Highlighted
Absent Member.
Absent Member.
639 views

Online Update Question

I was wondering if it is OK to do an OnLine Update and installing any available patches on my SLES SP3 server with GroupWise 2012?
I was reading this Bash vulnerability and started getting worried,
and then wondered if Updates would address this vulnerability.
Anyone up to date on this issue and is it covered in patches from Online Updates?


>>>>>

New 'Bash' software bug may pose bigger threat than 'Heartbleed' http://a.msn.com/01/en-us/BB5AiOm

>>>>>
Labels (2)
0 Likes
6 Replies
Highlighted
Knowledge Partner
Knowledge Partner

Re: Online Update Question

dkamp;2334514 wrote:
I was wondering if it is OK to do an OnLine Update and installing any available patches on my SLES SP3 server with GroupWise 2012?
I was reading this Bash vulnerability and started getting worried,
and then wondered if Updates would address this vulnerability.
Anyone up to date on this issue and is it covered in patches from Online Updates?


>>>>>

New 'Bash' software bug may pose bigger threat than 'Heartbleed' http://a.msn.com/01/en-us/BB5AiOm

>>>>>



I applied all updates to two SLES servers (no OES) this morning without an issue. You should be fine and I'd definitely recommend getting the bash patches on there, especially if you have servers facing the internet side with Web(Access) services.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Online Update Question

Hi Guys -

Any information on when the patches will hit the OES11SP1+ channel?
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Online Update Question

cbeehler wrote on 09/26/2014 01:26 PM:
> Any information on when the patches will hit the OES11SP1+ channel?


They should be available already. Just try a "zypper lu | grep bash"

Uwe

--
Novell Knowledge Associate
Please don't send me support related e-mail unless I ask you to do so.
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Online Update Question

On advise from a Linux person this is the procedure we used for our GroupWise and Data Synchronizer servers.
Hope it helps someone else.

rpm -qa | grep -E "bash|readline|openssl|http" | sort
suse_register -d 2 -L /root/.suse_register.log
zypper refresh -s
zypper repos
zypper -n -q lu 2>&1 | grep -E "^S|^-|bash|readline|openssl|http"
zypper -n -q lu 2>&1 | grep -E "bash|readline|openssl|http" | sed -e 's/ //g' | awk -F\| '{print $3}' | xargs -n 999 zypper update --download-only
zypper -n -q lu 2>&1 | grep -E "bash|readline|openssl|http" | sed -e 's/ //g' | awk -F\| '{print $3}' | xargs -n 999 zypper update
reboot
0 Likes
Highlighted
Knowledge Partner
Knowledge Partner

Re: Online Update Question

dkamp;2334851 wrote:
On advise from a Linux person this is the procedure we used for our GroupWise and Data Synchronizer servers.


Interesting way to patch 🙂 I'm curious, why not apply all patches for SLES, and just apply those selective patches? I'd opt for keeping the system as updated as possible for all packages that are running on it.

Cheers,
Willem
0 Likes
Highlighted
Absent Member.
Absent Member.

Re: Online Update Question

For security and political issues, we needed to show we were Proactive on the Bash, and OpenSSL issue. Since the Bash patch was so recent the Online Update did not show patch yet, so this is the method I was asked to do.
I do plan on scheduling a down time for any other patches as soon as they will allow downtime again.


>>>>>>>>>>>>>>>>>



>>> magic31magic31@no-mx.forums.novell.com> 9/29/2014 7:36 AM >>



> Interesting way to patch 🙂 I'm curious, why not apply all patches for
> SLES, and just apply those selective patches? I'd opt for keeping the
> system as updated as possible for all packages that are running on it.



> Cheers,
> Willem



--
Knowledge Partner (voluntary sysop)
---
If you find a post helpful and are logged into the web interface,
please show your appreciation and click on the star below it. Thanks!
------------------------------------------------------------------------
magic31's Profile: https://forums.novell.com/member.php?userid=2303
View this thread: https://forums.novell.com/showthread.php?t=479523
0 Likes
The opinions expressed above are the personal opinions of the authors, not of Micro Focus. By using this site, you accept the Terms of Use and Rules of Participation. Certain versions of content ("Material") accessible here may contain branding from Hewlett-Packard Company (now HP Inc.) and Hewlett Packard Enterprise Company. As of September 1, 2017, the Material is now offered by Micro Focus, a separately owned and operated company. Any reference to the HP and Hewlett Packard Enterprise/HPE marks is historical in nature, and the HP and Hewlett Packard Enterprise/HPE marks are the property of their respective owners.