Applying advisor security patches

Similar Messages

• Apply Latest Security Patches on Oracle Database 10g Express Edition (XE) ?

  Hi !
  I have an Oracle Database 10g Express Edition (XE) version 10.2.0.1.0 running on a Microsoft Windows 2003 SP2 server.
  I need to find and install the latest security patches on this database.
  Can someone inform me where I can find these patches and the steps for installing these patches?
  Thanks,
  Kind Regards,
  Shailesh

  Hi,
  Welcome 2 oracle forums :)
  Can someone inform me where I can find these patches and the steps for installing these patches?U can find all the latest security and all available patches on https://support.oracle.com/CSP/ --> Patches and updates tab
  Regards,
  X A H E E R

• Oracle Security Patch Error while applying --The filename, directory name,

  Hello,
  I am running into strange error while applying Oracle Security Patch 68 by using Opatch.
  Supposedly, All the environment variables are set properly.
  ACTIVE_STATE_PERL=true
  DBMS_TYPE=ORA
  dbs_ora_tnsname=YBQ
  JAVA_HOME=C:\jdk1.3.1_10
  OPATCH_DEBUG=TRUE
  ORACLE_HOME=E:\oracle\ora92
  ORACLE_SID=YBQ
  Path=E:\oracle\OPatch;C:\jdk1.3.1_10\bin;E:\oracle\Perl\bin;E:\oracle\ora92\jre\1.4.2\bin\client;E:\oracle\ora92\jre\1.4.2\bin;E:\oracle\ora92\bin;C:\Program Files\Oracle\jre\1.3.1\bin;C:\Program Files\Oracle\jre\1.1.8\bin;C:\Program Files\Common Files\VERITAS Shared;\NetBackup\bin;C:\Program Files\Windows Resource Kits\Tools\;C:\Program Files\Support Tools\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;E:\usr\sap\YBQ\SYS\exe\run
  Installed Active Perl. latest version
  downloaded Opatch 1.0.0.50
  and the patch number 3738339
  I went to that directory and run the command :
  perl opatch.pl apply
  It started of well.
  OPatch version is: 1.0.0.0.50
  Using ORACLE_HOME/oui to look up oui libs...
  Oracle Home = E:\oracle\ora92
  Location of Oracle Inventory = E:\oracle\ora92\inventory
  Oracle Universal Installer shared library = E:\oracle\ora92\oui\lib\win32\oraInstaller.dll
  Path to Java = "E:\oracle\ora92\jre\1.4.2\bin\java.exe"
  Location of Oracle Inventory Pointer = N/A
  Location of Oracle Universal Installer components = E:\oracle\ora92\oui
  Required Jar File under Oracle Universal Installer = jlib\OraInstaller.jar
  find under OH/oui/jlib
  found OraInstaller.jar
  Checking if this is a RAC system...
  Accessing inventory... This may take up to 300 seconds.
  (retry 10 times, delay 30 seconds each time)
  System Command: ""E:\oracle\ora92\jre\1.4.2\bin\java.exe" -Dopatch.retry=10 -Dopatch.delay=30 -DTRACING.ENABLED=TRUE -DTRACING.LEVEL=2 -Dopatch.debug=true -classpath "E:\oracle\ora92\oui\jlib\OraInstaller.jar;E:\oracle\ora92\oui\jlib\srvm.jar;jlib\opatch.jar;E:\oracle\ora92\oui\jlib\xmlparserv2.jar;E:\oracle\ora92\oui\jlib\share.jar;.:E:\oracle\ora92\jlib\srvm.jar" opatch/O2O "e:\oracle\ora92" "E:\oracle\ora92\oui" opatch.pl 1.0.0.0.50"
  Result:
  ----- DEBUG is ON -------
  oracle.installer.startup_location will be set to E:\oracle\ora92\oui
  oracle.installer.oui_loc will be set to E:\oracle\ora92\oui
  oracle.installer.scratchPath will be set to /tmp
  opatch.local_node_only is OFF
  retryOption is ON: 10
  delayOption is ON: 30
  Few more stuff here .. not pasting the entire contents
  System Command: ""E:\oracle\ora92\jre\1.4.2\bin\java.exe" -Dopatch.retry=10 -Dopatch.delay=30 -DTRACING.ENABLED=TRUE -DTRACING.LEVEL=2 -Dopatch.debug=true -classpath "E:\oracle\ora92\oui\jlib\OraInstaller.jar;E:\oracle\ora92\oui\jlib\srvm.jar;jlib\opatch.jar;E:\oracle\ora92\oui\jlib\xmlparserv2.jar;E:\oracle\ora92\oui\jlib\share.jar;." opatch/CheckConflict "E:\oracle\ora92\oui" "e:\oracle\ora92" opatch.pl 1.0.0.0.50 3738339 "3741539 3528282 3516951 3622875 3668572 3371796 3239873 3356103 3543125 3666502 2800494 2824035 2964252 3617042 3320622 3571233 3253770 3492040 3566469 3354470 3625370 3583686 3150750 3617519 3635177 3597640 3749394 3542588 3698501 2954891 2918138 3559212 3518909 3412818 3430832 3172282 3358490 3637624 3458446 3179637 2810394 3668224 3609791 3566813 3475932 2338704 3412136 3388633 3540576 3571226 3575743 2690205 3240280 3509265 3177513 3575747 3811906 3554319 3752406 3323435 " E:\3738339\etc\config\actions"
  Result:
  opatch.pl version: 1.0.0.0.50
  Copyright (c) 2001-2004 Oracle Corporation. All Rights Reserved.
  The filename, directory name, or volume label syntax is incorrect.
  Error in executing Java program to check conflict
  ERROR: OPatch failed during pre-reqs check.
  Now there is no problem with executing the last java program in the same prompt by removing the first and the last double quote "
  Please advise.
  Thanks in advance.

