From Sun Patch 147707-10
Sun has released a security patch addressing the following issues:
7168983 PKCS11 engine does not check mechanism key size range 7182257 pk11_get_symmetric_cipher and pk11_get_digest should have better interface (from 147707-09) 7169875 problem with crypto: OpenSSL (from 147707-08) 7101916 blowfish-cbc/hmac_sha1 in the SSH test suite failed on T4 (from 147707-07) 7169340 make it possible to set SSL3_FLAGS_ALLOW_UNSAFE_LEGACY_RENEGOTIATION flag in SSL context 7172970 SSL_OP_ALLOW_UNSAFE_LEGACY_RENEGOTIATION is not defined (from 147707-06) 7162790 problem with crypto: OpenSSL 7164437 problem with crypto: OpenSSL 7166196 BUF_MEM_grow_clean returns incorrect error string (from 147707-05) 7155548 problem with crypto: OpenSSL 7155555 problem with crypto: OpenSSL (from 147707-04) 7151259 problem with crypto: OpenSSL (from 147707-03) 7133053 problem with crypto: OpenSSL 7133054 problem with crypto: OpenSSL (from 147707-02) 6881996 problem with crypto: OpenSSL (from 147707-01) 7017005 OpenSSL PKCS#11 engine not picking up all hardware crypto implementations
With Rapid7 live dashboards, I have a clear view of all the assets on my network, which ones can be exploited, and what I need to do in order to reduce the risk in my environment in real-time. No other tool gives us that kind of value and insight.
– Scott Cheney, Manager of Information Security, Sierra View Medical Center