微信公众号:云库管    www.yunDBA.com

北京云库管科技有限公司 (内部培训资料) 返回上级

 

PDF文档下载

 


 

Patch Set Update and Critical Patch Update October 2011 Availability Document (Doc ID 1346104.1)

To Bottom


PURPOSE

This document defines the patches and minimum releases for the Database Product Suite, Fusion Middleware Product Suite, and Enterprise Manager Suite Critical Patch Updates and Patch Set Updates released on October 18, 2011.

DETAILS

Patch Set Update and Critical Patch Update October 2011 Availability Document

 

 

My Oracle Support Note 1346104.1

Released October 18th, 2011

This document contains the following sections:

·         Section 1, "Overview"

·         Section 2, "What's New in October 2011"

·         Section 3, "Patch Availability for Oracle Products"

·         Section 4, "Final Patch History"

·         Section 5, "Sources of Additional Information"

·         Section 6, "Modification History"

·         Section 7, "Documentation Accessibility"

1 Overview

Every quarter, Oracle provides Critical Patch Updates (CPU) to address security vulnerabilities, and Patch Set Updates (PSU) to address proactive, critical fixes and security vulnerabilities. The security vulnerabilities addressed are announced in the Advisory for October 2011, available athttp://www.oracle.com/technetwork/topics/security/cpuoct2011-330135.html.

This document lists the Oracle Database, Fusion Middleware and Enterprise Manager CPU and PSU patches for product releases under error correction. For information on products not covered by this document, including Oracle Java SE Critical Patch Updates, seehttp://www.oracle.com/technetwork/topics/security/alerts-086861.html.

The October 2011 release supersedes earlier Critical Patch Updates and Patch Set Updates for the same product releases. This document is subject to continual update after the initial release, and the changes are listed in Section 6, "Modification History." If you print this document, check My Oracle Support to ensure you have the latest version.

This section contains the following:

·         Section 1.1, "How To Use This Document"

·         Section 1.2, "Terminology in the Tables"

·         Section 1.3, "On-Request Patches"

·         Section 1.4, "Oracle Database Critical Patch Updates and Patch Set Updates"

1.1 How To Use This Document

The following steps explain how to use this document.

Step 1   Assess your Environments

Determine the Oracle product suites and products and their release numbers for each of your environments.

Step 2   Read Important Announcements

Review Section 2, "What's New in October 2011," as it lists documentation and packaging changes along with important announcements such as upcoming final patches.

Step 3   Determine Patches to be Applied

For each environment, determine which patches need to be applied by using the tables in Section 3, "Patch Availability for Oracle Products."

There is one availability table for each product suite release, such as Oracle Database 11.1.0.7, Oracle Fusion Middleware 10.1.2.3, and Enterprise Manager Base Platform 10.2.0.5. These tables list all the patches to apply, in order, to the various Oracle homes that are associated with the product suite. Apply only the applicable patches for each installed release. For example, the Oracle Fusion Middleware 10.1.2.3 table lists an Oracle Portal Repository patch for Oracle Portal 10.1.4.2 Repository, and a different patch for Oracle Portal 10.1.2.3 Repository. Apply the corresponding patch based on which release of Oracle Portal is installed.

The product suite release tables may reference Section 3.1.3, "Oracle Database." You need to determine the Oracle Database release that is installed, and find the patches to apply in the table for that specific Oracle Database release. All Oracle Database versions that are under error correction are listed in Section 3.1.3. If your installed Oracle Database version does not have an associated table, then refer to Table 66, "Final Patch History" and contact Oracle Support for further assistance.

There is one availability table for products that are released independently, such as Oracle Secure Backup. Products may require a minimum release and/or list of patches. This is dependent on the patching and release mechanisms for the product. If a minimum release is indicated, the environment must be at that release to address the announced security vulnerabilities.

The tables list the CPU and PSU patches only for product versions that are under error correction. For more information, see My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

Patches that include security vulnerabilities announced in the current quarter's CPU Advisory, will list the vulnerability CVE numbers in the Advisory Number column. If you are interested in the risk matrix for the vulnerabilities fixed in the patch, then see the CPU Advisory for the release athttp://www.oracle.com/technetwork/topics/security/alerts-086861.html. For patches that are listed from previous CPU releases, the column will indicate 'Released MMM YYYY'. You can easily find which patches are new in a CPU release by searching for the string 'CVE' in the tables.

Step 4   Apply the Patches

Download the patches, review the READMEs, and apply the patches according to the instructions.

1.2 Terminology in the Tables

The following terminology is used in this patch availability document and in the subsequent tables.

·         Bundle The Critical Patch Update and Patch Set Update fixes are included in cumulative Microsoft Windows Bundles.

·         Patch Number The patch is available on the platform for the release version.

·         Not Applicable (NA) The patch is not planned for this platform and release version combination. This may be due to several reasons including:

1.  The release version is not available on this platform.

2.  The release version does not fall under Critical Patch Update release policies. Refer to My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

·         On-Request (OR) The patch may be made available through the On-Request program.

1.3 On-Request Patches

Oracle does not release proactive patches for platform-version combinations that have fewer than 10 downloads in the prior Critical Patch Update (CPU) or Patch Set Update (PSU) period. Oracle will deliver patches for these historically inactive platform-version combinations when requested.

The following guidelines describe how you may request an on-request (OR) Critical Patch Update or Patch Set Update.

A request may be made:

·         At any time. however a specific CPU/PSU cannot be requested. Either the current CPU/PSU or the next CPU/PSU patch will be provided depending on when the request is received and processed. Your Service Request (SR) will provide you the planned availability date for the patch.

·         As long as the version is in either Premier Support or Extended Support. Once the final patch for the version has been released, an OR can be requested for up to 2 weeks after the release date. For example, Oracle Database 10.1.0.5 is under Extended Support through the release of CPUJan2012 on January 17, 2012, so you can file a request for 10.1.0.5 through January 31, 2012.

·         For a platform-version combination if the product or patch set is released on a platform after a CPU/PSU release date. Oracle will provide the next CPU/PSU for that platform-version combination, however you may request the current CPU/PSU by following the on-request process. For example, if a 10.2.0.5 database patch set is released for a platform on August 1, 2011, Oracle will provide the 10.2.0.5 CPUJul2011 for that platform. You may request a 10.2.0.5 CPUJul2011 on the platform, and Oracle will review the request and determine whether to provide CPUJul2011 or CPUOct2011.

A patch that is marked as on-request (OR) may already have been requested by another customer and be available on My Oracle Support. Before you file a Service Request (SR), check on My Oracle Support to see if the patch is already available for your platform.

1.4 Oracle Database Critical Patch Updates and Patch Set Updates

The Database Patch Set Updates and Critical Patch Updates that are released each quarter contain the same security fixes. However, they use different patching mechanisms, and Patch Set Updates include both security and recommended bug fixes. Consider the following guidelines when you are deciding to apply Patch Set Updates instead of Critical Patch Updates.

·         Critical Patch Updates are applied only on the base release version, for example 10.2.0.4.0.

·         Patch Set Updates can be applied on the base release version or on any earlier Patch Set Update. For example, 11.1.0.7.2 can be applied on 11.1.0.7.1 and 11.1.0.7.0.

·         Once a Patch Set Update has been applied, the recommended way to get future security content is to apply subsequent Patch Set Updates. Reverting from an applied Patch Set Update back to the Critical Patch Update, while technically possible, requires significant time and effort, and is not advised.

·         Applying a Critical Patch Update on an installation with a Patch Set Update installed is not supported.

For more information on Patch Set Updates, see Note 854428.1, Patch Set Updates for Oracle Products.

2 What's New in October 2011

This section describes important changes in October 2011:

·         Section 2.1, "Final Patch Information (Error Correction Policies)"

·         Section 2.2, "New Minimum Product Requirements for CPUOct2011"

·         Section 2.3, "New OPatch Requirements"

·         Section 2.4, "README Patch Apply Changes for Database and Fusion Middleware Patches"

·         Section 2.5, "Changes to the Patch Availability Document"

·         Section 2.6, "Post Release CPU and PSU Patches"

2.1 Final Patch Information (Error Correction Policies)

The Final patch is the last CPU/PSU release for which the product release is under error correction. Final patches for the October 2011 release, the January 2012 release, and newly scheduled final patches are listed in the following sections.

Final patches scheduled for October 2011:

·         Oracle Identity Management 10.1.4.3, except for Oracle Single Sign-on and Delegated Administration Services working with Oracle Internet Directory 11gR1 for user authentication of Portal 11gR1, Forms 11gR1, Reports 11gR1 and Discoverer 11gR1 Middleware 11g PFRD installation.

·         Oracle Identity Management 10.1.4.0.1

·         Oracle Fusion Middleware 10.1.2.3

Final patches scheduled for January 2012:

·         Oracle Database 10.1.0.5

·         Oracle Enterprise Manager Base Platform 10.1.0.6

·         Secure Enterprise Search 10.1.8.4

Newly Scheduled final patches:

·         Oracle Database 11.2.0.2 — July 2012

For additional final patch history information, see Table 66. For information on the error correction support policy for patches, refer to My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

2.2 New Minimum Product Requirements for CPUOct2011

The following is new for CPUOct2011:

·         The new minimum version for Oracle Application Express is 4.1.0.00.32

·         The new minimum version for Oracle Database Appliance is 2.1.0.1.0

2.3 New OPatch Requirements

There is no new minimum OPatch requirement for October 2011.

2.4 README Patch Apply Changes for Database and Fusion Middleware Patches

The following describe the README changes in October 2011:

·         For Oracle Fusion Middleware 10.1.2.3 patches (12434134, 12434141, 12434144) the README files from July 2011 CPU omitted the manual redeploy step needed for BC4j.jar. This has been corrected in the README files for October 2011 FMW 10.1.2.3 patches (12837860, 12837864, 12837867).

