symantec enterprise security manager patch policy release notes€¦ · · 2015-10-21security...

Symantec™ EnterpriseSecurity Manager PatchPolicy Release Notes

Symantec™ Enterprise Security Manager PatchPolicy Release Notes

The software described in this book is furnished under a license agreement and may be usedonly in accordance with the terms of the agreement.

Documentation version: 2015.10.01

Legal NoticeCopyright © 2015 Symantec Corporation. All rights reserved.

Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registeredtrademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Othernames may be trademarks of their respective owners.

This Symantec product may contain third party software for which Symantec is required toprovide attribution to the third party (“Third Party Programs”). Some of the Third Party Programsare available under open source or free software licenses. The License Agreementaccompanying the Software does not alter any rights or obligations you may have under thoseopen source or free software licenses. Please see the Third Party Legal Notice Appendix tothis Documentation or TPIP ReadMe File accompanying this Symantec product for moreinformation on the Third Party Programs.

The product described in this document is distributed under licenses restricting its use, copying,distribution, and decompilation/reverse engineering. No part of this document may bereproduced in any form by any means without prior written authorization of SymantecCorporation and its licensors, if any.

THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIEDCONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIEDWARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE ORNON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCHDISCLAIMERSAREHELD TOBE LEGALLY INVALID. SYMANTECCORPORATIONSHALLNOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTIONWITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THEINFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGEWITHOUT NOTICE.

The Licensed Software and Documentation are deemed to be commercial computer softwareas defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq."Commercial Computer Software and Commercial Computer Software Documentation," asapplicable, and any successor regulations, whether delivered by Symantec as on premisesor hosted services. Any use, modification, reproduction release, performance, display ordisclosure of the Licensed Software and Documentation by the U.S. Government shall besolely in accordance with the terms of this Agreement.

Symantec Corporation350 Ellis StreetMountain View, CA 94043

http://www.symantec.com

http://www.symantec.com

Technical SupportSymantec Technical Support maintains support centers globally. Technical Support’sprimary role is to respond to specific queries about product features and functionality.The Technical Support group also creates content for our online Knowledge Base.The Technical Support group works collaboratively with the other functional areaswithin Symantec to answer your questions in a timely fashion. For example, theTechnical Support group works with Product Engineering and Symantec SecurityResponse to provide alerting services and virus definition updates.

Symantec’s support offerings include the following:

■ A range of support options that give you the flexibility to select the right amountof service for any size organization

■ Telephone and/or Web-based support that provides rapid response andup-to-the-minute information

■ Upgrade assurance that delivers software upgrades

■ Global support purchased on a regional business hours or 24 hours a day, 7days a week basis

■ Premium service offerings that include Account Management Services

For information about Symantec’s support offerings, you can visit our website atthe following URL:

www.symantec.com/business/support/

All support services will be delivered in accordance with your support agreementand the then-current enterprise technical support policy.

Contacting Technical SupportCustomers with a current support agreement may access Technical Supportinformation at the following URL:


Before contacting Technical Support, make sure you have satisfied the systemrequirements that are listed in your product documentation. Also, you should be atthe computer on which the problem occurred, in case it is necessary to replicatethe problem.

When you contact Technical Support, please have the following informationavailable:

■ Product release level

■ Hardware information



■ Available memory, disk space, and NIC information

■ Operating system

■ Version and patch level

■ Network topology

■ Router, gateway, and IP address information

■ Problem description:

■ Error messages and log files

■ Troubleshooting that was performed before contacting Symantec

■ Recent software configuration changes and network changes

Licensing and registrationIf your Symantec product requires registration or a license key, access our technicalsupport Web page at the following URL:


Customer serviceCustomer service information is available at the following URL:


Customer Service is available to assist with non-technical questions, such as thefollowing types of issues:

■ Questions regarding product licensing or serialization

■ Product registration updates, such as address or name changes

■ General product information (features, language availability, local dealers)

■ Latest information about product updates and upgrades

■ Information about upgrade assurance and support contracts

■ Information about the Symantec Buying Programs

■ Advice about Symantec's technical support options

■ Nontechnical presales questions

■ Issues that are related to CD-ROMs, DVDs, or manuals



Support agreement resourcesIf you want to contact Symantec regarding an existing support agreement, pleasecontact the support agreement administration team for your region as follows:

[email protected] and Japan

[email protected], Middle-East, and Africa

[email protected] America and Latin America

mailto:[email protected]



Technical Support ............................................................................................... 4

Chapter 1 Introducing Patch Policy updates ..................................... 8

About the Patch Policy updates ......................................................... 8Getting Patch Policy updates through LiveUpdate ................................. 8Enhancements to the Patch module in Security Updates ........................ 9

Chapter 2 About the patch policy 2015.10.01 release .................. 13

What is new ................................................................................ 13Template updates ......................................................................... 15New patches for Windows .............................................................. 24New patches for UNIX ................................................................... 25

Solaris ................................................................................. 25SUSE .................................................................................. 25Red Hat Enterprise Linux ......................................................... 28Oracle Enterprise Linux ........................................................... 29HP-UX ................................................................................. 31

Contents

Introducing Patch Policyupdates

This chapter includes the following topics:

■ About the Patch Policy updates

■ Getting Patch Policy updates through LiveUpdate

■ Enhancements to the Patch module in Security Updates

About the Patch Policy updatesThe Patch Policy updates are released twice amonth. These updates add, enhance,and update the Patch policy and the associated template files on the SymantecESM manager. Symantec updates the patch templates with the Symantec ESMpolicy installer.

