Patch Management User Guide for HP-UX 11.x Systems (762796-001, March 2014)
Table Of Contents
- Patch Management User Guide for HP-UX 11.x Systems
- Contents
- 1 HP secure development lifecycle
- 2 HP-UX patches and patch management
- 3 Quick start guide for patching HP-UX systems
- 4 HP-UX patch overview
- 5 Patch management overview
- Patch management life cycle
- HP service contracts
- Patch management and software change management strategies
- Establishing a software change management strategy
- Recommendations for software change management
- Consideration of HP patch rating
- Patch management and software depots
- Proactive patching strategy
- Reactive patching strategy
- Advanced topic: security patching strategy
- Advanced topic: scanning for security patches
- Testing the patches to be installed
- 6 What are standard HP-UX patch bundles?
- 7 Using the HP Support Center
- Obtaining an HPSC user account
- Useful pages on the HPSC
- Find individual patches
- Advanced topic: checking for special installation instructions
- Advanced topic: checking for all patch dependencies
- Standard patch bundles
- Custom patch bundles - run a patch assessment
- Support information digests
- Ask your peers in the forums
- Search knowledge base
- 8 Using software depots for patch management
- Common software distributor commands for patching
- Depot types
- Using depots
- Viewing depots
- Creating and adding to a directory depot
- Registering and unregistering directory depots
- Verifying directory depots
- Removing software from a directory depot
- Removing a directory depot
- Installing patches from a depot
- Custom patch bundles
- 9 Using HP-UX Software Assistant for patch management
- 10 Using Dynamic Root Disk for patch management
- 11 The Patch Assessment Tool
- 12 Support and other resources
- 13 Documentation Feedback
- A Patch usage models
- Glossary
- Index
◦ Filesets must exist within a product.
◦ Although a patch has a unique name, the names of the filesets contained in a patch match
the corresponding base filesets that they patch.
• Product
◦ A product is a software object that is packaged and distributed for users to acquire and
install.
◦ Products are composed of one or more filesets and might additionally contain one or
more control scripts.
◦ A product can exist either within a bundle or as its own entity.
• Bundle
◦ A bundle is an encapsulation of products into a single software object.
◦ Bundles are, sometimes, optional software objects.
◦ Product objects are included in a bundle by reference only.
◦ If the products within the bundle are all patches, the bundle is known as a patch bundle.
For more information about these software objects, see the Software Distributor Administration
Guide on the HP Business Support Center website at http://www.hp.com/go/sd-docs.
Patch bundles
Patch bundles play an important role in patch management. A patch bundle is a collection of
patches that have been grouped into a single software object to meet a specific need. Many HP-UX
users find that acquiring and installing these bundles, as opposed to acquiring and installing
patches individually, simplifies the patch management process.
Your first encounter with patch bundles might be with the standard HP-UX patch bundles. These
bundles contain patches that HP has assembled to meet a specific need. For example, the basic
purpose of Quality Pack patch bundles is to deliver defect-fix patches for proactive maintenance.
HP releases updated versions of the bundles on a regular schedule and tests them to ensure a high
level of reliability. Using standard HP-UX patch bundles can be a less error-prone and more efficient
way to patch a system than acquiring and installing individual patches. For more information, see
Chapter 6: “What are standard HP-UX patch bundles?” (page 55).
Each patch bundle includes all patch dependencies for the successful installation of all patches
that apply to a system. Additionally, some patch bundles, such as HWEnable11i and FEATURE11i,
deliver patches for the successful installation of product bundles that include I/O driver products,
for example, USB-00. The selection of product bundles with patch dependencies will result in the
automatic selection of required patches from the applicable patch bundle. This automatic selection
of patch dependencies can simplify the management and installation of products or patches with
patch dependencies.
Patch bundles also make it easier for you to determine the current level of patches on a system.
For example, there could be hundreds of individual patches contained in an installed bundle, but
the swlist command lists, by default, only the bundle name rather than each individual patch
contained in the bundle.
For example, if you install March 2013 Quality Pack patch bundles on an HP-UX 11i v3 (B.11.31)
system, you get an output similar to the following:
QPKAPPS B.11.31.1303.391 Applications Patches for HP-UX 11i v3, March 2013
QPKBASE B.11.31.1303.391 Base Quality Pack Bundle for HP-UX 11i v3, March 2013
Patch-related concepts 19