Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [patch-management]

Patch Management refers to updating and patching systems, and particularly to tools and systems which automate this process for a large number of systems.

Patch Management refers to the important and never-ending task of installing software updates on systems, including the procedures involved with installing updates, defining update policies for an organization, and tools/systems to help with the patching process.

Patch Management may include patch selection methods (anything from manually reading the CVE list to automated vulnerability scans), patch deployment methods (manually installing patches, various software packages), and patch testing procedures (virtual environments, staged deployment, etc.)

Many tools (free and commercial) have evolved to help alleviate the workload. You may want to include a tag specific to the software you are using. Some examples include:

226 questions
0
votes
1 answer

Show files to be patched on .diff file and determine if they are patched or not

Having a .diff patch file, I'm trying to take actions in a shell script depending on if files listed in .diff file are: 1) already patched, 2) not patched, 3) not patchable. I found no way on GNU Patch to show this information in a non-interactive…
Emilio Lazo
  • 119
  • 3
0
votes
1 answer

linux + yum update - what this command covers?

we have red-hat version 6.x machine, I verified what are the missing security patches as the following: yum updateinfo list security available Loaded plugins: product-id, rhnplugin, security, subscription-manager This system is receiving updates…
yael
  • 43
  • 1
  • 3
  • 9
0
votes
1 answer

SCCM Server 2012 WMI Query For Missing Microsoft Patches On Specific Host

What is the appropriate WMI query to ask a 2012 SCCM server for a list of missing Microsoft patches on a specific host that the SCCM server manages. For example, say I want to check which patches are missing on a Windows 8 client that is at IP…
Chris
  • 1
  • 1
  • 2
0
votes
1 answer

Server in a unstable state after patching?

I'm about to patch some production server and i was wondering if they will be in a unstable state until de reboot (at night). I know there's 2 kind of patch, the ones who need a reboot and the others. Our servers run 2008 R2 x64. edit : We patch…
e1che
  • 119
  • 8
0
votes
1 answer

Best practices on patching build servers

We have a set of Linux servers that our developers use to compile software for our products we sell. We are currently in a stand off between our network security people saying the servers need to be patched, and the developers stating that patching…
Denham
  • 28
  • 4
0
votes
1 answer

Patch Management -- KPI Dasboard

Good day fellows, I'm looking to build a centralised dashboard to track the patch management KPI from our organisation, including workstations (Windows) & servers (Linux/Windows). Basically, I'm mainly looking to see the percentage of endpoints not…
Andre
  • 1,341
  • 4
  • 19
  • 34
0
votes
3 answers

Anticipating/preventing patch or upgrade problems on database/web servers

I maintain 2 environments in my current project, 2 servers (1 Web Server & 1 SQL Server) for both production and Test. Last month we installed/upgraded to the lated Microsoft patches/securities and the Report Manager from Reporting Services stopped…
Mac
  • 101
  • 2
0
votes
0 answers

up2date login & patch APIs for RHEL7

I am trying to achieve controlled patching of the RHEL machines in my network, for which I need to get the list of all patches onto a windows machine & distribute the missing ones. I have already familiazired myself with the login & update RPCs for…
Rangaraj KS
  • 101
0
votes
0 answers

KVM Through Patch Panels

I'm planning to add patch panels to our data center. We have around 30 machines connected directly to our switch today, and it's getting messy. The original installation was based on broadcast infrastructures where patch panels aren't used (I have…
Daniel
  • 101
  • 2
0
votes
1 answer

Patching GHOST Vulnerability # CVE-2015-0235 SLES 11 SP3

I need to upgrade a SLES 11 SP3 server for the new ghost vulnerability that has been discovered. According to http://www.cyberciti.biz/faq/cve-2015-0235-patch-ghost-on-debian-ubuntu-fedora-centos-rhel-linux/ I should be able to run zypper although…
Boardy
  • 258
  • 1
  • 4
  • 23
0
votes
1 answer

Linux glibc versions 2.18 and older - vulnerability

Server: Red Hat Enterprise Linux Server release 5.9 (Tikanga) I came to know that Linux GNU C Library (glibc) versions prior to 2.18 are vulnerable to remote code execution via a vulnerability in the gethostbyname function. Exploitation of this…
AKS
  • 115
  • 1
  • 8
0
votes
2 answers

Is it possible to identify a Solaris 10 patch cluster from showrev -p?

On a Solaris 10 X86 server, based purely on the showrev -poutput; is it at all possible to identify the date of the 10_x86_Recommended_CPU patch cluster used to update the machine? Which packages, in addition to the kernel patch level, would you…
Asgeir S. Nilsen
  • 373
  • 1
  • 3
  • 8
0
votes
1 answer

Files listed on WinShock (KB2992611) what do the different file sizes for the same file name mean?

Lsass.exe.mui 6.0.6002.23498 10,752 20-Sep-2014 03:46 Not applicable Lsasrv.dll.mui 6.0.6002.23498 50,688 20-Sep-2014 03:33 Not applicable Lsass.exe.mui 6.0.6002.23498 10,752 20-Sep-2014 03:35 Not applicable Lsasrv.dll.mui …
user249611
  • 1
0
votes
1 answer

How do I show I have installed security patch - KB971092

In Add / Remove programs there is a list of patches installed, also in the Help > About you can access all the Visual Studio patches. 971092 is an update to the visual studio service pack and doesnt appear to be listed in either of the above…
Paul Rowland
  • 115
  • 8
0
votes
1 answer

LanDesk, server patching trouble

I've a server that contains lanDesk and i use it for patching other servers. But i've a trouble with a server (we name it r2d2), in lanDesk it says that the patch is succefull but on r2d2 it says that the patch is not installed. How can i check it…
e1che
  • 119
  • 8
1 2 3
15 16