Have there been any, especially those which non-contract customers should know about?
I am running Sol 10 u3 sparc on a Sun Blade workstation. Today, I noticed that some patches already installed on my system are now considered private on SunSolve (e.g. 143510-01). Also, kernel patch 142900-04 is private! I've been using SUM to get kernel patches forever (I am at 142900-03). What happened? Hopefully this is just a glitch. I can't believe that kernel patches will be private from now on!
There is a certain Xsun security patch which I have deliberately not installed. For years, it has come up in SUM. Today, for the first time, it is gone.
I am also running Sol 10 u8 on an x86 system. No problem with patches there - all normal. I installed kernel patch 142901-04 on it today. Also without a support contract.
So this means that while you can get and install Solaris for free, you won't get any (security or other) patches. As the current release (10 10/09) comes with various security problems - like any OS a few months old - it's practically impossible to run a secure Solaris system without paying for a support contract.
Now the most interesting thing is that Oracle/Sun doesn't seem to want to announce or discuss this policy change in public, which is unacceptable IMHO.
This is a dark day. Why weren't Solaris users with online accounts notified of this substantial change in advance so that we could make plans? The way Oracle is handling this is beyond (kind) words. I smell greed, and obviously a complete lack of concern for Solaris customers. "Call your Customer Care?" What? You call them. And send them a big check for each system running Solaris? I think not. Looks like no more patches for me. That will save me time running SUM and in finding and reporting patch bugs. It'll be lots of fun running an insecure, buggy OS.
Changing the rules in the middle of the game is a very bad idea, if a company cares about the morale of their customers. Brand loyalty? That's history.
I paid big bucks out of my own pocket for a Sun Blade with Sol 8 years ago, expecting perpetual free updates. I went to Sol 10 as Sol 8 was approaching EOSL, and important security updates for Sol 10 were free. Sounded like a good idea at the time. Ha!
Oracle should create a self-service support contract that provides access to patches and other
protected content, but doesn't permit service requests to be initiated. That might be sufficient for
people who want patches and are willing to pay something for them.
That is a great idea. I've been wondering about other ways Oracle could handle this issue, such as charging per patch, etc. This issue applies very much to Sun Studio 12.1 (see other recent thread about SS patches in this forum). There is NO WAY I, or the organization I work for, could justify spending $1,000+ per year just for SS patches. $300+/year for OS patches may be doable, but still probably wouldn't be worth it, unless SEVERE security holes are discovered that must be patched immediately, which I have never found to be the case over the last 8 years.
Your idea sounds like an ideal solution, but I fear that it is highly unlikely that Oracle would consider it. That would make some manager look bad in having to change his/her "great plan." Oracle should find some way to differentiate big "enterprise" Solaris users from 1-2 box shops who can't afford these pricey support contracts, but still depend on Solaris. For the last 7 years, public patches and these forums have done the job for me, and I have NEVER had to initiate a service or support call or request. That is testament to the stability of Solaris and the brilliance of its engineers.