symantec enterprise security manager patch policy release notes€¦ · · 2015-10-21security...
TRANSCRIPT
Symantec™ EnterpriseSecurity Manager PatchPolicy Release Notes
Symantec™ Enterprise Security Manager PatchPolicy Release Notes
The software described in this book is furnished under a license agreement and may be usedonly in accordance with the terms of the agreement.
Documentation version: 2015.10.01
Legal NoticeCopyright © 2015 Symantec Corporation. All rights reserved.
Symantec, the Symantec Logo, and the Checkmark Logo are trademarks or registeredtrademarks of Symantec Corporation or its affiliates in the U.S. and other countries. Othernames may be trademarks of their respective owners.
This Symantec product may contain third party software for which Symantec is required toprovide attribution to the third party (“Third Party Programs”). Some of the Third Party Programsare available under open source or free software licenses. The License Agreementaccompanying the Software does not alter any rights or obligations you may have under thoseopen source or free software licenses. Please see the Third Party Legal Notice Appendix tothis Documentation or TPIP ReadMe File accompanying this Symantec product for moreinformation on the Third Party Programs.
The product described in this document is distributed under licenses restricting its use, copying,distribution, and decompilation/reverse engineering. No part of this document may bereproduced in any form by any means without prior written authorization of SymantecCorporation and its licensors, if any.
THE DOCUMENTATION IS PROVIDED "AS IS" AND ALL EXPRESS OR IMPLIEDCONDITIONS, REPRESENTATIONS AND WARRANTIES, INCLUDING ANY IMPLIEDWARRANTY OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE ORNON-INFRINGEMENT, ARE DISCLAIMED, EXCEPT TO THE EXTENT THAT SUCHDISCLAIMERSAREHELD TOBE LEGALLY INVALID. SYMANTECCORPORATIONSHALLNOT BE LIABLE FOR INCIDENTAL OR CONSEQUENTIAL DAMAGES IN CONNECTIONWITH THE FURNISHING, PERFORMANCE, OR USE OF THIS DOCUMENTATION. THEINFORMATION CONTAINED IN THIS DOCUMENTATION IS SUBJECT TO CHANGEWITHOUT NOTICE.
The Licensed Software and Documentation are deemed to be commercial computer softwareas defined in FAR 12.212 and subject to restricted rights as defined in FAR Section 52.227-19"Commercial Computer Software - Restricted Rights" and DFARS 227.7202, et seq."Commercial Computer Software and Commercial Computer Software Documentation," asapplicable, and any successor regulations, whether delivered by Symantec as on premisesor hosted services. Any use, modification, reproduction release, performance, display ordisclosure of the Licensed Software and Documentation by the U.S. Government shall besolely in accordance with the terms of this Agreement.
Symantec Corporation350 Ellis StreetMountain View, CA 94043
http://www.symantec.com
Technical SupportSymantec Technical Support maintains support centers globally. Technical Support’sprimary role is to respond to specific queries about product features and functionality.The Technical Support group also creates content for our online Knowledge Base.The Technical Support group works collaboratively with the other functional areaswithin Symantec to answer your questions in a timely fashion. For example, theTechnical Support group works with Product Engineering and Symantec SecurityResponse to provide alerting services and virus definition updates.
Symantec’s support offerings include the following:
■ A range of support options that give you the flexibility to select the right amountof service for any size organization
■ Telephone and/or Web-based support that provides rapid response andup-to-the-minute information
■ Upgrade assurance that delivers software upgrades
■ Global support purchased on a regional business hours or 24 hours a day, 7days a week basis
■ Premium service offerings that include Account Management Services
For information about Symantec’s support offerings, you can visit our website atthe following URL:
www.symantec.com/business/support/
All support services will be delivered in accordance with your support agreementand the then-current enterprise technical support policy.
Contacting Technical SupportCustomers with a current support agreement may access Technical Supportinformation at the following URL:
www.symantec.com/business/support/
Before contacting Technical Support, make sure you have satisfied the systemrequirements that are listed in your product documentation. Also, you should be atthe computer on which the problem occurred, in case it is necessary to replicatethe problem.
When you contact Technical Support, please have the following informationavailable:
■ Product release level
■ Hardware information
■ Available memory, disk space, and NIC information
■ Operating system
■ Version and patch level
■ Network topology
■ Router, gateway, and IP address information
■ Problem description:
■ Error messages and log files
■ Troubleshooting that was performed before contacting Symantec
■ Recent software configuration changes and network changes
Licensing and registrationIf your Symantec product requires registration or a license key, access our technicalsupport Web page at the following URL:
www.symantec.com/business/support/
Customer serviceCustomer service information is available at the following URL:
www.symantec.com/business/support/
Customer Service is available to assist with non-technical questions, such as thefollowing types of issues:
■ Questions regarding product licensing or serialization
■ Product registration updates, such as address or name changes
■ General product information (features, language availability, local dealers)
■ Latest information about product updates and upgrades
■ Information about upgrade assurance and support contracts
■ Information about the Symantec Buying Programs
■ Advice about Symantec's technical support options
■ Nontechnical presales questions
■ Issues that are related to CD-ROMs, DVDs, or manuals
Support agreement resourcesIf you want to contact Symantec regarding an existing support agreement, pleasecontact the support agreement administration team for your region as follows:
[email protected] and Japan
[email protected], Middle-East, and Africa
[email protected] America and Latin America
Technical Support ............................................................................................... 4
Chapter 1 Introducing Patch Policy updates ..................................... 8
About the Patch Policy updates ......................................................... 8Getting Patch Policy updates through LiveUpdate ................................. 8Enhancements to the Patch module in Security Updates ........................ 9
Chapter 2 About the patch policy 2015.10.01 release .................. 13
What is new ................................................................................ 13Template updates ......................................................................... 15New patches for Windows .............................................................. 24New patches for UNIX ................................................................... 25
Solaris ................................................................................. 25SUSE .................................................................................. 25Red Hat Enterprise Linux ......................................................... 28Oracle Enterprise Linux ........................................................... 29HP-UX ................................................................................. 31
Contents
Introducing Patch Policyupdates
This chapter includes the following topics:
■ About the Patch Policy updates
■ Getting Patch Policy updates through LiveUpdate
■ Enhancements to the Patch module in Security Updates
About the Patch Policy updatesThe Patch Policy updates are released twice amonth. These updates add, enhance,and update the Patch policy and the associated template files on the SymantecESM manager. Symantec updates the patch templates with the Symantec ESMpolicy installer.
