微信公众号:云库管    www.yunDBA.com

北京云库管科技有限公司 (内部培训资料) 返回上级

 

PDF文档下载

 

 


 

Patch Set Update and Critical Patch Update July 2014 Availability Document (Doc ID 1666884.1)

To Bottom


APPLIES TO:

Oracle HTTP Server - Version 11.1.1.7.0 to 11.1.1.7.0 [Release Oracle11g]
Oracle Secure Enterprise Search - Version 11.2.2.2.0 to 11.2.2.2.0
Information in this document applies to any platform.

PURPOSE

This document defines the patches and minimum releases for the Database Product Suite, Fusion Middleware Product Suite, Exalogic, and Enterprise Manager Suite Critical Patch Updates and Patch Set Updates released on July 15, 2014.

DETAILS

Patch Set Update and Critical Patch Update July 2014 Availability Document

 

 

My Oracle Support Note 1666884.1

Released July 15th, 2014

This document contains the following sections:

·         Section 1, "Overview"

·         Section 2, "What's New in July 2014"

·         Section 3, "Patch Availability for Oracle Products"

·         Section 4, "Final Patch History"

·         Section 5, "Sources of Additional Information"

·         Section 6, "Modification History"

·         Section 7, "Documentation Accessibility"

1 Overview

Oracle provides quarterly Security Patch Updates (SPU) to address security vulnerabilities, and Patch Set Updates (PSU) to address proactive, critical fixes and security vulnerabilities. The security vulnerabilities addressed are announced in the Advisory for July 2014, available at:

http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

This document lists the Oracle Database, Fusion Middleware and Enterprise Manager SPU and PSU patches for product releases under error correction. The July 2014 release supersedes earlier Critical Patch Updates and Patch Set Updates for the same product releases. This document is subject to continual update after the initial release, and the changes are listed in Section 6, "Modification History." If you print this document, check My Oracle Support to ensure you have the latest version.

This section contains the following:

·         Section 1.1, "How To Use This Document"

·         Section 1.2, "Terminology in the Tables"

·         Section 1.3, "On-Request Patches"

·         Section 1.4, "CPU Program and My Oracle Support Patch Recommendations"

·         Section 1.5, "Oracle Database Security Patch Updates and Patch Set Updates"

1.1 How To Use This Document

The following steps explain how to use this document.

Step 1   Assess your Environments

Determine the Oracle product suites and products and their release numbers for each of your environments.

Step 2   Read Important Announcements

Review Section 2, "What's New in July 2014," as it lists documentation and packaging changes along with important announcements such as upcoming final patches.

Step 3   Determine Patches to be Applied

For each environment, determine which patches need to be applied by using the tables in Section 3, "Patch Availability for Oracle Products." There is one availability table for each product suite release, such as Oracle Database 11.1.0.7, Oracle Fusion Middleware 11.1.1.5.0, and Enterprise Manager Grid Control 10.2.0.5

·         The table lists the patches to be applied either to the product or to the appropriate product Oracle homes that are associated with the product suite

·         The patches are listed in the order released, with newest patches listed first

·         For some patches, multiple Oracle homes are listed. Apply the patch to all of the homes indicated that are applicable to your environment and only to the listed Oracle homes

·         The table lists only product releases that are under Premier Support or Extended Support and are under error correction as defined in My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy. Patches are provided only for these releases. If you do not see the release that you have installed, then check Table 165, "Final Patch History" and contact Oracle Support for further assistance

·         Patches that include security vulnerabilities announced in the current quarter's CPU Advisory, list the vulnerability CVE numbers in the Advisory Number column. If you are interested in the risk matrix for the vulnerabilities fixed in the patch, then see the CPU Advisory at http://www.oracle.com/technetwork/topics/security/alerts-086861.html. For patches that are listed from previous quarterly releases, or the current one without any security fixes, the column indicates "Released MMM YYYY"

·         When a section is referenced in a table, follow the link to determine which patches to install. For example, when Section 3.1.4, "Oracle Database" is referenced, determine the Oracle Database release that is installed, and find the patches to apply in the table for that Oracle Database release in Section 3.1.4, "Oracle Database."

Step 4   Apply the Patches

Download the patches, review the READMEs, and apply the patches according to the instructions.

Step 5   Planning for Future Critical Patch Updates

To help you plan for future Critical Patch Updates, this document includes final patch information based on Oracle's Lifetime Support Policy and error correction policies.

Section 2.3, "Final Patch Information (Error Correction Policies)" in Section 2, "What's New in July 2014," documents product releases for which final Critical Patch Updates are upcoming or are being announced. In each product section, there is also an Error Correction Information Table that documents the final CPU patch for the product. Products that have reached the end of error correction are documented in Section 4, "Final Patch History."

1.2 Terminology in the Tables

The following terminology is used in this patch availability document and in the subsequent tables.

·         BP Bundle Patch. An iterative, cumulative patch that is issued between patch sets. Bundle patches usually include only fixes, but some products may include minor enhancements.

·         CPU Critical Patch Update patch. Prior to October 2012, Security Patch Update (SPU) patches were called Critical Patch Update (CPU) patches. For patches that were previously released as CPU patches, this Patch Availability Document will continue to reference them as CPUs.

·         Final Patch is the last quarterly cycle until when patches will be provided as per the Premier Support or Extended Support policies. For more information, see Oracle Lifetime Support Policies at http://www.oracle.com/us/support/lifetime-support/index.html.

·         NA Not Applicable.

·         OR On-Request. The patch is made available through the On-Request program.

·         PSU Patch Set Update. An iterative, cumulative patch that contains both security fixes and non-security critical fixes that are high-value and low-risk.

·         SPU Security Patch Update. An iterative, cumulative patch consisting of security fixes. Formerly known as a Critical Patch Update. Note that Oracle's program for quarterly release of security fixes continues to be called the Critical Patch Update. Patches released as part of this program may be Patch Set Updates, Security Patch Updates, and Bundle Patches. Regardless of the patch type, the patches are cumulative.

·         Overlay SPU patch provided as an overlay on top of a PSU or BP instead of a base/patch set release.

1.3 On-Request Patches

Oracle does not release proactive patches for historically inactive platforms. However, Oracle will deliver these patches when requested.

The following guidelines describe how to initiate an on-request (OR) patch.

A request may be made:

·         At any time. However, a patch for a specific quarterly release, such as CPUOct2012, cannot be requested. Depending on when the request is received and processed, either the patch for the current quarterly release or the next quarterly release will be provided. Your Service Request (SR) will provide you the planned availability date for the patch.

·         As long as the version is in either Premier Support or Extended Support and error correction support has not expired. For example, if a product release is under Extended Support through the release of CPUJan2013 on January 15, 2013, then you can file a request for the product release through January 29, 2013. For more information, see Oracle Lifetime Support Policies at http://www.oracle.com/us/support/lifetime-support/index.html, and Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

·         For a platform-version combination when a major release or patch set is released on a platform after a quarterly release date. Oracle will provide the next patch for that platform-version combination, however you may request the current patch by following the on-request process. For example, if a patch is released for a platform on August 1, 2012, Oracle will provide the CPUOct2012 patch for that platform. You may request a CPUJul2012 patch for the platform, and Oracle will review the request and determine whether to provide CPUJul2012 or CPUOct2012.

A patch that is marked as on-request (OR) may already have been requested by another customer and be available on My Oracle Support. Before you file a Service Request (SR), check on My Oracle Support to see if the patch is already available for your platform.

1.4 CPU Program and My Oracle Support Patch Recommendations

My Oracle Support patch recommendation features are available on the Patches & Update tab. The patches announced in this document as part of the CPU program are classified as "Security" patch recommendations in My Oracle Support. If a new patch is being announced in this document, then the classification on any earlier patch is changed to "General", causing it to be removed from the My Oracle Support patch recommendations. If a patch has a "Security" classification, and a subsequent bundle, SPU, or PSU is released with a recommendation classification, then it will be classified as a "Security" recommendation in My Oracle Support.

Once a product release is no longer in error correction, its CPU patch information is removed from this document, but the last patch recommendation continues to be available in My Oracle Support.

1.5 Oracle Database Security Patch Updates and Patch Set Updates

The Database Security Patch Updates and Patch Set Updates that are released each quarter contain the same security fixes. However, they use different patching mechanisms, and Patch Set Updates include both security and recommended bug fixes. Consider the following guidelines when you are deciding to apply Patch Set Updates instead of Security Patch Updates:

·         Security Patch Updates are applied only on the base release version, for example 10.2.0.4.0

·         Patch Set Updates can be applied on the base release version or on any earlier Patch Set Update. For example, 11.1.0.7.2 can be applied on 11.1.0.7.1 and 11.1.0.7.0

·         Once a Patch Set Update has been applied, the recommended way to obtain future security content is to apply subsequent Patch Set Updates. Reverting from an applied Patch Set Update to the Security Patch Update, while technically possible, requires significant time and effort, and therefore, is not advised. You would need to determine which individual, non-security patches that are included in the Patch Set Update are pertinent to your deployment, and then apply them after installing the Security Patch Update.

·         Applying a Security Patch Update on an installation with an installed Patch Set Update is not supported

For more information on Patch Set Updates, see My Oracle Support Note 854428.1, Patch Set Updates (PSUs) for Oracle Products.

2 What's New in July 2014

This section describes important changes in July 2014:

·         Section 2.1, "Changes in Cloud Application Foundation Components"

·         Section 2.2, "New MOS Conflict Checker Tool"

·         Section 2.3, "Final Patch Information (Error Correction Policies)"

·         Section 2.4, "Post Release CPU and PSU Patches"

2.1 Changes in Cloud Application Foundation Components

Beginning in October 2014 the Cloud Application Foundation (CAF) components (Java SE, JRockit, WLS, Coherence and Oracle Traffic Director) will no longer be included as a part of the Exalogic PSU. Further details will be provided in October 2014.

2.2 New MOS Conflict Checker Tool

A new Conflict Checker tool will be available in the next release of My Oracle Support (21-July-2014).

This tool will be accessible from the Patch Search results screen ("Analyze with OPatch" button) and allows you to upload an OPatch inventory and to check the patches for conflicts that you want to apply to your environment. If no conflicts are found, you can download the patches. If conflicts are found, the tool finds an existing resolution to download. If no resolution is found, you can request a solution, and monitor your request in the Plans region.

For more information and a demonstration video, see Knowledge Document Note 1091294.1, How to use the My Oracle Support Conflict Checker Tool.

2.3 Final Patch Information (Error Correction Policies)

The Final patch is the last CPU or PSU release for which the product release is under error correction. Final patches for upcoming releases, as well as newly scheduled final patches, are listed in the following sections.

Final patches scheduled for October 2014:

·         Oracle Database Management Plug-in 12.1.0.4

·         Oracle Enterprise Manager Grid Control 10.2.0.5

·         Oracle WebGate 10.1.4.3.0

Final patches scheduled for July 2014:

·         Oracle Business Process Management 6.0.5

·         Oracle Complex Event Processing and WebLogic Event Server EVS 2.0

·         Oracle WebCenter Portal 11.1.1.7

·         Oracle WebLogic Portal 10.3.5

Newly Scheduled final patches:

·         Oracle Enterprise Manager Cloud Control 12.1.0.3 - April 2015

For additional final patch history information, see Table 165. For information on the error correction support policy for patches, refer to My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

2.4 Post Release CPU and PSU Patches

The following are post-release patches with their estimated release dates.

