Cobalt Updates
Sun Cobalt Qube3

Downloads MUST be applied from the bottom of the page to the top, as they must be applied in chronlogical order. Application of these patches in improper order will likely result in problems with the Sun Cobalt™ product.
ALWAYS MAKE A GOOD BACKUP BEFORE DOING ANY UPDATE!!!

Please note that you are using these updates at your own risk and I do not provide free support for them. If you have problems you should try installing the pkgs from the command line and watch for any error messages...

These pkg files also represent a basic change in the way updates have been made in the past... While most software was "patched" in the past, it will be my goal to build updated pkgs equivalent to the now Current RedHat Enterprise 3 or best... I will be doing my very best to avoid building "patched" versions of old software however in some places there is no choice.

Mutt Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16706.pkg Posted:April 12, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 419,196

This update fixes security vulnerabilities with mutt.

Pre-Requisites:
None.

Reboot Required: No

MD5 Check Sum: 3c1c37885761904b91bca712a9f22cc3

ProFTPD Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16717.pkg Posted:April 19, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 567,526

This update addresses a buffer overflow vulnerability with ProFTPD.

Pre-Requisites:
Qube3-All-Security-4.0.1-15823.pkg

Reboot Required: No

MD5 Check Sum: 78f161738fe314d1c124bb3b2e5c2176

Pine Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16612.pkg Posted:March 17, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 1,864,797

This patch fixes security vulnerabilities in Pine.

Pre-Requisites:
None.

Reboot Required: No

MD5 Check Sum: cb2e5ec80a1e1e8da55a362acd6d60fe

Rsync Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16675.pkg Posted:October 01, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 123,190

This update addresses a heap overflow vulnerability in rsync, is a program for sychronizing files over the network.

Pre-Requisites:
None.

Reboot Required: No

MD5 Check Sum: 5e49483d9178bb47fcbf36d4d35f680f

GnuPG Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16674.pkg Posted:February 10, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 1,151,511

This package fixes GnuPG vulnerability.

Pre-Requisites:
None.

Reboot Required: No

MD5 Check Sum: 7531d53a80a24318dc7c8a0904b8814b

Fileutils Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16648.pkg Posted:February 10, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 639,758

This updates address a remote denial of services vulnerability in the ls program, a utility that is part of the fileutils package.

Pre-Requisites:
None.

Reboot Required: No

MD5 Check Sum: 4e0a51330fbd126224dbf16d5cd175dc

Qube3 EOL Update 4.0.1

HTTP Qube3-All-System-4.0.1-EOL.pkg Posted:February 10, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 874,922

This is the End of Life (EOL) update for the Qube3. It addresses the following system issues:

• /tmp was on the root partition which could run out of space. It was relocated to the /home partition
• DNS can now correctly use OCN-JT format for reverse lookup
• The process for the modem connection was made more robust.
• DHCP could stay activated even when deactivated in the UI
• Proper mail forwarding for locked system accounts
• It is now possible to enter a hostname with only numbers & "-"
• Block sendmail "verify" requests
• System generated mail messages could have an improperly formatted date
• Secure hidden files when FPX is enabled.
• Better handling of PPP routing in modem and DSL with PPPoE so the default route isn't lost
• The 10MB maximum size for a mailing list was incorrectly se to 1MB

Additionally, as a convenience for customers who need to restore their Qube3 Server appliance, a more up-to-date OS restore CD image has been created to help reduce the number of updates to install immediately after restoring the system. It can be downloaded from here.

Pre-Requisites:
The Qube3 should have all available security and systems updates installed.

Reboot Required: Yes

MD5 Check Sum: 3b96b35a6093e86254529aae08ed9207

BIND Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16662.pkg Posted:January 16, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,392,136

This update addresses a vulnerability in BIND, that could allow an attacker to conduct cache poisoning attacks on the name servers by convincing the servers to retain invalid negative responses.

For more information, see: CAN-2003-0914

Pre-Requisites:
Qube3-All-Security-4.0.1-16311.pkg

Reboot Required: No

MD5 Check Sum: a6fb4455cf4ada1d4acca17beef07166

Slocate Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16633.pkg Posted:January 16, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 29,605

This update addresses a vulnerability in slocate where the heap management structures could be corrupted possibly lead to an attacker gaining slocate group privileges.
for more information, see: CAN-2003-0848

Reboot Required: No

MD5 Check Sum: 80f727b85eb4bcbd220cb0e1ddda18e6

Tcpdump Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16504.pkg Posted:January 16, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 260,468

This update adresses a vulnerability in tcpdump, where the privileges were not dropped corrextly at startup time. for more information, see: CAN-2003-0194

