CPU

Oracle Security Alerts for July 2019 got published

It’s patching day. And I’m already downloading the patch bundles for all my installations (11.2.0.4, 12.1.0.2, 12.2.0.1, 18c and 19c). The Oracle Security Alerts for July 2019 got published today.

Oracle Security Alerts for July 2019 got published

Patch Advisory and Risk Matrix

You can find the July 2019 Patch Advisory here. I checked the risk matrix for the database. It contains 8 new fixes for the database server. Please pay attention that 3 of the vulnerabilities may be exploitable from a client without an Oracle Database server being installed. The highest score is 9.8.

Please check the risk matrix by yourself:

Continue reading...

VBox 5.0.10 crash issues with our Hands-On-Lab

Milano - Nov 2015 (c) Mike Dietrich

I’ve ran two Hands-On-Workshops with customers and partners in Italy last week in Milano where we used our well known and thousands-of-times proven Hand-On-Lab environment:

But this time some people failed while running the lab with random corruptions either shutting down the entire VM while running – or displaying file corruptions in the spfile – or other issues.

The common thing in all cases: People had VBox 5.0.10 downloaded and installed right before the workshop.

Of course they’ve did it – as I’m tempted too since …

Continue reading...

Oracle VirtualBox 5.0.x – Segmentation Fault in PERL

Please see as well:


 

Yesterday and the day before I’ve exchanged several emails with Ana who downloaded our Hands-On-Lab from here:

after OOW15, encountering a SEGMENTATION FAULT when trying to start the database upgrade with catctl.pl:

$ $ORACLE_HOME/perl/bin/perl catctl.pl catupgrd.sql

Segmentation fault 

Very strange thing … 

The database is in upgrade mode (checked this in the alert.log) and there are no strange things mentioned anywhere. Plus hundreds of people have run and completed our lab so far.

Tue Nov 10 20:39:47 2015
MMON 
Continue reading...

MS Windows Bundle Patches – a VERY different story

I like Upgrade Workshops for a very different reason:
Hopefully people feed back with questions and information I wasn’t aware off before. So for myself these workshops are also a learning experience. And thanks to a customer in Singapore (Thanks a lot, Hanh!!) I learned something about Oracle’s Bundle Patches for MS Windows.

Customer asked about a specific issue when using RMAN Duplicate command in 12c failing with a nice ORA-600 [KSRPCSEXEC_1]. This got logged a while ago as bug16883554 – and it will be fixed in database patch set 12.1.0.2. But this customer asked …

Continue reading...

October 2013 PSUs and CPUs – News for 12c

Last night CET the most recent Patch Set Updates (PSU) and Critical Patch Updates (CPU aka SPU) got published on MOS. And there’s a significant and remarkable change for Oracle Database 12c onwards. MOS Note: 1571391.1 – Patch Set Update and Critical Patch
Update October 2013 Availability Document
says:

2.1 Database Security Patching from 12.1.0.1 Onwards

Starting with Oracle Database version 12.1.0.1, Oracle only provides
Patch Set Updates (PSU) to meet the Critical Patch Update (CPU) program
requirements for security patching. Security Patch Updates (SPU) will no
longer be available. Oracle has moved to this simplified model due to
popular

Continue reading...

Fundamental Oracle flaw revealed??? Update …!

Writing a blog has a nice effect on the side: it brings me in touch with people I’ve never met – but we have similar targets or interests. Today I’ve received a comment from Gökhan Atil about the Fundamental Oracle Flaw known also as the SCN issue.

And for sure I did visit Gökhan’s blog and I did watch his very interesting 5 minutes demonstration how to bring down a database with the SCN issue. Which is very good to know as I thought the database won’t come down because of this issue. But watch Gökhan’s video by …

Continue reading...

Fundamental Oracle flaw revealed??? Really …?

This Infoworld article from Jan 17, 2012  Fundamental Oracle flaw revealed did alert Oracle database customers.Infoworld has raised this issue to Oracle before going public with it. Patches are included in the Jan 2012 CPU and PSU. So again, it’s strongly recommended to apply the Jan 2012 PSU (or CPU if you are just asking for security fixes) to your environments.

Continue reading...