Getting Patch Policy updates through LiveUpdateTo get Patch policy updates through LiveUpdate for 6.5 or later managers, selectthe Patch Policies - OS Comprehensive LiveUpdate package in the EnterpriseSecurity Manager 6.5 or later Content Updates section. The Comprehensive packagecontains the checks that apply to the platforms that are supported only on ESM 6.5or later.
The policy installer executable applies to all versions of ESM and is available atthe following location:
http://securityresponse.symantec.com/
1Chapter
Note: As per the End of Life product support policy, ESM Patch policy updates onESM 6.0 or earlier are not supported from Patch Policy (Windows) Update2008.10.02.
Note: If Java is installed on a Solaris 9 agent, install the JDK using the tar archivefile containing packages, available from Sun. If you install the JDK using aselfextracting shell archive file, the module will not report vulnerability informationfor it because no specific packages are installed.
Note: SU 26 now supports Solaris x86. If you do not have the current modules forSU 26, you will see duplicate messages for patches. To remove these duplicatemessages, you must update your modules to SU 26 or newer.
Enhancements to the Patch module in SecurityUpdates
Every Security Update includes updates to the Patch module. Upgrading to thelatest Security Update provides you with the most accurate patch detection.
Table 1-1 describes the enhancements to the Patch module in the latest SecurityUpdates.
Table 1-1 Support and enhancements in Security Updates
Upgraded support and enhancementsSecurity Update
Added support for Windows Server 2003 64-Bit Itanium-basedsystems
Added support for SUSE Linux Enterprise Server 8
Security Update 20
Added support for HP-UX 11i v2
Added regular expression support for the file version field forWindows patches utilized in checking Windows Media Playerpatches
Security Update 21
9Introducing Patch Policy updatesEnhancements to the Patch module in Security Updates
Table 1-1 Support and enhancements in Security Updates (continued)
Upgraded support and enhancementsSecurity Update
Added support for AIX maintenance releases and supersedingpatches.
Added support for the following operating systems:
■ IBM AIX 5.3■ Red Hat Enterprise Linux AS 3.0 on Itanium, EM64T, and
AMD64■ Red Hat Enterprise Linux WS 3.0 on AMD64■ SUSE Linux Enterprise Server 9 for x86
Security Update 22
Added support for SUSE Linux Enterprise Server 9 on Itanium
Added support for Red Hat LinuxWorkstation 3 for Xeon (EM64T)
Added wildcard support for registry keys
Added patch results summary support
Added list installed patches support
Added service state messages support
Security Update 23
Added support for Red Hat Enterprise Linux 4 ES (x86)
Added Veritas Backup Exec product support
Added script transfer to agent support
Added Solaris Role Based Access Control support
Added Solaris 2.10 zone support
Security Update 24
Added support for the following operating systems:
■ Red Hat Enterprise Linux 4 AS on Opteron and Itanium■ Windows Server 2003 Enterprise 64-bit on Opteron and Xeon■ Added UNICODE support for AIX 433
Security Update 25
Added support for Solaris 10 on x86, x64
Added File System Entitlement module
Security Update 26
Added support for the following systems:
■ Red Hat Enterprise Linux 4 AS (Xeon)■ Windows Server 2003 R2 (x86, x64)
Security Update 27
Added support for SUSE Linux Enterprise Server version 10Security Update 28
Added support for Microsoft Windows Vista (x86, x64) EditionsSecurity Update 30
10Introducing Patch Policy updatesEnhancements to the Patch module in Security Updates
Table 1-1 Support and enhancements in Security Updates (continued)
Upgraded support and enhancementsSecurity Update
Added support for Red Hat Enterprise Linux 5 (x86, x86_64, andIA64-bit)
Security Update 31
Added support for Red Hat Enterprise Linux 5.x on IBM z-series(s390x)
Security Update 31.08
Added support for SUSE Linux Enterprise Server 9/10 (x86_64)and ESX Server 3.0.2 (x86, Opteron)
Security Update 32
Added support for the following operating systems:
■ Microsoft Windows Server 2008 (x86)■ Microsoft Windows Server 2008 64-bit (x64)■ Microsoft Windows Server 2008 64-Bit Itanium■ HP-UX 11.23 on PA-RISC
Security Update 34
Added support for the following operating systems:
■ HP-UX 11.31 on Itanium■ HP-UX 11.31 on PA-RISC■ IBM AIX 6.1■ Added support to handle Service Pack Entry for Windows
Server 2003 64-bit (x64) and Windows Vista 64-bit (x64)template file.
■ Added support to handle template size greater than 3MB forHP-UX.
Security Update 35
Added support for the following operating systems:
■ SUSE Linux 9 on IBM zSeries (s390x)■ SUSE Linux 10 on IBM zSeries (s390x)
Security Update 36
Added support for the following operating systems:
■ Red Hat Enterprise Linux Server 5 on PPC e-server
Security Update 37
Added support for the following operating systems:
■ AIX VIO Server 2.1 on AIX 6.1■ SUSE 11 on x86, x86_64, Itanium, zLinux, and PPC e-Server■ Oracle Enterprise Linux 5.2, 5.3 on x86, x86_64
Security Update 38
Added the support for the following operating systems:
■ Windows 7 on x86 and Opteron■ Windows 2008 R2 on Itanium, Opteron, and Xeon
Security Update 39
11Introducing Patch Policy updatesEnhancements to the Patch module in Security Updates
Table 1-1 Support and enhancements in Security Updates (continued)
Upgraded support and enhancementsSecurity Update
Added the support for the following operating systems:
■ Red Hat Enterprise Linux 5.5 on x86, x86_64, Itanium, zLinux(s390x), and PPC e-Server
■ Red Hat Enterprise Linux Advanced Server 5.5 on x86,x86_64, Itanium, and PPC e-Server
■ Oracle Enterprise Linux 5.5 on x86 and x86_64
Security Update 40
Added the support for the following operating system:
■ Red Hat Enterprise Linux 6.0 on x86, x86_64, PPC64, andzLinux (s390x)
Security Update 41
Added the support for the following operating systems:
■ Red Hat Enterprise Linux 6.1 on x86, x86_64, PPC64, andzLinux (s390x)
■ Oracle Solaris 11 Express on x86 and SPARC
Security Update 42
Added the support for the following operating system:
■ Oracle Enterprise Linux 5.x and 6.x on x86 and x86_64
Security Update 43
All previously supported operating systems continue to besupported.