Pre-Requisites:
Qube3-All-Security-4.0.1-14559.pkg

Reboot Required: No

MD5 Check Sum: e5ec155a31ccedb382401f8cf5141816

ProFTPD Security Update 4.0.2

HTTP Qube3-All-Security-4.0.2-16623.pkg Posted:January 12, 2004 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 591,675

This update addresses a buffer overflow discovered in ProFTPD, that could allow an attacker capable of uploading a file to the vilnerable system, to execute arbitrary code. For more information, see http://xforce.iss.net/xforce/alerts/id/154

Pre-Requisites:
Qube3-All-Security-4.0.1-15823.pkg

Reboot Required: No

MD5 Check Sum: d06280320ed8e93aca5c9b9e18d20200

Bash Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16602.pkg Posted:December 19, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 231,855

This update addresses a vulnerability in the bash shell. Temporary files were created with insecure permissions, which could allow an attacker to launch a symlink attack to overwrite arbitrary files.
For more information, see: CAN-2000-1134

Reboot Required: No

MD5 Check Sum: 47bebc1ed4765bd88aeb7d041fa59e9c

MySQL Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16613.pkg Posted:November 17, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 6,307,724

The MySQL database server was vulnerable to buffer overflow in get_salt_from_password that could allow attackers with ALTER TABLE privileges to execute arbitrary code.
For more information, see CAN-2003-0780

Pre-Requisites:
Qube3-All-Security-4.0.1-16488.pkg

Reboot Required: Yes

MD5 Check Sum: d91cd14d504e88282dc28f9c7b441793

Sendmail Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16620.pkg Posted:October 05, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 880,545

This update addresses two vulnerabilities in Sendmail.

• The prescan function in Sendmail 8.12.9 allows remote attackers to execute arbitrary code via buffer overflow attacks. See: CAN-2003-0694
• A potential buffer overflow in ruleset parsing. See: CAN-2003-0681

Pre-Requisites:
Qube3-All-Security-4.0.1-16429.pkg

Reboot Required: No

MD5 Check Sum: b546338e5fe30437f761abec1e51cacf

Imap Clients Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16505.pkg Posted:September 22, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 4,699,082

This update addresses multiple buffer overflow vulnerabilities discovered in various IMAP clients (Pine, Mutt, Imap).

Pre-Requisites:
Qube3-All-Security-4.0.1-14936.pkg
Qube3-All-Security-4.0.1-16306.pkg

Reboot Required: No

MD5 Check Sum: 4f9d634e347b20bb700ef26f3111b5a4

GnuPG Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16513.pkg Posted:September 22, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 1,775,300

This update addresses a vulnerability in the GNU Privacy Guard (GnuPG) where it would incorrectly associate the trust value of the UID with the highest trust value with every UID assigned to that key.

For more information, see: CAN-2003-0255

Reboot Required: No

MD5 Check Sum: 506167fa5def1aae311dfb94e3bc5b3c

BIND Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16311.pkg Posted:September 22, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,392,131

This update addresses multiple vulnerabilities discovered in the Berkeley Internet Name Domain Server (BIND).

• BIND SIG Cached RR Overflow Vulnerability: CAN-2002-1219
• BIND OPT DoS: CAN-2002-1220
• BIND SIG Expiry Time DoS: CAN-2002-1221

Reboot Required: No

MD5 Check Sum: ad2469bc3994e756c06ef213e0546c69

Unzip Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16561.pkg Posted:September 04, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 131,449

Updated unzip packages resolve a vulnerability allowing arbitrary files to be overwritten. The original patch to fix this issue (16170) missed a case where the path component included a quoted slash. These updated packages contain a new patch that corrects this issue.

for more information, see: CAN-2003-0282

Reboot Required: No

MD5 Check Sum: 5f2183cc496c5c1426b764e7ac66461b

Zlib Security Update 4.0.2

HTTP Qube3-All-Security-4.0.2-16487.pkg Posted:August 25, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 99,924

This update addresses a buffer overflow vulnerability in the gzprintf function of the zlib compression package.

For more information, see CAN-2003-0107

Version 2 corrects dependency on update 13323

Pre-Requisites:
Qube3-All-Security-4.0.1-13323.pkg

Reboot Required: No

MD5 Check Sum: 2a3956cfdccb39b21cf263e7ea789c7a

PPTP Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16479.pkg Posted:June 20, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 58,256

The PPTP server was vulnerable to a buffer overflow. For more information, see CAN-2003-0213

Reboot Required: Yes

MD5 Check Sum: fe01ca4ba4c3d78815a94b9d9e877783

Vim Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16358.pkg Posted:June 04, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,820,418

This update addresses a vulnerability found in the Vim editor, that could allow attackers to execute arbitrary commands using the libcall feature in modelines. For more information, see CAN-2002-1377

Reboot Required: No

MD5 Check Sum: 2ad8f9395a54cb6d3b657f58cd5da47e

MySQL Security Update 4.0.1 16488

HTTP Qube3-All-Security-4.0.1-16488.pkg Posted:May 29, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 6,305,013

This update addresses vulnerabilities found in the MySQL database server.

