a295948ce450986316c23644cf6a04b0
Util-linux 1.0.1
|
The chfn binary from the util-linux package could be used to gain unauthorized access.
Reboot Required: No
MD5 Check Sum: 30a79cca0a8a1021771f0627636b293e
CCE Security Update 1.0.1
|
This package patches a security issue with the Cobalt Configuration Engine (CCE).
Reboot Required: Yes
MD5 Check Sum: 00ac575df7920cdbb2ab12bc2e677bde
imapd Security Update 1.0.1
|
This package addresses a remote buffer overflow security vulnerability in imapd.
Reboot Required: No
MD5 Check Sum: f50baae412f76ed433e791edec9b6363
Apache & SSL Update 1.0.1
|
This patch fixes multiple security issues with the Apache HTTP Server and OpenSSL. For more information please see:
http://online.securityfocus.com/advisories/4254
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45509&zone_32=category%3Asecurity
Reboot Required: Yes
MD5 Check Sum: bdcff68ce6f05826c6b89a441509dc93
UI Error Reporting Update 1.0.1
|
This package contains a new versions of ui-raq which fixes an error reporting issues in the mail server setup pages.
Reboot Required: No
MD5 Check Sum: 30eb89541055f22a392837a9c7b77d34
CGIWrap Update 1.0.1
|
This package contains an updated CGIWrap that addresses a security issue recently discovered. For more information, please see: http://online.securityfocus.com/bid/3084
Reboot Required: No
MD5 Check Sum: 28fc59795daa88b3b8f1878b472f5cda
Disk Quota Update 1.0.1
|
This patch upgrades the version of the special-sauce on your Sun Cobalt server appliance. This fixes disk quota alert issues that were found in the prior release of special-sauce for the Sun Cobalt server appliance.
Reboot Required: No
MD5 Check Sum: b3e102b8db9f3241dbc8db1934abbe3d
Apache Update 1.0.1
|
This package contains an updated Apache HTTP Server that addresses a security issue recently discovered. For more information, please see http://httpd.apache.org/info/security_bulletin_20020617.txt
Reboot Required: Yes
MD5 Check Sum: 7b39f8e90d8166c30858b2ec926fcd6c
TCPDUMP Update 1.0.1
|
This patch replaces the TCPDUMP network analysis tool with a new version. This version of TCPDUMP contains security fixes for issues that were found in prior releases of TCPDUMP for the Sun Cobalt Server Appliance.
Reboot Required: No
MD5 Check Sum: 57b7804e3f84436780213a8924ea1fd6
PHP Scripting 1.0.1
|
This patch enables .php3 as a valid scripting extension in apache.
Reboot Required: Yes
MD5 Check Sum: c7c29b83227f365fff85fb6841de3b55
Security Bundle 1.0.1
|
This is a security bundle which upgrades the following: bind from v8.2.3-C1 to v8.2.3-C4, cyrus-sasl from v1.5.24-C2 to v1.5.24-C4, proftpd from v1.2.2rc1-C2 to v1.2.4-C2, mutt from v1.2.5i-C1 to v1.2.5i-C2, pine from v4.33-C1 to v4.44-C1, binutils from v2.10.0.18-1 to v2.11.90.0.8-12, cvs from v1.10.8-C1 to v1.11.1p1-6.2.C1r4, gcc from v2.95.2-3 to v2.95.3-1, sed from v3.02-6 to v3.02-9, and zlib from v1.1.3-6 to v1.1.3-25.7. Each upgrade fixes security vulnerabilities found in their prior releases for the Sun Cobalt Server Appliance.
Reboot Required: No
MD5 Check Sum: d942b4844b488163e36e7b2572f10e1a
PHP Upgrade 1.0.1
|
This patch upgrades the version of the PHP scripting engine on your server appliance to version 4.0.5-C4. This version contains security fixes for issues that were found in prior releases of of PHP for the Sun Cobalt server appliance. If you have upgraded PostgreSQL or PHP on your own, this patch may cause problems with your system.
Reboot Required: Yes
MD5 Check Sum: d942b4844b488163e36e7b2572f10e1a
Duplicate Email Alias Update 1.0.1
|
This patch filters email alias entries preventing duplicate virtusertable entries on your server appliance.
Reboot Required: No
MD5 Check Sum: 51212309baed2880a615a3b7af60f833
MultiFileUploadHandler Update 1.0.1
|
This patch fixes a security vulnerability of the MultiFileUploadHandler script on your server appliance.
Reboot Required: No
MD5 Check Sum: b9e9f19eabf7e63aa3822ab9eefa8f32
Apache Update 1.0.1
|
This patch upgrades the version of Apache to 1.3.20. This version of Apche contains various security fixes for issues that were found in prior releases of Apache for the Sun Cobalt Server Appliance.
If you have upgraded Sun Chili!Soft ASP to version 3.6.0, please see knowledge base article 200204162 before installing this patch.
Reboot Required: Yes
MD5 Check Sum: 468de8212aa667d6da418afce6194b9e
glibc Update 1.0.1
|
This patch upgrades the version of glibc to 2.1.3-23 which contains a varity of security fixes.
Reboot Required: Yes
MD5 Check Sum: c365ed05616ade8dfe85f620ca4ce3bf
telnetd Update 1.0.1
|
This security patch addresses an issue found in the telnet daemon, where a remote attacker is able to gain access to server appliances if telnet is enabled. Information regarding this update can be found at CERT Coordination Center's website. The URL is: http://www.cert.org/advisories/CA-2001-21.html.
Reboot Required: No
MD5 Check Sum: 5d469623856801003288c2e0eb69172
NOTE: If you DO NOT have OS Version 6.5.1 but OS Version 1.0, please install the following packages in the exact order given.
Sun Cobalt BlueLinQ Patch
RaQXTR-en-System-0.0.1-9375.pkg
Firmware Update
RaQXTR-All-ROM-0.0.1-2.8.12-1.pkg
Kernel Update
RaQXTR-en-Kernel-0.0.1-2.216C29V-2.pkg
File Upload Patch
RaQXTR-All-System-1.0.1-10162.pkg
OS 6.5.1 Update
RaQXTR-en-Update-1.0.pkg
Kernel Update
RaQXTR-All-Kernel-1.0.1-2.2.16C32_V-6.pkg
Rom Update
RaQXTR-All-ROM-1.0.1-2.8.14-2.pkg