Security Update 44
All previously supported operating systems continue to besupported.
Security Update 45
Added the support for the following operating system:
■ Windows Server 2012 R2
Security Update 46
Added the support for the following operating system:
■ Red Hat Enterprise Linux 7
Security Update 47
12Introducing Patch Policy updatesEnhancements to the Patch module in Security Updates
About the patch policy2015.10.01 release
This chapter includes the following topics:
■ What is new
■ Template updates
■ New patches for Windows
■ New patches for UNIX
What is newThis patch update for Symantec Enterprise Security Manager reports the operatingsystem and application patches for Windows.
There are 872 new patch signatures and 266 updated patch signatures in 29templates.
The following is the summary of the patch updates:
■ Patch.pwv (Microsoft Windows Vista - 5 new)
■ Patch.pxw (Microsoft Windows Vista for x64-based Systems - 5 new)
■ ie.p28i (Microsoft Internet Explorer on Microsoft Windows 2008 R2 for 64-BitItanium-based Systems - 1 new)
■ ie.p2s12 (Microsoft Internet Explorer on Windows 2012 R2 for x64-basedSystems - 1 new)
■ ie.p2s8 (Microsoft Internet Explorer onMicrosoft Windows 2008 R2 for x64-basedSystems - 4 new)
2Chapter
■ ie.p8i (Microsoft Internet Explorer on Microsoft Windows 2008 for 64-BitItanium-based Systems - 1 new)
■ ie.p8s (Microsoft Internet Explorer on Microsoft Windows Server 2008 - 3 new)
■ ie.ps12 (Microsoft Internet Explorer on Windows 2012 for x64-based Systems- 1 new)
■ ie.ps8 (Microsoft Internet Explorer on Microsoft Windows 2008 for x64-basedSystems - 3 new)
■ ie.pw7 (Microsoft Internet Explorer on Microsoft Windows 7 - 4 new)
■ ie.pwv (Microsoft Internet Explorer on Microsoft Windows Vista - 3 new)
■ ie.px7 (Microsoft Internet Explorer on Microsoft Windows 7 for x64-basedSystems - 4 new)
■ ie.pxw (Microsoft Internet Explorer on Microsoft Windows Vista for x64-basedSystems - 3 new)
■ patch.p28i (Microsoft Windows 2008 R2 for 64-Bit Itanium-based Systems - 1new)
■ patch.p2s12 (Microsoft Windows 2012 R2 for x64-based Systems - 4 new)
■ patch.p2s8 (Microsoft Windows 2008 R2 for x64-based Systems - 5 new)
■ patch.p8i (Microsoft Windows 2008 for 64-Bit Itanium-based Systems - 4 new)
■ patch.p8s (Microsoft Windows 2008 - 8 new)
■ patch.ps12 (Microsoft Windows 2012 for x64-based Systems - 4 new)
■ patch.ps8 (Microsoft Windows 2008 for x64-based Systems - 8 new)
■ patch.pw7 (Microsoft Windows 7 - 3 new)
■ patch.px7 (Microsoft Windows 7 for x64-based Systems - 3 new)
■ oel-patch.plx (Oracle Enterprise Linux - 78 new) patch.pai (IBM AIX - 2 new)
■ patch.ph1 (HP-UX 11.23 - 11.31 PA-RISC - 15 new)
■ patch.ph2 (HP-UX 11.23 - 11.31 for Itanium-based systems - 16 new)
■ patch.plx (RedHat Enterprise Linux - 153 new)
■ patch.ps6 (Sun Solaris 2.6+ - 5 new)
■ patch.psl (SUSE Linux - 525 new, 266 updated)
14About the patch policy 2015.10.01 releaseWhat is new
Template updatesTable 2-1 lists the information about the templates that have been updated or addedfor various applications and operating systems.
