Server Fault Stack Exchange
Server Fault Stack Exchange

Questions tagged [patch-management]

Patch Management refers to updating and patching systems, and particularly to tools and systems which automate this process for a large number of systems.

Patch Management refers to the important and never-ending task of installing software updates on systems, including the procedures involved with installing updates, defining update policies for an organization, and tools/systems to help with the patching process.

Patch Management may include patch selection methods (anything from manually reading the CVE list to automated vulnerability scans), patch deployment methods (manually installing patches, various software packages), and patch testing procedures (virtual environments, staged deployment, etc.)

Many tools (free and commercial) have evolved to help alleviate the workload. You may want to include a tag specific to the software you are using. Some examples include:

226 questions
1
vote
2 answers

Installing MS09-056 (KB974571) on Live Communications Server

I've just installed this patch on a Live Communications Server 2005 server and LCS is refusing to start. I'm getting a wonderful event log claiming that the LCS instance is an expired evaluation (!) Looks like there's an incompatibility between this…
Richard Gadsden
  • 3,686
  • 4
  • 29
  • 58
1
vote
0 answers

Ubuntu, determine urgency of kernel patches to better control when systems need reboots

I'm using Ubuntu 14.04 I'm currently using unattended-upgrades to apply security patches to my systems. I've found that kernel patches are pretty frequent -- roughly 1 - 2 per week -- and of course a kernel patch requires a reboot. Except an…
JDS
  • 2,598
  • 4
  • 30
  • 49
1
vote
0 answers

Patching product configuration files that may contain custom settings

I'm curious to know if anyone has any suggestions on the best way to patch configuration files for software products that may contain custom settings. I'm familiar with diff, patch, diff3, etc... but those don't patch the differences in the files…
jr102
  • 11
  • 1
1
vote
1 answer

Upgrade of kernel for leap second vulnerability

I have heard of leap second vulnerability. The Redhat has recommended to the following fix https://access.redhat.com/articles/15145 My system is currently installed with RHEL 6.1. By following the link Redhat recommends to update to this…
KALAI SELVAN
  • 119
  • 4
1
vote
1 answer

Iptables ipt_time extension

I'm trying to get the ipt_time extension for netfilter/iptables to work on CentOS 5.3. It's a bloodbath. First of all, the HOWTO I linked is the official Netfilter Extension HOWTO, but it's also horribly outdated: so outdated, actually, that not…
Massimo
  • 70,200
  • 57
  • 200
  • 323
1
vote
2 answers

Puppet for Patch Management

I am thinking of using Puppet for massive patch management. The way to go with this, based on some research, is to create a class and apply it wherever you need, like in the following case: class mypack_update { package { 'mypack': # ensure =>…
trikelef
  • 518
  • 1
  • 7
  • 26
1
vote
1 answer

Regular Debian server-maintenance through package updates

We're hosting multiple Websites with different Content Management Systems, also with different Versions. There are multiple Debian servers running on one esxi. I want to introduce a Windows-like Patch day every month, where we upgrade the packages…
FrankV
  • 11
  • 1
1
vote
1 answer

VMWare Tools. How often to update and how to handle it?

We have about 8 ESXi Servers (5.5) and about 100 VMs. I always try to keep the ESXi Servers up to date with the vmware patches. This seems to work more or less well for me. Sometimes i need some weeks but i am always nearly up to date. (Thanks to…
frupfrup
  • 853
  • 4
  • 13
  • 27
1
vote
1 answer

WebLogic 10.3.2 LDAP Authentication failure after Domain Controller Patch MS14-066 (KB2992611)

I have configured a LDAP authenticator in my WebLogic 10.3.2 domain. Login worked until the domain controller was patched with MS14-066 (KB2992611). Domain Controller OS is Win Server2008R2 (x64). The logfile after a restart of domain service looks…
user254672
  • 21
  • 2
1
vote
1 answer

Microsoft updates feed

I'm trying to write a web scraper that will pull together information about security updates for various products but I cannot find one for microsoft products. As this is cross-platform and includes 3rd party programs too, a WSUS isn't going to do…
Keef Baker
  • 351
  • 1
  • 2
  • 8
1
vote
3 answers

powershell check windows update on a server

We have some 1000 + servers, we are doing monthly patching activity. i need to check the patches are updated on the servers or not, is it possible to check based on the Microsoft Security Bulletin numbers (eg. MS14-40.) by…
karthick
  • 327
  • 1
  • 4
  • 12
1
vote
5 answers

How can I determine the last time a Solaris machine was patched?

I am trying to determine patch levels and how long some Solaris machines have been without patching in order to support triaging which systems to patch first. How can I determine the last time a Solaris machine was patched?
romandas
  • 3,302
  • 8
  • 39
  • 44
1
vote
1 answer

(VMware) esxcli software vib update -n xxx, which vib version is selected for the module xxx

Although I have read VMware's official blog post http://blogs.vmware.com/vsphere/2013/10/are-esxi-patches-cumulative.html very carefully, there is still quite some mist. Now I ask one concise question here. On a pristine ESXi 5.0 machine, I update…
Jimm Chen
  • 1,749
  • 5
  • 18
  • 32
1
vote
2 answers

Will debian update packages that I've personally build from their official sources?

Hi and happy new year to you all.. Recently I've built nginx deb package v1.4.4 from debian backport source that of course I've added to the apt sources.list and things went great. My question: Will debian update packages that I've personally built…
Dr.SMS
  • 61
  • 8
1
vote
6 answers

Run WSUS in an isolated server

We have a test/integration environment (rig) running Windows HyperV with server VMs inside it. I'd like to manage patches in the rig (the hyper V hosts and the VMs inside, which are all on their own domain) but we cannot connect the rig to the…
Spence
  • 680
  • 3
  • 10
  • 19
1 2 3
15 16