How to Patch the BDA for Linux Related Vulnerabilities Using Official Oracle Linux rpms on OL6 and OL7 (Doc ID 2368311.1)

Last updated on JUNE 28, 2024

Applies to:

Big Data Appliance Integrated Software
Linux x86-64

Purpose

Oracle supports customers updating any vulnerabilities within the parameters specified by the MOS note (Doc id 2132520.1 - Guidelines for software/security patching on BDA).

The note here provides details on how to patch the BDA for Linux related vulnerabilities using official Oracle Linux rpms.

It not does not cover UEK-Kernel or JDK patching. For vulnerabilities requiring either of those respectively see:

How To Upgrade a Kernel on BDA V4.2 and Higher/V4.1(Doc ID 2033797.1).
Instructions for Installing a Higher JDK Version on a BDA Cluster than the Default Provided by Mammoth Using RPMs (Doc ID 2262922.1).

Scope

Anyone patching the BDA for Oracle Linux 6 or Oracle Linux 7 related vulnerabilities using official Oracle Linux rpms.

Details

	To view full details, sign in with your My Oracle Support account.
	Don't have a My Oracle Support account? Click to get started!

In this Document

Frequently Asked Questions

Is it ok to apply CPU OS related updates on BDA servers?

What is the best way to update a list of packages from the security filter?

Does OS package update require downtime?

If the UEK kernel can not be updated, why is it ok to update the non-UEK kernel packages?

The oracle-ofed-release package shows up on some dependency lists. What is that?

Is it ok to update rdma as as side-effect of updating the oracle-ofed-release package?

Do all the details here, including upgrading the non-UEK kernel apply to X7-2 or higher server hardware?

Is it ok to use "--skip-broken" to resolve a dependency on the BDA?

Important Considerations and Recommendations

How to upgrade the rdma

How to upgrade the non-UEK kernel

Recommendations for package upgrade

How to Verify if a Fix for Vulnerability or Advisory is Implemented on the BDA

Verify/Remediate a Specific Vulnerability or Advisory

Determine the required packages for a specific vulnerability/advisory

Check for the presence of a specific vulnerability/advisory on the BDA

Preliminary Steps

Verify the Security Plugin is Present - OL6 ONLY

Update Security Information

Remediate a vulnerability/advisory if present

Preliminary Steps

Remediate a CVE

Remediate an ELSA

Post remediation steps

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.