Table 2-1 Templates information for Windows and UNIX operating systems
Application on operating systemTemplate fileTemplate version
Microsoft Exchange Server 2013 on MicrosoftWindows 7 (x64)
exchg2k13.px76
Microsoft Exchange Server 2013 on MicrosoftWindows 2008 R2 Server (x64)
exchg2k13.p2s86
Microsoft Exchange Server 2013 on MicrosoftWindows 2012 for x64-based Systems
exchg2k13.ps124
Microsoft Exchange Server 2013 on Windows2012 R2 for x64-based Systems
exchg2k13.p2s123
Microsoft Exchange Server 2000 on MicrosoftWindows 2000 Server and Windows 2000Advanced Server
exchg2k.ps53127
Microsoft Exchange Server 2003 on MicrosoftWindows Server 2003
exchg2k3.p6s3079
Microsoft Exchange Server 2003 on MicrosoftWindows 2000 Server and Windows 2000Advanced Server
exchg2k3.ps53079
Microsoft Exchange Server 2007 on MicrosoftWindows Server 2003
exchg2k7.p6s16
Microsoft Exchange Server 2003 on MicrosoftWindows 2008
exchg2k7.p8s12
Microsoft Exchange Server 2007 on MicrosoftWindows Server 2008 (x64) Editions
exchg2k7.ps817
Microsoft Exchange Server 2007 on MicrosoftWindows Server 2003 64-bit (x64)
exchg2k7.p6419
Microsoft Exchange Server 2007 on MicrosoftWindows 2008 R2 Server 64-bit (x64)
exchg2k7.p2s85
Microsoft Exchange Server 2010 on MicrosoftWindows 2008 Server 64-bit (x64)
exchg2k10.ps84
15About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Exchange Server 2010 on MicrosoftWindows 2008 R2 Server 64-bit (x64)
exchg2k10.p2s85
Microsoft Exchange Server 2010 on MicrosoftWindows 7 (x64)
exchg2k10.px74
Microsoft Exchange Server 2007 on MicrosoftWindows 7 (x64)
exchg2k7.px71
Microsoft Exchange Server 2010 on MicrosoftVista (x64)
exchg2k10.pxw2
Microsoft Exchange Server 2007 on MicrosoftVista (x64)
exchg2k7.pxw1
Microsoft Exchange Server 2007 on MicrosoftWindows 2012 (x64)
exchg2k7.ps122
Microsoft Exchange Server 5.5 on MicrosoftWindows 2000 Server and Windows 2000Advanced Server
exchg55.ps53118
Microsoft Internet Explorer on MicrosoftWindows Server 2003 for 64-Bit Itanium-basedSystems
ie.p3i73
Microsoft Internet Explorer on MicrosoftWindows Server 2003 64-bit (x64)
ie.p6474
Microsoft Internet Explorer on MicrosoftWindows Server 2003
ie.p6s2732
Microsoft Internet Explorer on MicrosoftWindows Server 2008 for 64-bit Itanium-basedSystems
ie.p8i70
Microsoft Internet Explorer on MicrosoftWindows Server 2008
ie.p8s78
Microsoft Internet Explorer on MicrosoftWindows Server 2008 64-bit (x64)
ie.ps878
Microsoft Internet Explorer on MicrosoftWindows 2000 Server and Windows 2000Advanced Server
ie.ps53167
16About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Internet Explorer on MicrosoftWindows 2000 Professional
ie.pw53168
Microsoft Internet Explorer on MicrosoftWindows XP Professional
ie.pwx3205
Microsoft Internet Explorer on MicrosoftWindows 2008 R2 (x64)
ie.p28i56
Microsoft Internet Explorer on MicrosoftWindows 2008 R2 (x64)Editions
ie.p2s859
Microsoft Internet Explorer on MicrosoftWindows 2012 R2 (x64)Editions
ie.p2s129
Microsoft Internet Explorer on MicrosoftWindows 7
ie.pw760
Microsoft Internet Explorer on MicrosoftWindows 7 (x64)
ie.px760
Microsoft Internet Explorer on MicrosoftWindows Vista
ie.pwv89
Microsoft Internet Explorer on MicrosoftWindows Vista 64-bit (x64)
ie.pxw88
Microsoft Internet Explorer on MicrosoftWindows 2012 64-bit (x64)
ie.ps1237
Microsoft Internet Information Services onMicrosoft Windows Server 2003 for 64-BitItanium-based Systems
iis.p3i1010
Microsoft Internet Information Services onMicrosoft Windows Server 2003 64-bit (x64)
iis.p641009
Microsoft Internet Information Services onMicrosoft Windows Server 2003
iis.p6s1009
Microsoft Internet Information Services onMicrosoft 2008 for Itanium-based Systems
iis.p8i4
Microsoft Internet Information Services onMicrosoft Windows Server 2008
iis.p8s7
17About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Internet Information Services onMicrosoft Windows 2000 Server andWindows2000 Advanced Server
iis.ps51006
Microsoft Internet Information Services onMicrosoft Windows 2008 x64 Editions
iis.ps86
Microsoft Internet Information Services onMicrosoft Windows 2000 Professional
iis.pw53106
Microsoft Internet Information Services onMicrosoft Windows 2000 Professional
iis.pw74
Microsoft Internet Information Services onMicrosoft Windows 7 (x64)
iis.px74
Microsoft Internet Information Services onMicrosoft Windows Vista
iis.pwv1009
Microsoft Internet Information Services onMicrosoft Windows XP Professional
iis.pwx3110
Microsoft Internet Information Services onMicrosoft Windows Vista 64-bit (x64)
iis.pxw1009
Microsoft Internet Information Services onMicrosoft Windows 2000 Server andWindows2000 Advanced Server
iis5.ps53094
Microsoft Internet Information Services onMicrosoft 2008 for Itanium-based Systems
iis.p28i4
Microsoft Internet Information Services onMicrosoft Windows 2008 R2 (x64)
iis.p2s85
Microsoft Internet Security and AccelerationServer on Microsoft Windows Server 2003
isa2k.p6s2975
Microsoft Internet Security and AccelerationServer on Microsoft Windows 2000 Server andWindows 2000 Advanced Server
