Oracle Solaris Third Party Bulletin - October 2016
Description
The Oracle Solaris Third Party Bulletin announces patches for one or more security vulnerabilities fixed in third party software that is included in Oracle Solaris distributions. Starting January 20, 2015, Third Party Bulletins are released on the same day when Oracle Critical Patch Updates are released. These bulletins will also be updated on the Tuesday closest to the 17th of the following two months after their release (i.e. the two months between the normal quarterly Critical Patch Update publication dates). In addition, Third Party Bulletins may also be updated for vulnerability fixes deemed too critical to wait for the next monthly update.
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply Third Party Bulletin fixes as soon as possible.
Patch Availability
Please see My Oracle Support Note 1448883.1
Third Party Bulletin Schedule
Third Party Bulletins are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:
- 17 January 2017
- 18 April 2017
- 18 July 2017
- 17 October 2017
References
Modification History
2017-January-11 |
Rev 5. Added all CVEs fixed in NTP 4.2.8p9 |
2016-December-16 |
Rev 4. Added all CVEs fixed in Solaris 11.3 SRU15.4 |
2016-November-24 |
Rev 3. Added fix for CVE-2016-8864 |
2016-November-18 |
Rev 2. Added all CVEs fixed in Solaris 11.3 SRU14.6 |
2016-October-18 |
Rev 1. Initial Release |
Oracle Solaris Executive Summary
This Third Party Bulletin contains 48 new security fixes for the Oracle Solaris. 42 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without the need for a username and password.
Oracle Solaris Risk Matrix
Revision 5: Published on 2017-01-11
CVE# |
Product |
Protocol |
Third Party component |
Remote Exploit without Auth.? |
CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) |
Supported Versions Affected |
Notes |
Base Score |
Access Vector |
Access Complexity |
Authentication |
Confidentiality |
Integrity |
Availability |
CVE-2016-9310 |
Solaris |
NTP |
NTP |
Yes |
5.8 |
Network |
Medium |
None |
Partial |
None |
Partial |
11.3, 10 |
|
Revision 4: Published on 2016-12-16
CVE# |
Product |
Protocol |
Third Party component |
Remote Exploit without Auth.? |
CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) |
Supported Versions Affected |
Notes |
Base Score |
Access Vector |
Access Complexity |
Authentication |
Confidentiality |
Integrity |
Availability |
CVE-2016-5296 |
Solaris |
Multiple |
Firefox |
Yes |
6.8 |
Network |
Medium |
None |
Partial |
Partial |
Partial |
11.3 |
See Note 12 |
CVE-2016-9190 |
Solaris |
Multiple |
Python Imaging Library (PIL) |
Yes |
6.8 |
Network |
Medium |
None |
Partial |
Partial |
Partial |
11.3 |
|
CVE-2016-9422 |
Solaris |
Multiple |
W3M |
Yes |
6.8 |
Network |
Medium |
None |
Partial |
Partial |
Partial |
11.3 |
See Note 10 |
CVE-2016-7076 |
Solaris |
Multiple |
Sudo |
No |
6.6 |
Local |
Medium |
Single |
Complete |
Complete |
Complete |
11.3, 10 |
|
CVE-2015-8325 |
Solaris |
SSH |
OpenSSH |
No |
6.2 |
Local |
High |
None |
Complete |
Complete |
Complete |
11.3 |
|
CVE-2016-5419 |
Solaris |
Multiple |
libcurl |
Yes |
5.8 |
Network |
Medium |
None |
Partial |
Partial |
None |
11.3 |
|
CVE-2016-6210 |
Solaris |
SSH |
OpenSSH |
Yes |
5.0 |
Network |
Low |
None |
Partial |
None |
None |
11.3 |
|
CVE-2016-8858 |
Solaris |
SSH |
OpenSSH |
Yes |
5.0 |
Network |
Low |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-5420 |
Solaris |
Multiple |
libcurl |