2.5 Changes to the Patch Availability Document

The following changes to this document are for October 2011:

·         The BEA information has been incorporated into this document. There is no longer a separate BEA Patch Availability Document.

·         Starting with the October 2011 Critical Patch Update, security vulnerability fixes for Oracle JRockit will be announced with the Oracle Java SE Critical Patch Updates, athttp://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html.

For the Java SE Critical Patch Update schedule, seehttp://www.oracle.com/technetwork/topics/security/alerts-086861.html, Critical Patch Updates and Security Alerts.

·         The Enterprise Manager product names have been changed to reflect their new names as documented in Note 1361443.1, Name Changes for Enterprise Manager And Related Management Products.

2.6 Post Release CPU and PSU Patches

The following are the planned release dates for the CPU and PSU patches that have been delayed. This section will be updated as the patches are made available.

·         Oracle Database 11.2.0.2 Microsoft Windows Bundle 12 including PSU content

Available: October 21st, 2011

·         Oracle Database 10.1.0.5 Microsoft Windows Bundle 43

Available: October 19th, 2011

·         Oracle Fusion Middleware 10.1.2.3 Microsoft Windows patch

Available: October 19th, 2011

3 Patch Availability for Oracle Products

This section contains the following:

·         Section 3.1, "Oracle Database"

·         Section 3.2, "Oracle Fusion Middleware"

·         Section 3.3, "Oracle Enterprise Manager"

·         Section 3.4, "Oracle Collaboration"

·         Section 3.5, "Tools"

3.1 Oracle Database

This section contains the following:

·         Section 3.1.1, "Oracle Application Express"

·         Section 3.1.2, "Oracle Audit Vault"

·         Section 3.1.3, "Oracle Database"

·         Section 3.1.4, "Oracle Database Appliance"

·         Section 3.1.5, "Oracle Database Patch Set Update (PSU)"

·         Section 3.1.6, "Oracle Fusion Middleware Utilities for Oracle Databases"

·         Section 3.1.7, "Oracle Secure Backup"

·         Section 3.1.8, "Oracle Secure Enterprise Search"

·         Section 3.1.9, "Oracle TimesTen"

·         Section 3.1.10, "Oracle Workflow Server"

3.1.1 Oracle Application Express

Table 1describes the minimum product requirements for Oracle Application Express. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle Application Express downloads and installation instructions can be found athttp://www.oracle.com/technology/products/database/application_express/download.html.

Table 1 Minimum Product Requirements for Oracle Application Express

Component

Release

Advisory Number

Comments

Oracle Application Express

4.1.0.00.32

CVE-2011-3525

 

3.1.2 Oracle Audit Vault

Table 2 describes the available patches for Oracle Audit Vault 10.2.3.2, based on release and platform.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 2 Patch Availability for Oracle Audit Vault 10.2.3.2

Oracle Audit Vault 10.2.3.2

UNIX

Microsoft Windows

Advisory Number

Comments

Oracle Audit Vault Targeted Source Database 11.1.0.7 home

See Section 3.1.3.4, "Oracle Database 11.1.0.7"

See Section 3.1.3.4, "Oracle Database 11.1.0.7"

See Section 3.1.3.4, "Oracle Database 11.1.0.7"

Critical Patch Update

Oracle Audit Vault 10.2.3.2 home

Patch 10240229

Patch 10240229

Released January 2011

 

3.1.3 Oracle Database

This section contains the following:

·         Section 3.1.3.1, "Patch Availability for Oracle Database"

·         Section 3.1.3.2, "Oracle Database 11.2.0.3"

·         Section 3.1.3.3, "Oracle Database 11.2.0.2"

·         Section 3.1.3.4, "Oracle Database 11.1.0.7"

·         Section 3.1.3.5, "Oracle Database 10.2.0.5"

·         Section 3.1.3.6, "Oracle Database 10.2.0.4"

·         Section 3.1.3.7, "Oracle Database 10.2.0.3"

·         Section 3.1.3.8, "Oracle Database 10.1.0.5"

3.1.3.1 Patch Availability for Oracle Database

For Oracle Database 10.2.0.4 and later releases, customers have the option to install the Critical Patch Update (CPU) or the Patch Set Update (PSU). Both patch types are cumulative patches. The PSU includes the security vulnerability bug fixes, as well as additional non-security bug fixes recommended by Oracle. For more information on PSU patches, see My Oracle Support Note 854428.1, Patch Set Updates (PSUs) for Oracle Products.

For the Microsoft Windows platforms, Oracle Database patches are released as cumulative patch bundles. You may install the indicated patch or any later bundle in the Database Windows bundle series to apply the CPU security bug fixes. The Windows patch bundles include the security vulnerability bug fixes, the PSU recommended non-security bug fixes, and other customer-requested bug fixes.

3.1.3.2 Oracle Database 11.2.0.3

Oracle Database 11.2.0.3 patch set includes all announced vulnerabilities; there are no Critical Patch Updates for October 2011.

3.1.3.3 Oracle Database 11.2.0.2

Table 3 describes the patch information for Oracle Database 11.2.0.2.

Table 3 Patch Information for Oracle Database 11.2.0.2

Patch Information

11.2.0.2

Comments

Final patch

July 2012

 

CPU On-Request platforms

HP-UX PA RISC

IBM: Linux on System Z

 

PSU On-Request platforms

32-bit client-only platforms except Linux x86

 

Table 4 describes the available patches for Oracle Database 11.2.0.2.

Table 4 Patch Availability for Oracle Database 11.2.0.2

Oracle Database 11.2.0.2

UNIX

Microsoft Windows (32-Bit)

Microsoft Windows x64 (64-bit)

Advisory Number

Comments

Oracle Database home

CPU Patch 12828071, or DB PSU Patch 12827726, or GI PSU Patch 12827731, or Exadata BP12 Patch 12982245

Bundle Patch 13038787

Bundle Patch 13038788

CVE-2011-3511, CVE-2011-3512

 

3.1.3.4 Oracle Database 11.1.0.7

Table 5 describes the patch information for Oracle Database 11.1.0.7.

Table 5 Patch Information for Oracle Database 11.1.0.7

Patch Information

11.1.0.7

Comments

Final patch

July 2015

 

CPU On-Request platforms

-

 

PSU On-Request platforms

-

 

Table 6 describes the available patches for Oracle Database 11.1.0.7.

Table 6 Patch Availability for Oracle Database 11.1.0.7

Oracle Database 11.1.0.7

UNIX

Microsoft Windows (32-Bit)

Microsoft Windows x64 (64-Bit)

Advisory Number

Comments

Oracle Database home

CPU Patch 12828097, or PSU Patch 12827740

Bundle Patch 12914915

Bundle Patch 12914916

CVE-2011-2301, CVE-2011-3511, CVE-2011-3512, CVE-2011-2322 (Windows only)

 

Oracle Database home

Patch 9288120

Patch 9288120

Patch 9288120

Released April 2011

Database UIX

For Oracle Secure Enterprise Search 11.1.2.x installations, follow the instructions given in MOS note Note 1359600.1.

Oracle Database home

Patch 10073948

Patch 10073948

Patch 10073948

Released April 2011

Enterprise Manager Database Control UIX

Not applicable to Oracle Secure Enterprise Search 11.1.2.x

Oracle Database home

Patch 11738232

Patch 11738232

Patch 11738232

Released April 2011

Warehouse Builder

Not applicable to Oracle Secure Enterprise Search 11.1.2.x

3.1.3.5 Oracle Database 10.2.0.5

Table 7 describes the patch information for Oracle Database 10.2.0.5.

Table 7 Patch Information for Oracle Database 10.2.0.5

Patch Information

10.2.0.5

Comments

Final patch

July 2013

 

CPU On-Request platforms

HP-UX PA-RISC

IBM: Linux on System Z

Linux Itanium

Linux on POWER

 

PSU On-Request platforms

-

 

Table 8 describes the available patches for Oracle Database 10.2.0.5.

Table 8 Patch Availability for Oracle Database 10.2.0.5

Oracle Database 10.2.0.5

UNIX

Microsoft Windows (32-Bit)

Microsoft Windows Itanium (64-Bit)

Microsoft Windows x64 (64-Bit)

Advisory Number

Comments

Oracle Database home

CPU Patch 12828105, or PSU Patch 12827745

Bundle Patch 12914911

NA

Bundle Patch 12914913

CVE-2011-3511, CVE-2011-3512

 

Oracle Database home

Patch 12536181

NA

NA

NA

Released July 2011

Enterprise Manager Database Control

For HP-UX PA-RISC and HP-UX Itanium platforms only

Oracle Database home

Patch 11738172

Patch 11738172

Patch 11738172

Patch 11738172

Released April 2011

Warehouse Builder

3.1.3.6 Oracle Database 10.2.0.4

Table 9 describes the patch information for Oracle Database 10.2.0.4.

Table 9 Patch Information for Oracle Database 10.2.0.4

Patch Information

10.2.0.4

Comments

Final patch

July 2013 for Oracle Solaris x86 (32-bit) and Apple Mac OS X

Final patch date pending release of 10.2.0.5 patch set for HP Open VMS-Alpha and VMS-Itanium

July 2011 for all other platforms

 

CPU On-Request platforms

Apple Mac OS X

HP Open VMS-Alpha

HP Open VMS-Itanium

Oracle Solaris x86 (32-bit)

 

PSU On-Request platforms

-

-

Table 10 describes the available patches for Oracle Database 10.2.0.4.

Table 10 Patch Availability for Oracle Database 10.2.0.4

Oracle Database 10.2.0.4

UNIX

Advisory Number

Comments

Oracle Database home

CPU Patch 12828112, or PSU Patch 12827778

CVE-2011-2301, CVE-2011-3511, CVE-2011-3512

 

Oracle Database home

Patch 12536167

Released July 2011

Enterprise Manager Database Control

For HP-UX PA-RISC and HP-UX Itanium platforms only

Oracle Database home

Patch 9249369

Released April 2011

Database UIX

Oracle Database home

Patch 12758181

Released July 2011

Enterprise Manager Database Control UIX

Oracle Database home

Patch 9273865

Released April 2011

iSqlPlus UIX

3.1.3.7 Oracle Database 10.2.0.3

Table 11 describes the patch information for Oracle Database 10.2.0.3.

