Oracle Critical Patch Update Advisory - January 2013
Hi all,
11.2.0.3
Oracle Critical Patch Update - January 2013
I am confused about CPU, PSU, SPU, USP. I am reading the docs and it seems they are same thing being rambled?
Which of them is the most important to apply?
Thanks,
PetraK
Thanks gotti and fahd
I already ask the support and he gave me docs to follow. But the more I am confused with lots of added process.
Can you validate if the process is correct? My Goal is just to comply with our IT Sec Auditor to apply the latest patch. The auditor does not even know what is the name of the patch as long as it the current updates. So I think he is referring to PSU or SPU or CPU.
This is the process I got from support:
1 Appy Oracle Database Patch Set Update (11.2.0.3.8)
1.1 Download and install latest RDA and run and send the output.
1.2 Download and install latest OPatch and list the current inventory.
1.3 Check java version
1.4 Check and Resolve PSU conflict
1.5 Backup the current OracleHome as "root"
1.6 Stop Listener, EM, and all DB Instances
1.7 Apply PSU
1.8 Resolve errors if any.
End.
So It seems I only need to apply PSU? which is 11.2.0.3.8?
Similar Messages
-
Oracle Critical Patch Update Advisory - January 2011
Hello
I would like to install the critical update patch January 2011 located at
http://www.oracle.com/technetwork/topics/security/cpujan2011-194091.html#PIN
However, I found that the links that I required and mostly (Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5)
are dead (503 Service Unavailable)
Where can I download the patch??
Thanks
NeonThe links on the page lead to
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1263374.1
which is a Oracle support site and you need your metalink login credentials to be able to access this.
I have successfully navigated to the Oracle support site with my CSI and am able to initiate the download. -
Critical: Oracle Critical Patch Update Advisory - April 2015
Hi,
I have 11.2.0.3 RDBMS for one of my client. not using OJVM. In this case should i be worried to apply this CPU?
Any view point will be great help to me in understanding. Thanks in advance.
Some of the fixes are listed here under this patch set:
http://www.oracle.com/technetwork/topics/security/cpuapr2015-2365600.html#AppendixDB
Regards
BhullarHi,
you cannot apply the CPU and the PSU, the PSU has additional important fixes in addition to the same security related fixes inside the CPU patch,
this means you will have to choose between i and ii (recommended: ii) and the others can be applied together.
greetings,
Harm ten Napel
Edited by: hnapel on Jan 29, 2013 6:40 AM -
Oracle Critical Patch Update - July 2008
Hi All,
How I can get the information about bug fixed in Oracle Critical Patch Update - July 2008?
or send me any link...
Thanks..Well, it all depends on which specific release you are talking about. CPU's are provided for Oracle 9iR2 (9.2.0.8.0) up to the latest available oracle version. They are also available for other non RDBMS oracle products.
If you want to get information about CPU's you may take a look at this reference: --> Oracle Critical Patch Update Advisory - July 2008, from this point on you can drill down to find out information about your specific oracle version.
This information is publicly available and up to this point you don't need a support contract to review this information. Support contracts are required when you plan to download the specific patch pointed by the CPU document, and it depends not only on the Oracle release, but also on the particular OS platform.
~ Madrid
http://hrivera99.blogspot.com -
Hi Critical Patch Update CPU January,
Our oracle database 10.2.0.4 on windows 32 bit ...I need to apply the patch from Critical Patch Update (CPU) January 2012,
I searched in metalink I am unable to find the exact patch no.Please anybody tell me patch no...I am sorry about my englishHi Srini,
I have on more question ,We have rman full backup in tape,Application people (Infractrure manager) have doubt backup is valid or not,,,So He is telling create one database restore the full backup.
Backup contais.
datafiles ,controlfiles,spfile
Please let me know What are the steps I need to take,
May continue this link or create one new thread
Edited by: Pavan L on Mar 14, 2012 11:36 PM -
Critical Patch Update Advisory - June 2011
In the Oracle Java SE Risk Matrix table below, the Supported Versions column for CVE-2011-0869 says "6 Update 26 and before",
Shouldn't this say ""6 Update 25 and before"?
Oracle Java SE Critical Patch Update Advisory - June 2011
http://www.oracle.com/technetwork/topics/security/javacpujune2011-313339.html
Thanks .The links on the page lead to
https://support.oracle.com/CSP/main/article?cmd=show&type=NOT&id=1263374.1
which is a Oracle support site and you need your metalink login credentials to be able to access this.
