Forum Stats

  • 3,733,511 Users
  • 2,246,777 Discussions
  • 7,856,747 Comments

Discussions

Is there a high risk when applying OVMSA patches?

4285826
4285826 Member Posts: 1
edited July 2020 in Oracle VM

I've been asked to submit this question because we have several critical databases on some OVM servers and there is concern there could be an outage when applying security patches. We don't have capacity to move the DBs to other hardware.

What is the best process for applying these patches?

Specifically:

Update for bind (OVMSA-2019-0027)

Update for freetype (OVMSA-2020-0001)

Update for ghostscript (OVMSA-2018-0285)

Update for kernel (OVMSA-2019-0044)

Update for libssh2 (OVMSA-2019-0028)

Update for ntp (OVMSA-2018-0290)

Update for openssh (OVMSA-2019-0013)

Update for openssl (OVMSA-2019-0040)

Update for polkit (OVMSA-2019-0008)

Update for qemu-kvm(OVMSA-2020-0010)

Update for sudo (OVMSA-2019-0050)

Update for Unbreakable Enterprise kernel (OVMSA-2019-0056)

Update for xen (OVMSA-2020-0018)

Answers

  • Simon Coter-Oracle
    Simon Coter-Oracle Member Posts: 67 Employee
    edited July 2020

    Hi,

    for kernel, openssl, qemu and xen you should theoretically reboot your physical server.

    That said, on OVM you can also leverage Ksplice to accomplish the same target without rebooting.

    I would suggest you to reach out Oracle Support to understand/work on the patching process.

    Simon

Sign In or Register to comment.