• Double-free vulnerability in mysqld: CAN-2003-0073
• World-writable files could allows mysql users to gain root privileges: CAN-2003-0150

Pre-Requisites:
Qube3-All-Security-4.0.1-16356.pkg

Reboot Required: Yes

MD5 Check Sum: 98b2d4b7fe9f1af31f5ab33527f221a2

Kernel Update C37 4.0.1

HTTP Qube3-All-Kernel-4.0.1-2.2.16C37-III-1.pkg Posted:May 19, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 4,200,314

This updated kernel fixes a vulnerability in ptrace that could allow local users to obtain full privileges. Remote exploitation of this hole is not possible. For more information see: CAN-2003-0127

This kernel also fixes a problem with the I2C driver where the locks were not IRQ safe. This could cause problems including the system reporting false fan failures, repeated raid syncs, and random reboots.

Reboot Required: Yes

MD5 Check Sum: 1b2714369f7c3b46100e33cdc773530f

Samba Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16417.pkg Posted:May 13, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 10,137,238

This update addresses multiple security issues discovered in the Samba file and printer sharing services:

• Buffer overflow in the SMB/CIFS packet fragment re-assembly code: CAN-2003-0085
• Local users can overwrite arbitrary files via a race condition: CAN-2003-0086
• Buffer overflow in the call_trans2open function allows remote attackers to execute arbitrary code: CAN-2003-0201

Reboot Required: Yes

MD5 Check Sum: fa71572ae103f3b9bb135decb97817ff

Qpopper Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16409.pkg Posted:May 08, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 96,060

This update addresses a buffer overflow vulnerability found in Qpopper.
For more information, see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0143

Reboot Required: No

MD5 Check Sum: 8bcf6c88bd1d6f481cca896e9bd576dc

Apache & SSL Security 4.0.1

HTTP Qube3-All-Security-4.0.1-16343.pkg Posted:May 08, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 2,846,142

This update addresses multiple vulnerabilities found in Apache and OpenSSL.

• Timing attack on OpenSSL, ref:CAN-2003-0078
• Buffer overflows in ApacheBench, ref:CAN-2002-0843
• Cross-site scripting vulnerability in the mod_ssl Apache module, ref:CAN-2002-1157
• Cross-site scripting (XSS) vulnerability, ref:CAN-2002-0840
• Shared memory scoreboard vulnerability, ref:CAN-2002-0839
• OpenSSL does not use RSA blinding by default, ref:CAN-2003-0147
• Information Leak in OpenSSL, ref:CAN-2003-0131

Reboot Required: Yes

MD5 Check Sum: aaf3485ff5894750d2d68ad58dfe8819

Wget Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16342.pkg Posted:May 01, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 349,224

This update addresses a directory traversal vulnerability in wget.
For more information see: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1344

Reboot Required: No

MD5 Check Sum: 5dd4b414dd3a6bd328b779fb94dc5942

Kernel Update 4.0.2 C35

HTTP Qube3-All-Kernel-4.0.2-2.2.16C35-III-1.pkg Posted:May 01, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,327,197

This patch will update the kernel to version 2.2.16C35. This kernel addresses the following issues:

• RAID synchronization could take a long time.
• Updated ethernet driver to fix framing errors.
• IPSeC Security vulnerability

Reboot Required: Yes

MD5 Check Sum: 785e7835342c5e11ece0f8b67d4c9174

DNS Listings Update 4.0.1

HTTP Qube3-All-System-4.0.1-16411.pkg Posted:April 24, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 12,580

This patch addresses a problem with displaying DNS listings with 25 or more entries.

Reboot Required: No

MD5 Check Sum: 0c98b93d7aa72708b26d2c4c0be903c0

Pine & File Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16306.pkg Posted:April 21, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 1,980,455

This update addresses vulnerabilities found in the pine mail program and the file program.