Table 11 Patch Information for Oracle Database 10.2.0.3

Patch Information

10.2.0.3

Comments

Final patch

-

IBM zSeries (z/OS) only

CPU On-Request platforms

-

 

Table 12 describes the available patches for Oracle Database 10.2.0.3.

Table 12 Patch Availability for Oracle Database 10.2.0.3

Component

IBM zSeries (z/OS)

Advisory Number

Comments

Oracle Database home

CPU Patch 12828128

CVE-2011-2301, CVE-2011-3511, CVE-2011-3512

 

3.1.3.8 Oracle Database 10.1.0.5

For Fusion Middleware 10.1.2.3 customers, see Table 41, "Patch Availability for Oracle Fusion Middleware 10.1.2.3" instead of Table 14.

Table 13 describes the patch information for Oracle Database 10.1.0.5.

Table 13 Patch Information for Oracle Database 10.1.0.5

Patch Information

10.1.0.5

Comments

Final patch

January 2012

 

CPU On-Request platforms

Apple Mac OS X

HP Open VMS Alpha

HP Tru64 UNIX

IBM zSeries (z/OS)

Linux Itanium

Linux on POWER

Oracle Solaris x86 (32-bit)

 

Table 14 describes the available patches for Oracle Database 10.1.0.5.

Table 14 Patch Availability for Oracle Database 10.1.0.5

Oracle Database 10.1.0.5

UNIX

Microsoft Windows (32-Bit)

Microsoft Windows Itanium (64-Bit)

Advisory Number

Comments

Oracle Database home

Patch 6640838

Patch 6640838

Patch 6640838

Released October 2010

Oracle Universal Installer

Oracle Database home

Patch 11842285

NA

NA

Released July 2011

Oracle Universal Installer

Oracle Database home

CPU Patch 12828135

Bundle Patch 12914905

Bundle Patch 12914906

CVE-2011-2301, CVE-2011-3512

 

Oracle Database home

Patch 12535977

NA

NA

Released July 2011

Enterprise Manager Database Control

For HP-UX PA-RISC and HP-UX Itanium platforms only

Oracle Workspace Manager home

Patch 7341989

Patch 7341989

Patch 7341989

Released April 2009

 

Oracle Database home

Patch 9249369

Patch 9249369

Patch 9249369

Released April 2011

Database UIX

Oracle Database home

Patch 10036362

Patch 10036362

Patch 10036362

Released April 2011

Enterprise Manager Database Control UIX

Oracle Database home

Patch 9273888

Patch 9273888

Patch 9273888

Released April 2011

iSqlPlus UIX

3.1.4 Oracle Database Appliance

Table 15describes the minimum product requirements for Oracle Database Appliance. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle Database Appliance downloads and installation instructions can be found athttp://www.oracle.com/technetwork/server-storage/database-appliance/overview/index.html.

Table 15 Minimum Product Requirements for Oracle Database Appliance

Component

Release

Advisory Number

Comments

Oracle Database Appliance

2.1.0.0.0

CVE-2011-3511, CVE-2011-3512

 

3.1.5 Oracle Database Patch Set Update (PSU)

Table 16 lists the patches for Oracle Database patch set updates. For complete security patch information, see Section 3.1.3, "Oracle Database."

As Windows Bundles are cumulative, you may apply the patch indicated in the Patch Availability tables in Section 3.1.3, "Oracle Database," or any later bundle in the Windows bundle series to obtain the Patch Set Updates.

Table 16 Patch Set Update Availability for Oracle Database

Oracle Database

UNIX

Advisory Number

Comments

11.2.0.2.4 Database PSU

Patch 12827726

See Section 3.1.3.3, "Oracle Database 11.2.0.2"

 

11.2.0.2.4 Grid Infrastructure PSU

Patch 12827731

See Section 3.1.3.3, "Oracle Database 11.2.0.2"

Includes CPUOct2011 and 11.2.0.2.4 Database PSU

IBM: Linux on System Z and HP-UX PA-RISC are On-Request Platforms for GI PSU 11.2.0.2.4

11.2.0.2 BP12 for Exadata

Patch 12982245

See Section 3.1.3.3, "Oracle Database 11.2.0.2"

Includes CPUOct2011 and 11.2.0.2.4 Database and Grid Infrastructure PSU fixes for Exadata

11.1.0.7.9 Database PSU

Patch 12827740

See Section 3.1.3.4, "Oracle Database 11.1.0.7"

 

11.1.0.7.7 CRS PSU

Patch 11724953

Released April 2011

 

10.2.0.5.5 Database PSU

Patch 12827745

See Section 3.1.3.5, "Oracle Database 10.2.0.5"

 

10.2.0.5.2 CRS PSU

Patch 9952245

Released January 2011

IBM: Linux on System Z, Solaris x86-64 and HP-UX PA-RISC are On-Request Platforms for CRS PSU 10.2.0.5.2

10.2.0.4.10 Database PSU

Patch 12827778

See Section 3.1.3.6, "Oracle Database 10.2.0.4"

Overlay PSU

10.2.0.4.4 Database PSU

Patch 9352164

Released April 2010

Base PSU for 10.2.0.4.10

10.2.0.4.4 CRS PSU

Patch 9294403

Released April 2010

 

3.1.6 Oracle Fusion Middleware Utilities for Oracle Databases

Table 17 lists the patches for Oracle Fusion Middleware components, such as Oracle HTTP Server, which are installed using the Oracle Database Companion CD. For information about Oracle Fusion Middleware 11g, see My Oracle Support Note 1304604.1, Oracle Fusion Middleware 11g Web-Tier FAQ, and Section 3.2.9, "Oracle Fusion Middleware."

Table 17 Patch Availability for Oracle Fusion Middleware Utilities for Oracle Databases

Product

UNIX

Microsoft Windows (32-Bit)

Microsoft Windows Itanium (64-Bit)

Advisory Number

Comments

Oracle HTTP Server 10.1.2.3 for Oracle 10.2.x Databases

CPU Patch 12837860

Bundle Patch 12837864

Bundle Patch 12837867

CVE-2011-2314, CVE-2011-3192, CVE-2011-2301, CVE-2011-3512

See My Oracle Support Note 400010.1 Steps to Maintain Oracle Database 10.2 Companion CD Home (for Oracle HTTP Server)

3.1.7 Oracle Secure Backup

Table 18 describes the available patches for Oracle Secure Backup.

Table 18 Patch Availability for Oracle Secure Backup

Oracle Secure Backup

Patch

Advisory Number

Comments

Release 10.3.0.3

Patch 12573094

Released July 2011

 

3.1.8 Oracle Secure Enterprise Search

Table 19 describes the available patches for Oracle Secure Enterprise Search 11.1.2.x.

Table 19 Patch Availability for Oracle Secure Enterprise Search 11.1.2.x

Oracle Secure Enterprise Search

UNIX

Microsoft Windows

Advisory Number

Comments

Oracle Database 11.1.0.7

See Section 3.1.3.4, "Oracle Database 11.1.0.7"

See Section 3.1.3.4, "Oracle Database 11.1.0.7"

See Section 3.1.3.4, "Oracle Database 11.1.0.7"

Database UIX Patch 9288120 requires specific steps to be followed for Secure Enterprise Search customers. See Section 3.1.3.4, "Oracle Database 11.1.0.7"

Table 20 describes the available patches for Oracle Secure Enterprise Search 10.1.8.x.

Table 20 Patch Availability for Oracle Secure Enterprise Search 10.1.8.x

Oracle Secure Enterprise Search

UNIX

Microsoft Windows

Advisory Number

Comments

Oracle Database 10.1.0.5

See Section 3.1.3.8, "Oracle Database 10.1.0.5"

See Section 3.1.3.8, "Oracle Database 10.1.0.5"

See Section 3.1.3.8, "Oracle Database 10.1.0.5"

 

3.1.9 Oracle TimesTen

Table 21 describes the minimum product requirements for Oracle TimesTen. The CPU security vulnerabilities are fixed in the listed release and later releases.

Table 21 Minimum Product Requirements for Oracle TimesTen

Oracle TimesTen Release

11.2.1.6.1

7.0.6.2.0

3.1.10 Oracle Workflow Server

Table 22 describes the available patches for Oracle Workflow Server.

Table 22 Patch Availability for Oracle Workflow Server

Oracle Workflow Server

Patch

Advisory Number

Comments

Release 2.6.4

Patch 5904430

Released April 2007

 

Release 2.6.3.5

Patch 5907249

Released April 2007

 

3.2 Oracle Fusion Middleware

This section contains the following:

·         Section 3.2.1, "Oracle Beehive 2.0.1.x"

·         Section 3.2.2, "Oracle Business Intelligence Enterprise Edition"

·         Section 3.2.3, "Oracle Business Intelligence Publisher"

·         Section 3.2.4, "Oracle Business Process Management"

·         Section 3.2.5, "Oracle Complex Event Processing and WebLogic Event Server"

·         Section 3.2.6, "Oracle Data Service Integrator and AquaLogic Data Services Platform"

·         Section 3.2.7, "Oracle Document Capture"

·         Section 3.2.8, "Oracle Exalogic Patch Set Update (PSU)"

·         Section 3.2.9, "Oracle Fusion Middleware"

·         Section 3.2.10, "Oracle GoldenGate Veridata"

·         Section 3.2.11, "Oracle Hyperion BI+"

·         Section 3.2.12, "Oracle Identity Manager"

·         Section 3.2.13, "Oracle JRockit"

·         Section 3.2.14, "Oracle Outside In Technology"

·         Section 3.2.15, "Oracle WebLogic Integration"

·         Section 3.2.16, "Oracle WebLogic Portal"

·         Section 3.2.17, "Oracle WebLogic Server and WebLogic Express"

·         Section 3.2.18, "Oracle WebLogic Server Patch Set Update (PSU)"

·         Section 3.2.19, "Oracle WebLogic Server Plug-ins"

3.2.1 Oracle Beehive 2.0.1.x

Oracle Beehive environments contain Oracle Database and Oracle Fusion Middleware homes. For more information, see My Oracle Support Note 758816.1, Applying Critical Patch Updates to Beehive 1.5.1.x though 2.0.1.x.

