Avatar of sunhux
sunhux
 asked on

commands / ways to check if latest Solaris 10 & WL patches are in

Other than asking the Unix admin, what's the commands or ways to
check if the latest Weblogic & Solaris patches have been applied?
Both are said to be applied on our Solaris 10 x86 servers.

I was googling for patch IDs for Apr2020's Solaris CPU but all
Oracle shows are CVE numbers, not showrev's Patch IDs (in
xxxxx-yy format)


Have encountered cases where the patches did not go in.

I can attach here the 'showrev -p' output;   for WL, what's the
output/screen shot you'll need?  Will provide on advice
VulnerabilitiesUnix OSLinux Distributions

Avatar of undefined
Last Comment
arnold

8/22/2022 - Mon
ASKER CERTIFIED SOLUTION
65td

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
sunhux

ASKER
Login via ssh to issue a command to check.

> opatch lsinventory
Is above a Solaris command or we need to install this tool?
I need it for Solaris & Weblogic on Solaris

From link below, appears tt $ORACLE_HOME/OPatch
dir needs to be present:
https://docs.oracle.com/middleware/12211/lcm/OPATC/GUID-56D6728D-5EDC-482B-B2E4-DDB20A64FA32.htm#OPATC106
SOLUTION
arnold

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
GET A PERSONALIZED SOLUTION
Ask your own question & get feedback from real experts
Find out why thousands trust the EE community with their toughest problems.
sunhux

ASKER
My role: cyber governance   & we have cases
where few servers are not patched for 1-2 yrs.
Got to check it before audit.

Can share the url to download the specific script?

showrev -p    is too confusing:
original question: what's the patch IDs for a given
Solaris & WL  CPU (Critical Patch Update) bundle?
Based on these patch IDs, I'll do a search on
the 'showrev -p' (for Solaris)  or   ???  for WL
arnold

Have not had access for a while.... Look at oracle, and your support there was a perl script that used the patchdiag.xref and the showrev -p
To present the information you are after.

Does the organization have a script, app repository.
They should have the script
Unless your setup is for live updates?..
All of life is about relationships, and EE has made a viirtual community a real community. It lifts everyone's boat
William Peck
SOLUTION
arnold

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
sunhux

ASKER
pca was not installed: our CAB (Change Advisory Board)
is not known to endorse installing 'optional' tools
SOLUTION
arnold

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.
sunhux

ASKER
Is pca & patchdiag.xref  for Solaris patches only or it
covers middlewares (eg: Weblogic, Struts, Apache
httpd as well??)
SOLUTION
arnold

THIS SOLUTION ONLY AVAILABLE TO MEMBERS.
View this solution by signing up for a free trial.
Members can start a 7-Day free trial and enjoy unlimited access to the platform.
See Pricing Options
Start Free Trial
⚡ FREE TRIAL OFFER
Try out a week of full access for free.
Find out why thousands trust the EE community with their toughest problems.