  hi somnath,
  this is the portal content management forum. for your database question please use the database forums:
  http://forums.oracle.com/forums/index.jsp?cat=18
  thanks,
  christian

• EP5 SP5 Security Patches

  We have applied MS security patches to our EP5 Install and now we are unable to logon...
  We get "The logon credentials supplied were incorrect. Make sure your user name and password are correct, and then try again." Every time the user tries to logon.
  We have uninstalled all the patches and still get the same error.
  I've reverted back to the default profile and logged on as Admin. I can browse to the Groups Root, People Root, User... Authenticate against an ADS user... However when I select this as the Current Configuration and restart the server. I get the same error...
  Any ideas?
  Regards
  Javid

  You can download any Reader updates from http://www.adobe.com/support/downloads/product.jsp?product=10&platform=Windows

• 10g security patch

  on oracle site, i searched for Security patches for version 10.2.0.2
  The search did not return anything
  search criteria:
  product: RDBMS server
  Release: Oracle 10.2.0.2
  Platform: Opracle Solaris on SPARC 64bit
  Type: Patch, PatchSet
  Classification: Security
  If i do the same search for _10.2.0.4_, it returns _1 CPU_ patch. Does this mean if I have 10.2.0.2 i do not need to apply any security patches?

  See answer for your 2nd question
  http://swervedba.wordpress.com/2011/05/30/oracle-patch-sets-psu-and-cpu/
  PSU is generally the recommended way to go as long as you are making a educated decision and it suits the needs of your business.
  thanks

• Sql server security patch

  Hi team,
  what are the main difference in sql server patch and sql serve security patch ?
  what is the sql server security patch and how to apply the security patch.

  Hello,
  For SQL Server we have SP = Service Packs and CU = Cummulative Update; both are Kind of "patches" and there is no difference if a security issue or a bug is fixed with. Both are depolyed as an installation program to apply it to a SQL Server instance.
  Olaf Helper
  [ Blog] [ Xing] [ MVP]

• The security patches of WebLogic are intended for PeopleSoft WLS version?

  Hi, I need to apply some security patches for a WebLogic 8.1 SP2 environment. But I don't know if BEA supports the PeopleSoft WLS version or PeopleSoft release its own security patches.
  Someone knows about this?

  BEA has provided several security advisory patch sets to PeopleSoft, which they apparently test in their labs and then redistribute to PeopleSoft users. It is difficult for me to determine whether the patch you are referring to contains all of the BEA security releases for WLS 8.1 SP2.
  I recommend that you contact PeopleSoft and ask for their advice. If possible, I would also recommend that you consider upgrading your WLS version instead of applying a temporary patch, subject to the limitations of what PeopleSoft will support.
  My final bit of advice would be to make sure your vendor (PeopleSoft) has tested any patch before you apply it to a production system.
  Cheers!