Table 23 describes patch information for Oracle Beehive.

Table 23 Patch Information for Oracle Beehive 2.0.1.x'

Patch Information

Oracle Beehive 2.0.1.x

Comments

Minimum Product Requirement

2.0.1.4

Announced January 2011

Final Patch

Jan 2018

 

CPU On Request Platforms

-

 

Table 24 describes the available patches for Oracle Beehive 2.0.1.x.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 24 Patch Availability for Oracle Beehive 2.0.1.x

Oracle Beehive 2.0.1.x

UNIX

Microsoft Windows (32-Bit)

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

Oracle Beehive Server

Patch 9173038

Patch 9173038

Released January 2010

 

Oracle Beekeeper

NA

NA

 

 

3.2.2 Oracle Business Intelligence Enterprise Edition

Table 25 describes the available patches for Oracle Business Intelligence Enterprise Edition.

Customers on earlier versions of Oracle Business Intelligence Enterprise Edition 10.x will need to apply 10.1.3.4.1 and then apply the Critical Patch Update.

Table 25 Patch Availability for Oracle Business Intelligence Enterprise Edition

Oracle Business Intelligence Enterprise Edition

Patch

Advisory Number

Comments

11.1.1.5.0

Patch 12830486

CVE-2011-3510

OBIEE Patch

11.1.1.3.0

Patch 12830471

CVE-2011-3510

OBIEE Patch

11.1.1.3.0

Patch 10411254

Released January 2011

BIP Patch

10.1.3.4.1

Patch 10623023

Released January 2011

BIP Patch

3.2.3 Oracle Business Intelligence Publisher

Table 26 describes the available patches for Oracle Business Intelligence Publisher.

Customers on earlier versions of Oracle Business Intelligence Publisher 10.x will need to apply 10.1.3.4.1 and then apply the Critical Patch Update.

Table 26 Patch Availability for Oracle Business Intelligence Publisher

Oracle Business Intelligence Publisher

Patch

Advisory Number

Comments

11.1.1.3.0

Patch 10411254

Released January 2011

 

10.1.3.4.1

Patch 10623023

Released January 2011

See My Oracle Support Note 797057.1, Overview of Available Update Patches for Oracle BI Publisher Enterprise 10g

3.2.4 Oracle Business Process Management

Follow the special instructions below to download Oracle Business Process Management patches.

1.  Click Patches & Updates after logging into My Oracle Support.

2.  Search for Oracle Business Process Management Suite.

3.  Search for the required BPM release by clicking Select up to 10.

4.  Select the patch with the build number that is indicated in Table 27, or the patch with higher build number than what is indicated for the platform you are about to update, for example: EnterpriseJ2EE, Studio, or EnterpriseSA.

5.  Download the patch.

Table 27 describes the availability for Critical Patch Updates for Oracle Business Process Management.

Table 27 Patch Availability for Oracle Business Process Management

Oracle Business Process Management

Patch

Advisory Number

Comments

BPM 10.3.2

MOS: 100375

Released July 2010

See the instructions above on how to download the patch

BPM 10.3.1

MOS: 100258

Released July 2010

See the instructions above on how to download the patch

BPM 6.0.5

MOS: 100247

Released July 2010

See the instructions above on how to download the patch

BPM 5.7.3

MOS: 100249

Released July 2010

See the instructions above on how to download the patch

3.2.5 Oracle Complex Event Processing and WebLogic Event Server

Table 28 describes the availability for Critical Patch Updates for Oracle Complex Event Processing and WebLogic Event Server. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 28 Patch Availability for Oracle Complex Event Processing and WebLogic Event Server

Oracle Complex Event Processing

Patch

Advisory Number

Comments

CEP 10.3

Patch 8557480

Released July 2009

 

EVS 2.0

Upgrade to CEP 10.3 and apply Patch 8557480

Released July 2009

For EVS 2.0 patch, contact Oracle Support

3.2.6 Oracle Data Service Integrator and AquaLogic Data Services Platform

Table 29 describes the availability for Critical Patch Updates for Data Service Integrator and AquaLogic Data Services Platform. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 29 Patch Availability for Oracle Data Service Integrator and AquaLogic Data Services Platform

Oracle Data Service Integrator and AquaLogic Data Services Platform

Patch

Advisory Number

Smart Update Patch Set ID

Smart Update Patch IDs

Comments

Oracle Data Service Integrator 10.3.0

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 10625613

CPU Patch 10625676

CPU Patch 7454875

CPU Patch 8179503

CVE-2011-2319

CVE-2011-2320

CVE-2011-2318

Released January 2011

Released January 2011

Released July 2009

Released July 2009

NA

EXP8

ZVC4

9T71

QHPL

NA

NA

RPQH

3QHE, NXQM, 982N, 6BME, 5EGH

EDAT, QR92

VXVR, WSNI, SU7Z, WXXT, ZE59, XW21, VV75

2QSG, E65J

6TBY

327W

WLS 10.3.0.0 JMS patch

WLS 10.3.0.0 WebServices patch

WLS 10.3.0.0 Security patch

WLS 10.3.0.0 WebApp patch

WLS 10.3.0.0 Core patch

WLS 10.3.0.0 Console patch

WLS 10.3.0.0 Console patch

Oracle Data Service Integrator 10.3.0

CPU Patch 8268258

Released April 2009

NA

8XCC

 

AquaLogic Data Services Platform 3.2

CPU Patch 8272933

Released April 2009

NA

TXJJ

 

AquaLogic Data Services Platform 3.0.1

CPU Patch 8284035

Released April 2009

NA

QDWJ

 

AquaLogic Data Services Platform 3.0

CPU Patch 8280181

Released April 2009

NA

C7D1

 

3.2.7 Oracle Document Capture

Table 30 describes the available patches for Oracle Document Capture.

Table 30 Patch Availability for Oracle Document Capture

Oracle Document Capture

Patch

Advisory Number

Comments

Oracle Document Capture 10.1.3.5 home

CPU Patch 10350692

Released January 2011

 

Oracle Document Capture 10.1.3.4 home

CPU Patch 10350692

Released January 2011

 

3.2.8 Oracle Exalogic Patch Set Update (PSU)

Table 31 describes the available patch set update (PSU) for Oracle Exalogic.

Table 31 Patch Set Update Availability for Oracle Exalogic

Oracle Exalogic

Patch

Advisory Number

Comments

October 2011

PSU Patch 12825625

Java SE 6u29:

CVE-2011-3548, CVE-2011-3521, CVE-2011-3554, CVE-2011-3544, CVE-2011-3545, CVE-2011-3549, CVE-2011-3551, CVE-2011-3550, CVE-2011-3516, CVE-2011-3556, CVE-2011-3557, CVE-2011-3560, CVE-2011-3546, CVE-2011-3558, CVE-2011-3547, CVE-2011-3389, CVE-2011-3553, CVE-2011-3552, CVE-2011-3561

JRockit 28.1.5:

CVE-2011-3545, CVE-2011-3551, CVE-2011-3556, CVE-2011-3557, CVE-2011-3389, CVE-2011-3553

WebLogic Server 10.3.4.0.3:

CVE-2011-2318, CVE-2011-2319, CVE-2011-2320)

See Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

Oracle Exalogic PSU is available only for Linux x86-64 and Oracle Solaris x86-64 platforms

3.2.9 Oracle Fusion Middleware

Additional information may be found in My Oracle Support Note 405972.1, Oracle Application Server 10g Examples for Critical Patch Updates - Plus FMW 11g.

This section contains the following:

·         Section 3.2.9.1, "Patch Availability for Oracle Fusion Middleware 11.1.1.5"

·         Section 3.2.9.2, "Patch Availability for Oracle Fusion Middleware 11.1.1.4"

·         Section 3.2.9.3, "Patch Availability for Oracle Fusion Middleware 11.1.1.3"

·         Section 3.2.9.4, "Patch Availability for Oracle Fusion Middleware 10.1.3.5.x"

·         Section 3.2.9.5, "Patch Availability for Oracle Fusion Middleware 10.1.2.3"

·         Section 3.2.9.6, "Patch Availability for Oracle Identity Management 10.1.4.3"

·         Section 3.2.9.7, "Patch Availability for Oracle Identity Management 10.1.4.0.1"

3.2.9.1 Patch Availability for Oracle Fusion Middleware 11.1.1.5

Table 32 describes the patch information for Oracle Fusion Middleware 11.1.1.5.

Table 32 Patch Information for Oracle Fusion Middleware 11.1.1.5

Patch Information

11.1.1.5

Comments

Final Patch

-

 

CPU On Request Platforms

-

 

Table 33 describes the available patches for Oracle Fusion Middleware 11.1.1.5.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 33 Patch Availability for Oracle Fusion Middleware 11.1.1.5

Oracle Fusion Middleware 11.1.1.5.0

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

Oracle JRockit 28.1.x home

See Section 3.2.13, "Oracle JRockit"

See Section 3.2.13, "Oracle JRockit"

 

Oracle WebLogic Server 10.3.5.0.1

CPU Patch 12617751

CVE-2011-2318, CVE-2011-2319, CVE-2011-2320

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins 1.0

CPU Patch 11845433

Released April 2011

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

Oracle Identity Management 11.1.1.5.0 home

Oracle Web Tier 11.1.1.5.0 home

CPU Patch 12434187

Released July 2011

Network

For Solaris x86-64, (Identity Management and Web Tier homes), apply specific mandatory patches. For more information, see My Oracle Support Note 1343107.1

Oracle Identity Management 11.1.1.5.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.5.0 home

Oracle Web Tier 11.1.1.5.0 home

CPU Patch 12959541

CVE-2011-3192

Oracle HTTP Server patch

Oracle Single Sign-On / Delegated Administration Services home

Unix: CPU Patch 12434134

Microsoft Windows 32-bit: CPU Patch 12434141

Microsoft Windows Itanium 64-bit: CPU Patch 12434144

Released July 2011

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

3.2.9.2 Patch Availability for Oracle Fusion Middleware 11.1.1.4

Table 34 describes the patch information for Oracle Fusion Middleware 11.1.1.4.

