Sentinel contains embedded third-party products such as the Sun JRE, Jetty, PostgreSQL, and ActiveMQ. Sentinel includes patches to address the security vulnerabilities (CVE) for these products when updates for Sentinel are released.
However, each of these products has its own release cycle, which means that there might be CVEs that are discovered before a Sentinel update is released. You need to separately review the CVEs for each embedded third-party product, and decide whether to apply these updates to your Sentinel system outside of the Sentinel updates.
If you decide to apply patches to address these CVEs outside of a Sentinel update, use the instructions in TID 7008820 in the Novell Support Knowledge Base.