isa2k.ps52975
Microsoft Internet Security and AccelerationServer on Microsoft Windows Server 2003
isa.p6s4
18About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Internet Security and AccelerationServer on Microsoft Windows 2000 Server
isa.ps52
Microsoft Data Access Components onMicrosoft Windows Server 2003
mdac.p6s3064
Microsoft Data Access Components onMicrosoft Windows 2000 Server andWindows2000 Advanced Server
mdac.ps53064
Microsoft Data Access Components onMicrosoft Windows 2000 Professional
mdac.pw53064
Microsoft Data Access Components onMicrosoft Windows XP Professional
mdac.pwx3064
Oracle Enterprise Linuxoel-patch.plx77
Microsoft Outlook on Microsoft WindowsServer 2003 for 64-Bit Itanium-based Systems
outlook.p3i9
Microsoft Outlook on Microsoft WindowsServer 2003 (x64)
outlook.p649
Microsoft Outlook on Microsoft WindowsServer 2003
outlook.p6s3140
Microsoft WindowsMail on Microsoft Windows2008 for Itanium-based Systems
outlook.p8i5
Microsoft WindowsMail on Microsoft WindowsServer 2008
outlook.p8s4
Microsoft Outlook on Microsoft Windows 2000Server and Windows 2000 Advanced Server
outlook.ps53137
Microsoft WindowsMail on Microsoft Windows2008 (x64)
outlook.ps84
Microsoft Outlook on Microsoft Windows 2000Professional
outlook.pw53138
Microsoft WindowsMail on Microsoft WindowsVista
outlook.pwv4
19About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Outlook on Microsoft Windows XPProfessional
outlook.pwx3138
Microsoft WindowsMail on Microsoft WindowsVista for 64-Bit
outlook.pxw5
Microsoft Windows Server 2003 for 64-BitItanium-based Systems
patch.p3i275
Microsoft Windows Server 2003 64-bit (x64)patch.p64286
Microsoft Windows Server 2003patch.p6s3459
Microsoft Windows Server 2008 for 64-bitItanium-based Systems
patch.p8i268
Microsoft Windows Server 2008patch.p8s314
IBM AIXpatch.pai3099
HP HP-UX 11.00 - 11.23 PA-RISCpatch.ph13777
HP HP-UX 11.23 for Itanium-based systemspatch.ph2164
Red Hat Linux and Enterprise Linuxpatch.plx3448
Microsoft Windows 2000 Server andWindows2000 Advanced Server
patch.ps53314
Sun Solaris 2.6+patch.ps63440
Microsoft Windows Server 2008 64-bit (x64)patch.ps8322
SUSE Linuxpatch.psl208
Sun Solaris 2.5.1patch.pso3250
IBM AIX VIOS Serverpatch.pvio3
Microsoft Windows 2000 Professionalpatch.pw53302
Microsoft Windows XP Professionalpatch.pwx3462
Microsoft Windows Vista Enterprise 32-bitpatch.pwv321
Microsoft Windows Vista Enterprise 64-bit(x64)
patch.pxw318
20About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Windows 2008 R2 for Itanium-basedsystems
patch.p28i211
Microsoft Windows 2008 R2 64-bit (x64)patch.p2s8248
Microsoft Windows 2012 R2 64-bit (x64)patch.p2s1285
Microsoft Windows 7patch.pw7230
Microsoft Windows 7 64 -bitpatch.px7228
Microsoft Windows 2000 Advanced Serverpatch_adv2k.ps518
Microsoft Windows 2012 64-bit (x64)patch.ps1290
Microsoft SharePoint Services on MicrosoftWindows Server 2003
sharepoint.p6s10
Microsoft SharePoint Services on MicrosoftWindows 2003 (x64) Editions
sharepoint.p648
Microsoft SharePoint Services on MicrosoftWindows 2008
sharepoint.p8s7
Microsoft SharePoint Services on MicrosoftWindows 2008 (x64) Editions
sharepoint.ps89
Microsoft SharePoint Server on MicrosoftWindows 2008 R2 for x64-based Systems
sharepoint.p2s83
Microsoft SharePoint Server on MicrosoftWindows 2012R2 for x64-based Systems
sharepoint.p2s123
Microsoft SharePoint Server on MicrosoftWindows 2012 for x64-based Systems
sharepoint.ps123
Microsoft SQL Server on Microsoft Windows2003 for Itanium-based systems
sql.p3i23
Microsoft SQL Server on Microsoft Windows2003 64-bit (x64)
sql.p6423
Microsoft SQL Server on Microsoft Windows2003
sql.p6s27
21About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft SQL Server on Microsoft Windows2008 for Itanium-based Systems
sql.p8i21
Microsoft SQL Server on Microsoft Windows2008
sql.p8s23
Microsoft SQL Server on Microsoft Windows2000 Server and Windows 2000 AdvancedServer
sql.ps53114
Microsoft SQL Server on Microsoft Windows2008 64-bit (x64)
sql.ps819
Microsoft SQL Server on Microsoft Windows2000 Professional
sql.pw53110
Microsoft SQL Server on Microsoft WindowsXP Professional
sql.pwx3112
Microsoft SQL Server on Microsoft WindowsVista
sql.pxw19
Microsoft SQL Server on Microsoft WindowsXP Professional
sql.pwv23
Microsoft SQL Server on Microsoft Windows7 64-bit (x64)
sql.px79
Microsoft SQL Server on Microsoft Windows7 32-bit (x86)
sql.pw79
Microsoft SQL Server on Microsoft WindowsServer 2008 R2 64-bit (x64)
sql.p2s87
Microsoft SQL Server on Microsoft WindowsServer 2008 R2 for Itanium-based 64-bitSystems (ia64)
sql.p28i9
Microsoft SQL Server on Microsoft Windows2012 for x64-based Systems
sql.ps123
Microsoft SQL Server on Microsoft Windows2012 R2 for x64-based Systems
sql.p2s123
Microsoft Visual Studio on Microsoft WindowsServer 2003 for Itanium-based Systems
visualstudio.p3i6
22About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Visual Studio on Microsoft WindowsServer 2003 (x64) Editions
visualstudio.p6412
