com Sun Security Bulletin : (periodic e-mail reports on Solaris security bugs and recommended fixes) CERT (Computer Emergency Response Team, at Carnegie Mellon University): http://www.cert.

org/ CIAC (Computer Incident Advisory Capability):

Solaris patches are uniquely identified with a six-digit patch number and a two-digit patch version number. For example, patch 106242-03 is the third version of the patch 106242. Sun uses one serial numbering system for all versions of Solaris.

Solaris patches are typically distributed as compressed tar archives. Example Solaris patch filenames are 106242-03.tar.

Z, 106242-03.tar.gz, or 106242-03. Note The following procedure does not need to be performed routinely.

It is included only for those who wish to understand Solaris"s patch architecture.. To unwrap a patch: create a new directory, copy the patch file to it, and run one of the following commands. Using our example Solaris patch filenames 106242-03.tar.

Z, 106242-03.tar.gz, and 106240-03. For a patch filename ending in .Z, enter zcat file tar xvf -, where file is t he name of the patch file. For a patch filename ending in .gz, enter gzcat file .

tar xvf -, where file is t Code-39 for None he name of the patch file. For a patch filename ending in .zip, enter unzip file .

a text file containing generic patch installation instructions. README.patch (for example, README.106242-03) a text file containing specific information about this patch. One or more Sun package directories, for example SUNWaccr. This directory contains updated Solaris files to be replaced. installpatch the patch install script (obsolete in Solaris 2.6). backoutpatch the patch backout script (obsolete in Solaris 2.6).

patch (for example, README.106242-03) a text file containing specific information about this patch. One or more Sun package directories, for example SUNWaccr.

This directory contains updated Solaris files to be replaced. installpatch the patch install script (obsolete in Solaris 2.6).

backoutpatch the patch backout script (obsolete in Solaris 2.6)..

Patch history and backout information resides in /var/sadm/patch. This is the directory that grows as patches are installed (particularly if older versions of patches are not backed out).

Solaris patch clusters are collections of Solaris patches that are packaged together for some common purpose. Examples of patch clusters include. Solaris 2.x or Solaris 7 recommended patches Solaris 2.x or Solaris 7 patches containing security fixes (Sun includes security patches in its list of recommended patches) Solaris 2.x or Solaris 7 Year-2000 patches

x or Solaris 7 Year-2000 patches Note The Solaris recommended patches are the most important patches and fix critical system and security holes. While generally the set of recommended patches are interoperable and should not cause undesirable system behavior, the experienced and wary UNIX administrator should err on the side of caution and proceed slowly and carefully when installing even recommended patches..

Sources for Patches Sun customers can access Su n"s complete patch archive at the SunSolve Web site at

Find the login link on this page (users will be asked for a userid and password this gets assigned for site contracts once a Sun service contract is in force) to access all patches. Sun service customers can also periodically recieve SunSolve CDs, which include patches for current and some prior releases of Solaris. Sun users who are not on maintenance can access Sun"s publicly available patches on this same Web site without having to login.

suninfo/sun-patches/.

Patches consume disk space sometimes lots of disk space on Solaris systems. When installed as recommended, patch installation includes backout data, which is used to back out the patch in case problems are encountered with the patched version of any software.

