|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|
Updates for the Sun Cobalt XTRPHP 4.4.4 Security Update with Curl 7.15 and MySQL 4.1.18 Upgrade
This Update/Upgrade provides most of the basic things people need in their PHP and adds MySQL and Curl to the XTR. You should be able to get Visa/MasterCard PCI Compliance with these updates. OpenSSL from a previous package allows MySQL and Curl to use SSL. This Update Closes Multiple Security Holes!
This Package Includes:
curl-7.15.1-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm gd-opt-2.0.33-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm gd-opt-devel-2.0.33-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm gd-opt-progs-2.0.33-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm libcurl3-7.15.1-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm libcurl3-devel-7.15.1-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm libjpeg-6b-33.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm libjpeg-devel-6b-33.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.i386.rpm libpng-opt-1.2.7-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.OPT.i386.rpm libpng-opt-devel-1.2.7-1.Z1.Sun.Cobalt.Networks.zeffie.com.XTR.OPT.i386.rpm MySQL-client-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-devel-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-embedded-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-Max-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-ndb-extra-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-ndb-management-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-ndb-storage-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-ndb-tools-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-server-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm MySQL-shared-4.1.18-0.glibc23..Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm php-public-4.4.4-Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm Pre-Requisites: Reboot Required: YES MD5 Check Sum: 2f202ce2992b4000ff696ac19e4526e7
Mass Security Update
This update includes the Following Programs/rpms which close multilple Security holes
cracklib-2.7-29.Z1.Sun.Cobalt.Networks.Zeffie.com.XTR.i386.rpm Pre-Requisites: Reboot Required: NO MD5 Check Sum: 9c874fabd4d356c3bfb20e2456b32345
Apache, OpenSSL, and Mod_SSL Upgrade
This update fixes several security vulnerabilities. This pkg includes an updated...
Pre-Requisites: Reboot Required: YES MD5 Check Sum: aaa68863dad5231e0941aa464afa7cb2
BIND 8.4.7 Update
This Updates the bind software (DNS Server) Pre-Requisites: Reboot Required: NO MD5 Check Sum: d8a6962728f14d3b381220ce5ce1f4a7
Sun Chili!Soft ASP 3.6.2
This upgrades the Sun Chili!Soft ASP to version 3.6.2 Pre-Requisites: Reboot Required: NO MD5 Check Sum: e89ddecc3831596725f33f8c549c0557
IMAP 2002d
This updates the IMAP server software Pre-Requisites: Reboot Required: NO MD5 Check Sum: 8ae450d444747ff621a456ca425e96e3
Proftpd 1.3.0
This upgrades the Proftp ftp damemon Pre-Requisites: Reboot Required: NO MD5 Check Sum: d1d5741b64dfcca9cb5a5de7a42881b3
Qpopper 4.0.9
This updates the "Qpopper" pop3 server Pre-Requisites: Reboot Required: NO MD5 Check Sum: 841d59d4f9edab31e9277cd85a38c77a
Sendmail 8.13.8 and cyrus sasl 1.5
This upgrades the Sendmail program to version 8.13.8 and closes all the Sendmail holes to date. This Package is not compatible with anything but the standard XTR with or without MY Mail Filter package. Pre-Requisites: Reboot Required: YES MD5 Check Sum: 30666831028e9670b683f50f58127c14
Telnet 0.17-26.3.Z1
This Updates the Telnet Program Pre-Requisites: Reboot Required: NO MD5 Check Sum: b05ab0668b6f53af580e0a41cf9451c0
Vim 6.3.046-0.30E.4.Z1
This updates the Vim Program Pre-Requisites: Reboot Required: NO MD5 Check Sum: 1ffbecb873498a86915ed6bad8786d60
OpenSSH 4.3p2
This installs the OpenSSH daemon Pre-Requisites: Reboot Required: NO MD5 Check Sum: 57e64979833b2c7a542f3629f600a0c8
OpenSSL 0.9.7a
This provides OpenSSL Pre-Requisites: Reboot Required: NO MD5 Check Sum: fadd7f68fa45c26909b632e4610046a0
NOTICEThe Official Sun Cobalt Updates End Here!Please note that you are using these updates at your own risk and I do not provide free support for them. If you have problems you should try installing the pkgs from the command line and watch for any error messages... These pkg files also represent a basic change in the way updates have been made in the past... While most software was "patched" in the past, it will be my goal to build updated pkgs equivalent to the now Current RedHat Enterprise 3 or best... I will be doing my very best to avoid building "patched" versions of old software however in some places there is no choice.
