Are vulnerabilities like these below fixed by illumos? I know the "security"
page on OI is dead and has never had any markups since it was created, and I am
reasonably certain there isn't an OI Security officer to handle matters.
If they are fixed in illumos, then what is the process of having them available
via 'pkg image-update' without having to go to the next release e.g., 151a8?
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows remote
attackers to affect confidentiality and integrity via vectors related to NFS
client mounts and IPv6. 2013-04-17 6.4 CVE-2013-0405
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10 allows remote attackers to
affect integrity via unknown vectors via vectors related to Kernel/IPsec.
2013-04-17 4.3 CVE-2013-0406
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to
affect availability via vectors related to CPU performance counters drivers.
2013-04-17 5.0 CVE-2013-0408
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local
users to affect confidentiality, integrity, and availability via vectors
related to RBAC Configuration. 2013-04-17 5.9 CVE-2013-0411
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users
to affect confidentiality, integrity, and availability via unknown vectors
related to Remote Execution Service. 2013-04-17 4.4 CVE-2013-0413
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10, when running on SPARC T4
servers, allows local users to affect availability via unknown vectors related
to Kernel. 2013-04-17 4.7 CVE-2013-1494
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users
to affect availability via unknown vectors related to Kernel/IO, a different
vulnerability than CVE-2013-1498. 2013-04-17 4.9 CVE-2013-1496
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10 and 11 allows local users
to affect availability via unknown vectors related to Kernel/IO, a different
vulnerability than CVE-2013-1496. 2013-04-17 4.9 CVE-2013-1498
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 8, 9, and 10 allows local
users to affect confidentiality via unknown vectors related to
Utility/fdformat. 2013-04-17 2.1 CVE-2012-0568
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local
users to affect availability via unknown vectors related to Libraries/Libc.
2013-04-17 2.1 CVE-2012-0570
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local
users to affect availability via unknown vectors related to Utility. 2013-04-17
1.9 CVE-2013-0403
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to
affect confidentiality, integrity, and availability via unknown vectors related
to Kernel/Boot. 2013-04-17 3.7 CVE-2013-0404
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 8, 9, 10, and 11 allows local
users to affect integrity and availability via unknown vectors related to
Utility/pax. 2013-04-17 3.6 CVE-2013-0412
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 11 allows local users to
affect availability via unknown vectors related to Network Configuration.
2013-04-17 1.7 CVE-2013-1499
sun -- sunos
Unspecified vulnerability in Oracle Sun Solaris 10 allows local users to
affect availability via unknown vectors related to Kernel. 2013-04-17 3.8
CVE-2013-1530
_______________________________________________
oi-dev mailing list
[email protected]
http://openindiana.org/mailman/listinfo/oi-dev