·         iPlanet Web Server 7.0.2

Microsoft Windows patches: Available October 21, 2014

·         iPlanet Web Proxy Server

Microsoft Windows patches: Available July 29, 2014

·         Quarterly Full Stack download for Exadata (July 2014) 12.1.0.1 BP Patch 19069261

Available July 22, 2014

·         Quarterly Full Stack download for Exadata (July 2014) BP Patch 19067488

Available July 22, 2014

·         Quarterly Full Stack download for Exadata (July 2014) 11.2.0.3 BP Patch 19067489

Available July 22, 2014

3 Patch Availability for Oracle Products

This section contains the following:

·         Section 3.1, "Oracle Database"

·         Section 3.2, "Oracle Enterprise Manager"

·         Section 3.3, "Oracle Fusion Middleware"

·         Section 3.4, "Oracle Sun Middleware"

·         Section 3.5, "Tools"

3.1 Oracle Database

This section contains the following:

·         Section 3.1.1, "Oracle APEX Listener"

·         Section 3.1.2, "Oracle Application Express"

·         Section 3.1.3, "Oracle Audit Vault"

·         Section 3.1.4, "Oracle Database"

·         Section 3.1.5, "Oracle Database Appliance"

·         Section 3.1.6, "Oracle Database Mobile/Lite Server"

·         Section 3.1.7, "Oracle GoldenGate Veridata"

·         Section 3.1.8, "Oracle Secure Backup"

·         Section 3.1.9, "Oracle Secure Enterprise Search"

·         Section 3.1.10, "Oracle TimesTen"

3.1.1 Oracle APEX Listener

Table 1 describes the Error Correction information for Oracle APEX Listener 1.1.4.

Table 1 Error Correction information for Oracle APEX Listener 1.1.4

Patch Information

1.1.4

Comments

Final Patch

-

 

Table 2 describes the minimum product requirements for Oracle APEX Listener. Critical Patch Update security vulnerabilities are fixed in the listed releases. For Oracle APEX Listener downloads and installation instructions, see http://www.oracle.com/technetwork/developer-tools/apex-listener/downloads/index.html.

Table 2 Minimum Product Requirements for Oracle APEX Listener

Component

Release

Advisory Number

Comments

Oracle APEX Listener

1.1.4

Released July 2012

 

3.1.2 Oracle Application Express

Table 3 describes the Error Correction information for Oracle Application Express.

Table 3 Error Correction information for Oracle Application Express

Patch Information

4.2

Comments

Final Patch

October 2017

 

Table 4 describes the minimum product requirements for Oracle Application Express. Critical Patch Update security vulnerabilities are fixed in the listed releases. For Oracle Application Express downloads and installation instructions, see http://www.oracle.com/technology/products/database/application_express/download.html.

Table 4 Minimum Product Requirements for Oracle Application Express

Component

Release

Advisory Number

Comments

Oracle Application Express

4.2.1.00.08

Released April 2013

 

3.1.3 Oracle Audit Vault

Table 5 describes the Error Correction information for Oracle Audit Vault.

Table 5 Error Correction information for Oracle Audit Vault

Patch Information

10.3

Comments

Final Patch

October 2016

 

Table 6 describes the available patches for Oracle Audit Vault 10.3.0.0.

Table 6 Patch Availability for Oracle Audit Vault 10.3.0.0

Product Home

Patch

Advisory Number

Comments

Oracle Audit Vault Embedded Database 11.2.0.3 for Server and Agent home

See Section 3.1.4.4, "Oracle Database 11.2.0.3"

See Section 3.1.4.4, "Oracle Database 11.2.0.3"

 

Agent home

CPU Patch 13894921 and

CPU Patch 13705483

Released April 2012

Standalone OC4J 10.1.3.4 Patch Set (Special OPatch needed, see README)

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

Server home

CPU Patch 13705483

Released April 2012

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

3.1.4 Oracle Database

This section contains the following:

·         Section 3.1.4.1, "Patch Availability for Oracle Database"

·         Section 3.1.4.2, "Oracle Database 12.1.0.1.4"

·         Section 3.1.4.3, "Oracle Database 11.2.0.4"

·         Section 3.1.4.4, "Oracle Database 11.2.0.3"

·         Section 3.1.4.5, "Oracle Database 11.1.0.7"

3.1.4.1 Patch Availability for Oracle Database

For Oracle Database 10.2.0.4 and later releases, customers have the option to install the Security Patch Update (SPU) or the Patch Set Update (PSU). Both patch types are cumulative patches. The PSU includes the security vulnerability bug fixes, as well as additional non-security bug fixes recommended by Oracle. For more information on PSU patches, see My Oracle Support Note 854428.1, Patch Set Updates (PSUs) for Oracle Products.

For the Microsoft Windows platforms, Oracle Database patches are released as cumulative patch bundles. You may install the indicated patch or later bundle in the Database Windows bundle series. The Windows patch bundles include the security vulnerability bug fixes, the PSU recommended non-security bug fixes, and other customer-requested bug fixes.

3.1.4.2 Oracle Database 12.1.0.1.4

Table 7 describes the Error Correction information for Oracle Database 12.1.0.1.4.

Table 7 Error Correction information for Oracle Database 12.1.0.1.4

Patch Information

12.1.0.1.4

Comments

Final Patch

-

 

PSU On-Request platforms

 

 

Table 8 describes the available patches for Oracle Database 12.1.0.1.4.

Table 8 Patch Availability for Oracle Database 12.1.0.1.4

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Database 12.1.0.1.4 PSU Patch 18522516, or

GI 12.1.0.1.4 PSU Patch 18705901 for Linux x86-64, Solaris X64 & Solaris SPARC, or

GI 12.1.0.1.4 PSU Patch 18705972 for AIX, HP IA & zLinux

Microsoft Windows 32-Bit & x86-64 BP 11 Patch 19062327, or later;

Quarterly Full Stack download for Exadata (July 2014) 12.1.0.1 BP Patch 19069261

CVE-2013-3751, CVE-2013-3774, CVE-2014-4236, CVE-2014-4237, CVE-2014-4245

GI 12.1.0.1.4 PSU Patch 18705901 is applicable to Exadata database servers running Oracle Database 12.1.0.1. For more information, see Note 888828.1

GI 12.1.0.1.4 PSU Patch 18705972 for AIX, HP IA & zLinux only contains DB PSU 12.1.0.1.4 sub-patch and no clusterware sub-patches

3.1.4.3 Oracle Database 11.2.0.4

Table 9 describes the Error Correction information for Oracle Database 11.2.0.4.

Table 9 Error Correction information for Oracle Database 11.2.0.4

Patch Information

11.2.0.4

Comments

Final Patch

January 2018

 

SPU On-Request platforms

HP-UX PA RISC

IBM: Linux on System Z

32-bit client-only platforms except Linux x86

 

PSU On-Request platforms

32-bit client-only platforms except Linux x86

 

Table 10 describes the available patches for Oracle Database 11.2.0.4.

Table 10 Patch Availability for Oracle Database 11.2.0.4

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Database 11.2.0.4 SPU Patch 18681862, or

Database 11.2.0.4.3 PSU Patch 18522509, or

GI 11.2.0.4.3 PSU Patch 18706472, or

Microsoft Windows (32-Bit) & x64 (64-Bit) BP 7 Patch 18842982, or later;

Quarterly Database Patch for Exadata (July 2014) 11.2.0.4.9 BP Patch 18840215, or

Quarterly Full Stack download for Exadata (July 2014) BP Patch 19067488

CVE-2014-4236, CVE-2014-4237, CVE-2014-4245

 

3.1.4.4 Oracle Database 11.2.0.3

Table 11 describes the Error Correction information for Oracle Database 11.2.0.3.

Table 11 Error Correction information for Oracle Database 11.2.0.3

Patch Information

11.2.0.3

Comments

Final Patch

July 2015

 

SPU On-Request platforms

HP-UX PA RISC

IBM: Linux on System Z

32-bit client-only platforms except Linux x86

 

PSU On-Request platforms

32-bit client-only platforms except Linux x86

 

Table 12 describes the available patches for Oracle Database 11.2.0.3.

Table 12 Patch Availability for Oracle Database 11.2.0.3

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Database 11.2.0.3 SPU Patch 18681866, or

Database 11.2.0.3.11 PSU Patch 18522512, or

GI 11.2.0.3.11 PSU Patch 18706488, or

Quarterly Database Patch for Exadata (July 2014) 11.2.0.3.24 BP Patch 18835772, or

Quarterly Full Stack download for Exadata (July 2014) 11.2.0.3 BP Patch 19067489, or

Microsoft Windows 32-Bit BP 32 Patch 18940193, or later

Microsoft Windows x86-64 BP 32 Patch 18940194, or later

CVE-2014-4245

 

Oracle Database home

CPU Patch 13705478

Released April 2012

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

3.1.4.5 Oracle Database 11.1.0.7

Table 13 describes the Error Correction information for Oracle Database 11.1.0.7.

Table 13 Error Correction information for Oracle Database 11.1.0.7

Patch Information

11.1.0.7

Comments

Final Patch

July 2015

 

SPU On-Request platforms

-

 

PSU On-Request platforms

-

 

Table 14 describes the available patches for Oracle Database 11.1.0.7.

Table 14 Patch Availability for Oracle Database 11.1.0.7

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Database 11.1.0.7 SPU Patch 18681875, or

Database 11.1.0.7.20 PSU Patch 18522513, or

Microsoft Windows (32-Bit) BP 57 Patch 18944207, or later

Microsoft Windows x86-64 BP 57 Patch 18944208, or later

CVE-2014-4245

Patches also applicable to Fusion Middleware 11.1.1.x and 11.1.2.x installations

Oracle Database home

OHT BP Patch 16801095

Released July 2013

OHT BP 10.1.3.5 for DB Control

Oracle Database home

CPU Patch 13705478

Released April 2012

OC4J 10.1.3.3 one-off patch (Special OPatch needed, see README)

Oracle CRS home

CRS 11.1.0.7.7 PSU Patch 11724953

Released April 2011

Non-security content only

Oracle Database home

CPU Patch 9288120

Released April 2011

Database UIX

For Oracle Secure Enterprise Search 11.1.2.x installations, follow the instructions in Note 1359600.1

Oracle Database home

CPU Patch 10073948

Released April 2011

Enterprise Manager Database Control UIX

Not applicable to Oracle Secure Enterprise Search 11.1.2.x

Oracle Database home

CPU Patch 11738232

Released April 2011

Warehouse Builder

Not applicable to Oracle Secure Enterprise Search 11.1.2.x

3.1.5 Oracle Database Appliance

Table 15 describes the minimum product requirements for Oracle Database Appliance. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle Database Appliance downloads and installation instructions can be found at http://www.oracle.com/technetwork/server-storage/engineered-systems/database-appliance/overview/index.html.

Table 15 Minimum Product Requirements for Oracle Database Appliance

Component

Release

Advisory Number

Comments

Oracle Database Appliance

2.10.0.0.0

Released April 2014

 

3.1.6 Oracle Database Mobile/Lite Server

Table 16 describes the Error Correction information for Oracle Database Mobile/Lite Server.

Table 16 Error Correction Information for Oracle Database Mobile Server

Patch Information

11.1 (Mobile Server)

10.3 (Lite Server)

Comments

Final Patch

October 2019

October 2015

 

Table 17 describes the available patches for Oracle Database Mobile Server 11.1.x.

Table 17 Patch Availability for Oracle Database Mobile Server 11.1.x

Product Home

Patch

Advisory Number

Comments

11.1.0.0

11.1.0.0 BP Patch 16040170

Released January 2013

 

Table 18 describes the available patches for Oracle Database Lite Server 10.3.x.

Table 18 Patch Availability for Oracle Database Lite Server 10.3.x

Product Home

Patch

Advisory Number

Comments

10.3.0.3

10.3.0.3 BP Patch 15984417

Released January 2013

 

3.1.7 Oracle GoldenGate Veridata

Table 19 describes the error correction information for Oracle GoldenGate Veridata.

Table 19 Error Correction information for Oracle GoldenGate Veridata

Component

11.2.1.0

Comments

Final Patches

-

 

Table 20 describes the available patches for Oracle GoldenGate Veridata.

Table 20 Patch Availability for Oracle GoldenGate Veridata

Product Home

Patch

Advisory Number

Comments

11.2.1.0

BP 11.2.1.0.1 Patch 16291209 or later

Released April 2013

 

3.1.8 Oracle Secure Backup

Table 21 describes the Error Correction information for Oracle Secure Backup.

