Exalogic: Security Alert CVE-2021-4034 Patch Availability Document for Oracle Exalogic Infrastructure
(Doc ID 2846705.1)
Last updated on JULY 03, 2023
Applies to:
Oracle Exalogic Elastic Cloud Software - Version 2.0.6.3.0 and laterInformation in this document applies to any platform.
Linux x86-64
Oracle Virtual Server x86-64
Exalogic Virtual Releases 2.0.6.3.0 and higher versions
Exalogic Virtual Releases 2.0.6.4.0 and higher versions
Exalogic Physical Releases 2.0.6.3.0 and higher versions
Exalogic Physical Releases 2.0.6.4.0 and higher versions
Purpose
In response to Security Alert CVE-2021-4034, Oracle has released patches for Oracle Exalogic Infrastructure. The purpose of this document is to provide you
information on how to obtain and apply these security updates.
To be notified when this document changes, mark this article as a favorite, and follow instructions for email notification in following Note:
Subscribing to Hot Topic E-Mails - [VIDEO] (Doc ID 793436.2)
Scope
The updates provided in this MOS note apply to the following components on Exalogic:
- Compute nodes running Oracle Linux 6 on Physical
- Compute nodes running Oracle Linux 7 on Physical
- Guest vServers running Oracle Linux 6 on Virtual
- Guest vServers running Oracle Linux 7 on Virtual
- Control vServers (EC/PC1/PC2) running Oracle Linux 6 on Virtual
- Compute nodes running OVS 3.4.x on Virtual
Compute nodes running OVS 3.2.11 on Virtual are not affected by this vulnerability, since the polkit package is not installed on them out of the box.
The following components on Exalogic are in sustaining mode and will not receive updates for this vulnerability:
- Compute nodes running Oracle Linux 5 on Physical
- Guest vServers running Oracle Linux 5 on Virtual
Customers on Oracle Linux 5 are strongly recommended to move to Oracle Linux 6 or 7 as soon as possible.
Details
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
Purpose |
Scope |
Details |
For hosts running Oracle Linux 6 or OVS 3.4 |
For hosts running Oracle Linux 7 |
References |