Getting Patch Policy updates through LiveUpdateTo get Patch policy updates through LiveUpdate for 6.5 or later managers, selectthe Patch Policies - OS Comprehensive LiveUpdate package in the EnterpriseSecurity Manager 6.5 or later Content Updates section. The Comprehensive packagecontains the checks that apply to the platforms that are supported only on ESM 6.5or later.

The policy installer executable applies to all versions of ESM and is available atthe following location:

http://securityresponse.symantec.com/

1Chapter

http://securityresponse.symantec.com/

Note: As per the End of Life product support policy, ESM Patch policy updates onESM 6.0 or earlier are not supported from Patch Policy (Windows) Update2008.10.02.

Note: If Java is installed on a Solaris 9 agent, install the JDK using the tar archivefile containing packages, available from Sun. If you install the JDK using aselfextracting shell archive file, the module will not report vulnerability informationfor it because no specific packages are installed.

Note: SU 26 now supports Solaris x86. If you do not have the current modules forSU 26, you will see duplicate messages for patches. To remove these duplicatemessages, you must update your modules to SU 26 or newer.

Enhancements to the Patch module in SecurityUpdates

Every Security Update includes updates to the Patch module. Upgrading to thelatest Security Update provides you with the most accurate patch detection.

Table 1-1 describes the enhancements to the Patch module in the latest SecurityUpdates.

Table 1-1 Support and enhancements in Security Updates

Upgraded support and enhancementsSecurity Update

Added support for Windows Server 2003 64-Bit Itanium-basedsystems

Added support for SUSE Linux Enterprise Server 8

Security Update 20

Added support for HP-UX 11i v2

Added regular expression support for the file version field forWindows patches utilized in checking Windows Media Playerpatches

Security Update 21

9Introducing Patch Policy updatesEnhancements to the Patch module in Security Updates

Table 1-1 Support and enhancements in Security Updates (continued)


Added support for AIX maintenance releases and supersedingpatches.

Added support for the following operating systems:

■ IBM AIX 5.3■ Red Hat Enterprise Linux AS 3.0 on Itanium, EM64T, and

AMD64■ Red Hat Enterprise Linux WS 3.0 on AMD64■ SUSE Linux Enterprise Server 9 for x86

Security Update 22

Added support for SUSE Linux Enterprise Server 9 on Itanium

Added support for Red Hat LinuxWorkstation 3 for Xeon (EM64T)

Added wildcard support for registry keys

Added patch results summary support

Added list installed patches support

Added service state messages support

Security Update 23

Added support for Red Hat Enterprise Linux 4 ES (x86)

Added Veritas Backup Exec product support

Added script transfer to agent support

Added Solaris Role Based Access Control support

Added Solaris 2.10 zone support

Security Update 24


■ Red Hat Enterprise Linux 4 AS on Opteron and Itanium■ Windows Server 2003 Enterprise 64-bit on Opteron and Xeon■ Added UNICODE support for AIX 433

Security Update 25

Added support for Solaris 10 on x86, x64

Added File System Entitlement module

Security Update 26

Added support for the following systems:

■ Red Hat Enterprise Linux 4 AS (Xeon)■ Windows Server 2003 R2 (x86, x64)

Security Update 27

Added support for SUSE Linux Enterprise Server version 10Security Update 28

Added support for Microsoft Windows Vista (x86, x64) EditionsSecurity Update 30




Added support for Red Hat Enterprise Linux 5 (x86, x86_64, andIA64-bit)

Security Update 31

Added support for Red Hat Enterprise Linux 5.x on IBM z-series(s390x)

Security Update 31.08

Added support for SUSE Linux Enterprise Server 9/10 (x86_64)and ESX Server 3.0.2 (x86, Opteron)

Security Update 32


■ Microsoft Windows Server 2008 (x86)■ Microsoft Windows Server 2008 64-bit (x64)■ Microsoft Windows Server 2008 64-Bit Itanium■ HP-UX 11.23 on PA-RISC

Security Update 34


■ HP-UX 11.31 on Itanium■ HP-UX 11.31 on PA-RISC■ IBM AIX 6.1■ Added support to handle Service Pack Entry for Windows

Server 2003 64-bit (x64) and Windows Vista 64-bit (x64)template file.

■ Added support to handle template size greater than 3MB forHP-UX.

Security Update 35


■ SUSE Linux 9 on IBM zSeries (s390x)■ SUSE Linux 10 on IBM zSeries (s390x)

Security Update 36


■ Red Hat Enterprise Linux Server 5 on PPC e-server

Security Update 37


■ AIX VIO Server 2.1 on AIX 6.1■ SUSE 11 on x86, x86_64, Itanium, zLinux, and PPC e-Server■ Oracle Enterprise Linux 5.2, 5.3 on x86, x86_64

Security Update 38

Added the support for the following operating systems:

■ Windows 7 on x86 and Opteron■ Windows 2008 R2 on Itanium, Opteron, and Xeon

Security Update 39





■ Red Hat Enterprise Linux 5.5 on x86, x86_64, Itanium, zLinux(s390x), and PPC e-Server

■ Red Hat Enterprise Linux Advanced Server 5.5 on x86,x86_64, Itanium, and PPC e-Server

■ Oracle Enterprise Linux 5.5 on x86 and x86_64

Security Update 40

Added the support for the following operating system:

■ Red Hat Enterprise Linux 6.0 on x86, x86_64, PPC64, andzLinux (s390x)

Security Update 41


■ Red Hat Enterprise Linux 6.1 on x86, x86_64, PPC64, andzLinux (s390x)

■ Oracle Solaris 11 Express on x86 and SPARC

Security Update 42


■ Oracle Enterprise Linux 5.x and 6.x on x86 and x86_64

Security Update 43

All previously supported operating systems continue to besupported.

Security Update 44

All previously supported operating systems continue to besupported.