Pine was vulnerable to a remote denial of service. For more information, see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1320

File was vulnerable to a local buffer overflow. For more information, see http://www.cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2003-0102

Reboot Required: No

MD5 Check Sum: 7d40bbd977a242554acce4fcb764766d

Glibc Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-15578.pkg Posted:April 17, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 24,258,190

This update addresses a security vulnerability in the glibc resolver. For more information, see http://cve.mitre.org/cgi-bin/cvename.cgi?name=CAN-2002-1146

Reboot Required: Yes

MD5 Check Sum: b626cabf7c6c8eba0c71107ef3c6a0cb

Sendmail Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16429.pkg Posted:April 10, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 873,535

This patch updates the Sendmail program on your server to address a buffer overflow vulnerability. See http://www.cert.org/advisories/CA-2003-12.html for more information.

Pre-Requisites:
Qube3-All-Security-4.0.1-16402.pkg

Reboot Required: No

MD5 Check Sum: feb1c4b5b58a4bc175b783e506573228

Fetchmail Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16169.pkg Posted:April 10, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 278,474

This package fixes a vulnerability in fetchmail that could allow remote compromise. See http://security.e-matters.de/advisories/032002.html for more information.

Reboot Required: No

MD5 Check Sum: fb3ca1ba42617947cf5b0d284b62ba97

MySQL Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16356.pkg Posted:April 07, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 12,332,541

This patch addresses multiple vulnerabilities found in the MySQL database installed on your appliance. The vulnerabilities are:

• CAN-2002-1373 : Signed integer vulnerability in the COM_TABLE_DUMP package
• CAN-2002-1374 : Password vulnerability in the COM_CHANGE_USER command
• CAN-2002-1375 : Remote code execution in the COM_CHANGE_USER command
• CAN-2002-1376 : Denial of Service in libmysqlclient client library

Reboot Required: Yes

MD5 Check Sum: 758b2cbd34a134f5d04b2f0bf73b52ab

Sendmail Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-16402.pkg Posted:March 28, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 877,837

This patch updates the Sendmail program on your server to address a remote buffer overflow vulnerability. See http://www.cert.org/advisories/CA-2003-07.html for more information.

Reboot Required: No

MD5 Check Sum: 594c0a5760e54cd5d5e93c4bd4706a3f

PHP & PostgreSQL Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-15959.pkg Posted:March 20, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 12,857,106

This package addresses several issues with PHP and postgresql. Two PHP bugs have been fixed; the first is arbitrary command execution via the 5th parameter of mail() and the second is URL redirection using fopen(). In Postgresql, multiple buffer overruns have been recently identified and patched. In addition, Postgresql debugging is now disabled by default.

Reboot Required: Yes

MD5 Check Sum: 02899c90928ab0df496c083510f20307

Root DNS server update 4.0.1

HTTP Qube3-All-System-4.0.1-16365.pkg Posted:March 13, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 18,457

The IP address of one of the root DNS servers (J.ROOT-SERVERS.NET) has been changed. This patch updates the list of root DNS servers on your appliance.

Reboot Required: No

MD5 Check Sum: ee0c7fe34625b4c0ecd955f4308c70e5

Tar & Unzip Security update 4.0.1

HTTP Qube3-All-Security-4.0.1-16170.pkg Posted: February 28, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 504,952

The unzip and tar utilities contain vulnerabilities which can allow arbitrary files to be overwritten during archive extraction. See http://www.securityfocus.com/archive/1/196445 for more information.

Reboot Required: No

MD5 Check Sum: 25f9aceb22aa87573f79f91375ef8f51

Manual install of signed packages 4.0.1

HTTP Qube3-All-System-4.0.1-13764.pkg Posted: February 14, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 13,513

This package contains a system update to fix a problem where signed packages located in /home/packages would not show up in the manual installation UI

Reboot Required: No

MD5 Check Sum: ff39bd8d7f8e260e7039767e4e832909

Security Bundle

HTTP Qube3-All-Security-4.0.1-15977.pkg Posted: February 03, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,478,043

This package addresses multiple security issues, correcting insecure file permissions, fixing symlinks, improving the security of FTP and DNS, and putting the auth service under TCP wrappers.

Reboot Required: Yes

MD5 Check Sum: 63e680477880dfb95b6c45d907c87c47

Proftpd Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-15823.pkg Posted: January 27, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size:397,882

This patch fixes an upload file permission issue in proftpd. It also adds an extra security measure by preventing some default system accounts from logging in via ftp

Reboot Required: No

MD5 Check Sum: 00daa4d1a1e64ee7991341d622fd040c

/home/profiles/ update 1.0.1

HTTP Qube3-All-System-4.0.1-15719.pkg Posted: January 27, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 264,042

This update addresses two issues:

• Deleting a user removed /home/profiles
• users with a "." in their name would get incorrect permissions for their /home/profiles/ directory

Reboot Required: No

MD5 Check Sum: c2f26a46f700180db26ec704c27b92c4

Util-linux Update 4.0.1

HTTP Qube3-All-Security-4.0.1-15673.pkg Posted: January 27, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 618,683

The chfn binary from the util-linux package could be used to gain unauthorized access.