Table 34 Patch Information for Oracle Fusion Middleware 11.1.1.4

Patch Information

11.1.1.4

Comments

Final Patch

April 2012

 

CPU On Request Platforms

-

 

Table 35 describes the available patches for Oracle Fusion Middleware 11.1.1.4.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed. For information about the different types of installations, see My Oracle Support Note 405972.1.

Table 35 Patch Availability for Oracle Fusion Middleware 11.1.1.4

Oracle Fusion Middleware 11.1.1.4

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

Oracle JRockit 28.1.x home

See Section 3.2.13, "Oracle JRockit"

See Section 3.2.13, "Oracle JRockit"

 

Oracle WebLogic Server 10.3.4.0.3

CPU Patch 12770299

CVE-2011-2318, CVE-2011-2319, CVE-2011-2320

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Oracle WebLogic Server Plug-ins 1.0

CPU Patch 11845433

Released April 2011

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

Oracle Identity Management 11.1.1.4.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.4.0 home

Oracle Web Tier 11.1.1.4.0 home

CPU Patch 12434184

Released July 2011

Network

For Solaris x86-64, (Identity Management and Web Tier homes), apply specific mandatory patches. For more information, see My Oracle Support Note 1343107.1

Oracle Identity Management 11.1.1.4.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.4.0 home

Oracle Web Tier 11.1.1.4.0 home

CPU Patch 12959536

CVE-2011-3192

Oracle HTTP Server patch

Oracle Single Sign-On / Delegated Administration Services home

Unix: CPU Patch 12434134

Microsoft Windows 32-bit: CPU Patch 12434141

Microsoft Windows Itanium 64-bit: CPU Patch 12434144

Released July 2011

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

3.2.9.3 Patch Availability for Oracle Fusion Middleware 11.1.1.3

Table 36 describes the patch information for Oracle Fusion Middleware 11.1.1.3.

Table 36 Patch Information for Oracle Fusion Middleware 11.1.1.3

Patch Information

11.1.1.3

Comments

Final Patch

January 2012

 

CPU On Request Platforms

-

 

Table 37 describes the available patches for Oracle Fusion Middleware 11.1.1.3.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 37 Patch Availability for Oracle Fusion Middleware 11.1.1.3

Oracle Fusion Middleware 11.1.1.3

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

Oracle JRockit 28.1.x home

See Section 3.2.13, "Oracle JRockit"

See Section 3.2.13, "Oracle JRockit"

 

Oracle WebLogic Server 10.3.3.0 home

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 10625613

CPU Patch 10625676

CVE-2011-2319

CVE-2011-2320

CVE-2011-2318

Released January 2011

Released January 2011

JMS patch (Smart Update Patch IDs: GI9A)

WebServices patch (Smart Update Patch IDs: 9TM9)

Security patch (Smart Update Patch IDs: DS4Y)

WebApp patch (Smart Update Patch IDs: DP1K, BFYT)

Core patch (Smart Update Patch IDs: DFYK)

Oracle WebLogic Server Plug-ins 1.0

CPU Patch 11845433

Released April 2011

See Note 1111903.1, WebLogic Server 10gR3 (10.3.0) and 11gR1 (10.3.x) - Web Server Plug-In Support

Oracle Identity Management 11.1.1.3.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.3.0 home

Oracle Web Tier 11.1.1.3.0 home

CPU Patch 10387726

Released January 2011

Oracle HTTP Server patch

Oracle Identity Management 11.1.1.3.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.3.0 home

Oracle Web Tier 11.1.1.3.0 home

CPU Patch 12434180

Released July 2011

Network

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

Oracle Identity Management 11.1.1.3.0 home

Oracle Portal, Forms, Reports and Discoverer 11.1.1.3.0 home

Oracle Web Tier 11.1.1.3.0 home

CPU Patch 12959532

CVE-2011-3192

Oracle HTTP Server patch

Oracle Portal, Forms, Reports and Discoverer 11.1.1.3.0 home

CPU Patch 10233533

Released January 2011

Discoverer

Oracle Single Sign-On / Delegated Administration Services home

Unix: CPU Patch 12434134

Microsoft Windows 32-bit: CPU Patch 12434141

Microsoft Windows Itanium 64-bit: CPU Patch 12434144

Released July 2011

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

3.2.9.4 Patch Availability for Oracle Fusion Middleware 10.1.3.5.x

Table 38 describes the patch information for Oracle Fusion Middleware 10.1.3.5.x.

Table 38 Patch Information for Oracle Fusion Middleware 10.1.3.5.x

Patch Information

10.1.3.5.x

Comments

Final Patch

Oracle SOA Suite: October 2014

Other 10.1.3.5.x components: April 2017

For more information, see Lifetime Support Policy for Oracle Fusion Middleware

CPU On Request Platforms

-

 

Table 39 describes the available patches for Oracle Fusion Middleware 10.1.3.5.x.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed. For information about the different types of installations, see My Oracle Support Note 405972.1, Oracle Application Server 10g Examples for Critical Patch Updates - Plus FMW 11g.

Table 39 Patch Availability for Oracle Fusion Middleware 10.1.3.5.x

Oracle Fusion Middleware 10.1.3.5.x

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

Middle tier home

UNIX: CPU Patch 12434156

Microsoft Windows (32-Bit): CPU Patch 12434163

Microsoft Windows Itanium (64-Bit): CPU Patch 12434169

Released July 2011

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

OC4J home

CPU Patch 12434228

Released July 2011

Standalone

SOA 10.1.3.5.1 home

CPU Patch 12539587

CVE-2011-2237, CVE-2011-3523

Oracle Web Services Manager (OWSM) patch

SOA 10.1.3.5.0 home

CPU Patch 12957596

CVE-2011-2237, CVE-2011-3523

Oracle Web Services Manager (OWSM) patch

WebCenter 10.1.3.5.1 home

CPU Patch 12539587

CVE-2011-2237, CVE-2011-3523

Oracle Web Services Manager (OWSM) patch

WebCenter 10.1.3.5.0 home

CPU Patch 12957596

CVE-2011-2237, CVE-2011-3523

Oracle Web Services Manager (OWSM) patch

10.1.3.5 Oracle HTTP Server 2.0 standalone middle tier

CPU Patch 12959528

CVE-2011-3192

Oracle HTTP Server patch

For more information on standalone Oracle HTTP server, see Note 260449.1

3.2.9.5 Patch Availability for Oracle Fusion Middleware 10.1.2.3

Table 40 describes the patch information for Oracle Fusion Middleware 10.1.2.3

Table 40 Patch Information for Oracle Fusion Middleware 10.1.2.3

Patch Information

10.1.2.3

Comments

Final Patch

October 2011

 

CPU On Request Platforms

HP-Tru64 Unix

Linux Itanium

Linux on Power

 

Table 41 describes the available patches for Oracle Fusion Middleware 10.1.2.3.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed. For information about the different types of installations, see My Oracle Support Note 405972.1, Oracle Application Server 10g Examples for Critical Patch Updates.

Table 41 Patch Availability for Oracle Fusion Middleware 10.1.2.3

Oracle Fusion Middleware 10.1.2.3

Patch

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

Separate Database homes only

Infrastructure home

Middle tier home

Developer Suite home

CPU Patch 6640838

Released January 2010

Oracle Universal Installer patch

See Note 565374.1 for information on installing this patch

Infrastructure home

Middle tier home

Developer Suite home

CPU Patch 11842285

Released July 2011

Oracle Universal Installer patch

Infrastructure home

Middle tier home

Developer Suite home

Unix: CPU Patch 12837860

Microsoft Windows 32-bit: CPU Patch 12837864

Microsoft Windows Itanium 64-bit: CPU Patch 12837867

CVE-2011-2314, CVE-2011-3192, CVE-2011-2301, CVE-2011-3512

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

10.1.2.3 OHS 2.0 standalone middle-tier

CPU Patch 12959520

CVE-2011-3192

Oracle HTTP Server patch

For more information on standalone Oracle HTTP server, see Note 260449.1

Single Sign-On Repository

CPU Patch 12375695

Released April 2011

 

Middle tier home

CPU Patch 9774786

Released July 2010

Oracle Wireless

Discoverer Admin/Desktop home

CPU Patch 7277413

Released October 2008

 

Discoverer Plus or Viewer / middle tier home

CPU Patch 10233659

Released January 2011

 

JDeveloper home

CPU Patch 7573867

Released January 2009

Apply to JDeveloper homes only

JInitiatorFoot 1 

CPU Patch 5882294

Released July 2007

JInitiator 1.3.1.28 or any later release

This patch also applies to Oracle Forms as JInitiator is installed by default

OC4J home

CPU Patch 12434221

Released July 2011

Standalone

Oracle Forms home

CPU Patch 9593176

Released January 2011

 

Portal 10.1.4.2 Repository home

CPU Patch 9386084

Released April 2010

If you are using Portal 10.1.4.2 and Database 11.x then install Patch 9677027 instead of Patch 9386084

Portal 10.1.2.3 Repository home

CPU Patch 9386107

Released April 2010

 

Portal 10.1.2.3/10.1.4.2 middle tier home

CPU Patch 11716853

Released April 2011

 

Footnote 1 JInitiator is a Java Virtual Machine plug-in which has its own installation process. It is not part of any Oracle home. It is installed by default only in homes where Oracle Forms is installed.