Security Update 45


■ Windows Server 2012 R2

Security Update 46


■ Red Hat Enterprise Linux 7

Security Update 47


About the patch policy2015.10.01 release

This chapter includes the following topics:

■ What is new

■ Template updates

■ New patches for Windows

■ New patches for UNIX

What is newThis patch update for Symantec Enterprise Security Manager reports the operatingsystem and application patches for Windows.

There are 872 new patch signatures and 266 updated patch signatures in 29templates.

The following is the summary of the patch updates:

■ Patch.pwv (Microsoft Windows Vista - 5 new)

■ Patch.pxw (Microsoft Windows Vista for x64-based Systems - 5 new)

■ ie.p28i (Microsoft Internet Explorer on Microsoft Windows 2008 R2 for 64-BitItanium-based Systems - 1 new)

■ ie.p2s12 (Microsoft Internet Explorer on Windows 2012 R2 for x64-basedSystems - 1 new)

■ ie.p2s8 (Microsoft Internet Explorer onMicrosoft Windows 2008 R2 for x64-basedSystems - 4 new)

2Chapter

■ ie.p8i (Microsoft Internet Explorer on Microsoft Windows 2008 for 64-BitItanium-based Systems - 1 new)

■ ie.p8s (Microsoft Internet Explorer on Microsoft Windows Server 2008 - 3 new)

■ ie.ps12 (Microsoft Internet Explorer on Windows 2012 for x64-based Systems- 1 new)

■ ie.ps8 (Microsoft Internet Explorer on Microsoft Windows 2008 for x64-basedSystems - 3 new)

■ ie.pw7 (Microsoft Internet Explorer on Microsoft Windows 7 - 4 new)

■ ie.pwv (Microsoft Internet Explorer on Microsoft Windows Vista - 3 new)

■ ie.px7 (Microsoft Internet Explorer on Microsoft Windows 7 for x64-basedSystems - 4 new)

■ ie.pxw (Microsoft Internet Explorer on Microsoft Windows Vista for x64-basedSystems - 3 new)

■ patch.p28i (Microsoft Windows 2008 R2 for 64-Bit Itanium-based Systems - 1new)

■ patch.p2s12 (Microsoft Windows 2012 R2 for x64-based Systems - 4 new)

■ patch.p2s8 (Microsoft Windows 2008 R2 for x64-based Systems - 5 new)

■ patch.p8i (Microsoft Windows 2008 for 64-Bit Itanium-based Systems - 4 new)

■ patch.p8s (Microsoft Windows 2008 - 8 new)

■ patch.ps12 (Microsoft Windows 2012 for x64-based Systems - 4 new)

■ patch.ps8 (Microsoft Windows 2008 for x64-based Systems - 8 new)

■ patch.pw7 (Microsoft Windows 7 - 3 new)

■ patch.px7 (Microsoft Windows 7 for x64-based Systems - 3 new)

■ oel-patch.plx (Oracle Enterprise Linux - 78 new) patch.pai (IBM AIX - 2 new)

■ patch.ph1 (HP-UX 11.23 - 11.31 PA-RISC - 15 new)

■ patch.ph2 (HP-UX 11.23 - 11.31 for Itanium-based systems - 16 new)

■ patch.plx (RedHat Enterprise Linux - 153 new)

■ patch.ps6 (Sun Solaris 2.6+ - 5 new)

■ patch.psl (SUSE Linux - 525 new, 266 updated)

14About the patch policy 2015.10.01 releaseWhat is new

Template updatesTable 2-1 lists the information about the templates that have been updated or addedfor various applications and operating systems.

Table 2-1 Templates information for Windows and UNIX operating systems

Application on operating systemTemplate fileTemplate version

Microsoft Exchange Server 2013 on MicrosoftWindows 7 (x64)

exchg2k13.px76

Microsoft Exchange Server 2013 on MicrosoftWindows 2008 R2 Server (x64)

exchg2k13.p2s86

Microsoft Exchange Server 2013 on MicrosoftWindows 2012 for x64-based Systems

exchg2k13.ps124

Microsoft Exchange Server 2013 on Windows2012 R2 for x64-based Systems

exchg2k13.p2s123

Microsoft Exchange Server 2000 on MicrosoftWindows 2000 Server and Windows 2000Advanced Server

exchg2k.ps53127

Microsoft Exchange Server 2003 on MicrosoftWindows Server 2003

exchg2k3.p6s3079

Microsoft Exchange Server 2003 on MicrosoftWindows 2000 Server and Windows 2000Advanced Server

exchg2k3.ps53079

Microsoft Exchange Server 2007 on MicrosoftWindows Server 2003

exchg2k7.p6s16

Microsoft Exchange Server 2003 on MicrosoftWindows 2008

exchg2k7.p8s12

Microsoft Exchange Server 2007 on MicrosoftWindows Server 2008 (x64) Editions

exchg2k7.ps817

Microsoft Exchange Server 2007 on MicrosoftWindows Server 2003 64-bit (x64)

exchg2k7.p6419

Microsoft Exchange Server 2007 on MicrosoftWindows 2008 R2 Server 64-bit (x64)

exchg2k7.p2s85

Microsoft Exchange Server 2010 on MicrosoftWindows 2008 Server 64-bit (x64)

exchg2k10.ps84

15About the patch policy 2015.10.01 releaseTemplate updates

Table 2-1 Templates information for Windows and UNIX operating systems(continued)