Reboot Required: No

MD5 Check Sum: 45476b3897b3a44761123ac9917b5136

SQUID Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-14935.pkg Posted: January 08, 2003 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 998,648

This update adresses a number of issues with SQUID.

• SQUID configuration could enable spammers to relay through the qube3
• log rotation has been fixed
• UI inconsistencies between Web Access and Web Cache have been resolved

Reboot Required: No

MD5 Check Sum: a915d022d608fc5cc642cc85679181ee

CCE Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-15714.pkg Posted: November 19, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 264,042

This package patches a security issue with the Cobalt Configuration Engine (CCE).

Reboot Required: Yes

MD5 Check Sum: 9e82c0f69cfeee20f621386f9e5768dd

Qube3 Kernel Update

HTTP Qube3-All-Kernel-4.0.1-2.2.16C33-III+VPN-1.pkg Posted: November 7, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 4,276,485

This patch upgrades the version of the kernel to C33. This kernel contains fixes to the Remote Access VPN and adds support for raw disk IO. This kernel update fixes a problem with the mppe compressor/decompressor used by PPTP (Remote Access VPN) where an encrypted link fails to re-sync after a dropped packet, causing all transmissions to stop over the VPN link. The performance of remote access VPN is highly dependent on the quality of the underlying network, and is more likely to encounter problems when used over slow links or links with bad routing between the client and the server. Any firewalls between the client and server must pass protocol 47 (GRE) and tcp port 1723. Some users of residential gateways/routers have encountered problems that were solved by connecting directly to the cable/DSL modem

Reboot Required: Yes

Prerequisites: none

MD5 Check Sum: c46b934a5c2f9e1a7505f67eb92b58aa

imapd Security Update 4.0.1

HTTP Qube3-All-Security-4.0.1-14936.pkg Posted: October 23, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 2,118,800

This package addresses a remote buffer overflow security vulnerability in imapd.

Reboot Required: No

MD5 Check Sum: 84027874603a5bbda0e0148e4ee5be57

Apache & SSL Update 4.0.1

HTTP Qube3-All-Security-4.0.1-15787.pkg Posted: September 25, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 5,446,657

This patch fixes multiple security issues with the Apache HTTP Server and OpenSSL. For more information please see:
http://online.securityfocus.com/advisories/4254
http://sunsolve.sun.com/pub-cgi/retrieve.pl?doc=fsalert%2F45509&zone_32=category%3Asecurity

Reboot Required: Yes

MD5 Check Sum: 7ab87dd7ea3eea22e3070183cffed1a0

Email Size Update 4.0.1

HTTP Qube3-All-System-4.0.1-14986.pkg Posted: August 5, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 5,200

This package restores the ability to set the maximum allowable email size in the mail server configuration.

Reboot Required: No

MD5 Check Sum: 146b254579f62b7bc41abc2e2109277c

Apache Update 4.0.1

HTTP Qube3-All-Security-4.0.1-15417.pkg Posted: June 28, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 2,849,910

This package contains an updated Apache HTTP Server that addresses a security issue recently discovered. For more information, please see http://httpd.apache.org/info/security_bulletin_20020617.txt

Reboot Required: Yes

MD5 Check Sum: 37c42c16924f7d03910db3bac5b0b2dc

TCPDUMP Update 4.0.1

HTTP Qube3-All-Security-4.0.1-14559.pkg Posted: June 27, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 543,550

This patch replaces the TCPDUMP network analysis tool with a new version. This version of TCPDUMP contains security fixes for issues that were found in prior releases of TCPDUMP for the Sun Cobalt Server Appliance.

Reboot Required: No

MD5 Check Sum: 30912e21746e14ab1b4cd44b3b74c1f3

Security Bundle 4.0.1

HTTP Qube3-All-Security-4.0.1-13323.pkg Posted: June 18, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 17,117,087

This package contains security updates for a varity of programs included on the Sun Cobalt Qube 3 appliance. Mutt is upgraded to version 1.2.5i-C2 to fix a vuneralbility in its address parser. Pine is upgraded to version 4.44-C1 to fix a security hole in it's URL-handling mechanisms. ProFTP is brought up to version 1.2.4-C4 to prevent a possible heap corruption error and Cyrus SASL is upgraded to verion 1.5.24-C4 in order to address a potential format string vulnerability.

