My Oracle Support Banner

How to Patch the BDA for Linux Related Vulnerabilities Using Official Oracle Linux rpms on OL6 and OL7 (Doc ID 2368311.1)

Last updated on JULY 23, 2021

Applies to:

Big Data Appliance Integrated Software
Linux x86-64

Purpose

Oracle supports customers updating any vulnerabilities within the parameters specified by the MOS note (Doc id 2132520.1 - Guidelines for software/security patching on BDA).

The note here provides details on how to patch the BDA for Linux related vulnerabilities using official Oracle Linux rpms.

It not does not cover UEK-Kernel or JDK patching. For vulnerabilities requiring either of those respectively see:

 

 

Scope

Anyone patching the BDA for Oracle Linux 6 or Oracle Linux 7 related vulnerabilities using official Oracle Linux rpms.

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
 Overview
 Known Issues
 Frequently Asked Questions
 Is it ok to apply CPU OS related updates on BDA servers?
 What is the best way to update a list of packages from the security filter?
 Does OS package update require downtime?
 If the UEK kernel can not be updated, why is it ok to update the non-UEK kernel packages?
 The oracle-ofed-release package shows up on some dependency lists. What is that?
 Is it ok to update rdma as as side-effect of updating the oracle-ofed-release package?
 Do all the details here, including upgrading the non-UEK kernel apply to X7-2 or higher server hardware?
 Is it ok to use "--skip-broken" to resolve a dependency on the BDA?
 Background
 Important Considerations and Recommendations
 How to upgrade the rdma
 How to upgrade the non-UEK kernel
 Recommendations for package upgrade
 How to Verify if a Fix for Vulnerability or Advisory is Implemented on the BDA
 Verify/Remediate a Specific Vulnerability or Advisory
 Determine the required packages for a specific vulnerability/advisory
 Check for the presence of a specific vulnerability/advisory on the BDA
 Preliminary Steps
 Verify the Security Plugin is Present - OL6 ONLY
 Update Security Information
 Remediate a vulnerability/advisory if present
 Preliminary Steps
 Remediate a CVE
 Remediate an ELSA
 Post remediation steps
References


My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.