Microsoft Exchange Server 2010 on MicrosoftWindows 2008 R2 Server 64-bit (x64)

exchg2k10.p2s85


exchg2k10.px74


exchg2k7.px71

Microsoft Exchange Server 2010 on MicrosoftVista (x64)

exchg2k10.pxw2

Microsoft Exchange Server 2007 on MicrosoftVista (x64)

exchg2k7.pxw1


exchg2k7.ps122

Microsoft Exchange Server 5.5 on MicrosoftWindows 2000 Server and Windows 2000Advanced Server

exchg55.ps53118

Microsoft Internet Explorer on MicrosoftWindows Server 2003 for 64-Bit Itanium-basedSystems

ie.p3i73

Microsoft Internet Explorer on MicrosoftWindows Server 2003 64-bit (x64)

ie.p6474

Microsoft Internet Explorer on MicrosoftWindows Server 2003

ie.p6s2732

Microsoft Internet Explorer on MicrosoftWindows Server 2008 for 64-bit Itanium-basedSystems

ie.p8i70

Microsoft Internet Explorer on MicrosoftWindows Server 2008

ie.p8s78

Microsoft Internet Explorer on MicrosoftWindows Server 2008 64-bit (x64)

ie.ps878

Microsoft Internet Explorer on MicrosoftWindows 2000 Server and Windows 2000Advanced Server

ie.ps53167




Microsoft Internet Explorer on MicrosoftWindows 2000 Professional

ie.pw53168

Microsoft Internet Explorer on MicrosoftWindows XP Professional

ie.pwx3205

Microsoft Internet Explorer on MicrosoftWindows 2008 R2 (x64)

ie.p28i56

Microsoft Internet Explorer on MicrosoftWindows 2008 R2 (x64)Editions

ie.p2s859

Microsoft Internet Explorer on MicrosoftWindows 2012 R2 (x64)Editions

ie.p2s129

Microsoft Internet Explorer on MicrosoftWindows 7

ie.pw760

Microsoft Internet Explorer on MicrosoftWindows 7 (x64)

ie.px760

Microsoft Internet Explorer on MicrosoftWindows Vista

ie.pwv89

Microsoft Internet Explorer on MicrosoftWindows Vista 64-bit (x64)

ie.pxw88

Microsoft Internet Explorer on MicrosoftWindows 2012 64-bit (x64)

ie.ps1237

Microsoft Internet Information Services onMicrosoft Windows Server 2003 for 64-BitItanium-based Systems

iis.p3i1010

Microsoft Internet Information Services onMicrosoft Windows Server 2003 64-bit (x64)

iis.p641009

Microsoft Internet Information Services onMicrosoft Windows Server 2003

iis.p6s1009

Microsoft Internet Information Services onMicrosoft 2008 for Itanium-based Systems

iis.p8i4

Microsoft Internet Information Services onMicrosoft Windows Server 2008

iis.p8s7




Microsoft Internet Information Services onMicrosoft Windows 2000 Server andWindows2000 Advanced Server

iis.ps51006

Microsoft Internet Information Services onMicrosoft Windows 2008 x64 Editions

iis.ps86

Microsoft Internet Information Services onMicrosoft Windows 2000 Professional

iis.pw53106

Microsoft Internet Information Services onMicrosoft Windows 2000 Professional

iis.pw74

Microsoft Internet Information Services onMicrosoft Windows 7 (x64)

iis.px74

Microsoft Internet Information Services onMicrosoft Windows Vista

iis.pwv1009

Microsoft Internet Information Services onMicrosoft Windows XP Professional

iis.pwx3110

Microsoft Internet Information Services onMicrosoft Windows Vista 64-bit (x64)

iis.pxw1009

Microsoft Internet Information Services onMicrosoft Windows 2000 Server andWindows2000 Advanced Server

iis5.ps53094

Microsoft Internet Information Services onMicrosoft 2008 for Itanium-based Systems

iis.p28i4

Microsoft Internet Information Services onMicrosoft Windows 2008 R2 (x64)

iis.p2s85

Microsoft Internet Security and AccelerationServer on Microsoft Windows Server 2003

isa2k.p6s2975

Microsoft Internet Security and AccelerationServer on Microsoft Windows 2000 Server andWindows 2000 Advanced Server

isa2k.ps52975

Microsoft Internet Security and AccelerationServer on Microsoft Windows Server 2003

isa.p6s4




Microsoft Internet Security and AccelerationServer on Microsoft Windows 2000 Server

isa.ps52

Microsoft Data Access Components onMicrosoft Windows Server 2003

mdac.p6s3064

Microsoft Data Access Components onMicrosoft Windows 2000 Server andWindows2000 Advanced Server

mdac.ps53064

Microsoft Data Access Components onMicrosoft Windows 2000 Professional

mdac.pw53064

Microsoft Data Access Components onMicrosoft Windows XP Professional

mdac.pwx3064

Oracle Enterprise Linuxoel-patch.plx77

Microsoft Outlook on Microsoft WindowsServer 2003 for 64-Bit Itanium-based Systems

outlook.p3i9

Microsoft Outlook on Microsoft WindowsServer 2003 (x64)

outlook.p649

Microsoft Outlook on Microsoft WindowsServer 2003

outlook.p6s3140

Microsoft WindowsMail on Microsoft Windows2008 for Itanium-based Systems

outlook.p8i5

Microsoft WindowsMail on Microsoft WindowsServer 2008

outlook.p8s4

Microsoft Outlook on Microsoft Windows 2000Server and Windows 2000 Advanced Server

outlook.ps53137

Microsoft WindowsMail on Microsoft Windows2008 (x64)

