topic ITRC Run Patch-Assessment - Security Patch in Operating System - HP-UX

ITRC Run Patch-Assessment - Security Patch

Bayani Ramos — Fri, 27 Apr 2007 04:51:59 GMT

i'm running ITRC's patch assessment and im getting result of *none recommended* under security patch analyzer. I know some patches might not be applicable, but i'm sure a few should have been applicable. Just to be sure, i ran the patch assessment on 10 other servers and i get the same result under securitypatchanalyzer- *none recommended* (i included a server which i have not patched for almost a year - im sure that particular server must have at least 1 applicable security patch). anyone else getting the same result? How can i get in touch with an ITRC patch assessment developer to verify?

Re: ITRC Run Patch-Assessment - Security Patch

Peter Godron — Fri, 27 Apr 2007 06:33:20 GMT

Hi,
are you using the web based system?
Have you followed all the steps ?
Download and run the collection script
Uploaded the hostname.fs to the Patch Site
and so on.

See doc at:
http://docs.hp.com/en/5991-6449/ch11.html

Please read:
http://66.34.90.71/ITRCForumsEtiquette/after.html

Please also read:
http://forums1.itrc.hp.com/service/forums/helptips.do?#33
on how to reward any useful answers given to your questions.

Re: ITRC Run Patch-Assessment - Security Patch

Marco A. — Fri, 27 Apr 2007 06:52:16 GMT

Hello Bayani,

If ran the test on you server, and you get the inventory.xml file of them, after upload the file to the itrc, what did you get?

Or what procedure are you using to update the servers?!

I think that you are using this address .:

http://www1.itrc.hp.com/service/patch/addUpdateSystemsPage.do?BC=main|assess|

It must show you something if your servers are not patched.

Best rgds,

Marco

Re: ITRC Run Patch-Assessment - Security Patch

Bayani Ramos — Fri, 27 Apr 2007 07:36:48 GMT

Hi Guys,

First of all, thank you for replying.

I am running the patch assessment by executing swainv on the server -it will produce a file "inventory.xml". Then i upload this file to ITRC, choose a profile then run the assessment.

Im using the below address:
http://www2.itrc.hp.com/service/patch/assessSystemsPage.do?BC=main|

I have done this before, and i followed the same procedure. It is just strange that this time, i get not a single security patch, considering the inventory file that i uploaded came from a server that i have not patched for a long time - it should show at least one patch.

Guys, I just discovered something. I remembered i ran a patch assessment last week (17-April) on one of my server (i just ran the assessment but didnt actually patched the server). Below is part of the report:

Patches recommended by SecurityPatchAnalyzer (summary):
PHCO_32036 PHCO_33214 PHCO_33967 PHCO_34214 PHCO_34545 PHCO_35587 PHKL_34193
PHKL_34805 PHNE_29445 PHNE_32825 PHNE_33791 PHNE_34544 PHNE_34777 PHNE_35183
PHNE_35484 PHSS_30478 PHSS_31240 PHSS_31988 PHSS_32112 PHSS_32971 PHSS_33130
PHSS_33384 PHSS_34102 PHSS_35434

Now i ran again from the same server and choosing the same profile. Basically i did the same procedure. Below is part of the report:

Security patches not applicable, no matching fileset and/or version found on system:
PHCO_30402 PHCO_32036 PHCO_33214 PHCO_33215 PHCO_33967 PHCO_34214 PHCO_34545
PHCO_35587 PHKL_29896 PHKL_32669 PHKL_34193 PHNE_24164 PHNE_26988 PHNE_27796
PHNE_32449 PHNE_33791 PHNE_34131 PHNE_34544 PHNE_34672 PHNE_34936 PHNE_34988
PHNE_35183 PHNE_35484 PHSS_22540 PHSS_22678 PHSS_23067 PHSS_24843 PHSS_24864
PHSS_26933 PHSS_27259 PHSS_27411 PHSS_27547 PHSS_27639 PHSS_27668 PHSS_28558
PHSS_28677 PHSS_28679 PHSS_28705 PHSS_29120 PHSS_29121 PHSS_29338 PHSS_29626
PHSS_29645 PHSS_29987 PHSS_30478 PHSS_30538 PHSS_30669 PHSS_31065 PHSS_31066
PHSS_31067 PHSS_31069 PHSS_31179 PHSS_31240 PHSS_31933 PHSS_31988 PHSS_32046
PHSS_32176 PHSS_32357 PHSS_32358 PHSS_32380 PHSS_32406 PHSS_32423 PHSS_32514
PHSS_32543 PHSS_32690 PHSS_32692 PHSS_32781 PHSS_32918 PHSS_32966 PHSS_33038
PHSS_33130 PHSS_33252 PHSS_33253 PHSS_33256 PHSS_33257 PHSS_33280 PHSS_33384
PHSS_33538 PHSS_33627 PHSS_33659 PHSS_33783 PHSS_33797 PHSS_33842 PHSS_33845
PHSS_34008 PHSS_34098 PHSS_34102 PHSS_34202 PHSS_34288 PHSS_34761 PHSS_34870
PHSS_34887 PHSS_34949 PHSS_35113 PHSS_35142 PHSS_35164 PHSS_35434 PHSS_35579

You noticed that what was applicable last week is not applicable now? I'm sure i have not patched the server since 17-April.

For some reason, the securitypatchanalyzer now says those patches that were applicable to my server last week is not applicable now. Any idea why? Could i be doing something wrong?

Re: ITRC Run Patch-Assessment - Security Patch

Bob E Campbell — Sun, 29 Apr 2007 14:07:03 GMT

The ITRC and Software Assistant patch assessments have much in common and should be able to provide the same results for many of the assessment analyzers.

Get SWA from https://hp.com/go/swa and run the command:

# swa report -a SEC

for the Security analyzer. It should generally agree with one of your assessments, but will also report non-patch actions recommended by bulletins.

Re: ITRC Run Patch-Assessment - Security Patch

Steven E. Protter — Sun, 29 Apr 2007 14:57:40 GMT

Shalom,

It does make sense that as new security bullitens are released that the results change.

By posting this thread you have probably gotten the developers attention though you might want to open a response center call. Even if you don't have support if you found a bug they want to know.

SEP