Sign in with
Sign up | Sign in

Oracle Pushes Solaris into Quarterly Updates

By - Source: Tom's Hardware US | B 5 comments

Solaris and other Sun-based products are now on Oracle's quarterly security update schedule.

Oracle announced this week that it has moved Sun Solaris onto its quarterly security patch schedule, starting with the April 2010 Critical Patch Update slated for Tuesday. This new schedule will now inform Sun Solaris users of upcoming security updates months before the patches are distributed.

Oracle also said the April update will contain 47 new security vulnerability fixes "across hundreds of Oracle products." 16 of those fixes will be applied to the Solaris Products Suite alone, including the Sun Ray Server, Sun Cluster, Sun convergence, and more.

"Some of the vulnerabilities addressed in this Critical Patch Update affect multiple products," the company said. "Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Critical Patch Update fixes as soon as possible."

Out of the 16 new security fixes lined up for the Solaris Products Suite, 8 vulnerabilities may be remotely exploitable without authentication if left unfixed. Oracle said that the vulnerability may be exploited over a network without the need for a username or password.

Display 5 Comments.
This thread is closed for comments
  • 0 Hide
    Emperus , April 9, 2010 7:43 PM
    This is good.. I've always loved the idea of updates being thoroughly tested before released.. A quarterly schedule will give them time for stable releases.. Moreover important from the fact that solaris ( also opensolaris ) is largely non existent for desktop users and even in the server and security market they've stiff competition..
  • 0 Hide
    buckinbottoms , April 9, 2010 10:54 PM
    last time I worked on anything involving Solaris was 10 years ago in school.
  • -1 Hide
    JohnnyLucky , April 10, 2010 1:17 PM
    Interesting article. I always thought commercial and IT would be more secure. Now I find out that isn't the case, at least not with Sun.
  • 2 Hide
    deltatux , April 10, 2010 6:05 PM
    I rather run FreeBSD on my home server. I don't really like Solaris. Probably because I've been using UNIX-like OSes in so long I'm not used to real UNIX OSes. I don't know.

    However, I think software updates should happen immediately instead of every quarter. I don't like the idea of waiting every 3 months for security patches.
  • 0 Hide
    Anonymous , April 18, 2010 5:32 PM
    Yea, but now you have to pay for their mistakes. Oracle doesn't know how to be an OS company.