Table 21 Error Correction information for Oracle Secure Backup

Patch Information

10.4.x

Comments

Final Patch

October 2016

 

Table 22 describes the minimum product requirements for Oracle Secure Backup. Critical Patch Update security vulnerabilities are fixed in the listed releases.

Table 22 Minimum Product Requirements for Oracle Secure Backup 10.4.x

Product

Release

Advisory Number

Comments

Oracle Secure backup

10.4.0.2

Released July 2012

 

3.1.9 Oracle Secure Enterprise Search

Table 23 describes Error Correction information for Oracle Secure Enterprise Search.

Table 23 Error Correction information for Oracle Secure Enterprise Search

Patch Information

11.1.2.x

Comments

Final Patch

January 2015

 

Table 24 describes the available patches for Oracle Secure Enterprise Search 11.1.2.x.

Table 24 Patch Availability for Oracle Secure Enterprise Search 11.1.2.x

Product Home

Patch

Advisory Number

Comments

Oracle Database 11.1.0.7

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

Database UIX Patch 9288120 requires specific steps to be followed for Secure Enterprise Search customers. See Section 3.1.4.5, "Oracle Database 11.1.0.7"

11.1.2.x

SPU Patch 14364893

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 13718626

CPU Patch 10625676

CPU Patch 18767762

Released October 2012

Released October 2011

Released October 2011

Released October 2011

Released April 2012

Released January 2011

Released July 2013

WLS 10.3.2.0 CSS Patch (SU IDs: A6AX)

WLS 10.3.2.0 JMS Patch

WLS 10.3.2.0 WebServices Patch

WLS 10.3.2.0 Security Patch

WLS 10.3.2.0 WebApp Patch

WLS 10.3.2.0 Core Patch

WLS 10.3.2.0 Console Patch

3.1.10 Oracle TimesTen

Table 25 describes Error Correction information for Oracle TimesTen.

Table 25 Error Correction information for Oracle TimesTen

Patch Information

11.2.1.x

7.0.x

Comments

Final Patch

April 2017

January 2015

 

Table 26 describes the minimum product requirements for Oracle TimesTen. The CPU security vulnerabilities are fixed in the listed release and later releases.

Table 26 Minimum Product Requirements for Oracle TimesTen

Product

Release

Advisory Number

Comments

Oracle TimesTen 11.2.1.x

11.2.1.6.1

Released July 2010

 

Oracle TimesTen 7.0.x

7.0.6.2.0

Released July 2010

 

3.2 Oracle Enterprise Manager

This section contains the following:

·         Section 3.2.1, "Oracle Application Performance Management"

·         Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

·         Section 3.2.3, "Oracle Enterprise Manager Cloud Control 12c,"

·         Section 3.2.4, "Oracle Enterprise Manager Grid Control 11g (11.1.0.1)"

·         Section 3.2.5, "Oracle Enterprise Manager Grid Control 10g (10.2.0.5)"

3.2.1 Oracle Application Performance Management

Table 27 describes Error Correction information for Oracle Application Performance Management

Table 27 Error Correction information for Oracle Application Performance Management

Patch Information

11.1.0.5

Comments

Final Patch

January 2019

 

CPU On-Request platforms

-

 

Table 28 describes the available patches for Oracle Application Performance Management 11.1.0.5

Table 28 Patch Availability for Oracle Application Performance Management 11.1.0.5

Product Version

Patch

Advisory Number

Comments

11.1.0.5

BP 11.1.0.5.6 Patch 16069278

Released January 2013

 

3.2.2 Oracle Database Management Plug-in (12.1.0.x)

Table 29 describes Error Correction information for Oracle Database Management Plug-in (12.1.0.x).

Table 29 Error Correction information for Oracle Database Management Plug-in (12.1.0.x)

Patch Information

12.1.0.5

12.1.0.4

Comments

Final Patch

April 2015

October 2014

 

PSU On-Request Platforms

-

-

 

Table 30 describes the available patches for Oracle Database Management Plug-in (12.1.0.x).

Table 30 Patch Set Update Availability for Oracle Database Management Plug-in (12.1.0.x)

Product Home

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Oracle Database Management Plug-in (12.1.0.5) Home

BP Patch 18872427

BP Patch 18872427

-

 

Oracle Database Management Plug-in (12.1.0.4) Home

BP Patch 18327673

BP Patch 18327673

-

 

3.2.3 Oracle Enterprise Manager Cloud Control 12c

Table 31 describes Error Correction information for Oracle Enterprise Manager Cloud Control 12c.

Table 31 Error Correction information for Oracle Enterprise Manager Cloud Control 12c

Patch Information

12.1.0.4

12.1.0.3

Comments

Final Patch

-

April 2015

 

PSU On-Request Platforms

-

-

 

Table 32 describes the available patches for Oracle Enterprise Manager Cloud Control 12c Release 4 (12.1.0.4).

Table 32 Patch Availability for Oracle Enterprise Manager Cloud Control 12c Release 4 (12.1.0.4)

Product Home

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Base Platform Repository home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform Fusion Middleware home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

 

Base Platform OMS home

NA

NA

NA

The 12.1.0.4 Enterprise Manager Cloud Control release includes all security vulnerabilities announced in the CPU Advisory

Base Platform Agent home

CPU Patch 18721761

CPU Patch 18721761

CVE-2012-3137 (Announced October 2012)

JDBC Patch

Plugin home

BP Patch 18945232, or later

BP Patch 18945232, or later

NA

 

Table 33 describes the available patches for Oracle Enterprise Manager Cloud Control 12c Release 3 (12.1.0.3).

Table 33 Patch Availability for Oracle Enterprise Manager Cloud Control 12c Release 3 (12.1.0.3)

Product Home

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Base Platform Repository home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform Fusion Middleware home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

 

Oracle Database Management Plug-in (12.1.0.x) home

See Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

See Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

See Section 3.2.2, "Oracle Database Management Plug-in (12.1.0.x)"

 

Base Platform Agent home

CPU Patch 18721761

CPU Patch 18721761

CVE-2012-3137 (Announced October 2012)

JDBC Patch

Base Platform OMS home

PSU 12.1.0.3.3 Patch 18604893

PSU 12.1.0.3.3 Patch 18604893

-

The 12.1.0.3 Enterprise Manager Cloud Control release includes all security vulnerabilities announced in the CPU Advisory

3.2.4 Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Table 34 describes Error Correction information for Oracle Enterprise Manager Grid Control 11g (11.1.0.1).

Table 34 Error Correction information for Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Patch Information

11.1.0.1

Comments

Final Patch

April 2018

 

PSU On-Request Platforms

-

 

Table 35 describes the available patches for Oracle Enterprise Manager Grid Control 11g (11.1.0.1).

Table 35 Patch Set Update Availability for Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Product Home

Patch

Advisory Number

Comments

Base Platform Repository Home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform OMS Home

PSU 11.1.0.1.10 Patch 17154155

Released October 2013

 

Base Platform Fusion Middleware home

SPU Patch 14681307

Released October 2012

WLS 10.3.2.0 JDBC Patch (Not a SU). Before installing this SPU, see Note 1493990.1, Patching for CVE-2012-3137

Base Platform Fusion Middleware home

SPU Patch 18992301

SPU Patch 18992319

SPU Patch 18547380

SPU Patch 12875001

SPU Patch 18992350

SPU Patch 18992399

SPU Patch 14825824

SPU Patch 18992410

SPU Patch 18992428

CVE-2014-4253

CVE-2014-4256

Released April 2014

Released October 2011

CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4202, CVE-2014-4254

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481

Released January 2013

CVE-2014-4267

CVE-2014-4242

WLS 10.3.2.0 JVM Patch (SU IDs: DHM2)

WLS 10.3.2.0 Deployment Patch (SU IDs: Y5B9)

WLS 10.3.2.0 CSS Patch (SU IDs: 9AVS)

WLS 10.3.2.0 JMS Patch (SU IDs: 9ZW7)

WLS 10.3.2.0 WebServices Patch (SU IDs: SAGA, 92E2, L8DT, A4JA, SK77, NFFE, BIMC)

WLS 10.3.2.0 Security Patch (SU IDs: VHAC, R4P6, NSYJ, 8279)

WLS 10.3.2.0 WebApp Patch (SU IDs: 9WCQ)

WLS 10.3.2.0 Core Patch (SU IDs: KAE4, H3QP, Y3IR)

WLS 10.3.2.0 Console Patch (SU IDs: CF1P)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

Base Platform Repository Home

CPU Patch 13705493

Released April 2012

OC4J 10.1.2.3 one-off Patch

Enterprise Manager Grid Control

Base Platform Agent Home

PSU 11.1.0.1.7 Patch 9346282

Released April 2012

 

3.2.5 Oracle Enterprise Manager Grid Control 10g (10.2.0.5)

Table 36 describes Error Correction information for Oracle Enterprise Manager Grid Control 10g (10.2.0.5).

Table 36 Error Correction information for Oracle Enterprise Manager Grid Control 10g (10.2.0.5)

Patch Information

10.2.0.5

Comments

Final Patch

October 2014

 

PSU On-Request Platforms

-

 

Table 37 describes the available patches for Oracle Enterprise Manager Grid Control 10g (10.2.0.5).

Table 37 Patch Availability for Oracle Enterprise Manager Grid Control 10g (10.2.0.5)

Product Home

Patch

Advisory Number

Comments

Base Platform Repository Home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Base Platform OMS Home

PSU 10.2.0.5.9 Patch 17153899

Released October 2013

 

Base Platform OMS Home

OHT BP Patch 15880880

Released July 2013

OHT BP 10.1.3.5 for EMGC

Base Platform OMS Home

CPU Patch 14109229

Released January 2012

OC4J 10.1.2.3 one-off patch

Base Platform OMS Home

Unix: CPU Patch 12837860

Microsoft Windows 32-bit: CPU Patch 12837864

Microsoft Windows Itanium 64-bit: CPU Patch 12837867

Released October 2011

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

Base Platform OMS Home

CPU Patch 12535904

Released July 2011

Applicable to HP-UX PA-RISC and HP-UX Itanium platforms only

Base Platform Agent Home

UNIX: PSU 10.2.0.5.3 Patch 9282414

Windows: PSU 10.2.0.5.3 Patch 9490898

Released April 2010

 

3.3 Oracle Fusion Middleware

This section contains the following:

·         Section 3.3.1, "Management Pack For Oracle GoldenGate"

·         Section 3.3.2, "Oracle AquaLogic Data Services Platform"

·         Section 3.3.5, "Oracle Beehive"

·         Section 3.3.3, "Oracle Business Intelligence App Mobile Designer"

·         Section 3.3.4, "Oracle Business Intelligence Enterprise Edition"

·         Section 3.3.6, "Oracle Business Intelligence Publisher"

·         Section 3.3.7, "Oracle Business Process Management"

·         Section 3.3.8, "Oracle Communications Converged Application Server"

·         Section 3.3.9, "Oracle Complex Event Processing and WebLogic Event Server"

·         Section 3.3.10, "Oracle Data Quality for Oracle Data Integrator"

·         Section 3.3.11, "Oracle Data Service Integrator"

·         Section 3.3.12, "Oracle Document Capture"

·         Section 3.3.13, "Oracle Endeca Server"

·         Section 3.3.14, "Oracle Enterprise Data Quality"

·         Section 3.3.15, "Oracle Exalogic Patch Set Update (PSU)"

·         Section 3.3.16, "Oracle Forms and Reports 11g Release 2"

·         Section 3.3.17, "Oracle Fusion Middleware"

·         Section 3.3.18, "Oracle Hyperion Analytic Provider Services"

·         Section 3.3.19, "Oracle Hyperion BI+"

·         Section 3.3.20, "Oracle Hyperion Common Admin"

·         Section 3.3.21, "Oracle Hyperion EAS"

·         Section 3.3.22, "Oracle Hyperion Enterprise Performance Management Architect"

·         Section 3.3.23, "Oracle Hyperion Essbase"