3.2.9.6 Patch Availability for Oracle Identity Management 10.1.4.3

Table 42 describes the patch information for Oracle Identity Management 10.1.4.3.

Table 42 Patch Information for Oracle Identity Management 10.1.4.3

Patch Information

10.1.4.3

Comments

Final Patch

October 2011

 

CPU On Request Platforms

-

 

Table 43 describes the available patches for Oracle Identity Management 10.1.4.3.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed. For information about the different types of installations, see My Oracle Support Note 405972.1, Oracle Application Server 10g Examples for Critical Patch Updates.

Table 43 Patch Availability for Oracle Identity Management 10.1.4.3

Oracle Identity Management 10.1.4.3

Patches

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

Separate Database homes only

Oracle Identity Management 10.1.4.3 home

UNIX: CPU Patch 12837860

Microsoft Windows (32-Bit): CPU Patch 12837864

Microsoft Windows Itanium (64-Bit): CPU Patch 12837867

CVE-2011-2314, CVE-2011-3192, CVE-2011-2301, CVE-2011-3512

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

Oracle Identity Management 10.1.4.3 home

CPU Patch 9679955

Released October 2010

Oracle Identity Management patch

3.2.9.7 Patch Availability for Oracle Identity Management 10.1.4.0.1

Table 44 describes the patch information for Oracle Identity Management 10.1.4.0.1.

Table 44 Patch Information for Oracle Identity Management 10.1.4.0.1

Patch Information

10.1.4.0.1

Comments

Final Patch

October 2011

 

CPU On Request Platforms

-

Solaris x86 only

Table 45 describes the available patches for Oracle Identity Management 10.1.4.0.1.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed. For information about the different types of installations, see My Oracle Support Note 405972.1, Oracle Application Server 10g Examples for Critical Patch Updates.

Table 45 Patch Availability for Oracle Identity Management 10.1.4.0.1

Oracle Identity Management 10.1.4.0.1

Oracle Solaris x86 (32-Bit)

Advisory Number

Comments

Oracle Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

Separate Database homes only

Oracle Identity Management 10.1.4.0.1 home

CPU Patch 12837860

CVE-2011-2314, CVE-2011-3192, CVE-2011-2301, CVE-2011-3512

See Note 1301699.1, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server

Oracle Identity Management 10.1.4.0.1 home

CPU Patch 9679932

Released July 2010

Oracle Identity Management patch

3.2.10 Oracle GoldenGate Veridata

Table 46describes the minimum product requirements for Oracle GoldenGate Veridata. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle GoldenGate Veridata downloads and installation instructions can be found athttp://www.oracle.com/technetwork/middleware/goldengate/overview/index.html

Table 46 Minimum Product Requirements for Oracle GoldenGate Veridata

Component

Release

Advisory Number

Comments

Oracle GoldenGate Veridata

3.0.0.6

Announced January 2011

 

3.2.11 Oracle Hyperion BI+

Table 47 describes the available patches for Oracle Hyperion BI+, based on release.

Table 47 Patch Availability for Oracle Hyperion BI+

Oracle Hyperion BI+

Patch

Advisory Number

Comments

Release 9.3.1.0.52

CPU Patch 6771133

Announced July 2008

 

3.2.12 Oracle Identity Manager

Table 48 describes the available patches for Oracle Identity Manager.

Table 48 Patch Availability for Oracle Identity Manager

Oracle Identity Manager

Patch

Comments

9.1.0.2

CPU Patch 9588374

Bundle patch 8 or any later bundle patch

9.0.3.2

CPU Patch 9502457

Bundle patch 9 or any later bundle patch

3.2.13 Oracle JRockit

For information, see My Oracle Support Note 1361232.1, Critical Patch Update October 2011 Patch Availability Document for Oracle Java SE.

3.2.14 Oracle Outside In Technology

Table 49 describes the available patches for Oracle Outside in Technology.

Table 49 Patch Availability for Oracle Outside In Technology

Oracle Outside In Technology

Patch

Advisory Number

Comments

Oracle Outside In Technology 8.3.7

CPU Patch 13061549

CVE-2011-3541

 

Oracle Outside In Technology 8.3.5

CPU Patch 13061542

CVE-2011-3541

 

Oracle Outside In Technology 8.3.2

CPU Patch 12633105

Released In July 2011

 

3.2.15 Oracle WebLogic Integration

Table 50describes the availability for Critical Patch Updates for Oracle WebLogic Integration. See also the underlying product stack tables.

Table 50 Critical Patch Update Availability for Oracle WebLogic Integration

Oracle WebLogic Integration

Patch

Advisory Number

Smart Update Patch Set ID

Smart Update Patch IDs

Comments

WebLogic Integration 10.3.1.0

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 10625613

CPU Patch 10625676

CPU Patch 7454875

CPU Patch 8179503

CVE-2011-2319

CVE-2011-2320

CVE-2011-2318

Released January 2011

Released January 2011

Released July 2009

Released July 2009

NA

EXP8

ZVC4

9T71

QHPL

NA

NA

RPQH

3QHE, NXQM, 982N, 6BME, 5EGH

EDAT, QR92

VXVR, WSNI, SU7Z, WXXT, ZE59, XW21, VV75

2QSG, E65J

6TBY

327W

WLS 10.3.0.0 JMS patch

WLS 10.3.0.0 WebServices patch

WLS 10.3.0.0 Security patch

WLS 10.3.0.0 WebApp patch

WLS 10.3.0.0 Core patch

WLS 10.3.0.0 Console patch

WLS 10.3.0.0 Console patch

3.2.16 Oracle WebLogic Portal

Table 51 describes the availability of Critical Patch Updates for WebLogic Portal. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

WebLogic Portal patches are cumulative to include all the prior published advisories. For more information, see My Oracle Support Note 1355929.1, October 2011 Updates Introduce New WebLogic Portal (WLP) Configuration Options for SSL Session ID and SSL Filters.

Table 51 Critical Patch Update Availability for WebLogic Portal

WebLogic Portal

Patch

Advisory Number

Comments

WebLogic Portal 10.3.2.0

CPU Patch 12388715

CVE-2011-2255

 

WebLogic Portal 10.2.1.0

CPU Patch 12388715

CVE-2011-2255

 

WebLogic Portal 10.0.1.0

CPU Patch 12388715, CPU Patch 12818102

CVE-2011-2255

Patch 12818102 is a WebLogic Server patch that must be applied to the WebLogic Server 10.0.1.0 home

WebLogic Portal 9.2.3.0

CPU Patch 12388715, CPU Patch 12839749

CVE-2011-2255

Patch 12839749 is a WebLogic Server patch that must be applied to the WebLogic Server 9.2.3.0 home

3.2.17 Oracle WebLogic Server and WebLogic Express

Table 52 describes the availability of Critical Patch Updates for WebLogic Server and WebLogic Express. See also the underlying product stack tables (JRockit) for any applicable patches.

For WebLogic Server releases 10.3.2 and later that are part of the Oracle Fusion Middleware 11g R1 releases, see Section 3.2.9, "Oracle Fusion Middleware."

Table 52 Critical Patch Update Availability for Oracle WebLogic Server and WebLogic Express

Oracle WebLogic Server

Patch

Advisory Number

Smart Update Patch Set ID

Smart Update Patch IDs

Comments

WebLogic Server 10.0.2.0

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 10625613

CPU Patch 10625676

CVE-2011-2319

CVE-2011-2320

CVE-2011-2318

Released January 2011

Released January 2011

NA

NA

SPN1

4FBN

YG16

1G6S

YQ8T

H9QB, W4G5

6CRM, 1J9G, F9GM, FVXN

I4UY, 1ULW

JMS patch

WebServices patch

Security patch

WebApp patch

Core patch

WebLogic Server 9.2.4.0

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 10625613

CPU Patch 10625676

CVE-2011-2319

CVE-2011-2320

CVE-2011-2318

Released January 2011

Released January 2011

NA

NA

NA

XCSH

YCI8

GNSG

MFVW

8D9U

FJNN, 581S

V4MI

JMS patch

WebServices patch

Security patch

WebApp patch

Core patch

3.2.18 Oracle WebLogic Server Patch Set Update (PSU)

Table 53 describes the Patch Set Update availability for Oracle WebLogic Server.

Table 53 Patch Set Update Availability for Oracle WebLogic Server

Oracle WebLogic Server

Patch

Advisory Number

Comments

10.3.5.0.1 for WebLogic Server 10.3.5.0 home

PSU Patch 12617751

CVE-2011-2318, CVE-2011-2319, CVE-2011-2320

Oracle Fusion Middleware 11.1.1.5 patch for WebLogic Server 10.3.5.0 home

10.3.5.0.1 is the first Patch Set Update for WLS 10.3.5.0

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

10.3.4.0.3 for WebLogic Server 10.3.4.0 home

PSU Patch 12770299

CVE-2011-2318, CVE-2011-2319, CVE-2011-2320

Oracle Fusion Middleware 11.1.1.4 patch for WebLogic Server 10.3.4.0 home

10.3.4.0.3 is the Patch Set Update for WLS 10.3.4.0 and includes all the fixes from prior PSUs (10.3.4.0.2, 10.3.4.0.1) for 10.3.4.0

See Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

3.2.19 Oracle WebLogic Server Plug-ins

Table 54 describes the availability of Critical Patch Updates for Oracle WebLogic Server Plug-ins (Apache/IIS/iPlanet).

The WebLogic plug-ins include all cumulative bug fixes and thus include fixes for all previously released advisories. For more information, see My Oracle Support Note 1111903.1. For information about WebLogic Server releases 10.3.2 and later that are part of Oracle Fusion Middleware 11gR1, see Section 3.2.9, "Oracle Fusion Middleware."

