Security update for oracle-update
SUSE Security Update: Security update for oracle-update
This package wraps the Oracle Server update process for the
Oracle server included in SUSE Manager.
On installation of this package it will pull and install
the Oracle updates and patches, integrated so that SUSE
Manager is correctly stopped, the databases converted and
restarted.
It contains a security helper script that may adjust the
Oracle server listening on all network interfaces to just
listen on localhost (CVE-2012-1675).
To switch to a configuration that will restrict the
listener to localhost only run the following command as
root:
spacewalk-service stop /opt/apps/db-update/smdba-netswitch
localhost spacewalk-service start
In case you want to revert to the previous configuration,
just run:
spacewalk-service stop /opt/apps/db-update/smdba-netswitch
worldwide spacewalk-service start
Security Issue references:
* CVE-2012-1675
>
http://support.novell.com/security/cve/CVE-2012-1675.html
https://bugzilla.novell.com/736238
https://bugzilla.novell.com/757705
https://bugzilla.novell.com/760074
https://bugzilla.novell.com/760660
https://bugzilla.novell.com/763895
https://bugzilla.novell.com/764049
http://download.suse.com/patch/finder/?keywords=a0b8b5031c3d0c502432381a5213b6c2
| Announcement ID: | SUSE-SU-2012:0765-1 |
| Rating: | important |
| References: | #736238 #757705 #760074 #760660 #763895 #764049 |
| Affected Products: |
An update that solves one vulnerability and has 5 fixes is now available.
Description:
This package wraps the Oracle Server update process for the
Oracle server included in SUSE Manager.
On installation of this package it will pull and install
the Oracle updates and patches, integrated so that SUSE
Manager is correctly stopped, the databases converted and
restarted.
It contains a security helper script that may adjust the
Oracle server listening on all network interfaces to just
listen on localhost (CVE-2012-1675).
To switch to a configuration that will restrict the
listener to localhost only run the following command as
root:
spacewalk-service stop /opt/apps/db-update/smdba-netswitch
localhost spacewalk-service start
In case you want to revert to the previous configuration,
just run:
spacewalk-service stop /opt/apps/db-update/smdba-netswitch
worldwide spacewalk-service start
Security Issue references:
* CVE-2012-1675
Patch Instructions:
To install this SUSE Security Update use YaST online_update.
Alternatively you can run the command listed for your product:
- SUSE Manager 1.2 for SLE 11 SP1:
zypper in -t patch sleman12sp1-oracle-update-6368
To bring your system up-to-date, use "zypper patch".
Package List:
- SUSE Manager 1.2 for SLE 11 SP1 (x86_64):
- oracle-update-0.1-0.5.8.1