Reboot Required: No

MD5 Check Sum: d13622f8caa018862a7bf61b3609a77d

PHP Upgrade 4.0.1

HTTP Qube3-All-Security-4.0.1-14039.pkg Posted: May 13, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 4,842,652

This patch upgrades the version of the PHP scripting engine on your server appliance to version 4.0.5-C4. This version contains security fixes for issues that were found in prior releases of of PHP for the Sun Cobalt server appliance. If you have upgraded PostgreSQL or PHP on your own, this patch may cause problems with your system.

Reboot Required: Yes

MD5 Check Sum: 8d869e67ef06ca9fe59497d66bdddadb

Filesharing Update 4.0.1

HTTP Qube3-All-System-4.0.1-13761.pkg Posted: April 17, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 55,804

This patch enables Windows Filesharing to behave differently when used with different locale settings on the Sun Cobalt Qube appliance. DNS, Sun Cobalt Control Station compatibility, print serving, and user CGI functions are also updated.

Reboot Required: No

MD5 Check Sum: 133e383ae0538c7f9c93a8f4c10b789a

glibc Update 4.0.1

HTTP Qube3-All-Security-4.0.1-13453.pkg Posted: April 15, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 24,273,181

This patch upgrades the version of glibc to 2.1.3-23 which contains a variety of security fixes.

Reboot Required: Yes

MD5 Check Sum: f505730704cfc4aa0b83674c7538a1db

OS Update 4.0

HTTP Qube3-ml-Update-4.0.pkg Posted: April 15, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 37,592,792

The Sun Cobalt Qube 3 appliance software v6.4 is now available. This software offers enhanced workgroup features, additional management functions, and many security enhancements:

1. Secured Virtual Private Network overlaid on the public Internet
   • VPN for remote access clients with PPTP support
   • VPN for point-to-point or LAN to LAN connectivity
2. File and Print Sharing enhancements
   • Print sharing support for network and 1 USB printer
   • File sharing with Windows Domain Controller support
3. Networking features
   • Port forwarding for network IP port management
   • Custom DNS zone format
   • Catch-all email that directs all email sent to the Sun Cobalt Qube 3 appliance with invalid email addresses be directed to a specific mailbox
4. Service Provisioning features
   • Auto-update
   • Level of administration
5. Multi-Qube management from remote locations using the Sun Cobalt Control Station
6. Security hardening
   • The Sun Cobalt software implementation have been audited and appropriate stack-guard libraries have been implemented so as to protect against internet hacker exploits.

For more information:
http://www.sun.com/hardware/serverappliances/qube3/

Reboot Required: Yes

MD5 Check Sum: 93ca42e6c49e4a62dcdcc01050680ae1

Kernel Update 2.0.1

HTTP Qube3-All-Kernel-2.0.1-2.2.16C32-2III-4.pkg Posted: January 7, 2002 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,515,358

Updates Kernel version to C32 to fix following security alert. http://www.securityfocus.com/advisories/3607

Reboot Required: Yes

MD5 Check Sum: aa70f6f178813847d681f6be88382a3b

glibc Update 2.0.1

HTTP Qube3-All-Security-2.0.1-8061.pkg Posted: December 19, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 24,231,387

This patch upgrades the version of glibc to 2.1.3-21. This version of glibc contains various security fixes.

MD5 Check Sum: e68faf27b05fee65b8020dfc9efe6633

Poprelayd 2.0-5 Update 2.0.1

HTTP Qube3-All-Security-2.0.1-10628.pkg Posted: September 4, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 8,457

This patch upgrades the version of poprelayd to 2.0-5. This version of poprelayd contains various security fixes for issues that were found in poprelayd v1.2.

MD5 Check Sum: 6021660eea01d7efdc41b6342a2ebaf3

telnetd Update 2.0.1

HTTP Qube3-All-Security-2.0.1-10750.pkg Posted: August 22, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 139,539

This security patch addresses an issue found in the telnet daemon, where a remote attacker is able to gain access to server appliances if telnet is enabled. Information regarding this update can be found at CERT Coordination Center's website. The URL is: http://www.cert.org/advisories/CA-2001-21.html.

MD5 Check Sum: 050c9438a3e4b66df1a39c013a941d41

Apache Update 2.0.1

HTTP Qube3-All-Security-2.0.1-10602.pkg Posted: August 21, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 2,643,984

This patch upgrades the version of Apache to 1.3.20. This version of Apache contains various security fixes for issues that were found in prior releases of Apache for the Sun Cobalt server appliance.

NOTE: This patch does not work with Sun Chilisoft ASP 3.6. If you haveupgraded your Sun Chilisoft ASP to 3.6, please contact Sun Chilisoft Support for details on installing this patch with version 3.6.