No |
4.9 |
Network |
Medium |
Single |
Partial |
Partial |
None |
11.3 |
See Note 9 |
CVE-2016-7167 |
Solaris |
Multiple |
libcurl |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-9189 |
Solaris |
Multiple |
Python Imaging Library (PIL) |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-9622 |
Solaris |
Multiple |
W3M |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
See Note 14 |
CVE-2016-3739 |
Solaris |
Multiple |
libcurl |
Yes |
4.0 |
Network |
High |
None |
Partial |
Partial |
None |
11.3 |
|
CVE-2016-5384 |
Solaris |
Multiple |
FreeType |
No |
3.7 |
Local |
High |
None |
Partial |
Partial |
Partial |
11.3, 10 |
|
CVE-2016-5421 |
Solaris |
Multiple |
libcurl |
No |
3.7 |
Local |
High |
None |
Partial |
Partial |
Partial |
11.3 |
|
CVE-2016-7942 |
Solaris |
Multiple |
X.Org |
No |
2.9 |
Adjacent Network |
Medium |
None |
None |
None |
Partial |
11.3, 10 |
See Note 15 |
CVE-2016-0762 |
Solaris |
Multiple |
Apache Tomcat |
Yes |
2.6 |
Network |
High |
None |
Partial |
None |
None |
11.3 |
See Note 11 |
Revision 3: Published on 2016-11-24
CVE# |
Product |
Protocol |
Third Party component |
Remote Exploit without Auth.? |
CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) |
Supported Versions Affected |
Notes |
Base Score |
Access Vector |
Access Complexity |
Authentication |
Confidentiality |
Integrity |
Availability |
CVE-2016-8864 |
Solaris |
DNS |
Bind |
Yes |
5.0 |
Network |
Low |
None |
None |
None |
Partial |
11.3, 10 |
|
Revision 2: Published on 2016-11-18
CVE# |
Product |
Protocol |
Third Party component |
Remote Exploit without Auth.? |
CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) |
Supported Versions Affected |
Notes |
Base Score |
Access Vector |
Access Complexity |
Authentication |
Confidentiality |
Integrity |
Availability |
CVE-2015-4473 |
Solaris |
Multiple |
Thunderbird |
Yes |
10.0 |
Network |
Low |
None |
Complete |
Complete |
Complete |
11.3 |
See Note 8 |
CVE-2015-4477 |
Solaris |
Multiple |
Firefox |
Yes |
10.0 |
Network |
Low |
None |
Complete |
Complete |
Complete |
11.3 |
See Note 6 |
CVE-2016-6304 |
Solaris |
SSL/TLS |
OpenSSL/WanBoot |
Yes |
7.8 |
Network |
Low |
None |
None |
None |
Complete |
10 |
See Note 13 |
CVE-2016-5276 |
Solaris |
Multiple |
Firefox |
Yes |
7.5 |
Network |
Low |
None |
Partial |
Partial |
Partial |
11.3, 10 |
See Note 5 |
CVE-2016-2119 |
Solaris |
SMB |
Samba |
Yes |
6.8 |
Network |
Medium |
None |
Partial |
Partial |
Partial |
11.3 |
|
CVE-2016-2114 |
Solaris |
SMB |
Samba |
Yes |
5.8 |
Network |
Medium |
None |
Partial |
Partial |
None |
11.3 |
|
CVE-2015-5621 |
Solaris |
SNMP |
Net-SNMP |
Yes |
5.1 |
Network |
High |
None |
Partial |
Partial |
Partial |
11.3 |
|
CVE-2016-5388 |
Solaris |
HTTP |
Apache Tomcat |
Yes |
5.1 |
Network |
High |
None |
Partial |
Partial |
Partial |
11.3 |
|
CVE-2015-1782 |
Solaris |
SSH |
SSH |
Yes |
5.0 |
Network |
Low |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-7401 |
Solaris |
Multiple |
Django Python web framework |
Yes |
5.0 |
Network |
Low |
None |
None |
Partial |
None |
11.3 |
|
CVE-2016-0787 |
Solaris |
SSH |
SSH |
Yes |
4.3 |
Network |
Medium |
None |
Partial |
None |
None |
11.3 |
|
CVE-2016-2113 |
Solaris |
SMB |
Samba |
Yes |
4.3 |
Network |
Medium |
None |
Partial |
None |
None |
11.3 |
|
CVE-2016-7175 |
Solaris |
Multiple |
Wireshark |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-7176 |
Solaris |
Multiple |
Wireshark |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-7177 |
