Jump to content
Compatible Support Forums
Sign in to follow this  
Followers 0
news

[security-announce] SUSE-SU-2012:0765-1: important: Security update for oracle-update

By news, in Upcoming News

Recommended Posts

news    28

news
Posted

SUSE Security Update: Security update for oracle-update

______________________________________________________________________________

 

Announcement ID: SUSE-SU-2012:0765-1

Rating: important

References: #736238 #757705 #760074 #760660 #763895 #764049

 

Cross-References: CVE-2012-1675

Affected Products:

SUSE Manager 1.2 for SLE 11 SP1

______________________________________________________________________________

 

An update that solves one vulnerability and has 5 fixes is

now available.

 

Description:

 

 

This package wraps the Oracle Server update process for the

Oracle server included in SUSE Manager.

 

On installation of this package it will pull and install

the Oracle updates and patches, integrated so that SUSE

Manager is correctly stopped, the databases converted and

restarted.

 

It contains a security helper script that may adjust the

Oracle server listening on all network interfaces to just

listen on localhost (CVE-2012-1675).

 

To switch to a configuration that will restrict the

listener to localhost only run the following command as

root:

 

spacewalk-service stop /opt/apps/db-update/smdba-netswitch

localhost spacewalk-service start

 

In case you want to revert to the previous configuration,

just run:

 

spacewalk-service stop /opt/apps/db-update/smdba-netswitch

worldwide spacewalk-service start

 

Security Issue references:

 

* CVE-2012-1675

 

 

 

Patch Instructions:

 

To install this SUSE Security Update use YaST online_update.

Alternatively you can run the command listed for your product:

 

- SUSE Manager 1.2 for SLE 11 SP1:

 

zypper in -t patch sleman12sp1-oracle-update-6368

 

To bring your system up-to-date, use "zypper patch".

 

 

Package List:

 

- SUSE Manager 1.2 for SLE 11 SP1 (x86_64):

 

oracle-update-0.1-0.5.8.1

 

 

References:

 

http://support.novell.com/security/cve/CVE-2012-1675.html

https://bugzilla.novell.com/736238

https://bugzilla.novell.com/757705

https://bugzilla.novell.com/760074

https://bugzilla.novell.com/760660

https://bugzilla.novell.com/763895

https://bugzilla.novell.com/764049

http://download.novell.com/patch/finder/?keywords=a0b8b5031c3d0c502432381a5213b6c2

 

--

To unsubscribe, e-mail: opensuse-security-announce+unsubscribe ( -at -) opensuse.org

For additional commands, e-mail: opensuse-security-announce+help ( -at -) opensuse.org

 

 

 

Share this post

Link to post

Please sign in to comment

You will be able to leave a comment after signing in



Sign In Now
Sign in to follow this  
Followers 0
Go To Topic Listing Upcoming News
×