Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU" (OJVM PSU) Patches (文档 ID 1929745.1)

From: https://support.oracle.com

What is "Oracle JavaVM Component Database PSU" ?

Oracle JavaVM Component Database PSU is released as part of the Critical Patch Update program from October 2014 onwards.
It consists of two separate patches:

  • One for JDBC clients - applicable to Client, Instant Client, Database and Grid ORACLE_HOMES.
    This is referred to as "JDBC Patch" in the rest of this document.
  • One for the Oracle JavaVM component within the Oracle Database - applicable to database ORACLE_HOMEs only.
    This is referred to as "OJVM PSU" in the rest of this document.
    As of January 2015 the "OJVM PSU" patches include all fixes from the "JDBC Patch".

For situations where the latest OJVM PSU cannot be installed immediately there is a "Mitigation Patch" that can be used.

OJVM PSU

OJVM PSU patches:

  • include critical fixes for the Oracle JavaVM component within the Oracle Database
  • are packaged separately from the Database PSU (or equivalent) as they cannot be installed in a RAC Rolling manner, nor in Standby First manner.
    Keeping them separate allows customers to choose the most appropriate patching approach for each system
    • Oracle has also released "Combo" patches that bundle the OJVM
      PSU in the same ZIP file as DB PSU and/or GI PSU for ease of download.
      The OJVM component in these "Combo" patches is in a separate
      subdirectory with its own install steps still required.
      October 2014 "Combo" patches do not include the JDBC Patch.
  • are applicable to all database installations regardless of which patching model is used (DB PSU, GI PSU, Security Patch Update (SPU), Windows Bundle Patch or Database Patch for Exadata)
  • require the database home to be patched to at least October 2014 DB PSU (or equivalent)
  • include binary changes to be applied to each Database ORACLE_HOME,
    and "post install" steps to be execute on each database running from the
    ORACLE_HOME
  • from January 2015 onwards: include the JDBC fixes

For situations where the latest OJVM PSU cannot be installed
immediately there is a "Mitigation Patch" that can be used as describe
below.

What is the "Mitigation Patch" ?

For situations where the latest OJVM PSU cannot be installed immediately there is a "Mitigation Patch" that can be used. The "Mitigation Patch" is an interim solution to protect against all currently known (Jul 2015) Oracle JavaVM security vulnerabilities in the database until such time as the OJVM PSU can be installed. It can also be used to protect database versions no longer covered by error correction support.

The "Mitigation Patch":

  • is applicable only to database homes, not client nor Grid homes
  • is only applicable to databases that have JavaVM installed
  • has no dependency on the DB PSU (or equivalent) level
  • can be installed in a RAC Rolling manner
  • is a SQL only patch that needs to be installed and activated in each database
    • hence it can be installed standby first but it
      requires SQL steps to be executed to be effective, which cannot be done
      on a read only standby
  • affects use of Java and Java development in the database
  • has been reviewed for January 2015, April 2015, July
    2015, October 2015, January 2016, April 2016 and July 2016 and provides
    mitigation against all currently known OJVM vulnerabilities
  • can be downloaded here: Patch:19721304

Read the "Using the Mitigation Patch" section later in this document to understand the impact of this patch.

JDBC Patch

The JDBC patches:

  • include security fixes for JDBC
    (Oct 2014 patches include fixes for CVE-2014-4289 and CVE-2014-6544 only)
  • are available packaged separately from the OJVM PSU and Database PSU (or equivalent) for ease of deployment to client environments
  • are applicable to Client, Instant Client and Grid ORACLE_HOMES The
    JDBC fixes are also applicable to the Database home regardless of
    whether Oracle JavaVM is used in a database or not:

    • For October 2014 the JDBC Patch should also be installed in the Database home
    • For January 2015 the OJVM PSU includes the JDBC fixes and so the
      JDBC patch does not need to be installed in the Database home unless
      OJVM PSU is not being installed yet
    • The JDBC Generic patches have been provided as a separate one-off
      from July 2016 so that all customers can install that without issue.
  • are applicable to all installations regardless of which patching model is used (DB PSU, GI PSU, Security Patch Update (SPU), Windows Bundle Patch or Database Patch for Exadata)
  • have no dependency on OJVM PSU nor Database PSU (or equivalent) patch level
  • can be installed in database server homes in a RAC Rolling manner
  • do not require the database and listeners to be shutdown for patching in non-RAC environments
  • do not require any post install steps be executed against individual databases

Latest JDBC patch availability information can be found in Document:756671.1 "Oracle Recommended Patches -- Oracle Database".