I have successfully navigated to the Oracle support site with my CSI and am able to initiate the download. -
Oracle Critical Patch Update July 2009 for Oracle BEA Releases
Hi All,
Researching in metalink about CPU's for WLS 9.1 I found Oracle Support Note #835668.1. Table 9 of this document
lists minimum product requirements for WebLogic server.
According to this table WLS 9.1 should have a minimum version of 9.2MP3.
I am confident that WLS 9.1 and WLS 9.2 are completely different WLS versions and there is no upgrade path from WLS 9.1 to WLS 9.2.
Is this table misprinted or is it required to replace all WLS 9.1 installations with WLS 9.2 installations?
What is this table trying to indicate?
Please assist.
It would be very helpful.
Thanks.Oracle Critical Patch Update fix a list of bugs , oracle will release CPU in every three months interval.
you need to click the link which oracle has sent.
then choose your database version===then select the patch number===then on metalink download the patch
with patch there is read me file which tell you how to apply the patch on the database.
Thanks
Regards,
Taj -
Oracle Critical Patch Update for Oracle Database 10g Release 10.2.0.3.0
Hi,
The [ Oracle Critical Patch Update for April 2012 was released on April 17th, 2012|http://www.oracle.com/technetwork/topics/security/cpuapr2012-366314.html] , wherein it was stated that below list versions will get affected.
Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
Currently I am using
BANNER
Oracle Database 10g Release 10.2.0.3.0 - 64bit Production
Can anyone tell me, difference between
Oracle Database 10g Release 2, versions 10.2.0.3 with Oracle Database 10g Release 10.2.0.3.0
I am much concerned whether to apply patch for 10.2.0.3.0, wherein the affected version is Oracle Database 10g Release 2, versions 10.2.0.3
Thanks,
Samuser12983673 wrote:
Can anyone tell me, difference between
Oracle Database 10g Release 2, versions 10.2.0.3 with Oracle Database 10g Release 10.2.0.3.0There is no difference -- you use version 10.2.0.3 which is affected by last CPU. -
Hi All,
Someone please tell me how importance of Oracle Critical Patch Update ?
Which is released by oracle at 3 month interval .
It will be really helpful for me.
Thanks in advance :)Hi;
Someone please tell me how importance of Oracle Critical Patch Update ?
Which is released by oracle at 3 month interval .All cover at below link
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Mainly;Critical Patch Updates are the primary means of releasing security fixes for Oracle products to customers with valid support contracts. Its mean it fixes security issue on your Oracle related products for attacks,hacks etc..
Its important to apply those patches,please check link all infos exist there
Regard
Helios -
Oracle Critical Patch Update July 2009
Dear Team,
Oracle has sent us the following patch update
Oracle Critical Patch Update July 2009
Please help us to understand the need of applying the patch.
Many thanks in advance
AjOracle Critical Patch Update fix a list of bugs , oracle will release CPU in every three months interval.
you need to click the link which oracle has sent.
then choose your database version===then select the patch number===then on metalink download the patch
with patch there is read me file which tell you how to apply the patch on the database.
Thanks
Regards,
Taj -
Where do we find the patch for Express user downloads? The Oracle Critical Patch Update site requires a valid support license.
XE is not patch-able - there is no support available.
-
Oracle Critical Patch Update April 2008
Yesterday I have got email from oracle regarding CPU patch availablity of 2008. Just curious where we can get the exact details for that patch...? which bugs is fixed ? What's the correct number for any OS ? Is there any metrics available for that ? I have not get enough information on Metalink.
Please, please, please, please, follow the links provided in the mail for your product!! (http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2008.html)
You would have hit note 552248.1 on Metalink.
Did you read it?
Within 2 seconds I can see various matrices of patch numbers.
As the CPU is provided by Metalink, why don't you submit a SR with your concerns?