·         Section 3.3.24, "Oracle Hyperion Strategic Finance"

·         Section 3.3.25, "Oracle Identity Access Management"

·         Section 3.3.26, "Oracle Identity Management"

·         Section 3.3.27, "Oracle Identity Management Connector"

·         Section 3.3.28, "Oracle Imaging and Process Management"

·         Section 3.3.29, "Oracle JDeveloper and Oracle ADF"

·         Section 3.3.30, "Oracle JRockit"

·         Section 3.3.31, "Oracle Map Viewer"

·         Section 3.3.32, "Oracle Outside In Technology"

·         Section 3.3.33, "Oracle Portal, Forms, Reports, and Discoverer 11g Release 1"

·         Section 3.3.34, "Oracle SOA Suite"

·         Section 3.3.35, "Oracle Traffic Director"

·         Section 3.3.36, "Oracle Web-Tier 11g Utilities"

·         Section 3.3.37, "Oracle WebCenter"

·         Section 3.3.38, "Oracle WebCenter Content (Formerly Oracle Universal Content Management)"

·         Section 3.3.39, "Oracle WebCenter Forms Recognition"

·         Section 3.3.40, "Oracle WebCenter Interaction"

·         Section 3.3.41, "Oracle WebCenter Portal"

·         Section 3.3.42, "Oracle WebCenter Sites (Formerly FatWire Content Server)"

·         Section 3.3.43, "Oracle WebCenter Suite"

·         Section 3.3.44, "Oracle WebGate"

·         Section 3.3.45, "Oracle WebLogic Integration"

·         Section 3.3.46, "Oracle WebLogic Portal"

·         Section 3.3.47, "Oracle WebLogic Server"

·         Section 3.3.48, "Oracle WebLogic Server and WebLogic Express"

·         Section 3.3.49, "Oracle WebLogic Server Plug-ins"

3.3.1 Management Pack For Oracle GoldenGate

Table 38 describes the Error Correction information for Management Pack For Oracle GoldenGate.

Table 38 Error Correction information for Management Pack For Oracle GoldenGate

Patch Information

11.1.1.1.0

Comments

Final Patch

-

 

Table 39 describes the available patches for Error Correction information for Management Pack For Oracle GoldenGate.

Table 39 Patch Availability for Management Pack For Oracle GoldenGate

Product Home

Patch

Advisory Number

Comments

11.1.1.1.0

BP 11.1.1.1.1 (BP1) Patch 16011619 or later

Released January 2013

 

3.3.2 Oracle AquaLogic Data Services Platform

Table 40 describes the Error Correction information for Oracle AquaLogic Data Services Platform.

Table 40 Error Correction information for Oracle AquaLogic Data Services Platform

Patch Information

ALDSP 3.2

ALDSP 3.0.1

Comments

Final Patch

April 2016

April 2016

 

Table 41 describes the available patches for Oracle AquaLogic Data Services Platform. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 41 Patch Availability for Oracle AquaLogic Data Services Platform

Product Home

Patch

Advisory Number

Smart Update Patch Set ID

Smart Update Patch IDs

Comments

3.0.1.0

CPU Patch 13705113

Released April 2012

NA

NA

WebLogic Server 9.2.2.0 one-off patch that needs to be applied to WebLogic Server home

3.2

CPU Patch 8272933

Released April 2009

NA

TXJJ

 

3.0.1

CPU Patch 8284035

Released April 2009

NA

QDWJ

 

3.3.3 Oracle Business Intelligence App Mobile Designer

Table 42 describes the Error Correction information for Oracle Business Intelligence App Mobile Designer.

Table 42 Error Correction information for Oracle Business Intelligence App Mobile Designer

Patch Information

11.1.1.7.0

Comments

Final Patch

-

 

Table 43 describes the available patches for Oracle Business Intelligence App Mobile Designer.

Table 43 Patch Availability for Oracle Business Intelligence App Mobile Designer

Product Home

Patch

Advisory Number

Comments

11.1.1.7.0

SPU Patch 18794832

CVE-2014-4249

 

3.3.4 Oracle Business Intelligence Enterprise Edition

Table 44 describes the Error Correction information for Oracle Business Intelligence Enterprise Edition.

Table 44 Error Correction information for Oracle Business Intelligence Enterprise Edition

Patch Information

10.1.3.4.2

Comments

Final Patch

July 2015

 

Table 45 describes the available patches for Oracle Business Intelligence Enterprise Edition.

Customers on earlier versions of Oracle Business Intelligence Enterprise Edition 10.x will need to apply 10.1.3.4.1 and then apply the patch.

Table 45 Patch Availability for Oracle Business Intelligence Enterprise Edition

Product Home

Patch

Advisory Number

Comments

10.1.3.4.2

BP Patch 14625193

Released October 2012

BIP Patch

3.3.5 Oracle Beehive

Oracle Beehive environments contain Oracle Database and Oracle Fusion Middleware homes. For more information, see My Oracle Support Note 758816.1, Applying Critical Patch Updates to Beehive 1.5.1.x though 2.0.1.x.

Table 46 describes Error Correction information for Oracle Beehive.

Table 46 Error Correction information for Oracle Beehive

Patch Information

Oracle Beehive 2.0.1.x

Comments

Minimum Product Requirement

2.0.1.4

Announced January 2011

Final Patch

Jan 2018

 

CPU On-Request Platforms

-

 

Table 47 describes the available patches for Oracle Beehive.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 47 Patch Availability for Oracle Beehive

Product Home

UNIX

Microsoft Windows (32-Bit)

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

 

Oracle Beehive Server 2.0.1.x

CPU Patch 9173038

CPU Patch 9173038

Released January 2010

 

Oracle Beekeeper 2.0.1.x

NA

NA

 

 

3.3.6 Oracle Business Intelligence Publisher

Table 48 describes the Error Correction information for Oracle Business Intelligence Publisher.

Table 48 Error Correction information for Oracle Business Intelligence Publisher

Patch Information

10.1.3.4.2

Comments

Final Patch

July 2015

 

Table 49 describes the available patches for Oracle Business Intelligence Publisher.

Customers on earlier versions of Oracle Business Intelligence Publisher 10.x will need to apply 10.1.3.4.1 and then apply the patch.

Table 49 Patch Availability for Oracle Business Intelligence Publisher

Product Home

Patch

Advisory Number

Comments

10.1.3.4.2

BP Patch 14625193

Released October 2012

See My Oracle Support Note 797057.1, Overview of Available Update Patches for Oracle BI Publisher Enterprise 10g

3.3.7 Oracle Business Process Management

Follow the special instructions below to download Oracle Business Process Management patches.

1.  Click Patches & Updates after logging into My Oracle Support.

2.  Search for Oracle Business Process Management Suite.

3.  Search for the required BPM release by clicking Select up to 10.

4.  Select the patch with the build number that is indicated in Table 51, or the patch with higher build number than what is indicated for the platform you are about to update, for example: EnterpriseJ2EE, Studio, or EnterpriseSA.

5.  Download the patch.

Table 50 describes the Error Correction information for Oracle Business Process Management.

Table 50 Error Correction information for Oracle Business Process Management

Patch Information

10.3.2

6.0.5

Comments

Final Patch

January 2017

July 2014

 

Table 51 describes the available patches for Oracle Business Process Management.

Table 51 Patch Availability for Oracle Business Process Management

Product Home

Patch

Advisory Number

Comments

BPM 10.3.2

100375

Released July 2010

See the instructions above on how to download the patch

BPM 6.0.5

100247

Released July 2010

See the instructions above on how to download the patch

3.3.8 Oracle Communications Converged Application Server

Table 52 describes the Error Correction information for Oracle Communications Converged Application Server.

Table 52 Error Correction information for Oracle Communications Converged Application Server

Patch Information

5.0

4.0

Comments

Final Patch

July 2018

July 2015

 

Table 53 describes the available patches for Oracle Communications Converged Application Server. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 53 Patch Availability for Oracle Communications Application Server

Oracle Communications Converged Application Server

Patch

Advisory Number

Comments

5.0

SPU Patch 14364893

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 14825824

CPU Patch 10625676

CPU Patch 18767762

Released October 2012

Released October 2011

Released October 2011

Released October 2011

Released January 2013

Released January 2011

Released July 2013

WLS 10.3.0.0 CSS Patch

WLS 10.3.3.0 JMS Patch

WLS 10.3.3.0 WebServices Patch

WLS 10.3.3.0 Security Patch

WLS 10.3.3.0 WebApp Patch

WLS 10.3.3.0 Core Patch

WLS 10.3.3.0 Console Patch

4.0

SPU Patch 14364893

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 14825824

CPU Patch 10625676

CPU Patch 18767762

Released October 2012

Released October 2011

Released October 2011

Released October 2011

Released January 2013

Released January 2011

Released July 2013

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

3.3.9 Oracle Complex Event Processing and WebLogic Event Server

Table 54 describes the Error Correction information for Oracle Complex Event Processing and WebLogic Event Server.

Table 54 Error Correction information for Oracle Complex Event Processing and WebLogic Event Server

Patch Information

CEP 11.1.7

EVS 2.0

Comments

Final Patch

October 2018

July 2014

 

Table 55 describes the available patches for Oracle Complex Event Processing and WebLogic Event Server. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 55 Patch Availability for Oracle Complex Event Processing and WebLogic Event Server

Product Home

Patch

Advisory Number

Comments

11.1.1.7

SPU Patch 18140721

Released April 2014

 

EVS 2.0

Upgrade to 11.1.1.x version, then apply the patch for that version

Released October 2012

 

3.3.10 Oracle Data Quality for Oracle Data Integrator

Table 56 describes the Error Correction information for Oracle Data Quality for Oracle Data Integrator.

Table 56 Error Correction information for Oracle Data Quality for Oracle Data Integrator

Patch Information

ODQDI 10.3.0

Comments

Final Patch

-

 

Table 57 describes the available patches for Oracle Data Quality for Oracle Data Integrator.

Table 57 Patch Availability for Oracle Data Quality for Oracle Data Quality for Oracle Data Integrator

Product Home

Patch

Advisory Number

Comments

11.1.1.3.0

CPU Patch 18177015

Released April 2014

 

3.3.11 Oracle Data Service Integrator

Table 58 describes the Error Correction information for Oracle Data Service Integrator.

Table 58 Error Correction information for Oracle Data Service Integrator

Patch Information

ODSI 10.3.0

Comments

Final Patch

January 2017

 

Table 59 describes the available patches for Data Service Integrator. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 59 Patch Availability for Oracle Data Service Integrator

Product Home

Patch

Advisory Number

Comments

10.3.0

OR

OR

SPU Patch 18526551

SPU Patch 12875001

OR

OR

SPU Patch 14825824

OR

OR

CVE-2014-4253

CVE-2014-4256

Released April 2014

Released October 2011

CVE-2014-4254, CVE-2014-4255, CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4202

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481, CVE-2014-4201

Released January 2013

CVE-2014-4267

CVE-2014-4242

WLS 10.3.0.0 JVM Patch

WLS 10.3.0.0 Deployment Patch

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

10.3.0

CPU Patch 8268258

Released April 2009

ODSI Patch

3.3.12 Oracle Document Capture

Table 60 describes the Error Correction information for Oracle Document Capture.

Table 60 Error Correction information for Oracle Document Capture

Patch Information

10.1.3.5.1

Comments

Final Patch

October 2015

 

Table 61 describes the available patches for Oracle Document Capture.

Table 61 Patch Availability for Oracle Document Capture

Product Home

Patch

Advisory Number

Comments

Oracle Document Capture 10.1.3.5.1 home

CPU Patch 16312671

Released April 2013

 

3.3.13 Oracle Endeca Server

Table 62 describes the Error Correction information for Oracle Endeca Server.

Table 62 Error Correction information for Oracle Endeca Server

Patch Information

Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude)

7.5.x

7.4.x

Comments

Final Patch

April 2016

-

July 2020

 

Table 63 describes the minimum version information for Oracle Endeca Server.

