Where is it?
This question reached me a week ago:
“Where is the January 2017 PSU for Oracle Database 11.2.0.4?”
“What’s the deal?” was my first thought – just go and download it from MOS.
Well, not really …
Where to download Proactive Bundle Patches, Patch Set Updates and Patch Sets?
My favorite note is:
MOS Note:1454618.1
Quick Reference to Patch Numbers for PSU, SPU(CPU), BPs and Patchsets
It gives me access to all the download links for the patch bundles I’m looking for.
But for 11.2.0.4. there’s only “NA” (not available) stated:
And a very small asterisk “m”:
Why is there no January 2017 PSU for Oracle Database 11.2.0.4?
The comment says it all – but I was looking for a more precise explanation. And Roy knew where to look at (thanks!):
- MOS Note: 854428.1
Patch Set Updates for Oracle Products
Section 3 (Patch Sets Updates Lifecycle) says:- PSUs will reach a plateau of non-security content as the version stabilizes. Once this is reached, there will be a tapering off of non-security content. Oracle expects this plateau to be reached with the third or fourth PSU.
- PSU content will be primarily security-related once the next patch set in the series is released.
So yes, this is possible and somehow documented.
As there are no Security Fixes for Oracle Database 11.2.0.4 this quarter there are no SPUs or PSU released.
Further Information?
Please see the blog post of Rodrigo Jorge from Enkitec with more details:
Obrigado, Rodrigo!
–Mike
So what I’m hearing is 11.2.0.4 is, at this moment, completely secure…
Is there an article on downgrading from 12.1.0.2 to 11.2.0.4? 🙂
Cheers
Tim…
While I understand that there might actually be no new security related bugs applicable for patching to warrant a PSU, I’m currently waiting for Bundle Patch 170117 for windows, because I was told that this would contain a fix for an issue I’m currently having with the only other downloadable bundle patch (161118) for 11.2.0.4 on windows.
Do I read you correctly, that there will not be a Bundle Patch for Windows, either?
Hi Tim,
well … I didn’t say that 😉
I just mirror what the support documents say 😉
And as I know that you are a brave and fantastic Oracle fan boy influenced positively by all the Upgrade talks you’ve had to listen to in the past years I’m pretty sure you have upgraded almost everything to Oracle 12.1.0.2 yet – and just a few legacy systems left on 11.2.0.4 😉
Cheers
Mike
Regarding Win:
That is my reading as well and I can see the official docs. If you’d like to double check please open an SR with Oracle Support – they will know for sure.
Cheers
Mike
Reading this, I still don’t get why the extended support has been waived AGAIN until Dec 2018 for 11.2.0.4 ( check MOS Notes: 742060.1 and 161818.1 ) P.S. You should update your article about this (https://blogs.oracle.com/UPGRADE/entry/no_extra_fee_for_extended), Mike.
That only means two more years of companies afraid of upgrade to 12c, while still using outdated versions on their production servers. It’s kind of frustrating.
David,
don’t ask me please. This hasn’t been decided by us.
Cheers
Mike
PS: Thanks for the hint – I added a BIG tag referencing the newer article 🙂
Just a thought…
The extension will allow some brave people to jump straight to 12.2 in that free support timescale. If that is the motivation, that might be good. The quicker you get people to the latest and greatest, the better… 🙂
Cheers
Tim…
Can’t agree more with you, Tim 🙂
Cheers
Mike
By definition, “Patch Set Updates (PSU) are the same cumulative patches that include both the security fixes and priority fixes.“
So the priority fixes and bugs that are discovered, now only with one-off patches. =/
YAWOF12c – Yet Another Way of Forcing 12c
Hah! That "m" asterisk wasn’t there originally! 😉 Mike – thanks for the info as always.
I think it is difficult to make the case that we are "forcing" 12c when extended support fees have been waived for 3.5 years — longer than the usual period for extended support to exist at all. There are vanishingly few priority issues being uncovered at this point, 7 years after the release of 11.2.0.1 and with 12 PSUs on top of the terminal patch set.
