[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
Re: [cobalt-security] RaQ550: Package out of order question.
- Subject: Re: [cobalt-security] RaQ550: Package out of order question.
- From: Michael Stauber <cobalt@xxxxxxxxxxxxxx>
- Date: Fri, 7 Nov 2003 00:29:18 +0100
- Organization: SOLARSPEED.NET
- List-id: Mailing list for users to address network security on Cobalt products. <cobalt-security.list.cobalt.com>
Hi David,
> However on the Sun website, that i used as my install order guide, it
> apparently lacks the UI security update package <RaQ550-All-Security-0.0.1-
> 16346> so I've effectively saved it tell last.
> Does anyone know of a problem with this one being out of sync?
A couple of pages in the RaQ550 GUI were lacking proper authentification.
There are pages which only admin and the site admin of a specific site should
see. However, these pages were also available for regular users if they knew
the URL and were logged in with the normal user account. Or Site Admin of
Site A could view the user list of Site B - if he knew how.
Patch RaQ550-All-Security-0.0.1-16346 installs the entire GUI again - in a
fixed fashion.
There are no known problems, unless you have the Solarspeed.net SPAM-Filter.
If you have the Solarspeed.net SPAM-Filter and install the Sun patch, then
some of the extended GUI functions of the SPAM-Filter "dissapear". However,
we have a self-installable PKG ready which you can apply after the Sun PKG to
"revive" the SPAM-Filter features. See http://www.solarspeed.net/news/807.php
--
With best regards,
Michael Stauber