outlook.ps84

Microsoft Outlook on Microsoft Windows 2000Professional

outlook.pw53138

Microsoft WindowsMail on Microsoft WindowsVista

outlook.pwv4




Microsoft Outlook on Microsoft Windows XPProfessional

outlook.pwx3138

Microsoft WindowsMail on Microsoft WindowsVista for 64-Bit

outlook.pxw5

Microsoft Windows Server 2003 for 64-BitItanium-based Systems

patch.p3i275

Microsoft Windows Server 2003 64-bit (x64)patch.p64286

Microsoft Windows Server 2003patch.p6s3459

Microsoft Windows Server 2008 for 64-bitItanium-based Systems

patch.p8i268

Microsoft Windows Server 2008patch.p8s314

IBM AIXpatch.pai3099

HP HP-UX 11.00 - 11.23 PA-RISCpatch.ph13777

HP HP-UX 11.23 for Itanium-based systemspatch.ph2164

Red Hat Linux and Enterprise Linuxpatch.plx3448

Microsoft Windows 2000 Server andWindows2000 Advanced Server

patch.ps53314

Sun Solaris 2.6+patch.ps63440

Microsoft Windows Server 2008 64-bit (x64)patch.ps8322

SUSE Linuxpatch.psl208

Sun Solaris 2.5.1patch.pso3250

IBM AIX VIOS Serverpatch.pvio3

Microsoft Windows 2000 Professionalpatch.pw53302

Microsoft Windows XP Professionalpatch.pwx3462

Microsoft Windows Vista Enterprise 32-bitpatch.pwv321

Microsoft Windows Vista Enterprise 64-bit(x64)

patch.pxw318




Microsoft Windows 2008 R2 for Itanium-basedsystems

patch.p28i211

Microsoft Windows 2008 R2 64-bit (x64)patch.p2s8248

Microsoft Windows 2012 R2 64-bit (x64)patch.p2s1285

Microsoft Windows 7patch.pw7230

Microsoft Windows 7 64 -bitpatch.px7228

Microsoft Windows 2000 Advanced Serverpatch_adv2k.ps518

Microsoft Windows 2012 64-bit (x64)patch.ps1290

Microsoft SharePoint Services on MicrosoftWindows Server 2003

sharepoint.p6s10

Microsoft SharePoint Services on MicrosoftWindows 2003 (x64) Editions

sharepoint.p648

Microsoft SharePoint Services on MicrosoftWindows 2008

sharepoint.p8s7

Microsoft SharePoint Services on MicrosoftWindows 2008 (x64) Editions

sharepoint.ps89

Microsoft SharePoint Server on MicrosoftWindows 2008 R2 for x64-based Systems

sharepoint.p2s83

Microsoft SharePoint Server on MicrosoftWindows 2012R2 for x64-based Systems

sharepoint.p2s123

Microsoft SharePoint Server on MicrosoftWindows 2012 for x64-based Systems

sharepoint.ps123

Microsoft SQL Server on Microsoft Windows2003 for Itanium-based systems

sql.p3i23

Microsoft SQL Server on Microsoft Windows2003 64-bit (x64)

sql.p6423

Microsoft SQL Server on Microsoft Windows2003

sql.p6s27




Microsoft SQL Server on Microsoft Windows2008 for Itanium-based Systems

sql.p8i21

Microsoft SQL Server on Microsoft Windows2008

sql.p8s23

Microsoft SQL Server on Microsoft Windows2000 Server and Windows 2000 AdvancedServer

sql.ps53114


sql.ps819

Microsoft SQL Server on Microsoft Windows2000 Professional

sql.pw53110

Microsoft SQL Server on Microsoft WindowsXP Professional

sql.pwx3112

Microsoft SQL Server on Microsoft WindowsVista

sql.pxw19

Microsoft SQL Server on Microsoft WindowsXP Professional

sql.pwv23


sql.px79


sql.pw79

Microsoft SQL Server on Microsoft WindowsServer 2008 R2 64-bit (x64)

sql.p2s87

Microsoft SQL Server on Microsoft WindowsServer 2008 R2 for Itanium-based 64-bitSystems (ia64)

sql.p28i9

Microsoft SQL Server on Microsoft Windows2012 for x64-based Systems

sql.ps123

Microsoft SQL Server on Microsoft Windows2012 R2 for x64-based Systems

sql.p2s123

Microsoft Visual Studio on Microsoft WindowsServer 2003 for Itanium-based Systems

visualstudio.p3i6




Microsoft Visual Studio on Microsoft WindowsServer 2003 (x64) Editions

visualstudio.p6412

Microsoft Visual Studio on Microsoft WindowsServer 2003

visualstudio.p6s15

Microsoft Visual Studio on Microsoft WindowsServer 2008 for Itanium-based Systems

visualstudio.p8i8


visualstudio.p8s11

Microsoft Visual Studio on Microsoft Windows2000 Professional

visualstudio.ps58

Microsoft Visual Studio on Microsoft WindowsServer 2008 (x64) Editions

visualstudio.ps89


visualstudio.pw58

Microsoft Visual Studio on Microsoft WindowsVista

visualstudio.pwv13

Microsoft Visual Studio on Microsoft WindowsXP Professional

visualstudio.pwx15

Microsoft Visual Studio on Microsoft WindowsVista (x64) Editions

visualstudio.pxw11

Microsoft Visual Studio on Microsoft Windows7 (x64)

visualstudio.px74

Microsoft Visual Studio on Microsoft Windows7

visualstudio.pw75

Microsoft Visual Studio on Microsoft WindowsServer 2008 R2 64-bit (x64)

visualstudio.p2s82

Microsoft Visual Studio on Microsoft WindowsServer 2008 R2 for Itanium-based 64-bitSystems (ia64)

visualstudio.p28i2

Microsoft Windows Media Player on MicrosoftWindows Server 2003 64-bit (x64)

wmplayer.p6419




Microsoft Windows Media Player on MicrosoftWindows Server 2003

wmplayer.p6s26

Microsoft Windows 2008wmplayer.p8s11

Microsoft Windows Media Player on MicrosoftWindows 2000 Server and Windows 2000Advanced Server

