PDA

View Full Version : SLES 11 SP4 Downloading and installing patches without zypper repository



ssuen
10-Jun-2016, 10:36
Hello, a quick one about applying system patches to SuSE SLES, e.g SLES 11 SP4.

Suppose we don't have any local or remote zypper repository configured for the server concerned and would like to apply the patch glibc 12406 to fix the CVE-2015-7547 issue and others.

Does it mean we have to download the listed rpm files from download.suse.com and run rpm -ivh on them one by one manually to patch the server?

* glibc-2.11.3-17.95.2.nosrc.rpm
* glibc-2.11.3-17.95.2.src.rpm
* glibc-2.11.3-17.95.2.x86_64.rpm
* glibc-32bit-2.11.3-17.95.2.x86_64.rpm
* glibc-devel-2.11.3-17.95.2.x86_64.rpm
* glibc-devel-32bit-2.11.3-17.95.2.x86_64.rpm
* glibc-html-2.11.3-17.95.2.x86_64.rpm
* glibc-i18ndata-2.11.3-17.95.2.x86_64.rpm
* glibc-info-2.11.3-17.95.2.x86_64.rpm
* glibc-locale-2.11.3-17.95.2.x86_64.rpm
* glibc-locale-32bit-2.11.3-17.95.2.x86_64.rpm
* glibc-profile-2.11.3-17.95.2.x86_64.rpm
* glibc-profile-32bit-2.11.3-17.95.2.x86_64.rpm
* nscd-2.11.3-17.95.2.x86_64.rpm

Is there a quicker way to install the patch in one go?

Thanks
Sunny Suen

smflood
10-Jun-2016, 10:58
On 10/06/16 10:44, ssuen wrote:

> Hello, a quick one about applying system patches to SuSE SLES, e.g SLES
> 11 SP4.
>
> Suppose we don't have any local or remote zypper repository configured
> for the server concerned and would like to apply the patch glibc 12406
> to fix the CVE-2015-7547 issue and others.
>
> Does it mean we have to download the listed rpm files from
> download.suse.com and run rpm -ivh on them one by one manually to patch
> the server?
>
> * glibc-2.11.3-17.95.2.nosrc.rpm
> * glibc-2.11.3-17.95.2.src.rpm
> * glibc-2.11.3-17.95.2.x86_64.rpm
> * glibc-32bit-2.11.3-17.95.2.x86_64.rpm
> * glibc-devel-2.11.3-17.95.2.x86_64.rpm
> * glibc-devel-32bit-2.11.3-17.95.2.x86_64.rpm
> * glibc-html-2.11.3-17.95.2.x86_64.rpm
> * glibc-i18ndata-2.11.3-17.95.2.x86_64.rpm
> * glibc-info-2.11.3-17.95.2.x86_64.rpm
> * glibc-locale-2.11.3-17.95.2.x86_64.rpm
> * glibc-locale-32bit-2.11.3-17.95.2.x86_64.rpm
> * glibc-profile-2.11.3-17.95.2.x86_64.rpm
> * glibc-profile-32bit-2.11.3-17.95.2.x86_64.rpm
> * nscd-2.11.3-17.95.2.x86_64.rpm
>
> Is there a quicker way to install the patch in one go?

If your server doesn't have access to any repositories then yes the only
way of patching your server is to download the relevant updated packages
from download.suse.com then install them by hand.

However you don't need to "loop" through each individually but instead
could save all the packages to the same directory then within the
directory do "rpm -Uvh *.rpm" (use -U to upgrade rather than -i to install).

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------

ssuen
10-Jun-2016, 14:21
Thanks Simon.

> However you don't need to "loop" through each individually but instead
> could save all the packages to the same directory then within the
> directory do "rpm -Uvh *.rpm" (use -U to upgrade rather than -i to install).

Very helpful suggestion indeed.
Now the prospect doesn't look that daunting to me any more.

ssuen
10-Jun-2016, 17:05
One more question, Simon.

Using the glibc patch as an example, is the readme file expected to instruct us in what order to apply rpm -Uvh to the constituent rpm files?

My concern is that if we just invoke rpm -Uvh *.rpm, we might as well run into some dependency issues.

smflood
13-Jun-2016, 13:51
On 10/06/16 17:14, ssuen wrote:

> One more question, Simon.
>
> Using the glibc patch as an example, is the readme file expected to
> instruct us in what order to apply rpm -Uvh to the constituent rpm
> files?
>
> My concern is that if we just invoke rpm -Uvh *.rpm, we might as well
> run into some dependency issues.

If you install/upgrade multiple packages by using the rpm command with a
wildcard rpm will take care of the order so dependencies will be met.

HTH.
--
Simon
SUSE Knowledge Partner

------------------------------------------------------------------------
If you find this post helpful and are logged into the web interface,
please show your appreciation and click on the star below. Thanks.
------------------------------------------------------------------------