Table 63 Minimum Product Requirements for Oracle Endeca Server 7.5.x

Patch Information

7.5.x

Advisory Number

Comments

Minimum Version

7.5.1.1

Released July 2013

 

Table 64 describes the available patches for Oracle Endeca Server.

Table 64 Patch availability for Oracle Endeca Server 7.4.x

Product Home

Patch

Advisory Number

Comments

Oracle Endeca Server 7.4 home

SPU Patch 16822423

Released July 2013

 

Table 65 describes the available patches for Oracle Endeca Server (Formerly Latitude).

Table 65 Patch Availability for Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude)

Product Home

Patch

Advisory Number

Comments

Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude) home

See My Oracle Support Note 1629648.1

Released April 2014

 

3.3.14 Oracle Enterprise Data Quality

Table 66 describes the Error Correction information for Oracle Enterprise Data Quality.

Table 66 Error Correction information for Oracle Enterprise Data Quality

Patch Information

9.0.8

8.1

Comments

Final Patch

October 2019

July 2019

 

Table 67 describes the available patches for Oracle Enterprise Data Quality.

Table 67 Patch Availability for Oracle Enterprise Data Quality

Product Home

Patch

Advisory Number

Comments

Oracle Enterprise Data Quality 9.0.8 home

See My Oracle Support Note 1595538.1

Released January 2014

 

Oracle Enterprise Data Quality 8.1 home

See My Oracle Support Note 1595538.1

Released January 2014

 

3.3.15 Oracle Exalogic Patch Set Update (PSU)

Table 68 describes the Error Correction information for Exalogic Patch Set Update (PSU).

Table 68 Error Correction information for Oracle Exalogic Patch Set Update (PSU)

Patch Information

2.x

1.x

Comments

Final Patch

-

-

 

Table 69 describes the available patches for Oracle Exalogic.

Table 69 Patch Set Update Availability for Oracle Exalogic

Oracle Exalogic

Patch

Advisory Number

Comments

2.x Physical

2.0.6.1.2 Physical Linux x86-64 (X4-2) PSU Patch 18630746

2.0.3.0.7 Physical Linux x86-64 (X3-2, X2-2) PSU Patch 18630746

2.0.6.1.2 Physical Solaris x86-64 (X4-2) PSU Patch 18630746

2.0.4.0.7 Physical Solaris x86-64 (X3-2, X2-2) PSU Patch 18630746

Released July 2014

See Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

2.x Virtual

2.0.6.1.2 Virtual (X4-2) PSU Patch 18630693

2.0.6.0.2 Virtual (X3-2, X2-2) PSU Patch 18630693

Released July 2014

See Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

1.x

Exalogic Infrastructure 2.0.6.0.1 Virtual (X3-2, X2-2) PSU Patch 14834860

Released October 2012

See Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)s

3.3.16 Oracle Forms and Reports 11g Release 2

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Forms and Reports 11g Release 2 installation. Only the relevant homes from those tables need to be patched.

Table 70 describes the available patches for Oracle Forms and Reports 11g Release 2.

Table 70 Patch Availability for Oracle Forms and Reports 11g Release 2

Product Home

Patches

Comments

Oracle Forms and Reports 11.1.2.2 home

See Section 3.3.17.4, "Oracle Forms and Reports 11.1.2.2"

 

Oracle Forms and Reports 11.1.2.1 home

See Section 3.3.17.5, "Oracle Forms and Reports 11.1.2.1"

 

3.3.17 Oracle Fusion Middleware

For more information on how to identify the components in an Oracle home, see Note 1591483.1, What is Installed in My Middleware or Oracle home?

This section contains the following:

·         Section 3.3.17.1, "Oracle Fusion Middleware 12.1.3.0"

·         Section 3.3.17.2, "Oracle Fusion Middleware 12.1.2.0"

·         Section 3.3.17.3, "Oracle Fusion Middleware 12.1.1.0"

·         Section 3.3.17.4, "Oracle Forms and Reports 11.1.2.2"

·         Section 3.3.17.5, "Oracle Forms and Reports 11.1.2.1"

·         Section 3.3.17.6, "Oracle WebCenter 11.1.1.8"

·         Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

·         Section 3.3.17.8, "Oracle Fusion Middleware 11.1.1.5"

·         Section 3.3.17.9, "Oracle Fusion Middleware 10.1.3.5.x"

·         Section 3.3.17.10, "Oracle Identity Access Management 11.1.2.2"

·         Section 3.3.17.11, "Oracle Identity Access Management 11.1.2.1"

3.3.17.1 Oracle Fusion Middleware 12.1.3.0

Table 71 describes the Error Correction information for Oracle Fusion Middleware 12.1.3.0.

Table 71 Error Correction information for Oracle Fusion Middleware 12.1.3.0

Patch Information

12.1.3.0

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 72 describes the available patches for Oracle Fusion Middleware 12.1.3.0.

Table 72 Patch Availability for Oracle Fusion Middleware 12.1.3.0

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

 

Oracle WebLogic Server 12.1.3.0

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

 

Oracle WebLogic Server PlugIns 12.1.3.0.0

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet

3.3.17.2 Oracle Fusion Middleware 12.1.2.0

Table 73 describes the Error Correction information for Oracle Fusion Middleware 12.1.2.0.

Table 73 Error Correction information for Oracle Fusion Middleware 12.1.2.0

Patch Information

12.1.2.0

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 74 describes the available patches for Oracle Fusion Middleware 12.1.2.0.

Table 74 Patch Availability for Oracle Fusion Middleware 12.1.2.0

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

 

Oracle WebLogic Server 12.1.2.0

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

 

Oracle WebLogic Server PlugIns 12.1.2.0.0

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet

Oracle HTTP Server 12c 12.1.2.0.0

SPU Patch 18596253

CVE-2014-2493, CVE-2013-5855

Oracle ADF 12.1.2.0 Patch

Oracle HTTP Server 12c 12.1.2.0.0

SPU Patch 17849231

Released January 2014

Oracle Security Service (SSL/Network) Patch

Oracle HTTP Server 12c 12.1.2.0.0

Oracle Infrastructure 12c 12.1.2.0.0

SPU Patch 17621876

Released January 2014

Oracle Help Technologies Patch

Oracle HTTP Server 12c 12.1.2.0.0

SPU Patch 17723709

Released January 2014

Oracle HTTP Server (OHS) Patch

3.3.17.3 Oracle Fusion Middleware 12.1.1.0

Table 75 describes the Error Correction information for Oracle Fusion Middleware 12.1.1.0.

Table 75 Error Correction information for Oracle Fusion Middleware 12.1.1.0

Patch Information

12.1.1.0

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 76 describes the available patches for Oracle Fusion Middleware 12.1.1.0.

Table 76 Patch Availability for Oracle Fusion Middleware 12.1.1.0

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

 

Oracle WebLogic Server 12.1.1.0

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

 

Oracle WebLogic Server PlugIns 12.1.1.0.0

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet

3.3.17.4 Oracle Forms and Reports 11.1.2.2

Table 77 describes the Error Correction information for Oracle Forms and Reports 11.1.2.2.

Table 77 Error Correction information for Oracle Forms and Reports 11.1.2.2

Patch Information

11.1.2.2

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 78 describes the available patches for Oracle Forms and Reports 11.1.2.2.

Table 78 Patch Availability for Oracle Forms and Reports 11.1.2.2

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

 

Oracle Forms and Reports 11.1.2.2 home

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

Before patching an Oracle Database Server, you might need to patch the Database 11.1.0.7 client in the Fusion Middleware home. Before installing the applicable patches, see Note 1493990.1Patching for CVE-2012-3137

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 18596233

CVE-2014-2493

Oracle ADF 11.1.1.7 Patch

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 18423801

CVE-2014-4222

Oracle Process Management & Notification (OPMN) Patch

See Note 1905314.1, New SSL Protocol and Cipher Options for Oracle Fusion Middleware 11g OPMN/ONS

Oracle Forms and Reports 11.1.2.2 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies Patch

Oracle Forms and Reports 11.1.2.2 home

SPU Patch 17664563

Released January 2014

Oracle HTTP Server 11.1.1.7 Patch

Oracle Forms and Reports 11.1.2.2 home

CPU Patch 17337741

Released October 2013

Oracle Security Service (SSL/Network) Patch

Oracle Forms and Reports 11.1.2.1 home

See My Oracle Support Note 1608683.1

Released January 2014

Oracle Reports Advisory

3.3.17.5 Oracle Forms and Reports 11.1.2.1

Table 79 describes the Error Correction information for Oracle Forms and Reports 11.1.2.1.

Table 79 Error Correction information for Oracle Forms and Reports 11.1.2.1

Patch Information

11.1.2.1

Comments

Final Patch

January 2014

Oracle Fusion Middleware 11.1.1.6.0

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 80 describes the available patches for Oracle Forms and Reports 11.1.2.1.

Table 80 Patch Availability for Oracle Forms and Reports 11.1.2.1

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle Forms and Reports 11.1.2.1 home

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

Before patching an Oracle Database Server, you might need to patch the Database 11.1.0.7 client in the Fusion Middleware home. Before installing the applicable patches, see Note 1493990.1Patching for CVE-2012-3137

Oracle Forms and Reports 11.1.2.1 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Forms and Reports 11.1.2.1 home

See My Oracle Support Note 1608683.1

Released January 2014

Oracle Reports Advisory

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 17664562

Released January 2014

Oracle HTTP Server 11.1.1.6 Patch

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 17617669

Released January 2014

Oracle Help Technologies Patch

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 16920856

Released October 2013

WebServices Patch

Oracle Forms and Reports 11.1.2.1 home

SPU Patch 17337730

Released October 2013

Oracle Security Service (SSL/Network) Patch

3.3.17.6 Oracle WebCenter 11.1.1.8

Table 81 describes the Error Correction information for Oracle WebCenter 11.1.1.8.

Table 81 Error Correction information for Oracle WebCenter 11.1.1.8

Patch Information

11.1.1.8

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 82 describes the available patches for Oracle WebCenter 11.1.1.8.

Table 82 Patch Availability for Oracle WebCenter 11.1.1.8

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

 

Oracle WebCenter 11.1.1.8.0 home

SPU Patch 18596233

CVE-2014-2493

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle WebCenter 11.1.1.8.0 home

Oracle WebCenter Portal BP 11.1.1.8.4 Patch 18633874 or later

CVE-2014-4211, CVE-2014-4257

Oracle WebCenter Portal 11.1.1.8.0 patch

Oracle WebCenter 11.1.1.8.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies 11.1.1.7.0 Patch

Oracle WebCenter Content 11.1.1.8 home

Oracle WebCenter Content BP 2 Patch 17453460 or later

Released October 2013

 

3.3.17.7 Oracle Fusion Middleware 11.1.1.7

Table 83 describes the Error Correction information for Oracle Fusion Middleware 11.1.1.7.

Table 83 Error Correction information for Oracle Fusion Middleware 11.1.1.7

Patch Information

11.1.1.7

Comments

Final Patch

July 2014

Oracle WebCenter 11.1.1.7

CPU On-Request Platforms

-

 

Table 84 describes the available patches for Oracle Fusion Middleware 11.1.1.7.