wmplayer.ps530

Microsoft Windows Media Player on MicrosoftWindows Server 2008 (x64) Editions

wmplayer.ps812

Microsoft Windows Media Player on MicrosoftWindows 2000 Professional

wmplayer.pw528

Microsoft Windows Media Player on MicrosoftWindows XP Professional

wmplayer.pwx34

Microsoft Windows Media Player on MicrosoftWindows Vista (32-bit)

wmplayer.pwv18

Microsoft Windows Media Player on MicrosoftWindows Vista (64-bit)

wmplayer.pxw17

Microsoft SharePoint Services on MicrosoftWindows 2008 (x64)

wmplayer.p2s84


wmplayer.px73


wmplayer.pw72

Microsoft Windows Media Player on MicrosoftWindows Windows 2012 (x64-bit)

wmplayer.ps121

New patches for WindowsThe following new patch bulletins are added in this release:

■ MS15-106Cumulative Security Update for Internet Explorer (3096441)

■ MS15-108

24About the patch policy 2015.10.01 releaseNew patches for Windows

Security Update for JScript and VBScript to Address Remote Code Execution(3089659)

■ MS15-109Security Update for Windows Shell to Address Remote Code Execution(3096443)

■ MS15-111Security Update for Windows Kernel to Address Elevation of Privilege (3096447)

New patches for UNIXThe following new patches have been added for Solaris, SUSE, Red Hat EnterpriseLinux, Oracle Enterprise Linux, and HP-UX.

SolarisTable 2-2 lists the new patches that have been added for Solaris operating systems.

Table 2-2 New patches for Solaris

Patch IDPatch IDPatch ID

120719-07119784-32119783-32

150400-28120720-07

Note: For this release of Solaris Patches, ESM has referred to the patchdiag.xreffile that is dated September 28, 2015.

SUSETable 2-3 lists the new patches that have been added for SUSE operating systems.

Table 2-3 New Patches for SUSE


bind-doc-9.9.6P1-0.15.1bind-chrootenv-9.9.6P1-0.15.1

apache2-mod_php53-5.3.17-45.1

bind-libs-9.9.6P1-0.15.1bind-libs-x86-9.9.6P1-0.15.1bind-libs-32bit-9.9.6P1-0.15.1

compat-libldap-2_3-0-2.3.37-2.35.1

bind-9.9.6P1-0.15.1bind-utils-9.9.6P1-0.15.1

25About the patch policy 2015.10.01 releaseNew patches for UNIX

Table 2-3 New Patches for SUSE (continued)


java-1_6_0-ibm-alsa-1.6.0_sr16.7-10.1

gnutls-2.4.1-24.39.57.1glibc-html-2.11.3-17.45.49.1

java-1_6_0-ibm-plugin-1.6.0_sr16.7-10.1

java-1_6_0-ibm-jdbc-1.6.0_sr16.7-10.1

java-1_6_0-ibm-fonts-1.6.0_sr16.7-10.1

kernel-bigsmp-devel-3.0.101-0.47.67.2

kernel-bigsmp-base-3.0.101-0.47.67.2

java-1_6_0-ibm-1.6.0_sr16.7-10.1

kernel-default-devel-2.6.32.46-0.3.1

kernel-default-base-3.0.101-0.47.67.2

kernel-bigsmp-3.0.101-0.47.67.2

kernel-default-3.0.101-0.47.67.2

kernel-default-man-3.0.101-0.47.67.2

kernel-default-devel-3.0.101-0.47.67.2

kernel-ec2-3.0.101-0.47.67.2kernel-ec2-devel-3.0.101-0.47.67.2

kernel-ec2-base-3.0.101-0.47.67.2

kernel-pae-3.0.101-0.47.67.2kernel-pae-devel-3.0.101-0.47.67.2

kernel-pae-base-3.0.101-0.47.67.2

kernel-ppc64-3.0.101-0.47.67.2

kernel-ppc64-devel-3.0.101-0.47.67.2

kernel-ppc64-base-3.0.101-0.47.67.2

kernel-trace-base-3.0.101-0.47.67.2

kernel-syms-3.0.101-0.47.67.2

kernel-source-3.0.101-0.47.67.2

kernel-xen-base-3.0.101-0.47.67.2

kernel-trace-3.0.101-0.47.67.2

kernel-trace-devel-3.0.101-0.47.67.2

kvm-1.4.2-0.22.34.3kernel-xen-3.0.101-0.47.67.2kernel-xen-devel-3.0.101-0.47.67.2

libfreebl3-3.19.2.0-0.16.1libfreebl3-x86-3.19.2.0-0.16.1libfreebl3-32bit-3.19.2.0-0.16.1

libgcrypt11-1.5.0-0.19.1libgcrypt11-x86-1.5.0-0.19.1libgcrypt11-32bit-1.5.0-0.19.1

libgnutls26-x86-2.4.1-24.39.57.1

libgnutls26-32bit-2.4.1-24.39.57.1

libgnutls-extra26-2.4.1-24.39.57.1

libldap-2_4-2-x86-2.4.26-0.35.1

libldap-2_4-2-32bit-2.4.26-0.35.1

libgnutls26-2.4.1-24.39.57.1

libldap-openssl1-2_4-2-x86-2.4.26-0.35.1

libldap-openssl1-2_4-2-32bit-2.4.26-0.35.1

libldap-2_4-2-2.4.26-0.35.1




libsnmp15-x86-5.4.2.1-8.12.24.1

libsnmp15-32bit-5.4.2.1-8.12.24.1

libldap-openssl1-2_4-2-2.4.26-0.35.1

libsoftokn3-x86-3.19.2.0-0.16.1

libsoftokn3-32bit-3.19.2.0-0.16.1

libsnmp15-5.4.2.1-8.12.24.1

mozilla-nspr-x86-4.10.8-0.8.1mozilla-nspr-32bit-4.10.8-0.8.1

libsoftokn3-3.19.2.0-0.16.1

mozilla-nss-tools-3.19.2.0-0.16.1

mozilla-nss-32bit-3.19.2.0-0.16.1

mozilla-nspr-4.10.8-0.8.1

MozillaFirefox-branding-SLED-31.0-0.12.51

mozilla-nss-3.19.2.0-0.16.1mozilla-nss-x86-3.19.2.0-0.16.1

net-snmp-5.4.2.1-8.12.24.1MozillaFirefox-38.2.1esr-19.3MozillaFirefox-translations-38.2.1esr-19.3

