Where is it?
This question reached me a week ago:
“Where is the January 2017 PSU for Oracle Database 126.96.36.199?”
“What’s the deal?” was my first thought – just go and download it from MOS.
Well, not really …
Where to download Proactive Bundle Patches, Patch Set Updates and Patch Sets?
My favorite note is:
Quick Reference to Patch Numbers for PSU, SPU(CPU), BPs and Patchsets
It gives me access to all the download links for the patch bundles I’m looking for.
But for 188.8.131.52. there’s only “NA” (not available) stated:
And a very small asterisk “m”:
Why is there no January 2017 PSU for Oracle Database 184.108.40.206?
The comment says it all – but I was looking for a more precise explanation. And Roy knew where to look at (thanks!):
- MOS Note: 854428.1
Patch Set Updates for Oracle Products
Section 3 (Patch Sets Updates Lifecycle) says:
- PSUs will reach a plateau of non-security content as the version stabilizes. Once this is reached, there will be a tapering off of non-security content. Oracle expects this plateau to be reached with the third or fourth PSU.
- PSU content will be primarily security-related once the next patch set in the series is released.
So yes, this is possible and somehow documented.
As there are no Security Fixes for Oracle Database 220.127.116.11 this quarter there are no SPUs or PSU released.
Please see the blog post of Rodrigo Jorge from Enkitec with more details:
So what I’m hearing is 18.104.22.168 is, at this moment, completely secure…
Is there an article on downgrading from 22.214.171.124 to 126.96.36.199? 🙂
While I understand that there might actually be no new security related bugs applicable for patching to warrant a PSU, I’m currently waiting for Bundle Patch 170117 for windows, because I was told that this would contain a fix for an issue I’m currently having with the only other downloadable bundle patch (161118) for 188.8.131.52 on windows.
Do I read you correctly, that there will not be a Bundle Patch for Windows, either?
well … I didn’t say that 😉
I just mirror what the support documents say 😉
And as I know that you are a brave and fantastic Oracle fan boy influenced positively by all the Upgrade talks you’ve had to listen to in the past years I’m pretty sure you have upgraded almost everything to Oracle 184.108.40.206 yet – and just a few legacy systems left on 220.127.116.11 😉
That is my reading as well and I can see the official docs. If you’d like to double check please open an SR with Oracle Support – they will know for sure.
Reading this, I still don’t get why the extended support has been waived AGAIN until Dec 2018 for 18.104.22.168 ( check MOS Notes: 742060.1 and 161818.1 ) P.S. You should update your article about this (https://blogs.oracle.com/UPGRADE/entry/no_extra_fee_for_extended), Mike.
That only means two more years of companies afraid of upgrade to 12c, while still using outdated versions on their production servers. It’s kind of frustrating.
don’t ask me please. This hasn’t been decided by us.
PS: Thanks for the hint – I added a BIG tag referencing the newer article 🙂
Just a thought…
The extension will allow some brave people to jump straight to 12.2 in that free support timescale. If that is the motivation, that might be good. The quicker you get people to the latest and greatest, the better… 🙂
Can’t agree more with you, Tim 🙂
By definition, “Patch Set Updates (PSU) are the same cumulative patches that include both the security fixes and priority fixes.“
So the priority fixes and bugs that are discovered, now only with one-off patches. =/
YAWOF12c – Yet Another Way of Forcing 12c
Hah! That "m" asterisk wasn’t there originally! 😉 Mike – thanks for the info as always.
I think it is difficult to make the case that we are "forcing" 12c when extended support fees have been waived for 3.5 years — longer than the usual period for extended support to exist at all. There are vanishingly few priority issues being uncovered at this point, 7 years after the release of 22.214.171.124 and with 12 PSUs on top of the terminal patch set.
Here you go:
About Combo of OJVM Component 126.96.36.199.170117 DB PSU + DB PSU 188.8.131.52.161018 Patch
The Patch contains the following list of patches:
Patch 24006111 – Database Patch Set Update 184.108.40.206.161018 –> RAC-Rolling Installable
Patch 24917954 – Oracle JavaVM Component 220.127.116.11.170117 Database PSU (Jan2017) –> Non RAC-Rolling Installable
So, does the PSU apply to 18.104.22.168 or not?
Per the modification history of the security advisory, it *appears* the CVEs were revised to include 22.214.171.124?
I’m looking at:
So, does PSU Jan2017 apply to 126.96.36.199 now or not?… The last comment and the text of the security advisory (revised several times) do not make this crystal clear IMO. (I’m a security guy, not a DBA, so forgive me if it’s clear elsewhere.)
I’m looking here:
For those of us using ASM, that *does* need to be patched, right?
thanks for your comments.
As far as I understand the risk matrix there is one issue with the OJVM (Oracle Java Virtual Machine) in Oracle Database 188.8.131.52 – and therefore the OJVM patch portion is available as a January 2017 fix whereas the PSU itself is still the one from October 2016.
If you look at:
– scroll down to "Non Exadata Non RAC" – then you’ll see that the January 17 OJVM has been combined with the October 16 PSU:
Combo of 184.108.40.206.170117 OJVM PSU and 220.127.116.11.161018 DB PSU (Oct 2016)
And both are available separately as well (PSU Oct 16 and OJVM Jan 17).
Hope this helps – cheers
So, that means that 18.104.22.168 is bug free? Great! No need to upgrade then?
Well, I’d say this Note will answer your rhetorical question:
Availability and Known issues for 22.214.171.124 Note:1562139.1
I was kidding but you were not. Your note is very useful. Thanks!
sometimes people get either angry or sarcastic when it comes to the "patching" topic – so it’s hard for me to see your sense of humor or your level of happiness 😉
But thanks for the clarification 🙂 🙂
I myself work for a large software vendor (Commvault Systems) as an Oracle expert and know how much time and trouble goes into a complex piece of software like Commvault 11. Oracle 12c is an order of magnitude more complex than Commvault 11 and it is perfectly clear that there will always be bugs and patches. That’s nothing to fret about, neither with Oracle, nor with Commvault. BTW, Commvault Systems is a platinum partner of Oracle Corp.
You have a wonderful blog that I enjoy reading.
For no reason, the method to apply this GI PSU 126.96.36.199.170418 has changed from the previous one, do you know why ?
Just Checking the Readmes
Patch 25476126 – Oracle Grid Infrastructure Patch Set Update 188.8.131.52.170418
Oracle Restart Home 184.108.40.206 220.127.116.11 GI PSU OPatch napply
Patch 24436338 – Oracle Grid Infrastructure Patch Set Update 18.104.22.168.161018 (Oct2016) (Includes Database PSU 22.214.171.124.161018)
Oracle Restart Home 126.96.36.199 188.8.131.52 GI PSU OPatch auto
sorry but I wasn’t even aware of this change (and thanks for letting me know).
I don’t know the reason – only an SR may reveal the background of the change.
Hi Pals. me again
I want you to know the Readme Guides are ok. I pick it up the wrong one I was in a hurry. opatch auto is the way to go even in the ultimate PSU. Last night I applied PSU 184.108.40.206.170418 for Linux 64 And everything wento well except for a couples of miss privs on .opatch_storage directory, the owner must be grid:oinstall. At least that’s what I did. And an orphan sqlplus session using a library wanted to be free.