Sybrand Bakker
Senior Oracle DBA -
Oracle Critical Patch Update - CPUJul2010
Based on Oracle documentation 'Oracle® Database Server Version 10.2.0.4 Patch 38' CPU for Windows 2008 x64, the following requirements need to be met;
1.1 System Requirements
The following are the system requirements for this bundle patch:
* Hardware requirement: AMD64, or Intel Extended memory (EM64T)
* Operating system requirement:
o Windows Server 2003, Standard x64 Edition
o Windows Server 2003, Enterprise x64 Edition
o Windows Server 2003, Datacenter x64 Edition
o Windows Server 2003 R2, Standard x64 Edition
o Windows Server 2003 R2, Enterprise x64 Edition
o Windows Server 2003 R2, Datacenter x64 Edition
o Windows XP Professional x64 Edition
o Windows Server 2008 Standard x64 Editions
o Windows Server 2008 Enterprise x64 Editions
o Windows Server 2008 Data Center x64 Editions
o Windows Vista with Service Pack 1 or later x64 Edition
Does the Windows Server 2008 x64 Editions imply that R2 is included? Windows Server 2008 R2 was not included in the previous patch.Hi,
Critical Patch Update July 2010 Patch Availability Document for Oracle Products [ID 1089044.1]
I think it does not imply.
Regards, -
2 Critical Patch Updates in January 2012
hi
we've got CPUs on
January 17th, 2012, January 31st, 2012
is it necessary to apply both of the CPUs or just the latest?
I have Oracle RAC 11.2.0.3 on Windows 2008 R2.
OK, I've found eventually a section about this:
2 Patch Information
Bundle patches are cumulative, which means fixes from previous Oracle security alerts and Bundle patch updates are included. It is not required to have previous security patches applied before applying the Bundle patches. However, you must be on the stated patch set level for a given product home before applying the Bundle patches for that release
Edited by: g777 on 2012-03-22 10:24g777 wrote:
hi
we've got CPUs on
January 17th, 2012, January 31st, 2012
is it necessary to apply both of the CPUs or just the latest?
I have Oracle RAC 11.2.0.3 on Windows 2008 R2.
OK, I've found eventually a section about this:
2 Patch Information
Bundle patches are cumulative, which means fixes from previous Oracle security alerts and Bundle patch updates are included. It is not required to have previous security patches applied before applying the Bundle patches. However, you must be on the stated patch set level for a given product home before applying the Bundle patches for that release
Edited by: g777 on 2012-03-22 10:24All molecules before that will be covered in PSU, so instead of going with CPU go with PSU patches. which is cumulative. -
Oracle Critical Patch Update - July 2012
I need to apply this Critical Patch in my databases but I have a doubt about if the component that I find out in the documentation is the component where the fix has to be applied or doesn't matter and I have to apply this fix on all my installations.
CVE# Component
CVE-2012-1740 - Oracle Application Express Listener
CVE-2011-3192 - Apache
CVE-2012-1737 - Enterprise Manager for Oracle Database
CVE-2012-1745 - The vulnerability affects Microsoft Windows platforms only.
CVE-2012-1746 - The vulnerability affects Microsoft Windows platforms only.
CVE-2012-1747 - The vulnerability affects Microsoft Windows platforms only.
CVE-2012-3134 - The vulnerability affects Microsoft Windows platforms only.
CVE-2011-4885 - PHP- OS Platforms Solaris 10, Linux Suse and Linux Red Hat 5.6
- Databases' version that we have are 10.2.0.2, 10.2.0.3, 10.2.0.4, 11.1.0.7, 11.2.0.1 and 11.2.0.2
- Don't use EBS or other component
- When I checked the documentation I had doubt with the Oracle Database Risk Matrix about the component and if I have to apply those patches.
Maybe you are looking for
-
The hotmail address i use for my apple ID was hacked and i no longer have access to it, this is stopping me from accessing any of my icloud or itunes. how can i fix this?
-
Icloud and existing photo albums
I updated my ipad 2 and iphone 4 to ios 5, move all my pictures and created different albums. After doing that, I enabled Icloud and photostream and realize that I can't move new pictures to my already existing albums. The only way I can move the pi
-
Sever Session Cache, Read-Only
Since the objects in the server cache are shared, we should not modify the objects in cache. We are thinking of enforcing this in a programmatic way. Does TopLink have a plan to enhance the current caching capability by allowing user to config the ca
-
I want to what is a Rollout Project. In this a Development i.e Custom Programs need to be developed. Or is it a modification to a standard programs. Could you please give me details of it.
-
I am unable to shut down my macbook pro because I am unable to shut down my IPhoto app. Help!!