• How to apply Security Patch

  How do I apply the "DOS Attack" security patch for WLS 6.1 on Win2K
  Please help
  Thanks

  Balram,
  Put the jar file in the front of your classpath to apply the patch.
  Regards,
  Michael
  Stephane Kergozien wrote:
  Hi Balram,
  You will find security patches for WLS 6.1 in the following URL
  http://dev2dev.bea.com/index.jsp
  advisories and notifications Paragraph
  Regards
  Stephane
  Balram wrote:
  How do I apply the "DOS Attack" security patch for WLS 6.1 on Win2K
  Please help
  Thanks--
  Regards,
  Stephane Kergozien
  BEA Support--
  Michael Young
  Developer Relations Engineer
  BEA Support

• Hi, I don't know how to find a specific security patch to apply to my Oracle database version to fix a vulnerability

  Hi, I don't know how to find a specific security patch to apply to my Oracle database version 11.2.0.2.0 (on windows server 2003 32 bits) to fix the following vulnerability:
  Risk: High
  Application: oracle_tnslsnr
  Port: 1521
  Protocol: tcp
  Synopsis:
  It is possible to register with a remote Oracle TNS listener.
  Description:
  The remote Oracle TNS listener allows service registration from a remote host. An attacker can exploit this issue to divert data from a
  legitimate database server or client to an attacker-specified system.
  Successful exploits will allow the attacker to manipulate database instances, potentially facilitating man-in-the-middle, sessionhijacking,
  or denial of service attacks on a legitimate database server.
  Solution:
  Apply the work-around in Oracle's advisory.
  Thank you for your help

  2835604 wrote:
  Hi, I don't know how to find a specific security patch to apply to my Oracle database version 11.2.0.2.0 (on windows server 2003 32 bits) to fix the following vulnerability:
  Risk: High
  Application: oracle_tnslsnr
  Port: 1521
  Protocol: tcp
  Synopsis:
  It is possible to register with a remote Oracle TNS listener.
  Description:
  The remote Oracle TNS listener allows service registration from a remote host. An attacker can exploit this issue to divert data from a
  legitimate database server or client to an attacker-specified system.
  Successful exploits will allow the attacker to manipulate database instances, potentially facilitating man-in-the-middle, sessionhijacking,
  or denial of service attacks on a legitimate database server.
  Solution:
  Apply the work-around in Oracle's advisory.
  Thank you for your help
  that sounds like the "tns poison" vulnerability.  CVE 2012-1675 - Oracle Security Alert CVE-2012-1675
  See MOS note 134083.1  and 1453883.1

• Creating new databases after latest security patch applied

  10.2.0.4
  If I create a database AFTEr applying the opatch for the October 2009 security patch, do I need to also run:
  @catbundle.sql cpu apply
  Or is it included in the create database? I use the DBCA to create new databases.

  user8574962 wrote:
  This is what Oracle states on metalink doc id: 422303.1
  Once the bundle patch or the Critical Patch Update (CPU) patch is applied on an ORACLE_HOME should you run post-installation scripts for every newly created Oracle database using the same ORACLE_HOME?
  Solution
  This should be documented in the patch's README as the answer will vary with each patch.
  If the patch's README is not documented, then the Post Install tasks should be run.
  And this is what the OCTCPU09 README says:
  3.3.3 Post Installation Instructions for Databases Created or Upgraded after Installation of CPUOct2009 in the Oracle Home
  These instructions are for both non-RAC environments and RAC environments when a database is created or upgraded after the installation of CPUOct2009.
  You must execute the steps in Section 3.3.2.1, "Loading Modified .sql Files into the Database" for any new database only if it was created by any of the following methods:
  Using DBCA (Database Configuration Assistant) to select a sample database (General, Data Warehouse, Transaction Processing)
  Using a script that was created by DBCA that creates a database from a sample database
  Hope that helps.Point taken that it could vary by patchset, but those particular instructions quoted square exactly with what I had said. To quote with emphasis:
  "You must execute the steps . . . for any new database *only if* it was created by any of the following methods . . ."
  And what are those methods? Creating the database from a sample (pre-patch) database. If one uses dbca to create a 'custom' database, the resulting scripts will start from scratch with a CREATE DATABASE command - no pre-patch version sample or seed database involved.
  :-)

• Applying Adobe Reader 8.1.2 Security Patch on top of Adobe Pro 7.x

  Hi,
  Our firm has a number of users running Adobe Standard and Professional 7.x. These users also have Adobe Reader 8 installed simultaneously as well.
  According to the Adobe security bulletin below, the security patch for Adobe Standard and Professional 7.x will not be released until May 2008:
  http://www.adobe.com/support/security/advisories/apsa08-01.html
  Question: if we deployed Adobe Reader 8.1.2 (which addresses the same security vulnerabilities mentioned in the above link) on top of Adobe Standard and Professional 7.x, will the vulnerability be fixed? The businesses will not be upgrading to Adobe Standard / Professional 8.1.2.
  Thank you,
  Roland Thomas