Table 84 Patch Availability for Oracle Fusion Middleware 11.1.1.7

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

 

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

Oracle SOA Suite 11.1.1.7.0 home

Oracle WebCenter Suite 11.1.1.7.0 home

SPU Patch 18596233

CVE-2014-2493

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle Identity Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

SPU Patch 18423801

CVE-2014-4222

Oracle Process Management & Notification (OPMN) Patch

See Note 1905314.1, New SSL Protocol and Cipher Options for Oracle Fusion Middleware 11g OPMN/ONS

Oracle WebCenter 11.1.1.7.0 home

Overlay SPU Patch 18792010 and 11.1.1.7.0 BP 1 Patch 16761779

CVE-2014-4211, CVE-2014-4257

WebCenter Portal 11.1.1.7.0 Overlay SPU patch

Oracle Identity Access Management 11.1.1.7.0 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

See My Oracle Support Note 1608683.1

Released January 2014

 

Oracle Identity Management 11.1.1.7.0 home

CPU Patch 17842883 and

CPU Patch 17839633

Released January 2014

Oracle Internet Directory Patch

Patch 17842883 for HP-UX Itanium, HP-UX PA-RISC (64-bit), Linux x86, Microsoft Windows (32-bit)

Patch 17839633 for Linux x86-64, IBM AIX Based Systems (64-bit), Sun Solaris x86-64 (64-bit), Sun Solaris SPARC (64-bit), Microsoft Windows x64 (64-bit)

Oracle Identity Management 11.1.1.7.0 home

Oracle Identity Access Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

Oracle SOA Suite 11.1.1.7.0 home

Oracle WebCenter Suite 11.1.1.7.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies Patch

Oracle Identity Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

SPU Patch 17664563

Released January 2014

Oracle HTTP Server 11.1.1.7 Patch

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

SPU Patch 17306880

Released October 2013

Web Cache Patch

Oracle Identity Management 11.1.1.7.0 home

Oracle Web Tier 11.1.1.7.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

CPU Patch 17337741

Released October 2013

Oracle Security Service (SSL/Network) Patch

Oracle WebCenter Content 11.1.1.7 home

BP 2 Patch 17180477 or higher

Released October 2013

 

3.3.17.8 Oracle Fusion Middleware 11.1.1.5

Table 85 describes the Error Correction information for Oracle Fusion Middleware 11.1.1.5.

Table 85 Error Correction information for Oracle Fusion Middleware 11.1.1.5

Patch Information

11.1.1.5.0

Comments

Final Patch

January 2013

Oracle Fusion Middleware 11.1.1.5.0

Final Patch

April 2015

Oracle Identity Access Management 11.1.1.5

CPU On-Request Platforms

-

 

Table 86 describes the available patches for Oracle Fusion Middleware 11.1.1.5.

Table 86 Patch Availability for Oracle Fusion Middleware 11.1.1.5

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

 

Oracle Identity Access Management 11.1.1.5.0 home

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

See Section 3.1.4.5, "Oracle Database 11.1.0.7"

Before patching an Oracle Database Server, you might need to patch the Database 11.1.0.7 client in the Fusion Middleware home. Before installing the applicable patches, see Note 1493990.1Patching for CVE-2012-3137

Oracle Identity Access Management 11.1.1.5.0 home

See My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Identity Management Suite

BP 11.1.1.5.7 Patch 18490364 or later

Released April 2014

Oracle Identity Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

Oracle Identity Analytics BP 11.1.1.5.7 Patch 18182466 or higher

Released April 2014

Oracle Identity Analytics Patch

Oracle Identity Access Management 11.1.1.5.0 home

SPU Patch 18355263 and BP Patch 14828904

Released April 2014

WebGate Patch

Oracle Identity Access Management 11.1.1.5.0 home

SPU Patch 17617673

Released January 2014

Oracle Help Technologies Patch

Oracle Identity Access Management 11.1.1.5.0 home

Oracle Identity Management Suite BP 11.1.1.5.5 Patch 17178952 or later

Released October 2013

Oracle Access Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

11.1.1.5.4 BP Patch 14188199 or higher

Released July 2013

Oracle Access Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

CPU Patch 14003475

Released July 2012

Oracle HTTP Server Patch

Oracle Identity Access Management 11.1.1.5.0 home

CPU Patch 13113602

Released January 2012

Oracle Web Services Manager Patch

Oracle Identity Access Management 11.1.1.5.0 home

CPU Patch 12434187

Released July 2011

Network

For Solaris x86-64, (Identity Management and Web Tier homes), apply specific mandatory patches. For more information, see My Oracle Support Note 1343107.1

3.3.17.9 Oracle Fusion Middleware 10.1.3.5.x

Table 87 describes the Error Correction information for Oracle Fusion Middleware 10.1.3.5.x.

Table 87 Error Correction information for Oracle Fusion Middleware 10.1.3.5.x

Patch Information

10.1.3.5.x

Comments

Final Patch

Oracle SOA Suite: October 2014

JDeveloper: April 2017

Application Development Framework: April 2017

Oracle HTTP Server: April 2017

Oracle Container for Java (OC4J): April 2017

TopLink: April 2017

For all other components that are NOT listed here, see the Comments section in the LSP document.

For more information, see Lifetime Support Policy for Oracle Fusion Middleware

CPU On-Request Platforms

Oracle Solaris x86-64

 

Table 88 describes the available patches for Oracle Fusion Middleware 10.1.3.5.x.

Table 88 Patch Availability for Oracle Fusion Middleware 10.1.3.5.x

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle Application Server 10g Release 3

Oracle HTTP Server 2.0 standalone home

Oracle SOA Suite 10g

Oracle WebCenter Suite 10g

Oracle SOA Suite 10g for WebLogic Server

UNIX: CPU Patch 18272678

Microsoft Windows (32-Bit): CPU Patch 18272679

Microsoft Windows Itanium (64-Bit): CPU Patch 18272681

Released April 2014

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

OC4J Standalone home

SPU Patch 18272621

Released April 2014

Patch for OC4J Standalone 10.1.3.5 media available on OTN http://www.oracle.com/technetwork/middleware/ias/downloads/utilsoft-090603.html

Oracle Application Server 10g Release 3

See My Oracle Support Note 1586861.1

Released October 2013

 

Oracle Application Server 10g Release 3

OC4J Standalone home

Oracle SOA Suite 10g

SPU Patch 16920865

Released October 2013

WebServices Patch

OC4J Standalone home

CPU Patch 14123312

Released July 2012

Enterprise Manager AS Control Patch

Patch for OC4J Standalone 10.1.3.5 media available on OTN http://www.oracle.com/technetwork/middleware/ias/downloads/utilsoft-090603.html

Oracle SOA Suite 10g for WebLogic Server

CPU Patch 12539587

Released October 2011

Oracle Web Services Manager (OWSM) Patch

Oracle SOA Suite 10g

Oracle WebCenter Suite 10g

CPU Patch 12957596

Released October 2011

Oracle Web Services Manager (OWSM) Patch

3.3.17.10 Oracle Identity Access Management 11.1.2.2

Table 89 describes the Error Correction information for Oracle Identity Access Management 11.1.2.2.

Table 89 Error Correction information for Oracle Fusion Middleware 11.1.2.2

Patch Information

11.1.2.2

Comments

Final Patch

-

 

CPU On-Request Platforms

-

 

Table 90 describes the available patches for Oracle Identity Access Management 11.1.2.2.

Table 90 Patch Availability for Oracle Identity Access Management 11.1.2.2

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

Oracle Identity Access Management 11.1.2.2.0 home

SPU Patch 18596233

CVE-2014-2493

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle Identity Access Management 11.1.2.2.0 home

My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Identity Access Management 11.1.2.2.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technologies Patch

3.3.17.11 Oracle Identity Access Management 11.1.2.1

Table 91 describes the Error Correction information for Oracle Identity Access Management 11.1.2.1.

Table 91 Error Correction information for Oracle Fusion Middleware 11.1.2.1

Patch Information

11.1.2.1

Comments

Final Patch

-

Oracle Fusion Middleware 11.1.2.1

Final Patch

January 2014

Oracle Fusion Middleware 11.1.1.6

CPU On-Request Platforms

-

 

Table 92 describes the available patches for Oracle Identity Access Management 11.1.2.1.

Table 92 Patch Availability for Oracle Identity Access Management 11.1.2.1

Product Home

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.4, "Oracle Database"

See Section 3.1.4, "Oracle Database"

Patch any Database Server associated to a Fusion Middleware installation

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server home

See Section 3.3.47, "Oracle WebLogic Server"

See Section 3.3.47, "Oracle WebLogic Server"

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

Oracle Identity Access Management 11.1.2.1.0 home

SPU Patch 18596233

CVE-2014-2493

Oracle JDeveloper/ADF 11.1.1.7 Patch

Oracle Identity Access Management 11.1.2.1.0 home

My Oracle Support Note 1643382.1

Released April 2014

 

Oracle Identity Access Management 11.1.2.1 home

SPU Patch 17617673

Released January 2014

Oracle Help Technologies Patch

Oracle Identity Access Management 11.1.2.1 home

Oracle Identity Manager BP 11.1.2.1.3 Patch 17532765 or later

Released January 2014

Oracle Identity Manager Patch

Oracle Identity Access Management 11.1.2.1 home

SPU Patch 16920856

Released October 2013

WebServices Patch

Oracle Identity Access Management 11.1.2.1 home

SPU Patch 16262532

Released April 2013

Oracle Web Services Manager Patch

3.3.18 Oracle Hyperion Analytic Provider Services

Table 93 describes the Error Correction information for Oracle Hyperion Analytic Provider Services.

Table 93 Error Correction information for Oracle Hyperion Analytic Provider Services

Patch Information

11.1.2.x

Comments

Final Patch

April 2021

 

Table 94 describes the available patches for Oracle Hyperion Analytic Provider Services, based on release.

Table 94 Patch Availability for Oracle Hyperion Analytic Provider Services

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 17767293

CVE-2014-4246

 

11.1.2.2

SPU Patch 18148649

CVE-2014-4246

 

3.3.19 Oracle Hyperion BI+

Table 95 describes the Error Correction information for Oracle Hyperion BI+.

Table 95 Error Correction information for Oracle Hyperion BI+

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 96 describes the available patches for Oracle Hyperion BI+, based on release.

Table 96 Patch Availability for Oracle Hyperion BI+

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 17529887 and SPU Patch 18383790

CVE-2014-0436

 

11.1.2.2

SPU Patch 18659116 and SPU Patch 18856417

CVE-2014-0436

 

3.3.20 Oracle Hyperion Common Admin

Table 97 describes the Error Correction information for Oracle Hyperion Common Admin.

Table 97 Error Correction information for Oracle Hyperion Common Admin

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 98 describes the available patches for Oracle Hyperion Common Admin.

Table 98 Patch Availability for Oracle Hyperion Common Admin

Product Home

Patch

Advisory Number

Comments

11.1.2.3

CPU Patch 18672071

CVE-2014-4269, CVE-2014-4270

 

11.1.2.2

CPU Patch 18659116

CVE-2014-4269, CVE-2014-4270

 

3.3.21 Oracle Hyperion EAS

Table 99 describes the Error Correction information for Oracle Hyperion EAS.

Table 99 Error Correction information for Oracle Hyperion EAS

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 100 describes the available patches for Oracle Hyperion EAS, based on release.

Table 100 Patch Availability for Oracle Hyperion EAS

Product Home

Patch

Advisory Number

Comments

11.1.2.3

Admin Server Patch 17417347

Admin Console Patch 17417344

Released January 2014

 

11.1.2.2

Admin Server Patch 17277761

Admin Console Patch 17277764

Released January 2014

 

11.1.2.1

Admin Server Patch 17545122

Admin Console Patch 17545124

Released January 2014

 

3.3.22 Oracle Hyperion Enterprise Performance Management Architect

Table 101 describes the Error Correction information for Oracle Hyperion Enterprise Performance Management Architect.

Table 101 Error Correction information for Oracle Hyperion Enterprise Performance Management Architect

Patch Information

11.1.2.x

Comments

Final Patch

April 2021

 

Table 102 describes the available patches for Oracle Hyperion Enterprise Performance Management Architect.

Table 102 Patch Availability for Oracle Hyperion Enterprise Performance Management Architect

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 17529887 and SPU Patch 18383790

CVE-2014-4203, CVE-2014-4206

 

11.1.2.2

SPU Patch 18659116 and SPU Patch 18856417

CVE-2014-4203, CVE-2014-4206

 

3.3.23 Oracle Hyperion Essbase

Table 103 describes the Error Correction information for Oracle Hyperion Essbase.

Table 103 Error Correction information for Oracle Hyperion Essbase

Patch Information

11.1.2.x

Comments

Final Patch

April 2021

 

Table 104 describes the available patches for Oracle Hyperion Essbase.