Here you go:
About Combo of OJVM Component 11.2.0.4.170117 DB PSU + DB PSU 11.2.0.4.161018 Patch
The Patch contains the following list of patches:
Patch 24006111 – Database Patch Set Update 11.2.0.4.161018 –> RAC-Rolling Installable
Patch 24917954 – Oracle JavaVM Component 11.2.0.4.170117 Database PSU (Jan2017) –> Non RAC-Rolling Installable
So, does the PSU apply to 11.2.0.4 or not?
Per the modification history of the security advisory, it *appears* the CVEs were revised to include 11.2.0.4?
I’m looking at:
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html
Thanks!
So, does PSU Jan2017 apply to 11.2.0.4 now or not?… The last comment and the text of the security advisory (revised several times) do not make this crystal clear IMO. (I’m a security guy, not a DBA, so forgive me if it’s clear elsewhere.)
I’m looking here:
http://www.oracle.com/technetwork/security-advisory/cpujan2017-2881727.html#AppendixDB
For those of us using ASM, that *does* need to be patched, right?
Thanks!
Stan,
thanks for your comments.
As far as I understand the risk matrix there is one issue with the OJVM (Oracle Java Virtual Machine) in Oracle Database 11.2.0.4 – and therefore the OJVM patch portion is available as a January 2017 fix whereas the PSU itself is still the one from October 2016.
If you look at:
https://support.oracle.com/epmos/faces/DocumentDisplay?id=1562139.1
– scroll down to "Non Exadata Non RAC" – then you’ll see that the January 17 OJVM has been combined with the October 16 PSU:
Note:24918033.8
Combo of 11.2.0.4.170117 OJVM PSU and 11.2.0.4.161018 DB PSU (Oct 2016)
Patch:24918033
And both are available separately as well (PSU Oct 16 and OJVM Jan 17).
Hope this helps – cheers
Mike
So, that means that 11.2.0.4 is bug free? Great! No need to upgrade then?
Well, I’d say this Note will answer your rhetorical question:
Availability and Known issues for 11.2.0.4 Note:1562139.1
Cheers
Mike
Hi Mike,
I was kidding but you were not. Your note is very useful. Thanks!
Mladen,
sometimes people get either angry or sarcastic when it comes to the "patching" topic – so it’s hard for me to see your sense of humor or your level of happiness 😉
But thanks for the clarification 🙂 🙂
Mike
Hi Mike,
I myself work for a large software vendor (Commvault Systems) as an Oracle expert and know how much time and trouble goes into a complex piece of software like Commvault 11. Oracle 12c is an order of magnitude more complex than Commvault 11 and it is perfectly clear that there will always be bugs and patches. That’s nothing to fret about, neither with Oracle, nor with Commvault. BTW, Commvault Systems is a platinum partner of Oracle Corp.
You have a wonderful blog that I enjoy reading.
Regards
Hi pals.
For no reason, the method to apply this GI PSU 11.2.0.4.170418 has changed from the previous one, do you know why ?
Just Checking the Readmes
Patch 25476126 – Oracle Grid Infrastructure Patch Set Update 11.2.0.4.170418
Oracle Restart Home 11.2.0.4 11.2.0.4 GI PSU OPatch napply
Patch 24436338 – Oracle Grid Infrastructure Patch Set Update 11.2.0.4.161018 (Oct2016) (Includes Database PSU 11.2.0.4.161018)
Oracle Restart Home 11.2.0.4 11.2.0.4 GI PSU OPatch auto
Best Regards
William,
sorry but I wasn’t even aware of this change (and thanks for letting me know).
I don’t know the reason – only an SR may reveal the background of the change.
Cheers
Mike
Hi Pals. me again
I want you to know the Readme Guides are ok. I pick it up the wrong one I was in a hurry. opatch auto is the way to go even in the ultimate PSU. Last night I applied PSU 11.2.0.4.170418 for Linux 64 And everything wento well except for a couples of miss privs on .opatch_storage directory, the owner must be grid:oinstall. At least that’s what I did. And an orphan sqlplus session using a library wanted to be free.
Thanks Mike!!