  Not to make excuses or anything but, it's more than a security patch.
  http://kb.adobe.com/selfservice/viewContent.do?externalId=kb403079&sliceId=1

• Applying security patch to Oracle 10G on Linux

  Hello,
  I'm new to Oracle DBA world, need to apply security patch to Oracle 10G on Linux server, any tips and notes would be appreciated.
  thanks
  Sam

  Manish,
  1. I have to upgrade the database version from 10.2.0.2 to 10.2.0.4 on Linux, Is there any proper documentation which will help me out?Please refer to the following document.
  Note: 454750.1 - Oracle Apps Release 12 with Oracle Database 10.2.0 interoperability notes
  https://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=454750.1
  2. What are the types of oracle database patches? what is the proper procedure to apply those kind of patches to Oracle 10g on Linux?
  Most of the patches in this upgrade are database patches (which should be applied using opatch). The main upgrade patch (Patch 6810189 - 10.2.0.4 patch set) should be applied using Oracle Universal Installer (runInstaller).
  Always follow the steps in the patch README file before applying any patch.
  Regards,
  Hussein

• Determine which security patch or Critical patch update has been applied

  Hi,
  Anyone know how to determine which security patch or Critical patch update has been applied to the database? For Unix and also Win 2000k database server..
  Thank You

  Use the lsinventory command of opatch (Oracle's patch
  installation tool) to list the patches installed.
  If you have Perl and opatch installed, this is simply
  a matter of typing:
  opatch lsinventory
  from the command line.
  For further information on opatch, see metalink note
  293369.1
  Hope this helps.
  Kailash.

• XE and Security Patches

  We have a group of SOA Suite developers uisng Oracle XE 10 locally on laptops. We are getting advised by IT security that securiy patches are needed.
  We are looking at following options - Apply security patches to XE 10 , upgrade to XE 11 or move to Oracle Standard DB.
  A couple of questions:
  1. Are security patches available for XE 10? If so, where do you get the patches?
  2. Would moving to XE 11 include security patches?
  Appreciate any input.
  Thanks

  1) No, XE cannot be patched.
  2) For 11g, same answer, there are no security patch sets available for any XE.
  11g might have security patches up to the time it was released but there have been several patches released since. If the security patches are needed a different edition is required.

• Latest Security Patch for Oracle DB 10.2.0.4 on 11.5.10.2 environment

  We have SUNOS 5.10 with database 10.2.0.4 on 11.5.10.2 environment. The requirement is to patch latest security patch.
  last patch was done 17-FEB-2009 ( retrived from registry$history). So, i would like to apply the latest security patch.
  Please somebody let me know which one is the latest patch to be applied for this environment.
  Thanks
  Dheeru

  Hi Hussein,
  The customer can install CPU Patch or PSU Patch on top of 10.2.0.4. I agree with you but I think you are misunderstanding for what I am trying to say. Why not go for the latest Patch Set 4 (10.2.0.5) and then apply CPU Patch 9952270 or PSU Patch 9952230 on top of it (recommended). Every quarter, Oracle provides Critical Patch Updates (CPU) to address security vulnerabilities, and Patch Set Updates (PSU) to address proactive, critical fixes and security vulnerabilities. When deciding for CPU or PSU, please consider the following guidelines:
  Critical Patch Updates and Patch Set Updates
  The Patch Set Updates and Critical Patch Updates that are released each quarter contain the same security fixes. However, they use different patching mechanisms, and Patch Set Updates include both security and recommended bug fixes. Consider the following guidelines when you are deciding to apply Patch Set Updates instead of Critical Patch Updates.
  1) Critical Patch Updates are applied only on the base release version, for example 10.2.0.4.0.
  2) Patch Set Updates can be applied on the base release version or on any earlier Patch Set Update. For example, 11.1.0.7.2 can be applied on 11.1.0.7.1 and 11.1.0.7.0.
  3) Once a Patch Set Update has been applied, the recommended way to get future security content is to apply subsequent Patch Set Updates. Reverting from an applied
  Patch Set Update back to the Critical Patch Update, while technically possible, requires significant time and effort, and is not advised.
  Regards,
  Shahid