There are 2 new patch sites available for Compliance customers.
- Updates for Linux Applications Middleware
- Updates for Windows Applications Middleware
I wanted to explain a bit about the sites in general and cover some frequently asked questions, especially those that differ from “Updates for Windows Applications Extended”.
What content is in the sites?
Look for the “All Items:” list in the newest patch release announcements for the sites.
Examples:
- Content Modification: Updates for Linux Applications Middleware published 2022-07-19
- Content Modification: Updates for Windows Applications Middleware published 2022-07-14
Can I deploy this content directly to my production servers?
Probably not.
You should test this content first. You should be making backups before patching. Depending on the OS / Software being patched, you may need to stop services first before installing the patches. You may even need to stop services on other endpoints before patching the database on a separate endpoint. This is something that BigFix Server Automation can help with, but it is outside of the scope of a single fixlet. That said, the content from these sites can be used within a BigFix Server Automation plan to automate a complex server patching scenario.
How do I get the sites?
If you are a Compliance customer, as a Master Operator, look to enable the sites in the License Overview dashboard in the Windows Console. This only needs to be done once per BigFix Root Server. You will then have to set which computers are subscribed to the site once the first gather has completed.
What are the supported platforms?
Updates for Windows Applications Middleware
- Windows Server
Only those currently receiving updates from Microsoft are intended to be supported, and only the versions of the platforms that the software vendor lists as supported. Windows Desktop is not excluded, and in many cases will work, but only experimentally.
Updates for Linux Applications Middleware
- RHEL Family
- Ubuntu LTS
- SUSE
Only those Linux distros currently receiving updates are intended to be supported. In the case of Ubuntu, only long term serving (LTS) branches. Not all vendors officially support the same set of Linux distros as others, so it will vary depending on software title.
What makes the Oracle content different?
In the “Updates for Linux Applications Middleware” site there is “audit only” content for OracleDB. This content requires running a policy action to get the data about what version of OracleDB is present in order for the “audit only” content to become relevant.
These are the Tasks which should be deployed to reapply once a day to once a week:
- Get Patch List - Oracle ASM_RAC - Linux - Preview
- Get Patch List - Oracle Standalone DB - Linux - Preview
The oracle content will only be evaluated once every two hours to reduce impact on client evaluation loop. This is something we are considering for all of the extended / middleware content.
Will the middleware sites be available in WebUI Patch Policies?
No.
We think the complexity of patching middleware does not fit within the model of WebUI Patch Policies / Autopatch.
How do I request new software be added?
NOTE: Federal customers should contact Devaughn Rackham instead of using the Ideas Portal.
Please submit an Idea to the section currently labeled “Content” in the HCL BigFix Ideas Portal with the name of the software, the webpage you download the software from, and an example link to the actual downloaded file.
This section may be renamed from “Content” in the future.
Also, please vote on existing ones that you would like to see.