Security update for oracle-update

SUSE Security Update: Security update for oracle-update
Announcement ID: SUSE-SU-2012:0765-1
Rating: important
References: #736238 #757705 #760074 #760660 #763895 #764049
Affected Products:
  • SUSE Manager 1.2 for SLE 11 SP1

  • An update that solves one vulnerability and has 5 fixes is now available.


    This package wraps the Oracle Server update process for the
    Oracle server included in SUSE Manager.

    On installation of this package it will pull and install
    the Oracle updates and patches, integrated so that SUSE
    Manager is correctly stopped, the databases converted and

    It contains a security helper script that may adjust the
    Oracle server listening on all network interfaces to just
    listen on localhost (CVE-2012-1675).

    To switch to a configuration that will restrict the
    listener to localhost only run the following command as

    spacewalk-service stop /opt/apps/db-update/smdba-netswitch
    localhost spacewalk-service start

    In case you want to revert to the previous configuration,
    just run:

    spacewalk-service stop /opt/apps/db-update/smdba-netswitch
    worldwide spacewalk-service start

    Security Issue references:

    * CVE-2012-1675

    Patch Instructions:

    To install this SUSE Security Update use YaST online_update.
    Alternatively you can run the command listed for your product:

    • SUSE Manager 1.2 for SLE 11 SP1:
      zypper in -t patch sleman12sp1-oracle-update-6368

    To bring your system up-to-date, use "zypper patch".

    Package List:

    • SUSE Manager 1.2 for SLE 11 SP1 (x86_64):
    • oracle-update-0.1-