Yesterday I blogged about the Oct 2019 Patch Bundles being available for download. And while I wrote this blog post, I downloaded all of them for my environments. Here I’d like to share with you the most simple path to apply them. As I have no cluster or ASM, I don’t have to patch Grid Infrastructure. And I don’t even have OJVM in any of my databases right now. Due to space constraints in my lab environment I will apply the patches in-place. You shouldn’t do this but instead use always a new home you patch. This allows you …Continue reading...
As of Oct 15, 2019, the CPU October 2019 Patch Bundles are available for download. So let me do the quarterly exercise to download and install all of them into my various environments.
Critical Patch Alert October 2019
At first, I check the Alert and the Risk Matrix whether critical issues with a high risk score are included. I will install the patch bundles anyway, but I’m curious. In my particular case I will take care on the database only. You of course will check for other products you are using, too.Continue reading...
It’s patching day. And I’m already downloading the patch bundles for all my installations (126.96.36.199, 188.8.131.52, 184.108.40.206, 18c and 19c). The Oracle Security Alerts for July 2019 got published today.
Patch Advisory and Risk Matrix
You can find the July 2019 Patch Advisory here. I checked the risk matrix for the database. It contains 8 new fixes for the database server. Please pay attention that 3 of the vulnerabilities may be exploitable from a client without an Oracle Database server being installed. The highest score is 9.8.
Please check the risk matrix by yourself:
- Text form of
I’ve ran two Hands-On-Workshops with customers and partners in Italy last week in Milano where we used our well known and thousands-of-times proven Hand-On-Lab environment:
But this time some people failed while running the lab with random corruptions either shutting down the entire VM while running – or displaying file corruptions in the spfile – or other issues.
The common thing in all cases: People had VBox 5.0.10 downloaded and installed right before the workshop.
Of course they’ve did it – as I’m tempted too since …Continue reading...
Please see as well:
Yesterday and the day before I’ve exchanged several emails with Ana who downloaded our Hands-On-Lab from here:
after OOW15, encountering a SEGMENTATION FAULT when trying to start the database upgrade with catctl.pl:
$ $ORACLE_HOME/perl/bin/perl catctl.pl catupgrd.sql
Very strange thing …
The database is in upgrade mode (checked this in the alert.log) and there are no strange things mentioned anywhere. Plus hundreds of people have run and completed our lab so far.
Tue Nov 10 20:39:47 2015 MMON… Continue reading...
I like Upgrade Workshops for a very different reason:
Hopefully people feed back with questions and information I wasn’t aware off before. So for myself these workshops are also a learning experience. And thanks to a customer in Singapore (Thanks a lot, Hanh!!) I learned something about Oracle’s Bundle Patches for MS Windows.
Customer asked about a specific issue when using RMAN Duplicate command in 12c failing with a nice ORA-600 [KSRPCSEXEC_1]. This got logged a while ago as bug16883554 – and it will be fixed in database patch set 220.127.116.11. But this customer asked …Continue reading...
Last night CET the most recent Patch Set Updates (PSU) and Critical Patch Updates (CPU aka SPU) got published on MOS. And there’s a significant and remarkable change for Oracle Database 12c onwards. MOS Note: 1571391.1 – Patch Set Update and Critical Patch
Update October 2013 Availability Document says:
… Continue reading...
2.1 Database Security Patching from 18.104.22.168 Onwards
Starting with Oracle Database version 22.214.171.124, Oracle only provides
Patch Set Updates (PSU) to meet the Critical Patch Update (CPU) program
requirements for security patching. Security Patch Updates (SPU) will no
longer be available. Oracle has moved to this simplified model due to
Writing a blog has a nice effect on the side: it brings me in touch with people I’ve never met – but we have similar targets or interests. Today I’ve received a comment from Gökhan Atil about the Fundamental Oracle Flaw known also as the SCN issue.
And for sure I did visit Gökhan’s blog and I did watch his very interesting 5 minutes demonstration how to bring down a database with the SCN issue. Which is very good to know as I thought the database won’t come down because of this issue. But watch Gökhan’s video by …Continue reading...
This Infoworld article from Jan 17, 2012 Fundamental Oracle flaw revealed did alert Oracle database customers.Infoworld has raised this issue to Oracle before going public with it. Patches are included in the Jan 2012 CPU and PSU. So again, it’s strongly recommended to apply the Jan 2012 PSU (or CPU if you are just asking for security fixes) to your environments.
- Please read on OTN the Critical Patch Update Advisory from January 2012
- You’ll find an explanation from Oracle Support in
MOS Note:1376995.1: Information on the System Change Number (SCN) and how it is used in the Oracle Database