openldap2-client-2.4.26-0.35.1

openldap2-back-meta-2.4.26-0.35.1

ofed-kmp-default-1.5.2_2.6.32.46_0.3-0.9.13.1

openssh-askpass-6.2p2-0.21.1

openssh-askpass-gnome-6.2p2-0.21.3

openldap2-2.4.26-0.35.1

php53-bcmath-5.3.17-45.1perl-SNMP-5.4.2.1-8.12.24.1openssh-6.2p2-0.21.1

php53-ctype-5.3.17-45.1php53-calendar-5.3.17-45.1php53-bz2-5.3.17-45.1

php53-dom-5.3.17-45.1php53-dba-5.3.17-45.1php53-curl-5.3.17-45.1

php53-fileinfo-5.3.17-45.1php53-fastcgi-5.3.17-45.1php53-exif-5.3.17-45.1

php53-gettext-5.3.17-45.1php53-gd-5.3.17-45.1php53-ftp-5.3.17-45.1

php53-intl-5.3.17-45.1php53-iconv-5.3.17-45.1php53-gmp-5.3.17-45.1

php53-mbstring-5.3.17-45.1php53-ldap-5.3.17-45.1php53-json-5.3.17-45.1

php53-odbc-5.3.17-45.1php53-mysql-5.3.17-45.1php53-mcrypt-5.3.17-45.1

php53-pdo-5.3.17-45.1php53-pcntl-5.3.17-45.1php53-openssl-5.3.17-45.1

php53-pspell-5.3.17-45.1php53-pgsql-5.3.17-45.1php53-pear-5.3.17-45.1

php53-soap-5.3.17-45.1php53-snmp-5.3.17-45.1php53-shmop-5.3.17-45.1

php53-sysvsem-5.3.17-45.1php53-sysvmsg-5.3.17-45.1php53-suhosin-5.3.17-45.1




php53-wddx-5.3.17-45.1php53-tokenizer-5.3.17-45.1php53-sysvshm-5.3.17-45.1

php53-xmlwriter-5.3.17-45.1php53-xmlrpc-5.3.17-45.1php53-xmlreader-5.3.17-45.1

php53-zlib-5.3.17-45.1php53-zip-5.3.17-45.1php53-xsl-5.3.17-45.1

quagga-devel-0.99.9-14.11.9quagga-debuginfo-0.99.9-14.11.9

php53-5.3.17-45.1

tomcat5-admin-webapps-5.5.27-0.16.1

snmp-mibs-5.4.2.1-8.12.24.1quagga-0.99.9-14.11.9

uucp-1.07-268.18.1tomcat5-5.5.27-0.16.1tomcat5-webapps-5.5.27-0.16.1

xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1

xen-doc-pdf-4.2.5_12-15.1xen-doc-html-4.2.5_12-15.1

xen-libs-4.2.5_12-15.1xen-libs-32bit-4.2.5_12-15.1xen-kmp-pae-4.2.5_12_3.0.101_0.47.55-15.1

xen-4.2.5_12-15.1xen-tools-4.2.5_12-15.1xen-tools-domU-4.2.5_12-15.1

Red Hat Enterprise LinuxTable 2-4 lists the new patches that have been added for Red Hat Enterprise Linuxoperating systems.

Table 2-4 New patches for Red Hat Enterprise Linux


bind-debuginfo-9.3.6-25.P1.el5_11.4

bind-chroot-9.8.2-0.37.rc1.el6_7.4

bind-chroot-9.3.6-25.P1.el5_11.4

bind-devel-9.8.2-0.37.rc1.el6_7.4

bind-devel-9.3.6-25.P1.el5_11.4

bind-debuginfo-9.8.2-0.37.rc1.el6_7.4

bind-libs-9.8.2-0.37.rc1.el6_7.4

bind-libs-9.3.6-25.P1.el5_11.4bind-libbind-devel-9.3.6-25.P1.el5_11.4

bind-utils-9.3.6-25.P1.el5_11.4

bind-sdb-9.8.2-0.37.rc1.el6_7.4

bind-sdb-9.3.6-25.P1.el5_11.4


Table 2-4 New patches for Red Hat Enterprise Linux (continued)