Solaris |
Multiple |
Wireshark |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-7178 |
Solaris |
Multiple |
Wireshark |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-7179 |
Solaris |
Multiple |
Wireshark |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-7180 |
Solaris |
Multiple |
Wireshark |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2016-7531 |
Solaris |
Multiple |
ImageMagick |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3, 10 |
See Note 7 |
CVE-2016-8610 |
Solaris |
SSL/TLS |
OpenSSL |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
|
CVE-2014-0015 |
Solaris |
Multiple |
libcurl |
Yes |
4.0 |
Network |
High |
None |
Partial |
Partial |
None |
11.3 |
See Note 4 |
Revision 1: Published on 2016-10-18
CVE# |
Product |
Protocol |
Third Party component |
Remote Exploit without Auth.? |
CVSS VERSION 2.0 RISK (see Risk Matrix Definitions) |
Supported Versions Affected |
Notes |
Base Score |
Access Vector |
Access Complexity |
Authentication |
Confidentiality |
Integrity |
Availability |
CVE-2016-2776 |
Solaris |
DNS |
Bind |
Yes |
7.8 |
Network |
Low |
None |
None |
None |
Complete |
11.3, 10 |
See Note 3 |
CVE-2016-3141 |
Solaris |
Multiple |
PHP |
Yes |
7.5 |
Network |
Low |
None |
Partial |
Partial |
Partial |
11.3 |
|
CVE-2016-2335 |
Solaris |
Multiple |
P7ZIP |
Yes |
6.8 |
Network |
Medium |
None |
Partial |
Partial |
Partial |
11.3, 10 |
|
CVE-2016-2334 |
Solaris |
Multiple |
P7ZIP |
Yes |
5.1 |
Network |
High |
None |
Partial |
Partial |
Partial |
11.3 |
|
CVE-2016-5387 |
Solaris |
HTTP |
Apache HTTP server |
Yes |
5.1 |
Network |
High |
None |
Partial |
Partial |
Partial |
11.3 |
See Note 1 |
CVE-2016-6302 |
Solaris |
SSL/TLS |
OpenSSL |
Yes |
5.0 |
Network |
Low |
None |
None |
None |
Partial |
11.3, 10 |
|
CVE-2016-6302 |
Solaris |
SSL/TLS |
OpenSSL/WanBoot |
Yes |
5.0 |
Network |
Low |
None |
None |
None |
Partial |
10 |
|
CVE-2016-1546 |
Solaris |
HTTP |
Apache HTTP server |
Yes |
4.3 |
Network |
Medium |
None |
None |
None |
Partial |
11.3 |
See Note 2 |
Notes:
- This fix also addresses CVE-2016-1000104.
- This fix also addresses CVE-2016-4979.
- This fix also addresses CVE-2015-8704 CVE-2015-8705 CVE-2016-2766.
- This fix also addresses CVE-2016-0755.
- This fix also addresses CVE-2016-2815 CVE-2016-2818 CVE-2016-2819 CVE-2016-2821 CVE-2016-2822 CVE-2016-2824 CVE-2016-2826 CVE-2016-2828 CVE-2016-2830 CVE-2016-2831 CVE-2016-2835 CVE-2016-2836 CVE-2016-2837 CVE-2016-2838 CVE-2016-2839 CVE-2016-5250 CVE-2016-5252 CVE-2016-5254 CVE-2016-5257 CVE-2016-5258 CVE-2016-5259 CVE-2016-5261 CVE-2016-5262 CVE-2016-5263 CVE-2016-5264 CVE-2016-5265 CVE-2016-5270 CVE-2016-5272 CVE-2016-5274 CVE-2016-5277 CVE-2016-5278 CVE-2016-5280 CVE-2016-5281 CVE-2016-5284.
- This fix also addresses CVE-2015-7201 CVE-2015-7202 CVE-2015-7205 CVE-2015-7207 CVE-2015-7210 CVE-2015-7212 CVE-2015-7213 CVE-2015-7214 CVE-2015-7222 CVE-2015-7575 CVE-2016-1523 CVE-2016-1930 CVE-2016-1931 CVE-2016-1935 CVE-2016-1938 CVE-2016-1950 CVE-2016-1952 CVE-2016-1953 CVE-2016-1954 CVE-2016-1957 CVE-2016-1958 CVE-2016-1960 CVE-2016-1961 CVE-2016-1962 CVE-2016-1964 CVE-2016-1965 CVE-2016-1966 CVE-2016-1967 CVE-2016-1969 CVE-2016-1974 CVE-2016-1977 CVE-2016-1978 CVE-2016-1979 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798 CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802 CVE-2016-2804 CVE-2016-2805 CVE-2016-2806 CVE-2016-2807 CVE-2016-2808 CVE-2016-2814.