Table 104 Patch Availability for Oracle Hyperion Essbase

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU Patch 18505489

CVE-2014-4271

 

11.1.2.2

SPU Patch 18520684

CVE-2014-4271

 

3.3.24 Oracle Hyperion Strategic Finance

Table 105 describes the Error Correction information for Oracle Hyperion Strategic Finance.

Table 105 Error Correction information for Oracle Hyperion Strategic Finance

Patch Information

11.1.2.x

Comments

Final Patch

April 2018

 

Table 106 describes the available patches for Oracle Hyperion Strategic Finance.

Table 106 Patch Availability for Oracle Hyperion Strategic Finance

Product Home

Patch

Advisory Number

Comments

11.1.2.2

CPU Patch 14593946

Released April 2014

 

11.1.2.1

CPU Patch 17636270

Released April 2014

 

3.3.25 Oracle Identity Access Management

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Identity Access Management installation. Only the relevant homes from those tables need to be patched.

Table 107 describes the available patches for Oracle Identity Access Management.

Table 107 Patch Availability for Oracle Identity Access Management

Product Home

Patches

Comments

Oracle Identity Access Management 11.1.2.2 home

See Section 3.3.17.10, "Oracle Identity Access Management 11.1.2.2"

 

Oracle Identity Access Management 11.1.2.1 home

See Section 3.3.17.11, "Oracle Identity Access Management 11.1.2.1"

 

Oracle Identity Access Management 11.1.1.7.0 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.26 Oracle Identity Management

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Identity Management installation. Only the relevant homes from those tables need to be patched.

Table 108 describes the available patches for Oracle Identity Management.

Table 108 Patch Availability for Oracle Identity Management

Product Home

Patches

Comments

Oracle Identity Management 11.1.1.7.0 home

See Section Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.27 Oracle Identity Management Connector

Table 109 describes the Error Correction information for Oracle Identity Management Connector.

Table 109 Error Correction information for Oracle Identity Management Connector

Patch Information

9.1.0.4

Comments

Final Patch

April 2017

 

Table 110 describes the available patches for Oracle Identity Manager.

Table 110 Patch Availability for Oracle Identity Management Connector

Product Home

Patch

Advisory Number

Comments

9.1.0.4

CPU Patch 13636081

Released April 2012

 

3.3.28 Oracle Imaging and Process Management

Table 111 describes the Error Correction information for Oracle Imaging and Process Management.

Table 111 Error Correction information for Oracle Imaging and Process Management

Patch Information

10.1.3.6

Comments

Final Patch

October 2015

 

Table 112 describes the available patches for Oracle Imaging and Process Management.

Table 112 Critical Patch Update Availability for Oracle Imaging and Process Management

Release

Patch

Advisory Number

Comments

10.1.3.6

CPU Patch 14756862

Released October 2012

 

3.3.29 Oracle JDeveloper and Oracle ADF

Table 113 describes the Error Correction information for Oracle JDeveloper and Oracle ADF.

Table 113 Error Correction information for Oracle JDeveloper and Oracle ADF

Patch Information

12.1.2.0.0

11.1.2.4.0

11.1.1.7.0

10.1.3.5

Comments

Final Patch

-

-

 

April 2017

 

Table 114 describes the available patches for Oracle JDeveloper and Oracle ADF.

Table 114 Critical Patch Update Availability for Oracle JDeveloper and Oracle ADF

Release

Patch

Advisory Number

Comments

12.1.2.0.0

SPU Patch 18596253

CVE-2014-2493, CVE-2013-5855

 

11.1.2.4.0

SPU Patch 18596247

CVE-2014-2493, CVE-2013-5855

 

11.1.1.7.0

SPU Patch 18596233

CVE-2014-2493

 

Oracle JDeveloper 12.1.2.0.0 home

Oracle ADF 12.1.2.0.0 home

SPU Patch 17621876

Released January 2014

Oracle Help Technology Patch

Oracle JDeveloper 11.1.7.0.0 home

Oracle ADF 11.1.7.0.0 home

SPU Patch 17617649

Released January 2014

Oracle Help Technology Patch

10.1.3.5

SPU Patch 14756862

Released October 2012

 

3.3.30 Oracle JRockit

Table 115 describes the Critical Patch Update availability for Oracle JRockit.

Oracle JRockit R28.3.3 and R27.8.3 include fixes for all security advisories that have been released through CPUJul2014.

Table 115 Critical Patch Update Availability for Oracle JRockit

Oracle JRockit

R28.3.3

R27.8.3

Advisory Number

Comments

JRE and JDK 6

Patch 18763693

NA

Released July 2014

 

JRE and JDK 5

Patch 18763706

Patch 18763719

Released July 2014

 

3.3.31 Oracle Map Viewer

Table 116 describes the Error Correction information for Oracle Map Viewer.

Table 116 Error Correction information for Oracle Map Viewer

Patch Information

11.1.1.6.0

10.1.3.1.0

Comments

Final Patch

-

-

 

Table 117 describes the available patches for Oracle Map Viewer.

Table 117 Patch Availability for Oracle Map Viewer

Product Home

Patch

Advisory Number

Comments

11.1.1.6.0

CPU Patch 14065245

Released July 2012

 

10.1.3.1.0

CPU Patch 13997316

Released July 2012

 

3.3.32 Oracle Outside In Technology

Table 118 describes the Error Correction information for Oracle Outside In Technology.

Table 118 Error Correction information for Oracle Outside In Technology

Patch Information

8.4.1

Comments

Final Patch

-

 

Table 119 describes the available patches for Oracle Outside in Technology.

Table 119 Patch Availability for Oracle Outside In Technology

Product Home

Patch

Advisory Number

Comments

Oracle Outside In Technology 8.4.1

SPU Patch 17733168

Released January 2014

 

Oracle Outside In Technology 8.4

SPU Patch 17733154

Released January 2014

 

3.3.33 Oracle Portal, Forms, Reports, and Discoverer 11g Release 1

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Portal, Forms, Reports, and Discoverer 11g Release 1 installation. Only the relevant homes from those tables need to be patched.

Table 120 describes the available patches for Oracle Portal, Forms, Reports, and Discoverer 11g Release 1.

Table 120 Patch Availability for Oracle Portal, Forms, Reports, and Discoverer 11g Release 1

Product Home

Patches

Comments

Oracle Portal, Forms, Reports and Discoverer 11.1.1.7.0 home

See Section Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.34 Oracle SOA Suite

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle SOA Suite installation. Only the relevant homes from those tables need to be patched.

Table 121 describes the available patches for Oracle SOA Suite.

Table 121 Patch Availability for Oracle SOA Suite

Product Home

Patches

Comments

Oracle SOA Suite 11.1.1.7.0 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

Oracle SOA Suite 10.1.3.5 home

See Section 3.3.17.9, "Oracle Fusion Middleware 10.1.3.5.x"

 

3.3.35 Oracle Traffic Director

Table 122 describes the Error Correction information for Oracle Traffic Director.

Table 122 Error Correction information for Oracle Traffic Director

Patch Information

11.1.1.7.0

Comments

Final Patch

-

 

Table 123 describes the available patches for Oracle Traffic Director.

Table 123 Patch Availability for Oracle Traffic Director

Product Home

Patch

Advisory Number

Comments

11.1.1.7.0

SPU Patch 18920619

CVE-2013-1741

 

3.3.36 Oracle Web-Tier 11g Utilities

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Web-Tier 11g Utilities installation. Only the relevant homes from those tables need to be patched.

Table 124 describes the available patches for Oracle Web-Tier 11g Utilities.

Table 124 Patch Availability for Oracle Web-Tier 11g Utilities

Product Home

Patches

Comments

Oracle Web-Tier 11g Utilities 11.1.1.7.0 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.37 Oracle WebCenter

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle WebCenter installation. Only the relevant homes from those tables need to be patched.

Table 125 describes the available patches for Oracle WebCenter.

Table 125 Patch Availability for Oracle WebCenter

Product Home

Patches

Comments

Oracle WebCenter 11.1.1.8.0 home

See Section 3.3.17.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter 11.1.1.7.0 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.38 Oracle WebCenter Content (Formerly Oracle Universal Content Management)

Table 126 describes the Error Correction information for Oracle WebCenter Content (formerly Oracle Universal Content Management).

Table 126 Error Correction information for WebCenter Content

Patch Information

10.1.3.5.1

Comments

Final Patch

October 2015

 

Table 127 describes the available patches for Oracle WebCenter Content (formerly Oracle Universal Content Management).

Table 127 Patch Availability for Oracle WebCenter Content

Component

Patch

Advisory Number

Comments

Oracle WebCenter Content 11.1.1.8 home

See Section 3.3.17.6, "Oracle WebCenter 11.1.1.8"

See Section 3.3.17.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter Content 11.1.1.7 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

Oracle WebCenter Content 10.1.3.5.1 home

SPU Patch 17289573

Released October 2013

 

Oracle WebCenter Content 10.1.3.5.1 home

SPU Patch 16920680

Released July 2013

 

Oracle WebCenter Content 10.1.3.5.1 home

SPU Patch 16313031

Released April 2013

 

3.3.39 Oracle WebCenter Forms Recognition

Table 128 describes the Error Correction information for Oracle WebCenter Forms Recognition.

Table 128 Error Correction information for Oracle WebCenter Forms Recognition

Patch Information

10.1.3.5

Comments

Final Patch

-

 

Table 129 describes the available patches for Oracle WebCenter Forms Recognition. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 129 Patch Availability for Oracle WebCenter Forms Recognition

Oracle WebCenter Forms Recognition

Patch

Advisory Number

Comments

10.1.3.5

CPU Patch 13882540

Released April 2012

 

3.3.40 Oracle WebCenter Interaction

Table 130 describes the Error Correction information for Oracle WebCenter Interaction.

Table 130 Error Correction information for Oracle WebCenter Interaction

Patch Information

10.3.3.0

6.5.1

Comments

Final Patch

January 2017

January 2016

 

Table 131 describes the available patches for Oracle WebCenter Interaction. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 131 Patch Availability for Oracle WebCenter Interaction

Oracle WebCenter Interaction

Patch

Advisory Number

Comments

10.3.3.0.0

CPU Patch 16398622

Released April 2013

 

6.5.1

CPU Patch 16417563

Released April 2013

 

6.5.1

CPU Patch 13718635

Released April 2012

WebLogic Server 9.2.0.0 one-off patch that needs to be applied to WebLogic Server home

3.3.41 Oracle WebCenter Portal

Table 132 describes the Error Correction information for Oracle WebCenter Portal.

Table 132 Error Correction information for Oracle WebCenter Portal

Patch Information

11.1.1.8

11.1.1.7

Comments

Final Patch

-

-

 

Table 133 describes the available patches for Oracle WebCenter Portal.

Table 133 Patch Availability for Oracle WebCenter Portal

Product Home

Patches

Comments

Oracle WebCenter 11.1.1.8.0 home

See Section 3.3.17.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter 11.1.1.7.0 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

3.3.42 Oracle WebCenter Sites (Formerly FatWire Content Server)

Table 134 describes the Error Correction information for Oracle WebCenter Sites (formerly FatWire Content Server).

Table 134 Error Correction information for Oracle WebCenter Sites (formerly FatWire Content Server)

Patch Information

11.1.1.8

11.1.1.6.1

Comments

Final Patch

-

April 2016

 

Table 135 describes the available patches for Oracle WebCenter Sites. See also the underlying product stack tables.

Table 135 Patch Availability for Oracle WebCenter Sites

Product Home

Patch

Advisory Number

Comments

11.1.1.8

SPU Patch 18016084

Released January 2014

 

11.1.1.6.1

SPU Patch 17904775

Released January 2014

 

3.3.43 Oracle WebCenter Suite

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle WebCenter Suite installation. Only the relevant homes from those tables need to be patched.

Table 136 describes the available patches for Oracle WebCenter Suite.