Microsoft Visual Studio on Microsoft WindowsServer 2003
visualstudio.p6s15
Microsoft Visual Studio on Microsoft WindowsServer 2008 for Itanium-based Systems
visualstudio.p8i8
Microsoft Visual Studio on Microsoft WindowsServer 2008
visualstudio.p8s11
Microsoft Visual Studio on Microsoft Windows2000 Professional
visualstudio.ps58
Microsoft Visual Studio on Microsoft WindowsServer 2008 (x64) Editions
visualstudio.ps89
Microsoft Visual Studio on Microsoft WindowsServer 2000
visualstudio.pw58
Microsoft Visual Studio on Microsoft WindowsVista
visualstudio.pwv13
Microsoft Visual Studio on Microsoft WindowsXP Professional
visualstudio.pwx15
Microsoft Visual Studio on Microsoft WindowsVista (x64) Editions
visualstudio.pxw11
Microsoft Visual Studio on Microsoft Windows7 (x64)
visualstudio.px74
Microsoft Visual Studio on Microsoft Windows7
visualstudio.pw75
Microsoft Visual Studio on Microsoft WindowsServer 2008 R2 64-bit (x64)
visualstudio.p2s82
Microsoft Visual Studio on Microsoft WindowsServer 2008 R2 for Itanium-based 64-bitSystems (ia64)
visualstudio.p28i2
Microsoft Windows Media Player on MicrosoftWindows Server 2003 64-bit (x64)
wmplayer.p6419
23About the patch policy 2015.10.01 releaseTemplate updates
Table 2-1 Templates information for Windows and UNIX operating systems(continued)
Application on operating systemTemplate fileTemplate version
Microsoft Windows Media Player on MicrosoftWindows Server 2003
wmplayer.p6s26
Microsoft Windows 2008wmplayer.p8s11
Microsoft Windows Media Player on MicrosoftWindows 2000 Server and Windows 2000Advanced Server
wmplayer.ps530
Microsoft Windows Media Player on MicrosoftWindows Server 2008 (x64) Editions
wmplayer.ps812
Microsoft Windows Media Player on MicrosoftWindows 2000 Professional
wmplayer.pw528
Microsoft Windows Media Player on MicrosoftWindows XP Professional
wmplayer.pwx34
Microsoft Windows Media Player on MicrosoftWindows Vista (32-bit)
wmplayer.pwv18
Microsoft Windows Media Player on MicrosoftWindows Vista (64-bit)
wmplayer.pxw17
Microsoft SharePoint Services on MicrosoftWindows 2008 (x64)
wmplayer.p2s84
Microsoft SharePoint Services on MicrosoftWindows 7
wmplayer.px73
Microsoft SharePoint Services on MicrosoftWindows 7
wmplayer.pw72
Microsoft Windows Media Player on MicrosoftWindows Windows 2012 (x64-bit)
wmplayer.ps121
New patches for WindowsThe following new patch bulletins are added in this release:
■ MS15-106Cumulative Security Update for Internet Explorer (3096441)
■ MS15-108
24About the patch policy 2015.10.01 releaseNew patches for Windows
Security Update for JScript and VBScript to Address Remote Code Execution(3089659)
■ MS15-109Security Update for Windows Shell to Address Remote Code Execution(3096443)
■ MS15-111Security Update for Windows Kernel to Address Elevation of Privilege (3096447)
New patches for UNIXThe following new patches have been added for Solaris, SUSE, Red Hat EnterpriseLinux, Oracle Enterprise Linux, and HP-UX.
SolarisTable 2-2 lists the new patches that have been added for Solaris operating systems.
Table 2-2 New patches for Solaris
Patch IDPatch IDPatch ID
120719-07119784-32119783-32
150400-28120720-07
Note: For this release of Solaris Patches, ESM has referred to the patchdiag.xreffile that is dated September 28, 2015.
SUSETable 2-3 lists the new patches that have been added for SUSE operating systems.
Table 2-3 New Patches for SUSE
Patch IDPatch IDPatch ID
bind-doc-9.9.6P1-0.15.1bind-chrootenv-9.9.6P1-0.15.1
apache2-mod_php53-5.3.17-45.1
bind-libs-9.9.6P1-0.15.1bind-libs-x86-9.9.6P1-0.15.1bind-libs-32bit-9.9.6P1-0.15.1
compat-libldap-2_3-0-2.3.37-2.35.1
bind-9.9.6P1-0.15.1bind-utils-9.9.6P1-0.15.1
25About the patch policy 2015.10.01 releaseNew patches for UNIX
Table 2-3 New Patches for SUSE (continued)
Patch IDPatch IDPatch ID
java-1_6_0-ibm-alsa-1.6.0_sr16.7-10.1
gnutls-2.4.1-24.39.57.1glibc-html-2.11.3-17.45.49.1
java-1_6_0-ibm-plugin-1.6.0_sr16.7-10.1
java-1_6_0-ibm-jdbc-1.6.0_sr16.7-10.1
java-1_6_0-ibm-fonts-1.6.0_sr16.7-10.1
kernel-bigsmp-devel-3.0.101-0.47.67.2
kernel-bigsmp-base-3.0.101-0.47.67.2
java-1_6_0-ibm-1.6.0_sr16.7-10.1
kernel-default-devel-2.6.32.46-0.3.1
kernel-default-base-3.0.101-0.47.67.2
kernel-bigsmp-3.0.101-0.47.67.2
kernel-default-3.0.101-0.47.67.2
kernel-default-man-3.0.101-0.47.67.2
kernel-default-devel-3.0.101-0.47.67.2
kernel-ec2-3.0.101-0.47.67.2kernel-ec2-devel-3.0.101-0.47.67.2
kernel-ec2-base-3.0.101-0.47.67.2
kernel-pae-3.0.101-0.47.67.2kernel-pae-devel-3.0.101-0.47.67.2
kernel-pae-base-3.0.101-0.47.67.2
kernel-ppc64-3.0.101-0.47.67.2
kernel-ppc64-devel-3.0.101-0.47.67.2
kernel-ppc64-base-3.0.101-0.47.67.2
kernel-trace-base-3.0.101-0.47.67.2
kernel-syms-3.0.101-0.47.67.2
kernel-source-3.0.101-0.47.67.2
kernel-xen-base-3.0.101-0.47.67.2
kernel-trace-3.0.101-0.47.67.2
kernel-trace-devel-3.0.101-0.47.67.2
kvm-1.4.2-0.22.34.3kernel-xen-3.0.101-0.47.67.2kernel-xen-devel-3.0.101-0.47.67.2
libfreebl3-3.19.2.0-0.16.1libfreebl3-x86-3.19.2.0-0.16.1libfreebl3-32bit-3.19.2.0-0.16.1
libgcrypt11-1.5.0-0.19.1libgcrypt11-x86-1.5.0-0.19.1libgcrypt11-32bit-1.5.0-0.19.1