Downloads MUST be applied from the bottom of the page to the top, as they must be applied in chronlogical order. Application of these patches in improper order will likely result in problems with the Sun Cobalt™ product. Note: For all previous updates, please see http://ftp.cobalt.sun.com The md5sums listed below are for the unzipped ISO image files and not for the .gz files
Mutt Security Update 1.0.1
This update fixes security vulnerabilities with mutt. Pre-Requisites: Reboot Required: No MD5 Check Sum: fe2e3d069e5256f44fd56aa2efa30e64
ProFTPD Security Update 1.0.1
This update addresses a buffer overflow vulnerability with ProFTPD. Pre-Requisites: Reboot Required: No MD5 Check Sum: 5da13ed1822fc6ff8082e39986010574
Pine Security Update 1.0.1
This patch fixes security vulnerabilities in Pine. Pre-Requisites: Reboot Required: No MD5 Check Sum: 78a764a3e4477bd1adf450ba2c56dd3f
rsync Security Update 1.0.1
This update addresses a heap overflow security vulnerability with rsyn, a program for sychronizing files over the network. Pre-Requisites: Reboot Required: No MD5 Check Sum: 8bb35e1ba04d7513a4e31736c9cb74df
GnuPG Security Update 1.0.1
This package fixes a GnuPG vulnerability. Pre-Requisites: Reboot Required: No MD5 Check Sum: 6f84f67daf2b2ff766f01b88033b2307
Fileutils Security Update 1.0.1
This updates address a remote denial of services vulnerability in the ls program, a utility that is part of the fileutils package. Pre-Requisites: Reboot Required: No MD5 Check Sum: 439e9e955325e12ff69b2fec86f5bb82
BIND Security Update 1.0.1
This update addresses a vulnerability in BIND, that could allow an attacker to conduct cache poisoning attacks on the name servers by convincing the servers to retain invalid negative responses. For more information, see: CAN-2003-0914 Pre-Requisites: Reboot Required: No MD5 Check Sum: 57c479ba5366d9c62a2b57b2189a7139
Slocate Security Update 1.0.1
This update addresses a vulnerability in slocate where the heap management structures could be corrupted possibly lead to an
attacker gaining slocate group
privileges.
Reboot Required: No MD5 Check Sum: 76068701170709f9d3b8e8fa09d480e0
Tcpdump Security Update 1.0.1
This update adresses a vulnerability in tcpdump, where the privileges were not dropped corrextly at startup time. for more information, see: CAN-2003-0194 Pre-Requisites: Reboot Required: No MD5 Check Sum: f10e3e08e44141b1730186f6c3a93772
ProFTPD Security Update 1.0.2
This update addresses a buffer overflow discovered in ProFTPD, that could allow an attacker capable of uploading a file to the vilnerable system, to execute arbitrary code. For more information, see http://xforce.iss.net/xforce/alerts/id/154 Pre-Requisites: Reboot Required: No MD5 Check Sum: 7c32242681535028e98b5101a0a02377
Bash Security Update 1.0.1
This update addresses a vulnerability in the bash shell. Temporary files were created with insecure permissions, which could
allow an attacker to launch a symlink attack to overwrite arbitrary files.
Reboot Required: No MD5 Check Sum: 79b10f10072d20c8deda06506c1c717e
NFS-Utils Security Update 1.0.1
This update addresses a buffer overflow in nfs-utils that could be exploited by an attacker, causing a remote Denial of
Service.