Table 54 Critical Patch Update Availability for Oracle WebLogic Server Plug-ins

Oracle WebLogic Server Plug-ins

Patch

Advisory Number

Comments

1.1

CPU Patch 9893736

Released July 2010

See Note 1111903.1, WebLogic Server Web Server Plug-In Support

1.0

CPU Patch 11845433

Released April 2011

See Note 1111903.1, WebLogic Server Web Server Plug-In Support

3.3 Oracle Enterprise Manager

This section contains the following:

·         Section 3.3.1, "Patch Availability Information for Oracle Enterprise Manager Base Platform"

·         Section 3.3.2, "Patch Availability for Oracle Enterprise Manager Base Platform 12.1.0.1,"

·         Section 3.3.3, "Patch Availability for Oracle Enterprise Manager Base Platform 11.1.0.1"

·         Section 3.3.4, "Patch Availability for Oracle Enterprise Manager Base Platform 10.2.0.5"

·         Section 3.3.5, "Patch Availability for Oracle Enterprise Manager Base Platform 10.1.0.6"

·         Section 3.3.6, "Patch Availability for Oracle Real User Experience Insight,"

3.3.1 Patch Availability Information for Oracle Enterprise Manager Base Platform

For CPUOct2011 patch information, see Section 3.3, "Oracle Enterprise Manager." For information on identifying which patches are recommended for the OMS and Agent homes, see My Oracle Support Note 1337560.1, Recommended Patches for Enterprise Manager Grid Control.

The Critical Patch Updates for Enterprise Manager Base Platform are not inclusive of the Oracle Database and Oracle Fusion Middleware middle tier patches. Since these products are bundled with Enterprise Manager Base Platform, the Repository (Oracle Database) and Oracle Management Server (Oracle Fusion Middleware middle tier) should be patched separately, depending on which versions are installed. For more information, see My Oracle Support Note 412431.1, Grid Control Certification Matrix.

3.3.2 Patch Availability for Oracle Enterprise Manager Base Platform 12.1.0.1

Table 55 describes patch information for Oracle Enterprise Manager Base Platform 12.1.0.1.

Table 55 Patch Information for Oracle Enterprise Manager Base Platform 12.1.0.1

Patch Information

12.1.0.1

Comments

Final Patch

-

 

PSU On Request Platforms

-

 

Table 56 describes the available patches for Oracle Enterprise Manager Base Platform 12.1.0.1.

Table 56 Patch Set Update Availability for Oracle Enterprise Manager Base Platform 12.1.0.1

Oracle Enterprise Manager Base Platform 12.1.0.1

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

12.1.0.1 Enterprise Manager Base Platform - OMS home

NA

NA

NA

The 12.1.0.1 Enterprise Manager Base Platform release includes all previously announced vulnerabilities.

12.1.0.1 Enterprise Manager Base Platform - OMS Fusion Middleware home

See Section 3.2.9, "Oracle Fusion Middleware"

See Section 3.2.9, "Oracle Fusion Middleware"

See Section 3.2.9, "Oracle Fusion Middleware"

 

12.1.0.1 Enterprise Manager Base Platform - Agent home

NA

NA

NA

The 12.1.0.1 Enterprise Manager Base Platform release includes all previously announced vulnerabilities.

3.3.3 Patch Availability for Oracle Enterprise Manager Base Platform 11.1.0.1

Table 57 describes patch information for Oracle Enterprise Manager Base Platform 11.1.0.1.

Table 57 Patch Information for Oracle Enterprise Manager Base Platform 11.1.0.1

Patch Information

11.1.0.1

Comments

Final Patch

-

 

PSU On Request Platforms

-

 

Table 58 describes the available patches for Oracle Enterprise Manager Base Platform 11.1.0.1.

Table 58 Patch Set Update Availability for Oracle Enterprise Manager Base Platform 11.1.0.1

Oracle Enterprise Manager Base Platform 11.1.0.1

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

11.1.0.1 Enterprise Manager Base Platform - OMS home

PSU 11.1.0.1.5 Patch 12833678

PSU 11.1.0.1.5 Patch 12833678

NA

 

11.1.0.1 Enterprise Manager Base Platform - OMS Fusion Middleware home

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 10625613

CPU Patch 10625676

CPU Patch 12875001

CPU Patch 12875006

CPU Patch 12874981

CPU Patch 10625613

CPU Patch 10625676

CVE-2011-2319

CVE-2011-2320

CVE-2011-2318

Released January 2011

Released January 2011

WLS 10.3.2.0 JMS patch (Smart Update Patch IDs: 9ZW7)

WLS 10.3.2.0 WebServices patch (Smart Update Patch IDs: L8DT)

WLS 10.3.2.0 Security patch (Smart Update Patch IDs: VHAC, R4P6)

WLS 10.3.2.0 WebApp patch (Smart Update Patch IDs: VJPE, 8IWX)

WLS 10.3.2.0 Core patch (Smart Update Patch IDs: H3QP, Y3IR)

11.1.0.1 Enterprise Manager Base Platform - OMS Fusion Middleware Oracle HTTP Server home

Patch 13010574

Patch 13010574

CVE-2011-3192

Oracle HTTP Server patch

11.1.0.1 Enterprise Manager Base Platform - Agent home

PSU 11.1.0.1.5 Patch 9345921

PSU 11.1.0.1.5 Patch 12833724

NA

 

3.3.4 Patch Availability for Oracle Enterprise Manager Base Platform 10.2.0.5

Table 59 describes patch information for Oracle Enterprise Manager Base Platform 10.2.0.5.

Table 59 Patch Information for Oracle Enterprise Manager Base Platform 10.2.0.5

Patch Information

10.2.0.5

Comments

Final Patch

October 2013

 

PSU On Request Platforms

-

 

Table 60 describes the available patches for Oracle Enterprise Manager Base Platform 10.2.0.5.

Table 60 Patch Availability for Oracle Enterprise Manager Base Platform 10.2.0.5

Oracle Enterprise Manager Base Platform 10.2.0.5

UNIX

Microsoft Windows 32-Bit

Advisory Number

Comments

Database home

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

See Section 3.1.3, "Oracle Database"

 

10.2.0.5 Enterprise Manager Base Platform OMS home

PSU 10.2.0.5.5 Patch 10168579

PSU 10.2.0.5.5 Patch 10168579

NA

 

10.2.0.5 Enterprise Manager Base Platform OMS home

CPU Patch 12535904

NA

NA

Applicable to HP-UX PA-RISC and HP-UX Itanium platforms only

10.2.0.5 Enterprise Manager Base Platform - Agent home

PSU 10.2.0.5.3 Patch 9282414

PSU 10.2.0.5.3 Patch 9282414

Released April 2010

 

3.3.5 Patch Availability for Oracle Enterprise Manager Base Platform 10.1.0.6

Table 61 describes patch information for Oracle Enterprise Manager Base Platform 10.1.0.6.

Table 61 Patch Information for Oracle Enterprise Manager Base Platform 10.1.0.6

Patch Information

10.1.0.6

Comments

Final Patch

January 2012

 

CPU On Request Platforms

All platforms

 

Table 62 describes the available patches for Oracle Enterprise Manager Base Platform 10.1.0.6.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 62 Patch Availability for Oracle Enterprise Manager Base Platform 10.1.0.6

Oracle Enterprise Manager Base Platform 10.1.0.6

UNIX

Microsoft Windows (32-Bit)

Advisory Number

Comments

Repository 10.1.0.5 home

See Section 3.1.3.8, "Patch Availability for Oracle Database 10.1.0.5"

See Section 3.1.3.8, "Patch Availability for Oracle Database 10.1.0.5"

See Section 3.1.3.8, "Patch Availability for Oracle Database 10.1.0.5"

 

Application Server 9.0.4.3 home

CPU Patch 7135486

CPU Patch 7135486

 

 

Enterprise Manager Base Platform home

OR

OR

 

 

Enterprise Manager Base Platform - Agent 10.1.0.5 home

CPU Patch 5493271

CPU Patch 5493271

 

 

3.3.6 Patch Availability for Oracle Real User Experience Insight

Table 63 describes the available patches for Oracle Real User Experience Insight.

Table 63 Patch Availability for Oracle Real User Experience Insight

Oracle Real User Experience Insight

Patch

Advisory Number

Comments

6.0

CPU Patch 9268989

Released January 2011

 

3.4 Oracle Collaboration

This section contains the following:

·         Section 3.4.1, "Patch Availability Information for Oracle Collaboration Suite"

3.4.1 Patch Availability Information for Oracle Collaboration Suite

Oracle Collaboration Suite homes contain database and application server homes. For more information on Oracle Database and Oracle Fusion Middleware Critical Patch Updates that apply to Oracle Collaboration Suite homes, see My Oracle Support Note 559534.1 Applying Critical Patch Updates to Collaboration Suite 10g.

Table 64 describes the available patches for Oracle Collaboration Suite.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 64 Patch Availability for Oracle Collaboration Suite

Oracle Collaboration Suite

UNIX

Microsoft Windows (32-Bit)

Advisory Number

Comments

Infrastructure home

Oracle Fusion Middleware 10.1.2.3 middle tier home

CPU Patch 6640838

CPU Patch 6640838

Released January 2010

Oracle Universal Installer patch

See Note 565374.1 for information on installing this patch

Infrastructure home

Oracle Fusion Middleware 10.1.2.3 middle tier home

CPU Patch 11842285

NA

Released July 2011

Oracle Universal Installer patch

Infrastructure home

Oracle Fusion Middleware 10.1.2.3 middle tier home

CPU Patch 12837860

CPU Patch 12837864

CVE-2011-2314, CVE-2011-3192, CVE-2011-2301, CVE-2011-3512

 

Oracle Fusion Middleware 10.1.2.3 middle tier home

CPU Patch 9373917

CPU Patch 9373917

Released January 2011

UIX

Portal 10.1.4.2 Repository home

CPU Patch 9386084

CPU Patch 9386084

Released April 2010

 

Portal 10.1.2.3 Repository home

CPU Patch 9386107

CPU Patch 9386107

Released April 2010

 

Portal 10.1.2.3/10.1.4.2 middle tier home

CPU Patch 11716853

CPU Patch 11716853

Released April 2011

 

Collaboration Suite 10g Real-Time Collaboration home

CPU Patch 6130704

CPU Patch 6130704

Released July 2007

 

Collaboration Suite 10g Workspaces home

CPU Patch 6127414

CPU Patch 6127414

Released January 2009

For more information, see My Oracle Support Note 406284.1

3.5 Tools

This section contains the following:

·         Section 3.5.1, "Oracle Opatch"

3.5.1 Oracle Opatch

Table 65 describes the minimum product requirements for Oracle OPatch. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle OPatch downloads can be found at Patch 6880880.

