Patch Management User Guide for HP-UX 11.x Systems (762796-001, March 2014)
Table Of Contents
- Patch Management User Guide for HP-UX 11.x Systems
- Contents
- 1 HP secure development lifecycle
- 2 HP-UX patches and patch management
- 3 Quick start guide for patching HP-UX systems
- 4 HP-UX patch overview
- 5 Patch management overview
- Patch management life cycle
- HP service contracts
- Patch management and software change management strategies
- Establishing a software change management strategy
- Recommendations for software change management
- Consideration of HP patch rating
- Patch management and software depots
- Proactive patching strategy
- Reactive patching strategy
- Advanced topic: security patching strategy
- Advanced topic: scanning for security patches
- Testing the patches to be installed
- 6 What are standard HP-UX patch bundles?
- 7 Using the HP Support Center
- Obtaining an HPSC user account
- Useful pages on the HPSC
- Find individual patches
- Advanced topic: checking for special installation instructions
- Advanced topic: checking for all patch dependencies
- Standard patch bundles
- Custom patch bundles - run a patch assessment
- Support information digests
- Ask your peers in the forums
- Search knowledge base
- 8 Using software depots for patch management
- Common software distributor commands for patching
- Depot types
- Using depots
- Viewing depots
- Creating and adding to a directory depot
- Registering and unregistering directory depots
- Verifying directory depots
- Removing software from a directory depot
- Removing a directory depot
- Installing patches from a depot
- Custom patch bundles
- 9 Using HP-UX Software Assistant for patch management
- 10 Using Dynamic Root Disk for patch management
- 11 The Patch Assessment Tool
- 12 Support and other resources
- 13 Documentation Feedback
- A Patch usage models
- Glossary
- Index
For more information about listing the products on a system, see “Which patches are on a system?”
(page 23).
You might also find yourself working with patch bundles if you use the HPSC Patch Assessment
Tool, which allows you to create your own custom patch bundles. For more information, see
Chapter 11: “The Patch Assessment Tool” (page 92).
Software depots and patch depots
Software depots, or simply depots, are an integral part of patch management. A depot is a special
type of file or directory that has been formatted for use by SD-UX as a software repository. In the
general case, depots contain a diverse array of software products. A depot can exist as a directory
tree on a SD-UX file system or on CD or DVD media, and it can exist as a tape archive (tar)
archive on serial media (tape). All depots share a single logical format, independent of the type
of media on which the depot resides. Depots can reside on a local or remote system. You can
package software directly into a depot or copy packaged software into the depot from elsewhere.
This guide focuses on depots as repositories for patches and patch bundles. Such depots can be
referred to as patch depots.
Patch depots are a very effective mechanism for managing patches. You can create your own
custom patch depots to meet various patch management needs. You can also create special depots
to be located on a patch server that acts as a source for patch or bundle installations on other
systems.
HP uses patch depots to deliver patches and patch bundles. For more information about depots,
see Chapter 8: “Using software depots for patch management” (page 67).
Patch status
Patches have an associated status. The initial value of a patch's status does not change, but over
the life of the patch, modifiers might be added (as described in this section). You can find the value
for a patch's status in the Status field. This field is in the patch’s patch details page on the HPSC
and in the patch text file. To obtain the most up-to-date values for patch status, use the patch details
page. A patch status has the following values and modifiers to describe it.
Initial values for patch status include the following:
• General Release (GR)
HP has approved GR patches for widespread use.
• Special Release (SR)
HP intends an SR patch for limited distribution. It is available only through special channels.
Modifiers for patch status values include the following:
• Superseded
Indicates that the patch has been replaced by a newer patch. For more information about
supersession, see “Ancestors and supersession” (page 27).
Results in the additional patch status values General Superseded and Special
Superseded.
• With Warnings
Indicates that the patch has an associated warning. For more information about warnings,
see “Patch warnings” (page 41).
Results in the additional patch status values General Release With Warnings and
Special Release With Warnings.
Most patches have a status of General Release or General Superseded.
20 HP-UX patch overview