bind97-debuginfo-9.7.0-21.P2.el5_11.3

bind97-chroot-9.7.0-21.P2.el5_11.3

bind-utils-9.8.2-0.37.rc1.el6_7.4

bind97-utils-9.7.0-21.P2.el5_11.3

bind97-libs-9.7.0-21.P2.el5_11.3

bind97-devel-9.7.0-21.P2.el5_11.3

bind-9.8.2-0.37.rc1.el6_7.4bind-9.3.6-25.P1.el5_11.4bind97-9.7.0-21.P2.el5_11.3

firefox-debuginfo-38.3.0-2.el6_7

firefox-debuginfo-38.3.0-2.el5_11

caching-nameserver-9.3.6-25.P1.el5_11.4

gdk-pixbuf2-debuginfo-2.24.1-6.el6_7

firefox-38.3.0-2.el6_7firefox-38.3.0-2.el5_11

jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7

gdk-pixbuf2-2.24.1-6.el6_7gdk-pixbuf2-devel-2.24.1-6.el6_7

libXfont-devel-1.4.5-5.el6_7libXfont-debuginfo-1.4.5-5.el6_7

jakarta-taglibs-standard-1.1.1-11.7.el6_7

nss-softokn-devel-3.14.3-23.el6_7

nss-softokn-debuginfo-3.14.3-23.el6_7

libXfont-1.4.5-5.el6_7

nss-softokn-3.14.3-23.el6_7nss-softokn-freebl-3.14.3-23.el6_7

nss-softokn-freebl-devel-3.14.3-23.el6_7

qemu-kvm-debuginfo-0.12.1.2-2.479.el6_7.1

qemu-img-0.12.1.2-2.479.el6_7.1

qemu-guest-agent-0.12.1.2-2.479.el6_7.1

spice-server-debuginfo-0.12.4-12.el6_7.1

qemu-kvm-0.12.1.2-2.479.el6_7.1

qemu-kvm-tools-0.12.1.2-2.479.el6_7.1

spice-server-0.12.4-12.el6_7.1

spice-server-devel-0.12.4-12.el6_7.1

Oracle Enterprise LinuxTable 2-5 lists the new patches that have been added for Oracle Enterprise Linux(OEL) operating systems.

Table 2-5 New patches for Oracle Enterprise Linux (OEL)


bind-devel-9.3.6-25.P1.el5_11.4

bind-chroot-9.8.2-0.37.rc1.el6_7.4

bind-chroot-9.3.6-25.P1.el5_11.4


Table 2-5 New patches for Oracle Enterprise Linux (OEL) (continued)


bind-libs-9.3.6-25.P1.el5_11.4bind-libbind-devel-9.3.6-25.P1.el5_11.4

bind-devel-9.8.2-0.37.rc1.el6_7.4

bind-sdb-9.8.2-0.37.rc1.el6_7.4

bind-sdb-9.3.6-25.P1.el5_11.4

bind-libs-9.8.2-0.37.rc1.el6_7.4

bind97-chroot-9.7.0-21.P2.el5_11.3

bind-utils-9.8.2-0.37.rc1.el6_7.4

bind-utils-9.3.6-25.P1.el5_11.4

bind97-utils-9.7.0-21.P2.el5_11.3

bind97-libs-9.7.0-21.P2.el5_11.3

bind97-devel-9.7.0-21.P2.el5_11.3

bind-9.8.2-0.37.rc1.el6_7.4bind-9.3.6-25.P1.el5_11.4bind97-9.7.0-21.P2.el5_11.3

firefox-38.2.1-1.0.1.el5_11dtrace-modules-3.8.13-98.2.2.el6uek-0.4.5-3.el6

caching-nameserver-9.3.6-25.P1.el5_11.4

firefox-38.3.0-2.0.1.el6_7firefox-38.3.0-2.0.1.el5_11firefox-38.2.1-1.0.1.el6_7

httpd-devel-2.2.15-47.0.1.el6_7

gdk-pixbuf2-2.24.1-6.el6_7gdk-pixbuf2-devel-2.24.1-6.el6_7

httpd-2.2.15-47.0.1.el6_7httpd-tools-2.2.15-47.0.1.el6_7

httpd-manual-2.2.15-47.0.1.el6_7

kernel-uek-debug-devel-3.8.13-98.2.2.el6uek

jakarta-taglibs-standard-1.1.1-11.7.el6_7

jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7

kernel-uek-doc-3.8.13-98.2.2.el6uek

kernel-uek-devel-3.8.13-98.2.2.el6uek

kernel-uek-debug-3.8.13-98.2.2.el6uek

libXfont-devel-1.4.5-5.el6_7kernel-uek-3.8.13-98.2.2.el6uek

kernel-uek-firmware-3.8.13-98.2.2.el6uek

nss-devel-3.19.1-1.el5_11mod_ssl-2.2.15-47.0.1.el6_7libXfont-1.4.5-5.el6_7

nss-softokn-freebl-devel-3.14.3-23.el6_7

nss-softokn-devel-3.14.3-23.el6_7

nss-pkcs11-devel-3.19.1-1.el5_11

nss-tools-3.19.1-1.el5_11nss-softokn-3.14.3-23.el6_7nss-softokn-freebl-3.14.3-23.el6_7

qemu-img-0.12.1.2-2.479.el6_7.1

qemu-guest-agent-0.12.1.2-2.479.el6_7.1

nss-3.19.1-1.el5_11

spice-server-devel-0.12.4-12.el6_7.1

qemu-kvm-0.12.1.2-2.479.el6_7.1

qemu-kvm-tools-0.12.1.2-2.479.el6_7.1


Table 2-5 New patches for Oracle Enterprise Linux (OEL) (continued)


thunderbird-38.2.0-4.0.1.el6_7

spice-server-0.12.4-12.el6_7.1

HP-UXTable 2-6 lists the new patches that have been added for HP-UX operating systems.

Table 2-6 New patches for HP-UX


11.31 XPCA Toolkit A.11.0011.31 io cumulative patch11.31 esctl cumulative patch

s700_800 11.23 ftpd(1M) andftp(1) patch

s700_800 11.23 cumulativePPP patch

Note: Support for the RHBA bug fix advisories is not available in Symantec™Enterprise Security Manager Patch Policy.

Note: This is the final Enterprise Security Manager Patch Policy released bySymantec.


symantec enterprise security manager patch policy release notes€¦ · · 2015-10-21security...

Documents