[Spacewalk-list] Erratas and affected systems
Avi Miller
avi.miller at oracle.com
Thu Jun 21 09:11:26 UTC 2018
Hi,
> On 21 Jun 2018, at 5:16 pm, jin&hitman&Barracuda <jinhitman at gmail.com> wrote:
>
> I may have another issue about errata deployment and there is no feasible explanation yet. At least I could not find. This time an errata (ELSA-2018-4145 ELSA-2018-4144) file has updates for more than one OL distribution. (Like OL5, OL6, OL7 and their sub channels). But when I looking at errata lists on the spacewalk the server says this errata file has no affected system.
You have listed two errata that share a single CVE. Each errata is associated with a single kernel version on a single major version of Oracle Linux. For the CVE in question (CVE-2018-3665/lazy FPU), we have released 7 individual errata. You can see them all listed here:
https://linux.oracle.com/cve/CVE-2018-3665.html
On the errata page, Spacewalk should list the affected system based on its major version and installed kernels. Spacewalk can show a single system affected for multiple errata for the same CVE too, because a single CVE may affect both the kernel (RHCK) and kernel-uek (UEK) packages.
You can check from the client to see if it believes it has available errata with a CVE associated:
# yum updateinfo list cves
If that returns results but Spacewalk isn’t showing the system as affected, then something is wrong with the profile sync between the client system and Spacewalk.
Cheers,
Avi
--
Oracle <http://www.oracle.com>
Avi Miller | Product Management Director | +61 (3) 8616 3496
Oracle Linux and Virtualization
417 St Kilda Road, Melbourne, Victoria 3004 Australia
More information about the Spacewalk-list
mailing list