时间: 2024-10-20 06:26:59

Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU" (OJVM PSU) Patches (文档 ID 1929745.1)的相关文章

Procwatcher: Script to Monitor and Examine Oracle DB and Clusterware Processes (文档 ID 459694.1)

Applies to: Oracle Database - Enterprise Edition - Version 10.2.0.2 to 12.1.0.1 [Release 10.2 to 12.1] Linux x86 HP-UX PA-RISC (64-bit) IBM AIX on POWER Systems (64-bit) Oracle Solaris on SPARC (64-bit) HP-UX Itanium Linux x86-64 Oracle Server Enterp

How to Analyze Problems Related to Internal Errors (ORA-600) and Core Dumps (ORA-7445) using My Oracle Support (文档 ID 260459.1)

Oracle Database - Enterprise Edition - Version 8.1.7.4 and later Information in this document applies to any platform. **Checked for relevance 06-Apr-2010 **Checked for relevance 17-Apr-2013 *** Checked for relevance on 16-Nov-2011 *** Purpose 1.1 Ab

11i - 12 Gather Schema Statistics fails with Ora-20001 errors after 11G database Upgrade (文档 ID 781813.1)

11i - 12 Gather Schema Statistics fails with Ora-20001 errors after 11G database Upgrade (文档 ID 781813.1) 转到底部 In this Document   Symptoms   Changes   Cause   Solution APPLIES TO: Oracle Applications Technology Stack - Version 11.5.10.2 to 12.1.3 [Re

Deploying JRE (Native Plug-in) for Windows Clients in Oracle E-Business Suite Release 12 (文档 ID 393931.1)

In This Document Section 1: Overview Section 2: Pre-Upgrade Steps Section 3: Upgrade and Configuration Section 4: Post-installation Steps Section 5: Known Issues Section 6: Appendices This document covers the procedure to upgrade the version of the J

ORACLE 10.2.01升级10.2.05 for windows 详细文档

最近要做一个数据库的升级工作,提前在自己的PC机上练习了一下,这种文档在网上很多,但是大多都是使用命令编辑脚本,其实数据库还有一个DBUA的升级工具可以使用,使升级工作方便了很多. OS环境:windows XP 32位 PC 数据库版本:10.20.01 升级版本:10.20.05 操作步骤:1.备份数据库软件和数据库,因为迁移一旦失败,可以迅速恢复. 2.使用metalink下载升级包 3.关闭数据库所有的后台服务,在管理工具内停止. 4.升级数据库软件 5.升级数据库 //metalink

Oracle Multitenant Option - 12c Frequently Asked Questions (文档 ID 1511619.1)译文

适用于: 企业版数据库--版本12.1.0.1(12.1) 本文档中的知识对所有平台均适用. 文档目的 文档描写了插接式数据库的许多方面和用法,以更好的理解该产品,同时,该文档也可做为一个快速参考手册. 问答 12c多租户架构中的CDB/PDB概念知识. 多租户架构中的可插接数据库(PDB)是什么意思? 可插接数据库(PDB)是Oracle数据库12c(12.1)中的新特性.可以在一个数据库内部拥有多个可插接数据库.可插接数据库是完全向后兼容的. 为什么要使用多租户选件? 是为了实现以下数据库整

ORACLE 12.1.0.1 至12.1.0.2升级文档(单机版 DBUA方式)

12C DBUA新特性 1. 新的pre-upgrade 检查工具. 2. 并行升级. 3. DBUA升级时,默认并行度为CPU个数或2. 并行度可调整. 4. 在升级过程中,DBUA工具可再次调用(restarted). 5. 更详细的日志来监控升级的进度. 6. CDB 和 PDB 同时都会升级. 7. listener 会迁移至新的版本中. 8. 所有的数据文件和临时文件会更改为自动扩展. 如下,着重讲一下12c的pre-upgrade 检查工具: 具体参考MOS: How to Down

How to change Hostname / IP for a Grid Infrastructure Oracle Restart Standalone Configuration (SIHA) (文档 ID 1552810.1)

Therefore, please perform the next steps after the hostname was updated/changed/modified in the Oracle Restart configuration: 1) Configure the CSS & OHAS services as root user as follows: # <11.2 Grid Infrastructure Oracle Home>/crs/install/root

在Oracle电子商务套件版本12.2中创建自定义应用程序(文档ID 1577707.1)

在本文档中 本笔记介绍了在Oracle电子商务套件版本12.2中创建自定义应用程序所需的基本步骤.如果您要创建新表单,报告等,则需要自定义应用程序.它们允许您将自定义编写的文件与Oracle电子商务套件提供的标准种子功能分离.在向您的环境应用修补程序或执行升级时可以保留自定义设置. 自定义数据和索引表空间默认为APPS_TS_TX_DATA和APPS_TS_TX_IDX. 注意:当没有活动的修补程序周期时,应在运行文件系统上执行本文档中描述的过程. 也可以按照此过程更正先前创建的不使用AD Sp