Table 136 Patch Availability for Oracle WebCenter Suite

Product Home

Patches

Comments

Oracle WebCenter Suite 11.1.1.8.0 home

See Section 3.3.17.6, "Oracle WebCenter 11.1.1.8"

 

Oracle WebCenter Suite 11.1.1.7.0 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

Oracle WebCenter Suite 10g home

See Section 3.3.17.9, "Oracle Fusion Middleware 10.1.3.5.x"

 

3.3.44 Oracle WebGate

Table 137 describes the Error Correction information for Oracle WebGate.

Table 137 Error Correction information for Oracle WebGate

Patch Information

10.1.4.3.0

Comments

Final Patch

October 2014

 

On-Request platforms

Platform and Server combinations that are historically inactive for patching are available on-request. If the patch is not available for a particular platform, see Section 1.3, "On-Request Patches"

 

Table 138 describes the available patches for Oracle WebGate. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 138 Patch Availability for Oracle WebGate

Oracle WebGate

Patch

Advisory Number

Comments

11.1.2.2 home

See Section 3.3.17.10, "Oracle Identity Access Management 11.1.2.2"

See Section 3.3.17.10, "Oracle Identity Access Management 11.1.2.2"

 

11.1.2.1 home

See Section 3.3.17.11, "Oracle Identity Access Management 11.1.2.1"

See Section 3.3.17.11, "Oracle Identity Access Management 11.1.2.1"

 

11.1.1.7 home

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

See Section 3.3.17.7, "Oracle Fusion Middleware 11.1.1.7"

 

11.1.1.5 home

See Section 3.3.17.8, "Oracle Fusion Middleware 11.1.1.5"

See Section 3.3.17.8, "Oracle Fusion Middleware 11.1.1.5"

 

10.1.4.3.0 home

OAM 10.1.4.3 BP 13 Patch 13718105 or later

Released April 2013

 

3.3.45 Oracle WebLogic Integration

Table 139 describes the Error Correction information for Oracle WebLogic Integration.

Table 139 Error Correction information for Oracle WebLogic Integration

Patch Information

10.3.1.0

Comments

Final Patch

January 2017

 

Table 140 describes the availability for Critical Patch Updates for Oracle WebLogic Integration. See also the underlying product stack tables.

Table 140 Critical Patch Update Availability for Oracle WebLogic Integration

Product Home

Patch

Advisory Number

Comments

10.3.1.0

OR

OR

SPU Patch 18526551

SPU Patch 12875001

OR

OR

SPU Patch 14825824

OR

OR

CVE-2014-4253

CVE-2014-4256

Released April 2014

Released October 2011

CVE-2014-4254, CVE-2014-4255, CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4202

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481, CVE-2014-4201

Released January 2013

CVE-2014-4267

CVE-2014-4242

WLS 10.3.0.0 JVM Patch

WLS 10.3.0.0 Deployment Patch

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

3.3.46 Oracle WebLogic Portal

Table 141 describes the Error Correction information for Oracle WebLogic Portal.

Table 141 Error Correction information for Oracle WebLogic Portal

Patch Information

10.3.6.0

10.3.5.0

10.2.1.0

10.0.1.0

Comments

Final Patch

-

July 2014

January 2015

January 2015

 

Table 142 describes the available patches for WebLogic Portal. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

WebLogic Portal patches are cumulative to include all the prior published advisories. For more information, see My Oracle Support Note 1355929.1, October 2011 Updates Introduce New WebLogic Portal (WLP) Configuration Options for SSL Session ID and SSL Filters.

WebLogic Portal 9.2.3.0 is bundled with WebLogic Server 9.2.3.0, which is out of error correction. Contact Oracle support for security patches needed for WebLogic Server 9.2.3.0

Table 142 Critical Patch Update Availability for WebLogic Portal

Product Home

Patch

Advisory Number

Comments

10.2.1.0

CPU Patch 12388715

Released October 2011

WebLogic Portal Patch for WebLogic Portal 10.2.1.0 home

10.2.1.0

SPU Patch 18767778

SPU Patch 18767718

SPU Patch 18526551

SPU Patch 12875001

SPU Patch 18767741

SPU Patch 18767638

SPU Patch 14825824

SPU Patch 18767688

SPU Patch 18767762

CVE-2014-4253

CVE-2014-4256

Released April 2014

Released October 2011

CVE-2014-4254, CVE-2014-4255, CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4202

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481, CVE-2014-4201

Released January 2013

CVE-2014-4267

CVE-2014-4242

WLS 10.0.2.0 JVM Patch (SU IDs: LSTY)

WLS 10.0.2.0 Deployment Patch (SU IDs: 3DIF)

WLS 10.0.2.0 CSS Patch (SU IDs: P4WN)

WLS 10.0.2.0 JMS Patch (SU IDs: 1G6S)

WLS 10.0.2.0 WebServices Patch (SU IDs: 2VQ9, Z445, YQ8T, RLQ1, J8HT, DPU4)

WLS 10.0.2.0 Security Patch (SU IDs: 72C7, GYQZ, H9QB, W4G5)

WLS 10.0.2.0 WebApp Patch (SU IDs: 12RW)

WLS 10.0.2.0 Core Patch (SU IDs: R5JS, I4UY, 1ULW)

WLS 10.3.2.0 Console Patch (SU IDs: RHFA)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

10.0.1.0

CPU Patch 12388715

Released October 2011

WebLogic Portal Patch for WebLogic Portal 10.0.1.0 home

10.0.1.0

OR

OR

SPU Patch 18526551

SPU Patch 12875001

OR

OR

SPU Patch 14825824

OR

OR

CPU Patch 12818102

CVE-2014-4253

CVE-2014-4256

Released April 2014

Released October 2011

CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4202

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481

Released January 2013

CVE-2014-4267

CVE-2014-4242

Released October 2011

WLS 10.0.1.0 JVM Patch

WLS 10.0.1.0 Deployment Patch

WLS 10.0.1.0 CSS Patch

WLS 10.0.1.0 JMS Patch

WLS 10.0.1.0 WebServices Patch

WLS 10.0.1.0 Security Patch

WLS 10.0.1.0 WebApp Patch

WLS 10.0.1.0 Core Patch

WLS 10.0.1.0 Console Patch

WebLogic Server Patch for WebLogic Server 10.0.1.0 home

3.3.47 Oracle WebLogic Server

Table 143 describes the Error Correction information for Oracle WebLogic Server.

Table 143 Error Correction information for Oracle WebLogic Server Patch Set Update

Patch Information

12.1.2.0

12.1.1.0

10.3.6.0

Comments

Final Patch

-

-

October 2021

 

Table 144 describes the available patches for Oracle WebLogic Server.

Table 144 Patch Set Update Availability for Oracle WebLogic Server

Product Home

Patch

Advisory Number

Comments

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

WebLogic Server 12.1.2.0.0 home

PSU 12.1.2.0.2 Patch 18545123

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481, CVE-2014-4256, CVE-2014-4242, CVE-2014-4253, CVE-2014-4267, CVE-2014-4255, CVE-2014-4254, CVE-2014-2479, CVE-2014-4201, CVE-2014-4202

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

WebLogic Server 12.1.1.0.0 home

PSU 12.1.1.0.8 Patch 18544245

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481, CVE-2014-4256, CVE-2014-4242, CVE-2014-4253, CVE-2014-4267, CVE-2014-4255, CVE-2014-4254, CVE-2014-2479, CVE-2014-4201, CVE-2014-4202

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

WebLogic Server 10.3.6.0.0 home

PSU 10.3.6.0.8 Patch 18040640

CVE-2014-2480, CVE-2014-2481, CVE-2014-4256, CVE-2014-4242, CVE-2014-4253, CVE-2014-4267, CVE-2014-4255, CVE-2014-4254, CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4201, CVE-2014-4202

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

3.3.48 Oracle WebLogic Server and WebLogic Express

Table 145 describes the Error Correction information for Oracle WebLogic Server and WebLogic Express.

Table 145 Error Correction information for Oracle WebLogic Server and WebLogic Express

Patch Information

10.0.2.0

Comments

Final Patch

January 2015

 

Table 146 describes the available patches for WebLogic Server and WebLogic Express. See also the underlying product stack tables (JRockit) for any applicable patches.

For WebLogic Server releases 10.3.2 and later that are part of the Oracle Fusion Middleware 11g R1 releases, see Section 3.3.17, "Oracle Fusion Middleware."

Table 146 Critical Patch Update Availability for Oracle WebLogic Server and WebLogic Express

Product Home

Patch

Advisory Number

Smart Update Patch Set ID

Smart Update Patch IDs

Comments

Oracle Java SE home

See Oracle Java SE Critical Patch Update

See Oracle Java SE Critical Patch Update

 

 

See Note 1492980.1, How to Maintain the Java SE Installed or Used with FMW 11g Products

Oracle JRockit 28.x home

See Section 3.3.30, "Oracle JRockit"

See Section 3.3.30, "Oracle JRockit"

 

 

 

Oracle WebLogic Server Plug-ins

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

See Section 3.3.49, "Oracle WebLogic Server Plug-ins"

 

 

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

10.0.2.0

SPU Patch 18767778

SPU Patch 18767718

SPU Patch 18526551

SPU Patch 12875001

SPU Patch 18767741

SPU Patch 18767638

SPU Patch 14825824

SPU Patch 18767688

SPU Patch 18767762

CVE-2014-4253

CVE-2014-4256

Released April 2014

Released October 2011

CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4202

CVE-2013-5855, CVE-2014-2480, CVE-2014-2481

Released January 2013

CVE-2014-4267

CVE-2014-4242

NA

NA

NA

NA

A9I9

G1X9

12RW

IJNF

NA

LSTY

3DIF

P4WN

1G6S

2VQ9, Z445, YQ8T, RLQ1, J8HT, DPU4

72C7, GYQZ, H9QB, W4G5

6CRM, 1J9G, FVXN, 12RW

R5JS, I4UY, 1ULW

RHFA

JVM patch

Deployment patch

CSS Patch

JMS Patch

WebServices Patch

Security Patch

WebApp Patch

Core Patch

Console Patch

For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

3.3.49 Oracle WebLogic Server Plug-ins

Table 147 the available patches for Oracle WebLogic Server Plug-ins (Oracle HTTP Server/Apache/IIS/iPlanet).

The WebLogic plug-ins include all cumulative bug fixes and thus include fixes for all previously released advisories. For more information, see My Oracle Support Note 1111903.1.

Table 147 Critical Patch Update Availability for Oracle WebLogic Server Plug-ins

Product Home

Patch

Advisory Number

Comments

WLS Plugin 12c (12.1.2.0.0)

SPU Patch 18423842

SPU Patch 18603723

SPU Patch 18603725

SPU Patch 18603728

CVE-2014-4222, CVE-2014-4251

WLS Plug-in for Oracle HTTP Server (mod_wl_ohs)

WLS Plug-in for Apache (mod_wl)

WLS Plug-in for NSAPI (iPlanet)

WLS Plug-in for ISAPI (Microsoft IIS)

WLS Plugin 1.1 (11.1.1.7)

SPU Patch 18423831

SPU Patch 18603703

SPU Patch 18603707

SPU Patch 18603714

CVE-2014-4222, CVE-2014-4251

WLS Plug-in for Oracle HTTP Server (mod_wl_ohs)

WLS Plug-in for Apache (mod_wl)

WLS Plug-in for NSAPI (iPlanet)

WLS Plug-in for ISAPI (Microsoft IIS)

WLS Plugin 1.0 (10.3.4 and older)

CPU Patch 11845433

Released April 2011

See Note 1111903.1, WebLogic Server Web Server Plug-In Support

3.4 Oracle Sun Middleware

This section contains the following:

·         Section 3.4.1, "Directory Server Enterprise Edition"

·         Section 3.4.2, "iPlanet Web Server"

·         Section 3.4.3, "iPlanet Web Proxy Server"

·         Section 3.4.4, "Oracle GlassFish Communications Server"

·