Patch management
Use Patch management to identify and install patches for operating systems and many products. Click Patch management in the main menu.
HPE releases updates, in the form of patches, based on issue resolution and functional enhancements. These updates are an important part of maintaining a system's health. System administrators and other users can keep their operating environment up to date by downloading and installing patches and product update sets.
You must be signed in with your HPE Passport ID and have an active contract or warranty linked or shared to your account. For more information see Patch Access for HPE Operating Environments.
Patch management has sections that display your patch privileges, patches available for any system, patches for your uploaded HP-UX system, and links for more information about certain operating systems:
My patch privileges
Click View my patch access in the left navigation area of Patch management, to reach My patch privileges:
My Patch Privileges lists your access to patches for various platforms. You have entitled access if your HPE Support Center (HPESC) profile is associated with a valid contract or warranty, by one or more of the following means:
- You are linked as the owner, in single mode, to a contract that enables access.
- You are linked in multiple mode to a contract that enables access.
- You are a member of a user group associated with a contract share that includes a contract that enables access.
- You are a member of a user group associated with a device group containing a device that is covered by a contract that enables access.
For more information about linking, see My contracts and warranties.
Your access to patches for specific platforms is shown under the Current Patch Access heading. Platforms with a valid contract or warranty list a patch access value of Yes. A patch access value of No indicates that a valid contract or warranty is not linked to your profile and access is unavailable. Click the lock icon to see the access requirements.
Your current role in the HPESC is also listed next to the Current Patch Access heading: customer, authorized partner, or employee.
See More Information on Access to HPE Support Materials for access details for specific products.
To obtain support coverage, please contact your local HPE office, HPE sales representative, or Contact HPE.
Find a patch if you know its ID
Find a specific patch if you know its ID, using the search box on the left navigation bar:
Patches for any system
Click an operating system in the list to reach a search page specific to that operating system:
Select the OS revision and search method from the drop-down lists:
The search methods are as follows:
- Search by keyword. Enter the keyword in the Search text text box and use a radio button. If using Boolean, use standard search characters (plus, minus, quotes, asterisk) to narrow your searches.
- Search by patch IDs if you know the ID of the patch.
- Browse patch list returns a complete list for the selected context.
Each row in the search results table includes a description, the patch ID, which is a link to the details page, and optionally, a symbol:
Symbols are defined in the glossary:
Click the text next to any item in the glossary for details.
Click a patch ID to go to its details page where you can view the readme file and add the patch to your patch list.
Find Patches by Product
On the main patch page, if you have a patch privilege:
Select by product to see patches and product documentation:
Download product patches the same way you download OS patches.
Patch Bundles
A patch bundle is a set of patches for HP-UX that have received extra testing as a group and are packaged together, with the individual patches intact.
A patch aggregate kit is one large patch kit (for OpenVMS and Tru64 UNIX), that contains several individual patches that have been repackaged. On OpenVMS these are also called "update kits".
Select an OS from the list to reach the patch bundle index. If you know the patch ID, enter it in the search box and click find bundles. Or click a release to see its contents. Multiple bundles are sometimes packaged in the same depot, and must be downloaded as a unit. In this case, the depot name is listed instead of the bundle name.
Add a bundle to a patch list
Click Add to my Patch List to add the bundle. If any of the patches in the bundle have acquired warnings since the bundle's release, you can select replacement patches. A table lists all the patches in the bundle for your reference.
Selected patch list
The staging area for downloads, Selected patch list appears when you add to selected patch list from the patch results list or from a patch details page. You can also reach it from My patch list in the left navigation bar.
Each OS and revision combination has one associated patch list. If you used My Uploaded HP-UX System, lists for your uploaded system appear here as well. The lists are separated to facilitate the bundling of patches for a particular system.
Selected patch list also contains patches required by the patches you have already selected. Required patches are considered part of the total solution so are included in the selected patch list.
Use the Remove button to remove unneeded patches. This removes both the original patch and any of its required patches.
If you already have a required patch, skip downloading it by unchecking the associated check box.
Download Patches
Click Download selected from a patch list to reach the download patches page:
To add or remove patches to be downloaded, return to the selected patch list using the link on the left navigation bar. Click Download selected again to return to the download patches page.
To download all selected patches at once, select the file package type (zip, gzip, or tar) before downloading. MPE users must use tar.
Download patches individually using the download button next to the patch.
File fingerprints
To validate that patch content has not been tampered with, corrupted or otherwise altered since it was created, file fingerprints are displayed for all content on the download list. These are provided by the patch content creator and are validated by HPE Support Center.
The HPE standard mechanism for file fingerprints is MD5 message digest hashes. The md5sum command is a more secure alternative to the cksum command. It is based on the standard MD5 algorithm which provides 128-bit long fingerprints and which enables you to verify with a very high degree of certainty the integrity of a downloaded package.
Checksum fingerprints are also displayed when they are available. The cksum command is a file integrity checker currently available on HP-UX, Tru64 UNIX and Linux. A variant is available on OpenVMS. It is based on a weak (by current standards) cyclic redundancy check mechanism (32-bit wide), and is prone to high collision rates. Checksum fingerprints should be used with caution since they are platform-dependent. For example checksum fingerprints generated for OpenVMS can only be validated with OpenVMS.
Corrupt download archives
In some cases, when patches are downloaded as a zip package using Microsoft Internet Explorer, a "corrupt archive" message appears when trying to unzip the package. This may happen even though there were no error messages during the download and it appears the package was built correctly.
The problem is caused by either a large download timing out on the client side before it starts due to zip ramp up overhead, or the client machine runs out of space mid-download. The problem is unique to Microsoft Internet Explorer, which buffers all downloads. For example, a 5 MB download really requires 10 MB of space during the download. If the download fails, there is no error message but the resulting file is truncated.
To correct this problem:
- Ensure there is adequate disk space for buffering on the hard drive.
- Download patches in smaller batches.
Patches for my uploaded HP-UX system
If you have access to this feature, you can find HP-UX patches customized to your system by running a script that creates an inventory, and uploading the results to HPE:
- Download swainvswainv is a Posix shell script that collects the names and revisions of all the products installed on your system. via ftp or http.
- cd to the directory containing the swainv script, set execute permission, and run it. You do not need to be root. The results of the script are written into the ascii file inventory.xml.
- Upload inventory.xml to Patch Management.
After you have uploaded the file you can search for patches, bundles, products, and patch sets applicable to your system. You can also perform a patch assessment to find the set of patches necessary to bring your system to the correct patch level. See Patching HP-UX systems for details (you must be signed in to view it).
The "Assessing patch requirements" feature for HP-UX provides system administrators the ability to upload current system information and run a patch assessment, which determines what if any patches are required to bring the system up to date.
Other patches available
Only patches for current HPE OS and products are directly available on the HPE Support Center. Use the links in the left nav bar to find:
- Patches for older software and hardware - links to a site containing archived patches for HPE systems and software no longer under support or no longer being patched.
- Red Hat, SUSE, and Debian Linux - links to the Linux search page, to these vendors' sites
- Windows - link to the Microsoft web site on the Windows search page, for Windows OS patches.
Patches for HP-UX, OpenVMS, Tru64 UNIX, MPE/iX
Click the links below for detailed information about patches for these operating systems:
