Title

The System packages must be up to date with the most recent vendor updates and security fixes. (Cat II impact)

Discussion

Failure to install security updates can provide openings for attack.

Check Content

The Software Installation Profile is required. An up-to-date Solaris repository must be accessible to the system. Enter the command: # pkg publisher to determine the current repository publisher. If a repository is not accessible, it may need to be locally installed and configured. Check for Solaris software package updates: # pfexec pkg update -n If the command does not report "No updates available for this image," this is a finding.

Fix Text

The Software Installation Profile is required. An up-to-date Solaris repository must be accessible to the system. Enter the command: # pkg publisher to determine the current repository publisher. If a repository is not accessible, it may need to be locally installed and configured. Update system packages to the current version. # pfexec pkg update A reboot may be required for the updates to take effect.

Additional Identifiers

Rule ID: SV-216280r603267_rule

Vulnerability ID: V-216280

Group Title: SRG-OS-000480

Expert Comments

CCIs tied to check.

Controls tied to check. These are derived from the CCIs shown above.