Table 65 Minimum Product Requirements for Oracle OPatch

Component

Release

Advisory Number

Comments

Oracle OPatch

1.0.0.0.64

Announced July 2011

 

4 Final Patch History

Table 66 describes the final patch history.

The final patch is the last CPU/PSU release for which the product release is under error correction. For more information, see My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

Table 66 Final Patch History

Release

Final Patches

Comments

October 2011

Oracle Identity Management 10.1.4.3, except for Oracle Single Sign-on and Delegated Administration Services working with Oracle Internet Directory 11gR1 for user authentication of Portal 11gR1, Forms 11gR1, Reports 11gR1 and Discoverer 11gR1 Middleware 11g PFRD installations

Oracle Identity Management 10.1.4.0.1

Oracle Fusion Middleware 10.1.2.3

 

July 2011

Oracle Beehive 1.5.1.x

Oracle Database 10.2.0.4

Oracle Database 11.2.0.1

Oracle Database 10.2.0.4 excludes Oracle Solaris x86 (32-bit), Apple Mac OS X, HP Open VMS-Alpha, and VMS-Itanium

April 2011

Oracle Fusion Middleware 11.1.1.2

 

October 2010

Oracle Fusion Middleware 11.1.1.1

 

July 2010

Oracle Database 9.2.0.8

Oracle Database 9.2.0.8.1

Oracle Fusion Middleware 10.1.3.4

Oracle 9i Enterprise Manager

 

January 2010

Oracle Enterprise Manager Base Platform 10.2.0.4

 

July 2009

Oracle Database 11.1.0.6

Oracle Fusion Middleware 10.1.3.3

Oracle Identity Management 10.1.4.2

 

April 2009

Oracle Database 10.2.0.3 on HP Tru64 and Windows Itanium

 

January 2009

Oracle Fusion Middleware 10.1.2.2

Oracle Database 10.2.0.3

Oracle Database 10.2.0.2 for VMS and VMS Itanium

Oracle Database 10.2.0.3 excludes IBM z/OS, HP Tru64 and Windows Itanium.

October 2008

Oracle Database 10.2.0.2 on Solaris x86

Oracle Fusion Middleware 9.0.4.3

Oracle Enterprise Manager Base Platform 10.2.0.3

 

July 2008

Oracle Identity Management 10.1.4.0.1

Oracle Fusion Middleware 10.1.3.1

Oracle Identity Management 10.1.4.0.1 excludes Solaris x86.

April 2008

Oracle Fusion Middleware 10.1.2.0.2

 

January 2008

Oracle Fusion Middleware 10.1.3.0

Oracle Database 10.2.0.2

Oracle Database 10.2.0.2 excludes Solaris x86, VMS, and VMS Itanium.

5 Sources of Additional Information

The following documents provide additional information about Critical Patch Updates:

·         My Oracle Support Note 1365205.1, Getting Started with Oracle WebLogic Server: How to Make Sure that Recommended Patches are Applied

·         My Oracle Support Note 1314535.1, Announcing Exalogic PSUs (Patch Set Updates)

·         My Oracle Support Note 1306505.1, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

·         My Oracle Support Note 1346023.1, Critical Patch Update October 2011 Database Patch Security Vulnerability Molecule Mapping

·         My Oracle Support Note 1346091.1, Critical Patch Update October 2011 Known Issues for Oracle Enterprise Manager Grid Control.

·         My Oracle Support Note 1346056.1, Critical Patch Update October 2011 Database Known Issues.

·         My Oracle Support Note 1346032.1, Critical Patch Update October 2011 Oracle Fusion Middleware Known Issues.

·         My Oracle Support Note 1227443.1, Patch Set Updates Known Issues Notes

·         My Oracle Support Note 961735.1, Oracle Identity Management 10g (10.1.4) Support Status and Alerts

·         My Oracle Support Note 882604.1, Changes to Critical Patch Update and Patch Set Update Platform Release Plans

·         My Oracle Support Note 854428.1, Patch Set Updates for Oracle Products

·         My Oracle Support Note 605795.1, Introduction to catbundle.sql.

·         My Oracle Support Note 605398.1, How To Find The Version Of The Main EM Components.

·         My Oracle Support Note 559534.1, Applying Critical Patch Updates to Collaboration Suite 10g.

·         My Oracle Support Note 438314.1, Critical Patch Update - Introduction to Database n-Apply CPU Patches.

·         My Oracle Support Note 415222.1, Steps to Maintain Oracle Application Server 10g Release 2 (10.1.2)

·         My Oracle Support Note 412431.1, Grid Control Certification Matrix.

·         My Oracle Support Note 405972.1, Oracle Application Server 10g Examples for Critical Patch Updates.

·         My Oracle Support Note 209768.1, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

·         My Oracle Support Note 161549.1, Oracle Database Server and Networking Patches for Microsoft Platforms.

6 Modification History

Table 67 describes the modification history for this document.

Table 67 Modification History

Date

Modification

7 May 2012

·         Updated Table 60, PSU 10.2.0.5.3

21 October

·         Updated Section 2.6 availability

·         Updated Table 4, removed comment

19 October

·         Updated Section 2.6

·         Updated Table 15, min. version numbers

·         Updated Table 4, added comment

18 October 2011

·         Updated Section 2.6

·         Updated Table 6

·         Updated Table 10

·         Updated Section 3.2.19

·         Released

7 Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website athttp://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers have access to electronic support through My Oracle Support. For information, visithttp://www.oracle.com/pls/topic/lookup?ctx=acc&id=infoor visithttp://www.oracle.com/pls/topic/lookup?ctx=acc&id=trsif you are hearing impaired.


Patch Set Update and Critical Patch Update October 2011 Availability Document

Copyright © 2011, Oracle and/or its affiliates. All rights reserved.

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:

U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

REFERENCES

NOTE:1365205.1 - Getting Started with Oracle WebLogic Server: How to Make Sure that Recommended Patches are Applied
NOTE:161549.1 - Oracle Database, Networking and Grid Agent Patches for Microsoft Platforms
NOTE:209768.1 - Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy
NOTE:438314.1 - Critical Patch Update - Introduction to Database n-Apply CPUs
NOTE:559534.1 - Applying Critical Patch Updates to Collaboration Suite 10g
NOTE:565374.1 - How to download and install OUI 10.1.0.6
NOTE:605398.1 - How to to find the version of the main EM components
NOTE:605795.1 - Introduction To Oracle Database catbundle.sql
NOTE:1111903.1 - WebLogic Server Web Server Plug-In Support
NOTE:1227443.1 - Patch Set Updates Known Issues Notes
NOTE:1301699.1 - How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server and Oracle WebLogic Server
NOTE:1304604.1 - Oracle Fusion Middleware 11g Web Tier FAQ
NOTE:1306505.1 - Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
NOTE:1314535.1 - Exalogic Patch Set Updates (PSU) Master Note
NOTE:1337560.1 - Recommended Patches for Enterprise Manager Base Platform
NOTE:1343107.1 - Mandatory Patch Requirement for FMW 11g 11.1.1.4 and 11.1.1.5 on Solaris x86-64
NOTE:1346023.1 - Critical Patch October 2011 Database Patch Security Vulnerability Molecule Mapping
NOTE:1346032.1 - Critical Patch Update October 2011 Oracle Fusion Middleware Known Issues
NOTE:1346056.1 - Critical Patch Update October 2011 Database Known Issues
NOTE:1346091.1 - Critical Patch Update October 2011 Oracle Enterprise Manager Grid Control Known Issues
NOTE:1346104.1 - Patch Set Update and Critical Patch Update October 2011 Availability Document
NOTE:1355929.1 - October 2011 Updates Introduce New WebLogic Portal (WLP) Configuration Options for SSL Session ID and SSL Filters
NOTE:260449.1 - Everything You Wanted to Know About the Apache-Based OHS Version
NOTE:758816.1 - Applying Critical Patch Updates to Beehive 1.5.1.x though 2.0.1.x
NOTE:797057.1 - Overview of Available Update Patches for Oracle BI Publisher Enterprise 10g
NOTE:854428.1 - Patch Set Updates for Oracle Products
NOTE:882604.1 - Changes To Critical Patch Update And Patch Set Update Platform Release Plans
NOTE:961735.1 - Oracle Identity Management 10g (10.1.4) Support Status and Alerts
NOTE:1361443.1 - Name Changes for Enterprise Manager And Related Management Products
NOTE:400010.1 - Steps to Maintain Oracle Database 10.2 Companion CD Home (for Oracle HTTP Server)
NOTE:405972.1 - Oracle Application Server 10g Examples for Critical Patch Updates
NOTE:406284.1 - Oracle Collaboration Suite 10g Release 1 Cumulative Patch 10.1.2.4
NOTE:412431.1 - Oracle Enterprise Manager Grid Control Certification Checker
NOTE:415222.1 - Steps to Maintain Oracle Application Server 10g Release 2 (10.1.2)
NOTE:1359600.1 - After Applying Database UIX Patch 9288120 On SES 11.1.2.x Admin/Query URLs No More Accessible
NOTE:1361232.1 - Critical Patch Update October 2011 Patch Availability Document for Oracle Java S