libgnutls26-x86-2.4.1-24.39.57.1
libgnutls26-32bit-2.4.1-24.39.57.1
libgnutls-extra26-2.4.1-24.39.57.1
libldap-2_4-2-x86-2.4.26-0.35.1
libldap-2_4-2-32bit-2.4.26-0.35.1
libgnutls26-2.4.1-24.39.57.1
libldap-openssl1-2_4-2-x86-2.4.26-0.35.1
libldap-openssl1-2_4-2-32bit-2.4.26-0.35.1
libldap-2_4-2-2.4.26-0.35.1
26About the patch policy 2015.10.01 releaseNew patches for UNIX
Table 2-3 New Patches for SUSE (continued)
Patch IDPatch IDPatch ID
libsnmp15-x86-5.4.2.1-8.12.24.1
libsnmp15-32bit-5.4.2.1-8.12.24.1
libldap-openssl1-2_4-2-2.4.26-0.35.1
libsoftokn3-x86-3.19.2.0-0.16.1
libsoftokn3-32bit-3.19.2.0-0.16.1
libsnmp15-5.4.2.1-8.12.24.1
mozilla-nspr-x86-4.10.8-0.8.1mozilla-nspr-32bit-4.10.8-0.8.1
libsoftokn3-3.19.2.0-0.16.1
mozilla-nss-tools-3.19.2.0-0.16.1
mozilla-nss-32bit-3.19.2.0-0.16.1
mozilla-nspr-4.10.8-0.8.1
MozillaFirefox-branding-SLED-31.0-0.12.51
mozilla-nss-3.19.2.0-0.16.1mozilla-nss-x86-3.19.2.0-0.16.1
net-snmp-5.4.2.1-8.12.24.1MozillaFirefox-38.2.1esr-19.3MozillaFirefox-translations-38.2.1esr-19.3
openldap2-client-2.4.26-0.35.1
openldap2-back-meta-2.4.26-0.35.1
ofed-kmp-default-1.5.2_2.6.32.46_0.3-0.9.13.1
openssh-askpass-6.2p2-0.21.1
openssh-askpass-gnome-6.2p2-0.21.3
openldap2-2.4.26-0.35.1
php53-bcmath-5.3.17-45.1perl-SNMP-5.4.2.1-8.12.24.1openssh-6.2p2-0.21.1
php53-ctype-5.3.17-45.1php53-calendar-5.3.17-45.1php53-bz2-5.3.17-45.1
php53-dom-5.3.17-45.1php53-dba-5.3.17-45.1php53-curl-5.3.17-45.1
php53-fileinfo-5.3.17-45.1php53-fastcgi-5.3.17-45.1php53-exif-5.3.17-45.1
php53-gettext-5.3.17-45.1php53-gd-5.3.17-45.1php53-ftp-5.3.17-45.1
php53-intl-5.3.17-45.1php53-iconv-5.3.17-45.1php53-gmp-5.3.17-45.1
php53-mbstring-5.3.17-45.1php53-ldap-5.3.17-45.1php53-json-5.3.17-45.1
php53-odbc-5.3.17-45.1php53-mysql-5.3.17-45.1php53-mcrypt-5.3.17-45.1
php53-pdo-5.3.17-45.1php53-pcntl-5.3.17-45.1php53-openssl-5.3.17-45.1
php53-pspell-5.3.17-45.1php53-pgsql-5.3.17-45.1php53-pear-5.3.17-45.1
php53-soap-5.3.17-45.1php53-snmp-5.3.17-45.1php53-shmop-5.3.17-45.1
php53-sysvsem-5.3.17-45.1php53-sysvmsg-5.3.17-45.1php53-suhosin-5.3.17-45.1
27About the patch policy 2015.10.01 releaseNew patches for UNIX
Table 2-3 New Patches for SUSE (continued)
Patch IDPatch IDPatch ID
php53-wddx-5.3.17-45.1php53-tokenizer-5.3.17-45.1php53-sysvshm-5.3.17-45.1
php53-xmlwriter-5.3.17-45.1php53-xmlrpc-5.3.17-45.1php53-xmlreader-5.3.17-45.1
php53-zlib-5.3.17-45.1php53-zip-5.3.17-45.1php53-xsl-5.3.17-45.1
quagga-devel-0.99.9-14.11.9quagga-debuginfo-0.99.9-14.11.9
php53-5.3.17-45.1
tomcat5-admin-webapps-5.5.27-0.16.1
snmp-mibs-5.4.2.1-8.12.24.1quagga-0.99.9-14.11.9
uucp-1.07-268.18.1tomcat5-5.5.27-0.16.1tomcat5-webapps-5.5.27-0.16.1
xen-kmp-default-4.2.5_12_3.0.101_0.47.55-15.1
xen-doc-pdf-4.2.5_12-15.1xen-doc-html-4.2.5_12-15.1
xen-libs-4.2.5_12-15.1xen-libs-32bit-4.2.5_12-15.1xen-kmp-pae-4.2.5_12_3.0.101_0.47.55-15.1
xen-4.2.5_12-15.1xen-tools-4.2.5_12-15.1xen-tools-domU-4.2.5_12-15.1
Red Hat Enterprise LinuxTable 2-4 lists the new patches that have been added for Red Hat Enterprise Linuxoperating systems.
Table 2-4 New patches for Red Hat Enterprise Linux
Patch IDPatch IDPatch ID
bind-debuginfo-9.3.6-25.P1.el5_11.4
bind-chroot-9.8.2-0.37.rc1.el6_7.4
bind-chroot-9.3.6-25.P1.el5_11.4
bind-devel-9.8.2-0.37.rc1.el6_7.4
bind-devel-9.3.6-25.P1.el5_11.4
bind-debuginfo-9.8.2-0.37.rc1.el6_7.4
bind-libs-9.8.2-0.37.rc1.el6_7.4
bind-libs-9.3.6-25.P1.el5_11.4bind-libbind-devel-9.3.6-25.P1.el5_11.4
bind-utils-9.3.6-25.P1.el5_11.4
bind-sdb-9.8.2-0.37.rc1.el6_7.4
bind-sdb-9.3.6-25.P1.el5_11.4
28About the patch policy 2015.10.01 releaseNew patches for UNIX
Table 2-4 New patches for Red Hat Enterprise Linux (continued)
Patch IDPatch IDPatch ID
bind97-debuginfo-9.7.0-21.P2.el5_11.3
bind97-chroot-9.7.0-21.P2.el5_11.3
bind-utils-9.8.2-0.37.rc1.el6_7.4
bind97-utils-9.7.0-21.P2.el5_11.3
bind97-libs-9.7.0-21.P2.el5_11.3
bind97-devel-9.7.0-21.P2.el5_11.3
bind-9.8.2-0.37.rc1.el6_7.4bind-9.3.6-25.P1.el5_11.4bind97-9.7.0-21.P2.el5_11.3
firefox-debuginfo-38.3.0-2.el6_7
firefox-debuginfo-38.3.0-2.el5_11
caching-nameserver-9.3.6-25.P1.el5_11.4
gdk-pixbuf2-debuginfo-2.24.1-6.el6_7
firefox-38.3.0-2.el6_7firefox-38.3.0-2.el5_11
jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7
gdk-pixbuf2-2.24.1-6.el6_7gdk-pixbuf2-devel-2.24.1-6.el6_7
libXfont-devel-1.4.5-5.el6_7libXfont-debuginfo-1.4.5-5.el6_7
jakarta-taglibs-standard-1.1.1-11.7.el6_7
nss-softokn-devel-3.14.3-23.el6_7
nss-softokn-debuginfo-3.14.3-23.el6_7
libXfont-1.4.5-5.el6_7
nss-softokn-3.14.3-23.el6_7nss-softokn-freebl-3.14.3-23.el6_7
nss-softokn-freebl-devel-3.14.3-23.el6_7
qemu-kvm-debuginfo-0.12.1.2-2.479.el6_7.1
qemu-img-0.12.1.2-2.479.el6_7.1
qemu-guest-agent-0.12.1.2-2.479.el6_7.1
spice-server-debuginfo-0.12.4-12.el6_7.1
qemu-kvm-0.12.1.2-2.479.el6_7.1
qemu-kvm-tools-0.12.1.2-2.479.el6_7.1
spice-server-0.12.4-12.el6_7.1
spice-server-devel-0.12.4-12.el6_7.1
Oracle Enterprise LinuxTable 2-5 lists the new patches that have been added for Oracle Enterprise Linux(OEL) operating systems.