MD5 Check Sum: ec2f6506484c3ffe47a4f0808b926ad3

Webmail Update 2.0.1

HTTP Qube3-ml-Security-2.0.1-10626.pkg Posted: August 9, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 92,141

This patch addresses a security hole where a user is able to view files via Webmail. The customer can read files that they have access to from a shell prompt, even if telnet access is not enabled.

MD5 Check Sum: d16a9eb7a03d6ca428bffb227fed5712

FTP Update 2.0.1

HTTP Qube3-ml-System-2.0.1-10269.pkg Posted: August 9, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,310

If guest share is enabled and the Sun Cobalt Qube 3 appliance is rebooted, the anonymous ftp settings are lost. Users are no longer able to ftp anonymously. This update corrects this problem.

MD5 Check Sum: 537f8dc9b7cf642bcf124a321aaa174b

Samba Update 2.0.1

HTTP Qube3-All-Security-2.0.1-10260.pkg Posted: July 23, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 6,502,337

This package updates Samba to 2.0.9 in order to repair a locally exploitable security hole in previous versions. The security hole allows a user with a shell account to corrupt local devices (such as raw disks).

MD5 Check Sum: 79a95bc977f404a4b6d6e976860437bb

Chinese update 2.0.2

HTTP Qube3-ml-System-2.0.2-10448.pkg Size: 3,060,540 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Posted: June 29, 2001

Note: This update requires Qube3-en-Update-2.0.7.pkg (OS Update Multi-Language 2.0)

MD5 Check Sum: 8c2ebebf0a4c09f6537e8daa877fe29c

This Update will upgrade your Sun Cobalt Qube 3 Multi-Language by adding Traditional and Simplified Chinese to the available localizations.

This package will install online product manuals in .pdf format in the respective languages. These .pdf files are also included below.

Qube3-zh_TW-Manual-1.0.pkg
MD5 Check Sum: 9fef71933647fc79e5c6ba91c1024503

Qube3-zh_CN-Manual-1.0.pkg
MD5 Check Sum: 2d38fa45ebdaebbd2dfdeb99808be7dd

manual.qube3.zh_TW.pdf

manual.qube3.zh_CN.pdf

Kernel Update 2.0.1

HTTP Qube3-All-Kernel-2.0.1-2.216C27III.pkg Posted: June 25, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 3,570,353

This Kernel Upgrade provides a complete fix for the sysctl negative offset bug as well as the ptrace setuid bug. Information regarding this update can be found at Security Focus’ website. The URLs are:

http://www.securityfocus.com/vdb/?id=2364 - sysctl bug
http://www.securityfocus.com/vdb/?id=2044 - ptrace bug

NOTE:

• This patch should not be installed on Sun Cobalt Qube 3 Professional Edition appliances.
• The previous version of this update did not completely close the security holes mentioned above. It is strongly recommended that users install the latest Kernel version.

MD5 Check Sum: 97f1cd80938d49cdd1a0ea2063c6aef6

Disaster Recovery Update 2.0.3

HTTP Qube3-ml-Arkeia-2.0.3-9450.pkg Size: 489,340 HTTP Qube3-ml-NetBackup-2.0.3-9450.pkg Size: 1,520,179 HTTP Qube3-ml-NetWorker-2.0.3-9450.pkg Size: 11,773,989 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Posted: June 21, 2001

This update provides support for disaster recovery of the Sun Cobalt Qube 3 appliance using the following third-party backup solutions, Arkeia, Legato NetWorker, and Veritas NetBackup. Each update is provided as a separate package for Sun Cobalt BlueLinQ and may be installed independent of one another. Updates for each solution are as follows:

Knox Arkeia:

• UPDATED: French L10N.
• Client version 4.2.9-11 installed.
• Knox Arkeia menu added to the Maintenance menu with support for setting the server and listen port for firewall support.
  View Reference
• Pre- and post- backup tailoring scripts installed.

• UPDATED: Client version 3.4-J0850645 installed.
• Veritas NetBackup added with support for master and extra servers.
• UPDATED: CLIENT_NAME parameter now set in configuration file.
• Backup tailoring scripts installed.

• UPDATED: Client version 6.0.2 installed.
• UPDATED: recover binary changed to correct symbolic link recovery problem. See below for verification instructions.
• Legato NetWorker menu added to the Maintenance menu with support for multiple servers and firewall support.
• Control panel updated to include connection and service port configuration for use in firewall support.
  View Reference
• Backup tailoring scripts installed.

MD5 Check Sum: 4ef51721ae194171bb18524c03f0ffa4 (Arkeia)
MD5 Check Sum: 9fc091d90b3b46c852f31e4772219a21 (NetBackup)
MD5 Check Sum: 66a932e5aa187ad2852deb4c87d2eaac (NetWorker)

MX Records Update 2.0.1

HTTP Qube3-ml-System-2.0.1-8766.pkg Posted: May 21, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 1,790

This update corrects MX records from being inappropriately matched to incorrect domain hostname records that could possible prevent mail from being delivered.

