Best practices updating/patching Oracle Linux servers
Our security officer asked us to patch the Linux servers. There is no problem with our web servers, since they are just using binaries out of rpms.
Beside that we have a bunch of Oracle database servers (versions 11.1 and 11.2) running on Oracle Linux 5.2 to 5.7.
Is there a recommendation how to patch / update those servers to a recent version or just the "buggy" rpms. Does Oracle or someone else provide some tools? Or is it just a "try and error" thing?
What are the points I have to have in mind when preparing an update. Is there a way to evaluate if the update might fail for sure or if it may work?
I'd appreciate also comments on how you handle this "problem" in your companies.