FreeFlow™ Print Server Säkerhetsinformation

Xerox Remote Services Security White Paper v1.0.10 (PDF 841.4K)
July 08, 2014
NOTE: This updated document describes the system components, interoperability, and features available for securing Xerox Remote Services within Xerox products. It is intended to serve as a guide for deploying Xerox Remote Services within a network environment.




Xerox Security Bulletin XRX14-004 v1.0 (PDF 715.7K)
June 16, 2014
FreeFlow Print Server v7, v8 and v9
April 2014 Security Patch Cluster


Background
Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support Contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:

1. April 2014 Security Patch Cluster
This supersedes the January 2014 Security Patch Cluster
2. Java 6 Update 75 Software
This supersedes Java 6 Update 71 Software


Xerox Security Bulletin XRX14-002 v1.0 (PDF 66.9K)
April 16, 2014
FreeFlow Print Server v7, v8 and v9
January 2014 Security Patch Cluster (includes Java 6 Update 71 Software)


Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support Contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:

1. Jan 2014 Security Patch Cluster
This supersedes the October 2013 Security Patch Cluster
2. Java 6 Update 71 Software
This supersedes Java 6 Update 65 Software


Xerox Security Bulletin XRX13-007 v1.0 (PDF 72K)
August 27, 2013
FreeFlow Print Server v7, v8 and v9
July 2013 Security Patch Cluster (includes Java 6 Update 51 Software)


Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support Contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:

1. July 2013 Security Patch Cluster
This supersedes the April 2013 Security Patch Cluster
2. Java 6 Update 51 Software
This supersedes Java 6 Update 45 Software

Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.




Xerox Security Bulletin XRX13-004 v1.0 (PDF 90K)
April 02, 2013
FreeFlow Print Server v7
January 2013 Security Patch Cluster (includes Java 6 Update 39 Software)

Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:

1. January 2013 Security Patch Cluster
This supersedes the October 2012 Security Patch Cluster
2. Java 6 Update 39 Software
This supersedes Java 6 Update 37 Software

Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.


Xerox Security Bulletin XRX13-003 v1.0 (PDF 88.6K)
February 27, 2013
FreeFlow Print Server v8
January 2013 Security Patch Cluster (includes Java 6 Update 37 Software)

Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:

1. January 2013 Security Patch Cluster
This supersedes the October 2012 Security Patch Cluster
2. Java 6 Update 37 Software
This supersedes Java 6 Update 33 Software

Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.


Xerox Security Bulletin XRX12-009 v1.1 (PDF 90.7K)
October 29, 2012
FreeFlow Print Server v7.3
July 2012 Security Patch Cluster (includes Java 6 Update 33 Software)


NOTE: This document has been updated to provide corrected file size and checksum information.


Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:
1. July 2012 Security Patch Cluster
This supersedes the April 2012 Security Patch Cluster
2. Java 6 Update 33 Software
This supersedes Java 6 Update 31 Software

Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.


Xerox Security Bulletin XRX12-010 v1.1 (PDF 91.2K)
October 23, 2012
FreeFlow Print Server v8
July 2012 Security Patch Cluster (includes Java 6 Update 33 Software)
v1.1

NOTE: This bulletin has been re-issued to update file size and checksum information.

Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:
1. July 2012 Security Patch Cluster
This supersedes the April 2012 Security Patch Cluster
2. Java 6 Update 33 Software
This supersedes Java 6 Update 31 Software

Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.


Xerox Security Bulletin XRX12-006 v1.0 (PDF 89.3K)
July 03, 2012
FreeFlow Print Server
April 2012 OS and Security Patch Cluster (includes Java 6 Update 31 Software)


Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support contracts (FSMA). Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

This bulletin announces the availability of the following:
1. April 2012 Security Patch Cluster
This supersedes the January 2012 Security Patch Cluster
2. Java 6 Update 31 Software
This supersedes Java 6 Update 29 Software

Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.




Xerox Security Bulletin XRX11-003 (PDF 71.8K)
August 28, 2011
FreeFlow Print Server
Oracle July 2011 CPU OS and Security Patch Cluster (includes Java 6 Update 26 Software)

Oracle delivers quarterly Critical Patch Updates (CPU) to address US-CERT-announced Security vulnerabilities and deliver reliability improvements to the Solaris Operating System. Oracle no longer provides these patches to the general public, but Xerox is authorized to deliver them to Customers with active FreeFlow Print Server (FFPS) Support contracts (FSMA). Xerox customizes the patch deliveries as appropriate to each FFPS Product family, and tests the CPU patches on each supported SPAR Release prior to delivery. Customers who may have an Oracle Support Contract for their non-FFPS Solaris Servers should not install patches that have not been customized by Xerox. Otherwise the FFPS software could be damaged and result in downtime and a lengthy re-installation service call.

Consult the bulletin to see all the CVE vulnerabilities this bulletin fixes.



sök igen