Reboot Required: No MD5 Check Sum: 67890e5d0cc6a2fa433eac59a6797c70
Sendmail Security Update 1.0.1
This update addresses two vulnerabilities in Sendmail.
Pre-Requisites: Reboot Required: No MD5 Check Sum: 8a738f04902d077e64004b083540a43d
Imap Clients Security Update 1.0.1
This update addresses multiple buffer overflow vulnerabilities discovered in various IMAP clients (Pine, Mutt, Imap). Pre-Requisites: Reboot Required: No MD5 Check Sum: 205c20c9e92bb68ff809f410172da0c6
GnuPG Security Update 1.0.1
This update addresses a vulnerability in the GNU Privacy Guard (GnuPG) where it would incorrectly associate the trust value of the UID with the highest trust value with every UID assigned to that key. For more information, see: CAN-2003-0255 Reboot Required: No MD5 Check Sum: 0a30762bcf4a1cdba5eddcb8ac075960
BIND Security Update 1.0.1
This update addresses multiple vulnerabilities discovered in the Berkeley Internet Name Domain Server (BIND).
Pre-Requisites: Reboot Required: No MD5 Check Sum: 6854415a8f277672d892c86d577f3104
Unzip Security Update 1.0.1
Updated unzip packages resolve a vulnerability allowing arbitrary files to be overwritten. The original patch to fix this issue (16170) missed a case where the path component included a quoted slash. These updated packages contain a new patch that corrects this issue. for more information, see: CAN-2003-0282 Reboot Required: No MD5 Check Sum: 106e6d126ae4250a1b48217549994d3e
Zlib Security Update 1.0.2
This update addresses a buffer overflow vulnerability in the gzprintf function of the zlib compression package. For more information, see CAN-2003-0107 Version 2 corrects dependency on update 13323 Pre-Requisites: Reboot Required: No MD5 Check Sum: c18b27a526dbccc5967559b6c7d68342
Kernel Update C37 1.0.1
This updated kernel fixes a vulnerability in ptrace that could allow local users to obtain full privileges. Remote exploitation of this hole is not possible. For more information see: CAN-2003-0127 This kernel also fixes a problem with the I2C driver where the locks were not IRQ safe. This could cause problems including the system reporting false fan failures, repeated raid syncs, and random reboots. Reboot Required: Yes MD5 Check Sum: e877c89e464fbd418b5d8c637b38fd92
Vim Security Update 1.0.1
This update addresses a vulnerability found in the Vim editor, that could allow attackers to execute arbitrary commands using the libcall feature in modelines. For more information, see CAN-2002-1377 Reboot Required: No MD5 Check Sum: b53cb761d61fccfbb69eea996aea1645
Apache & SSL Security 1.0.1
This update addresses multiple vulnerabilities found in Apache and OpenSSL.
Reboot Required: Yes MD5 Check Sum: 864fba8f0771ed5874cb98ab34676810
Qpopper Security Update 1.0.1
This update addresses a buffer overflow vulnerability found in Qpopper. Reboot Required: No MD5 Check Sum: fad0af5704030edc7cf9ddbcd590f9bf
Wget Security Update 1.0.1
This update addresses a directory traversal vulnerability in wget. Reboot Required: No MD5 Check Sum: 6d34f36c1d77e0d487efba8ff18ca36e
Turbo UI Update 1.0.1
This will update the xtr's turbo-ui with a version that has file permissions corrected so that various UI files (perl scripts, .gif files, etc) are not world writable. Reboot Required: No MD5 Check Sum: 860e87d58c28d2ada95e6a080031bbd6
Pine & File Security Update 1.0.1
This update addresses vulnerabilities found in the pine mail program and the file program. Pine was vulnerable to a remote denial of service. For more information, see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320 File was vulnerable to a local buffer overflow. For more information, see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0102 Reboot Required: No MD5 Check Sum: d16d5cf4872040b6aca017ece8f4ff63