Table 2-5 New patches for Oracle Enterprise Linux (OEL)
Patch IDPatch IDPatch ID
bind-devel-9.3.6-25.P1.el5_11.4
bind-chroot-9.8.2-0.37.rc1.el6_7.4
bind-chroot-9.3.6-25.P1.el5_11.4
29About the patch policy 2015.10.01 releaseNew patches for UNIX
Table 2-5 New patches for Oracle Enterprise Linux (OEL) (continued)
Patch IDPatch IDPatch ID
bind-libs-9.3.6-25.P1.el5_11.4bind-libbind-devel-9.3.6-25.P1.el5_11.4
bind-devel-9.8.2-0.37.rc1.el6_7.4
bind-sdb-9.8.2-0.37.rc1.el6_7.4
bind-sdb-9.3.6-25.P1.el5_11.4
bind-libs-9.8.2-0.37.rc1.el6_7.4
bind97-chroot-9.7.0-21.P2.el5_11.3
bind-utils-9.8.2-0.37.rc1.el6_7.4
bind-utils-9.3.6-25.P1.el5_11.4
bind97-utils-9.7.0-21.P2.el5_11.3
bind97-libs-9.7.0-21.P2.el5_11.3
bind97-devel-9.7.0-21.P2.el5_11.3
bind-9.8.2-0.37.rc1.el6_7.4bind-9.3.6-25.P1.el5_11.4bind97-9.7.0-21.P2.el5_11.3
firefox-38.2.1-1.0.1.el5_11dtrace-modules-3.8.13-98.2.2.el6uek-0.4.5-3.el6
caching-nameserver-9.3.6-25.P1.el5_11.4
firefox-38.3.0-2.0.1.el6_7firefox-38.3.0-2.0.1.el5_11firefox-38.2.1-1.0.1.el6_7
httpd-devel-2.2.15-47.0.1.el6_7
gdk-pixbuf2-2.24.1-6.el6_7gdk-pixbuf2-devel-2.24.1-6.el6_7
httpd-2.2.15-47.0.1.el6_7httpd-tools-2.2.15-47.0.1.el6_7
httpd-manual-2.2.15-47.0.1.el6_7
kernel-uek-debug-devel-3.8.13-98.2.2.el6uek
jakarta-taglibs-standard-1.1.1-11.7.el6_7
jakarta-taglibs-standard-javadoc-1.1.1-11.7.el6_7
kernel-uek-doc-3.8.13-98.2.2.el6uek
kernel-uek-devel-3.8.13-98.2.2.el6uek
kernel-uek-debug-3.8.13-98.2.2.el6uek
libXfont-devel-1.4.5-5.el6_7kernel-uek-3.8.13-98.2.2.el6uek
kernel-uek-firmware-3.8.13-98.2.2.el6uek
nss-devel-3.19.1-1.el5_11mod_ssl-2.2.15-47.0.1.el6_7libXfont-1.4.5-5.el6_7
nss-softokn-freebl-devel-3.14.3-23.el6_7
nss-softokn-devel-3.14.3-23.el6_7
nss-pkcs11-devel-3.19.1-1.el5_11
nss-tools-3.19.1-1.el5_11nss-softokn-3.14.3-23.el6_7nss-softokn-freebl-3.14.3-23.el6_7
qemu-img-0.12.1.2-2.479.el6_7.1
qemu-guest-agent-0.12.1.2-2.479.el6_7.1
nss-3.19.1-1.el5_11
spice-server-devel-0.12.4-12.el6_7.1
qemu-kvm-0.12.1.2-2.479.el6_7.1
qemu-kvm-tools-0.12.1.2-2.479.el6_7.1
30About the patch policy 2015.10.01 releaseNew patches for UNIX
Table 2-5 New patches for Oracle Enterprise Linux (OEL) (continued)
Patch IDPatch IDPatch ID
thunderbird-38.2.0-4.0.1.el6_7
spice-server-0.12.4-12.el6_7.1
HP-UXTable 2-6 lists the new patches that have been added for HP-UX operating systems.
Table 2-6 New patches for HP-UX
Patch IDPatch IDPatch ID
11.31 XPCA Toolkit A.11.0011.31 io cumulative patch11.31 esctl cumulative patch
s700_800 11.23 ftpd(1M) andftp(1) patch
s700_800 11.23 cumulativePPP patch
Note: Support for the RHBA bug fix advisories is not available in Symantec™Enterprise Security Manager Patch Policy.
Note: This is the final Enterprise Security Manager Patch Policy released bySymantec.
31About the patch policy 2015.10.01 releaseNew patches for UNIX