What Is a Patch?

A patch is a collection of files and directories that replace or update existing files and directories that are preventing proper execution of the existing software. The existing software is derived from a specified package format, which conforms to the Application Binary Interface. For details about packages, see Chapter 22, Managing Software (Overview).

You can manage patches on your system with the patchadd command. For step-by-step instructions on adding an unsigned patch to your system, see Managing Unsigned Solaris Patches (Task Map).

What Is a Signed Patch?

A signed patch is a patch with a digital signature. A patch with a valid digital signature ensures that the patch has not been modified after the signature was applied to the patch. Using signed patches is a more secure method of downloading or adding patches because the patches include a digital signature that can be verified before the patch is added to your system.

Patches that are available for the Solaris 2.6, 7, 8, and 9 releases include a digital signature. Patches without a digital signature, or unsigned patches, are also available, but eventually, all patches will be signed patches. A valid digital signature ensures that the patch has not been modified since the signature was applied.

Signed patches are stored in Java archive format (JAR) files and are available from the SunSolve Online^SM web site.

In previous Solaris releases, you could use the smpatch command with PatchPro to add signed patches to your system. For step-by-step instructions on using the smpatch command, see “Managing Signed Patches by Using Solaris Patch Management Tools (Tasks)” in Signed Patches Administration Guide for PatchPro 2.2.

In this Solaris release, you can use the patchadd command to add signed patches to your system. For step-by-step instructions on using the patchadd command, see Adding Signed Patches With patchadd Command (Task Map).

For additional overview information about signed patches, see Signed Packages and Patches.