Glibc Security Update 1.0.1
This update addresses a security vulnerability in the glibc resolver. For more information, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1146 Reboot Required: Yes MD5 Check Sum: 51e06ee2a70add4711249a6daceb5c4e
Sendmail Security Update 1.0.1
This patch updates the Sendmail program on your server to address a buffer overflow vulnerability. See http://www.cert.org/advisories/CA-2003-12.html for more information. Pre-Requisites: Reboot Required: No MD5 Check Sum: 22435c24a20a19077a647947f6e7789c
Kernel Update 1.0.1 C35
*** NOTICE ***
Reboot Required: Yes MD5 Check Sum: ca3df657d6621ad93124d99b45f87e1e
Sendmail Security Update 1.0.1
This patch updates the Sendmail program on your server to address a remote buffer overflow vulnerability. See http://www.cert.org/advisories/CA-2003-07.html for more information. Reboot Required: No MD5 Check Sum: b31309bdf79c2d88244d0b9810dd6a46
PHP & PostgreSQL Security Update 1.0.1
This package addresses several issues with PHP and postgresql. Two PHP bugs have been fixed; the first is arbitrary command execution via the 5th parameter of mail() and the second is URL redirection using fopen(). In Postgresql, multiple buffer overruns have been recently identified and patched. In addition, Postgresql debugging is now disabled by default. Reboot Required: Yes MD5 Check Sum: 2217601ce541bcfdccf2c3508490e402
Root DNS server update 1.0.1
The IP address of one of the root DNS servers (J.ROOT-SERVERS.NET) has been changed. This patch updates the list of root DNS servers on your appliance. Reboot Required: No MD5 Check Sum: bc51ab8cc2d619e8785fcd19e462e620
Tar & Unzip Security update 1.0.1
The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. See http://www.securityfocus.com/archive/1/196445 for more information. Reboot Required: No MD5 Check Sum: 5b0791f4a99601d520fd2d2645554cbe
Cgiwrap Update 1.0.1
This package addresses a cross-site scripting vulnerablity with cgiwrap when used with browsers that ignore input before the HTML and BODY tags. Reboot Required: No MD5 Check Sum: 308813a63d7b20eef28a549c6021a4d9
Proftpd Security Update 1.0.1
This patch fixes an upload file permission issue in proftpd. It also adds an extra security measure by preventing some default system accounts from logging in via ftp Reboot Required: No MD5 Check Sum: a295948ce450986316c23644cf6a04b0
Util-linux 1.0.1
The chfn binary from the util-linux package could be used to gain unauthorized access. Reboot Required: No MD5 Check Sum: 30a79cca0a8a1021771f0627636b293e
CCE Security Update 1.0.1
This package patches a security issue with the Cobalt Configuration Engine (CCE). Reboot Required: Yes MD5 Check Sum: 00ac575df7920cdbb2ab12bc2e677bde
imapd Security Update 1.0.1
This package addresses a remote buffer overflow security vulnerability in imapd. Reboot Required: No MD5 Check Sum: f50baae412f76ed433e791edec9b6363
Apache & SSL Update 1.0.1
This patch fixes multiple security issues with the Apache HTTP Server and OpenSSL. For more information please see: Reboot Required: Yes MD5 Check Sum: bdcff68ce6f05826c6b89a441509dc93
UI Error Reporting Update 1.0.1
This package contains a new versions of ui-raq which fixes an error reporting issues in the mail server setup pages. Reboot Required: No MD5 Check Sum: 30eb89541055f22a392837a9c7b77d34
CGIWrap Update 1.0.1
This package contains an updated CGIWrap that addresses a security issue recently discovered. For more information, please see: http://online.securityfocus.com/bid/3084 Reboot Required: No MD5 Check Sum: 28fc59795daa88b3b8f1878b472f5cda
Disk Quota Update 1.0.1
