Finding Important Errata and CVE Information on ULN
By Michele Casey on Jan 14, 2013
I have recently received several questions about how to find information relating to critical security updates or important errata releases for Oracle Linux. I realized that perhaps people were not aware of the new features and improvements to Unbreakable Linux Network (ULN), which assist users with common administrative tasks. I wanted to take a quick moment to highlight for you some of the changes we have made. First, there are two links you will want to bookmark:
Each link will allow the user to evaluate what updates have been made available for Oracle Linux.
With https://linux.oracle.com/errata you are able to view all errata releases available, listed by type, severity, advisory, summary and release date. In addition, you are also able to filter this list by release and/or type (Bug, Security, Enhancement) and if you select an item from the list you will receive additional details regarding the errata, including a description, related CVEs and the packages updated by the errata. You can also navigate to this same information by logging into ULN and selecting the 'Errata' tab from the options across the top.
For those who need information on security errata involving CVE identifiers (Common Vulnerabilities and Exposures) we have created https://linux.oracle.com/cve. This site allows you to gather information on important CVE identifiers, by providing a summary of all CVE offered through ULN. This summary is listed by CVE identifier and includes a brief synopsis and the release date. You can also filter the list by year. In addition, when you select a specific CVE identifier, you will receive additional details, such as information on CVSS v2 metrics as well as affected platforms.
We have been working to bring more features to ULN and these updates should provide more tools to simplify your administrative activities. Happy patching!