Red Hat Training

A Red Hat training course is available for Red Hat Satellite

Chapter 7. Viewing and Applying Errata

Software packages in Red Hat products are subject to updates, referred to as errata, that are released at regular intervals as well as asynchronously. Red Hat Satellite provides tools to inspect and filter errata, allowing for precise update management. This way, you can select relevant updates and propagate them through content views to selected content hosts. See Chapter 5, Using Content Views) for more information on content views.
To apply the latest updates, make sure you have correctly synchronized the Satellite content. For more information on synchronizing content, see Section 4.2.3, “Synchronizing Content” for a connected Satellite and Section 4.2.3, “Synchronizing Content” for a disconnected Satellite. Navigate to MonitorContent Dashboard to see the overview of errata synchronization.
Errata contain advisories that describe the changes introduced by the update. There are three types of advisories (in order of importance):
  • Security Advisory describes fixed security issues found in the package. The security impact of the issue can be Low, Moderate, Important, or Critical.
  • Bug Fix Advisory describes bug fixes for the package.
  • Product Enhancement Advisory describes enhancements and new features added to the package.

Note

Errata are labeled according to the most important advisory type they contain. Therefore, errata labeled as Product Enhancement Advisory can contain only enhancement updates, while Bug Fix Advisory errata can contain both bug fixes and enhancements, and Security Advisory can contain all three types.
In Red Hat Satellite, two keywords describe errata with regard to their relationship to the available content hosts:
  • Applicable: errata applies to one or more content hosts, which means it updates packages present on the content host. Applicable errata are not yet accessible by the content host.
  • Installable: errata applies to one or more content hosts and it has been made available to the content host. Installable errata are present in the content host’s life cycle environment and content view, but are not yet installed. This way, errata can be installed by users that have permissions to manage content hosts, but are not entitled for errata management at higher levels.

7.1. Inspecting Available Errata

The following procedure describes how to view and filter the available errata and how to display metadata of the selected advisory.

Procedure 7.1. To Inspect Available Errata:

  1. Navigate to ContentErrata to view the list of available errata.
  2. Use the filtering tools on the top of the page to limit the number of displayed errata:
    • Select the repository to be inspected from the drop-down list. All Repositories is selected by default.
    • The Applicable check box is selected by default to view only errata applicable to the selected repository. Select the Installable check box to view only errata marked as installable.
    • To search the table of errata, type the query in the Search field in the form of:
      parameter operator value
      See Table 7.1, “Parameters Available for Errata Search” for the list of parameters available for search, find the list of applicable operators in Table 16.2, “Supported Operators for Granular Search”. Automatic suggestion works as you type, you can also combine queries with the use of and and or operators. For example, to display only security advisories related to the kernel package, type:
      type = security and package_name = kernel
      Press Enter to start the search.
  3. Click Errata ID of the errata you want to inspect:
    • The Details tab contains the description of the updated package as well as documentation of important fixes and enhancements provided by the update.
    • On the Content Hosts tab, you can apply the errata to selected content hosts as described in Section 7.2, “Applying Errata to Content Hosts”.
    • The Repositories tab lists repositories that already contain the errata. You can filter repositories by the environment and content view, and search for them by the repository name.

Table 7.1. Parameters Available for Errata Search

ParameterDescriptionExample
bug Search by the Bugzilla number. bug = BZ#1172165
cve Search by the CVE number. cve = CVE-2015-0235
id Search by the errata ID. The auto-suggest system displays a list of available IDs as you type. id = RHBA-2014:2004
issued Search by the issue date. You can specify the exact date, like "Feb 16,2015", or use keywords, for example "Yesterday", or "1 hour ago". The time range can be specified with the use of the "<" and ">" operators. issued < "Jan 12,2015"
package Search by the full package build name. The auto-suggest system displays a list of available packages as you type. package = glib2-2.22.5-6.el6.i686
package_name Search by the package name. The auto-suggest system displays a list of available packages as you type. package_name = glib2
severity Search by the severity of the issue fixed by the security update. One of Critical, Important, Moderate. severity = Critical
title Search by the advisory title. title ~ openssl
type Search by the advisory type. Specify security, bugfix, or enhancement. type = bugfix
updated Search by the date of the last update. You can use the same formats as with the issued parameter. updated = "6 days ago"