This patch upgrades the version of the special-sauce on your Sun Cobalt server appliance. This fixes disk quota alert issues that were found in the prior release of special-sauce for the Sun Cobalt server appliance. Reboot Required: No MD5 Check Sum: b3e102b8db9f3241dbc8db1934abbe3d
Apache Update 1.0.1
This package contains an updated Apache HTTP Server that addresses a security issue recently discovered. For more information, please see http://httpd.apache.org/info/security_bulletin_20020617.txt Reboot Required: Yes MD5 Check Sum: 7b39f8e90d8166c30858b2ec926fcd6c
TCPDUMP Update 1.0.1
This patch replaces the TCPDUMP network analysis tool with a new version. This version of TCPDUMP contains security fixes for issues that were found in prior releases of TCPDUMP for the Sun Cobalt Server Appliance. Reboot Required: No MD5 Check Sum: 57b7804e3f84436780213a8924ea1fd6
PHP Scripting 1.0.1
This patch enables .php3 as a valid scripting extension in apache. Reboot Required: Yes MD5 Check Sum: c7c29b83227f365fff85fb6841de3b55
Security Bundle 1.0.1
This is a security bundle which upgrades the following: bind from v8.2.3-C1 to v8.2.3-C4, cyrus-sasl from v1.5.24-C2 to v1.5.24-C4, proftpd from v1.2.2rc1-C2 to v1.2.4-C2, mutt from v1.2.5i-C1 to v1.2.5i-C2, pine from v4.33-C1 to v4.44-C1, binutils from v2.10.0.18-1 to v2.11.90.0.8-12, cvs from v1.10.8-C1 to v1.11.1p1-6.2.C1r4, gcc from v2.95.2-3 to v2.95.3-1, sed from v3.02-6 to v3.02-9, and zlib from v1.1.3-6 to v1.1.3-25.7. Each upgrade fixes security vulnerabilities found in their prior releases for the Sun Cobalt Server Appliance. Reboot Required: No MD5 Check Sum: d942b4844b488163e36e7b2572f10e1a
PHP Upgrade 1.0.1
This patch upgrades the version of the PHP scripting engine on your server appliance to version 4.0.5-C4. This version contains security fixes for issues that were found in prior releases of of PHP for the Sun Cobalt server appliance. If you have upgraded PostgreSQL or PHP on your own, this patch may cause problems with your system. Reboot Required: Yes MD5 Check Sum: d942b4844b488163e36e7b2572f10e1a
Duplicate Email Alias Update 1.0.1
This patch filters email alias entries preventing duplicate virtusertable entries on your server appliance. Reboot Required: No MD5 Check Sum: 51212309baed2880a615a3b7af60f833
MultiFileUploadHandler Update 1.0.1
This patch fixes a security vulnerability of the MultiFileUploadHandler script on your server appliance. Reboot Required: No MD5 Check Sum: b9e9f19eabf7e63aa3822ab9eefa8f32
Apache Update 1.0.1
This patch upgrades the version of Apache to 1.3.20. This version of Apche contains various security fixes for issues that were found in prior releases of Apache for the Sun Cobalt Server Appliance. If you have upgraded Sun Chili!Soft ASP to version 3.6.0, please see knowledge base article 200204162 before installing this patch. Reboot Required: Yes MD5 Check Sum: 468de8212aa667d6da418afce6194b9e
glibc Update 1.0.1
This patch upgrades the version of glibc to 2.1.3-23 which contains a varity of security fixes. Reboot Required: Yes MD5 Check Sum: c365ed05616ade8dfe85f620ca4ce3bf
telnetd Update 1.0.1
This security patch addresses an issue found in the telnet daemon, where a remote attacker is able to gain access to server appliances if telnet is enabled. Information regarding this update can be found at CERT Coordination Center's website. The URL is: http://www.cert.org/advisories/CA-2001-21.html. Reboot Required: No MD5 Check Sum: 5d469623856801003288c2e0eb69172
NOTE: If you DO NOT have OS Version 6.5.1 but OS Version 1.0, please install the following packages in the exact order given.
Sun Cobalt BlueLinQ Patch
Firmware Update
Kernel Update
File Upload Patch
OS 6.5.1 Update
Kernel Update
Rom Update
|
||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
|
|||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||||
