Note: This is an archival copy of Security Sun Alert 267568 as previously published on http://sunsolve.sun.com. Latest version of this security advisory is available from http://support.oracle.com as Sun Alert 1020934.1. |
Category Security Release Phase Resolved 6872718, 6861920 Product Sun Java System Access Manager 7.0 Sun Java System Access Manager 7.1 OpenSSO Enterprise 8.0 Date of Resolved Release 12-Apr-2010 . 1. Impact This Alert covers CVE-2010-0894 for the Sun Java System Access Manager product. CVE-2010-0894 can be found at http://cve.mitre.org/cgi-bin/cvename.cgi?name=2010-0894 Please see http://www.oracle.com/technology/deploy/security/alerts.htm for more information about Critical Patch Updates and Security Alerts. This publication relates to the CPU for April 2010. 2. Contributing Factors These issues can occur in the following releases: SPARC Platform
1. The issue corresponding to bug 6861920 does not affect Sun Java System Access Manager 7 2005Q4 (7.0) 2. To determine if Sun Java System Access Manager is installed, the following command can be run on a Solaris system: % pkginfo -l SUNWamsvc || echo "Sun Java Access Manager not installed"3. To determine the version of Sun Java System Access Manager on other systems, the following command can be run: $ <access-manager-install-dir>/bin/amadmin --version(where <access-manager-install-dir> is the installation directory of Sun Java System Access Manager). 4. To determine the version of OpenSSO on other systems, the following command can be run: $ <tools-zip-root>/<deploy_uri>/bin/ssoadm --version(where <tools-zip-root> is the directory of the unzipped 'ssoAdminTools.zip' file and <deploy_uri> is the name of the OpenSSO Enterprise deployment URI. For example: opensso) 3. Symptoms 4. Workaround 5. Resolution These issues are addressed in the following releases: SPARC Platform
References141655-03120954-11 120955-11 120956-11 124296-11 126371-11 126356-04 126357-04 126358-04 126359-04 140504-04 Attachments This solution has no attachment |
|