MD5 Check Sum: 04446055450b6552142c2ee97f8e26c3

proftpd Update 2.0.1

HTTP Qube3-All-Security-2.0.1-10108.pkg Posted: May 14, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 334,441

This patch updates proftpd in response to a CERT alert (CA-2001-07) regarding the current version of proftpd. Additional information on the patch can be located at CERT ‘s official website.: http://www.cert.org/advisories/CA-2001-07.html

MD5 Check Sum: 741432bc1a1094b08a46a542ebacb727

OS Update Multi-Language 2.0

HTTP Qube3-en-Update-2.0.7.pkg Posted: April 16, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 6,627,632

This OS Update will upgrade your English Sun Cobalt Qube 3 appliance to a Sun Cobalt Qube 3 Multi-Language appliance. This update features the addition of Castilian Spanish, German, and French simultaneously accessible localizations. Enhanced modem control functionality and Internet access restrictions has also been added.

Note: This update requires Qube3-en-Update-1.0.pkg

The following packages will install online product manuals in .pdf format in the respective languages.

• Qube3-de-Manual-1.01.pkg
• Qube3-en-Manual-1.01.pkg
• Qube3-es-Manual-1.01.pkg
• Qube3-fr-Manual-1.01.pkg

MD5 Check Sum: 7702a36aa8a083a01ff95b1e4a823848 Qube3-en-Update-2.0.7.pkg
MD5 Check Sum: b2c7246f1f8dc72bbddb85603b8a3042 Qube3-de-Manual-1.01.pkg
MD5 Check Sum: 80ca33efd1c1419fd8ec8b83382983df Qube3-en-Manual-1.01.pkg
MD5 Check Sum: 77344dc9974b6fc9ef78e6cf40729815 Qube3-es-Manual-1.01.pkg
MD5 Check Sum: e7809feec37496d6b8b80f766869f9c1 Qube3-fr-Manual-1.01.pkg

RPM Update 1.0.1

HTTP Qube3-All-System-1.0.1-9819.pkg Posted: April 5, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 1,572,453

This package installs a newer version of RPM (rpm-3.0.5-9.6x) and all the associated rpms
RPM: rpm-3.0.5-9.6x.i386.rpm
RPM: rpm-python-3.0.5-9.6x.i386.rpm (not on Sun Cobalt RaQ 3 server)
RPM: rpm-build-3.0.5-9.6x.i386.rpm (not on Sun Cobalt RaQ 3 server)
RPM: rpm-devel-3.0.5-9.6x.i386.rpm
RPM: popt-1.5-9.6x.i386.rpm

MD5 Check Sum: 4b6167a53407b67eb3d1f1e41a37eef4

OS Update 1.0

HTTP Qube3-en-Update-1.0.pkg Posted: March 9, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 23,639,734

Note: This update requires Qube3-en-System-0.0.1-9375 (the Sun Cobalt BlueLinQ update) Installed prior to installation of this update. This update will update the OS version of Sun Cobalt Qube 3 appliance from 6.0 to 6.1. The patch will not appear within the installed software. Although after installation the updated OS version will appear.

Qube3-en-OSUpdate-Installation.pdf

Description:

The Sun Cobalt OS is the base software for the Sun Cobalt Qube 3 appliance. This software package is required in order for your server appliance to function.

Obsoletes These Previous Updates:

• Qube3-All-System-0.0.1-8737
• Qube3-en-System-0.0.1-8644 (English Only)
• Qube3-en-System-0.0.1-9375 (English Only)
• Qube3-All-Security-0.0.1-9100
• Qube3-All-Security-0.0.1-9353
• Qube3-All-Security-0.0.1-9531
• Qube3-All-Security-0.0.1-9566
• Qube3-All-Security-0.0.2-9078
• Qube3-All-Security-0.0.1-9648

For any domains served by the Sun Cobalt Qube appliance's DNS server that don't have valid a SOA CCE object will be given a valid SOA object.

BlueLinQ Update 0.0.1

HTTP Qube3-en-System-0.0.1-9375.pkg Posted: February 2, 2001 FTP Point your FTP client to ftp://ftp.cobalt.sun.com Size: 42,605

This update fixes the missing .mo file bug. Prior to this update, the description of patches was not displayed correctly. Sun Cobalt BlueLinQ was enhanced to allow a user to specify multiple servers to receive updates from. The ability to correctly use the Sun Cobalt BlueLinQ via a proxy server was also fixed.