I recently upgraded by OVM to 3.4.3(.1511), but now my Oracle Enterprise Linux 6.9 PVM guests won’t start up any more. They don’t finish the ‘Starting automount’ in the boot / startup screen. It does not fail, it just won’t continue.
There is nothing special in the /etc/fstab I guess… : Continue reading →
It seems Oracle VM (<=3.3.1 *) and Oracle Linux (<= 5.10/6.6 *) both install ISOs and installed OS’s are not capable of booting when UEFI on the bare-metal hardware is used. I have seen two configurations now where this happened, one using a USB HDD drive capable providing a ISO to boot from as CD/DVD (Zalman ZM-VE300) and one HP iLO4 (http and local ISO) ‘remote’ booting. Continue reading →
When one is looking for the OpenSSL fix 1.0.1g for Oracle (Red Hat) Linux 6, the fixed package version is ‘1.0.1e-16.el6_5.7’. I think this a bit misleading, because OpenSSL 1.0.1e is subject to the bug (CVE-2014-0160). But from the Red Hat site: and Orcale MetaLink (MOS Note 1663998.1): “Version openssl-1.0.1e-16.el6_5.7 included a fix backported from openssl-1.0.1g“.
Some simple OS tests can produce a false-positive to heartbleed tests, becasue it could look only for text other than 1.0.1g.
To update to the ‘latest’ OpenSSL version, enable the [OL6_latest] repository en ‘yum update openssl’:
Setting up Update Process
--> Running transaction check
---> Package openssl.x86_64 0:1.0.1e-15.el6 will be updated
---> Package openssl.x86_64 0:1.0.1e-16.el6_5.7 will be an update
--> Finished Dependency Resolution
Testing for processes using OpenSSL
One can test if processes are using OpenSSL (not a heartbleed vulnerability test), by issuing one of these two following commands:
$ lsof | awk 'NR==1 || $0~/libssl.so.1.0.1e/'
$ grep libssl.so.1.0.1 /proc/*/maps |cut -d/ -f3 |sort -u |xargs -r -- ps uf
OpenSSL Security Bug – Heartbleed / CVE-2014-0160
Document written at April the 18th, 2014…
Happy blee, uh, testing and patching!