- This fix also addresses CVE-2015-8957 CVE-2015-8958 CVE-2016-6823 CVE-2016-7101 CVE-2016-7513 CVE-2016-7514 CVE-2016-7515 CVE-2016-7516 CVE-2016-7517 CVE-2016-7518 CVE-2016-7519 CVE-2016-7520 CVE-2016-7521 CVE-2016-7522 CVE-2016-7523 CVE-2016-7524 CVE-2016-7525 CVE-2016-7526 CVE-2016-7527 CVE-2016-7528 CVE-2016-7529 CVE-2016-7530 CVE-2016-7532 CVE-2016-7533 CVE-2016-7534 CVE-2016-7535 CVE-2016-7536 CVE-2016-7537 CVE-2016-7538 CVE-2016-7539 CVE-2016-7540.
- This fix also addresses CVE-2015-4474 CVE-2015-4481 CVE-2015-4482 CVE-2015-4487 CVE-2015-4488 CVE-2015-4489 CVE-2015-4491 CVE-2015-4500 CVE-2015-4501 CVE-2015-4505 CVE-2015-4506 CVE-2015-4509 CVE-2015-4511 CVE-2015-4513 CVE-2015-4514 CVE-2015-4517 CVE-2015-4519 CVE-2015-4520 CVE-2015-4521 CVE-2015-4522 CVE-2015-7174 CVE-2015-7175 CVE-2015-7176 CVE-2015-7177 CVE-2015-7178 CVE-2015-7179 CVE-2015-7180 CVE-2015-7181 CVE-2015-7182 CVE-2015-7183 CVE-2015-7188 CVE-2015-7189 CVE-2015-7193 CVE-2015-7194 CVE-2015-7197 CVE-2015-7198 CVE-2015-7199 CVE-2015-7200 CVE-2015-7201 CVE-2015-7202 CVE-2015-7205 CVE-2015-7212 CVE-2015-7213 CVE-2015-7214 CVE-2015-7575 CVE-2016-1523 CVE-2016-1930 CVE-2016-1931 CVE-2016-1935 CVE-2016-1950 CVE-2016-1952 CVE-2016-1953 CVE-2016-1954 CVE-2016-1955 CVE-2016-1956 CVE-2016-1957 CVE-2016-1960 CVE-2016-1961 CVE-2016-1964 CVE-2016-1966 CVE-2016-1974 CVE-2016-1977 CVE-2016-1979 CVE-2016-2790 CVE-2016-2791 CVE-2016-2792 CVE-2016-2793 CVE-2016-2794 CVE-2016-2795 CVE-2016-2796 CVE-2016-2797 CVE-2016-2798 CVE-2016-2799 CVE-2016-2800 CVE-2016-2801 CVE-2016-2802 CVE-2016-2804 CVE-2016-2805 CVE-2016-2806 CVE-2016-2807 CVE-2016-2815 CVE-2016-2818 CVE-2016-2835 CVE-2016-2836.
- This fix also addresses CVE-2016-5419.
- This fix also addresses CVE-2016-9423 CVE-2016-9424 CVE-2016-9425 CVE-2016-9426 CVE-2016-9428 CVE-2016-9429 CVE-2016-9430 CVE-2016-9431 CVE-2016-9432 CVE-2016-9433 CVE-2016-9434 CVE-2016-9435 CVE-2016-9436 CVE-2016-9437 CVE-2016-9438 CVE-2016-9439 CVE-2016-9440 CVE-2016-9441 CVE-2016-9442 CVE-2016-9443.
- This fix also addresses CVE-2016-0762 CVE-2016-5018 CVE-2016-6794 CVE-2016-6796.
- This fix also addresses CVE-2016-5290 CVE-2016-5291 CVE-2016-5297 CVE-2016-9064 CVE-2016-9066 CVE-2016-9074.
- This fix also addresses CVE-2016-2179 CVE-2016-2180 CVE-2016-2181 CVE-2016-2182 CVE-2016-6304 CVE-2016-6306.
- This fix also addresses CVE-2016-9621 CVE-2016-9623 CVE-2016-9624 CVE-2016-9625 CVE-2016-9626 CVE-2016-9627 CVE-2016-9628 CVE-2016-9629 CVE-2016-9630 CVE-2016-9631 CVE-2016-9632 CVE-2016-9633.
- This fix also addresses CVE-2016-5407 CVE-2016-7943 CVE-2016-7944 CVE-2016-7945 CVE-2016-7946 CVE-2016-7947 CVE-2016-7948 CVE-2016-7949 CVE-2016-7950 CVE-2016-7951 CVE-2016-7952 CVE-2016-7953.