Category: Patches

Blog post related to patches, patch bundles and other software updates

Latest Critical Patch Updates from Oracle – January 2024

On January 18, Oracle unveiled its first quarterly Critical Patch Update Advisory of the year. This advisory, a pivotal resource for Oracle users, details an array of 389 new security patches across various Oracle product families. This update includes several high-severity vulnerabilities, notably those that can be exploited remotely over the network, with some having […]

Latest Critical Patch Updates from Oracle – October 2023

On October 17, Oracle released its quarterly Critical Patch Update Advisory. This comprehensive advisory contains details about 387 new security patches for various Oracle product families. Among them are some serious vulnerabilities that can be exploited remotely over the network, i.e. with a CVSS rating of 9 or more. The entire advisory can be found […]

Easily mitigate log4j vulnerability in Oracle Unified Directory

In December 2021, the critical vulnerability in Apache Log4j (CVE-2021-44228) was disclosed. With a CVSS rating of 10 out of 10, this vulnerability was or is extremely critical. Especially since Log4j is used relatively widely. Despite a great effort, many applications could only be corrected with a delay. Thus, it is not surprising that this […]

Oracle CPU / PSU Advisory July 2019

Recently, just in the middle of the summer holidays, Oracle has released the third Critical Patch Advisory for its products. It seems there’s a lot of work going on in Redwood Shore. Oracle has fixed about 319 security vulnerabilities across their products. The Oracle database is relatively prominently represented with 9 security vulnerabilities and a […]

Oracle CPU / PSU Advisory October 2018

Oracle has recently published the Critical Patch Update Advisory for the October 2018. It’s once more quite a heavy update with not less than 301 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal CVSS rating of 9.8. The problem CVE-2018-3259 with such […]

Oracle CPU / PSU Pre-Release Announcement July 2018

Today Oracle has published the Pre-Release Announcement for the July 2018 Critical Patch Update. It’s quite a heavy update with not less than 334 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal CVSS rating of 9.8. Of the vulnerabilities is remotely exploitable […]

Oracle CPU / PSU April 2018

Oracle recently released the spring Critical Patch Advisory. It is the first critical patch update, which also includes fixes for Oracle 18c. Over all it includes 254 new security fixes across the product families. Overall a rather large update, although only a security vulnerability is patched for the Oracle databases. This vulnerability is not remotely […]

Oracle CPU / PSU Announcement October 2017

The Oracle open world 2017 is over, the dust just settled down. A perfect time for Oracle to release the October critical patch advisory. With not less than 270 new security vulnerability fixes across the Oracle products it seems to be a rather huge update. From the DB perspective it is nothing unusual. It contains […]

Oracle CPU / PSU Announcement April 2017

Last night Oracle released there new Critical Patch Update. From the DB perspective it is a rather small patch update. It just includes 2 fixes for security vulnerabilities on Oracle database 11.2.0.4 and 12.1.0.2. None of the vulnerabilities are remote exploitable without authentication but one fix is also for client only installations. The highest CVSS […]

Oracle CPU / PSU Announcement January 2017

Oracle has published the first Critical Patch Update in 2017. It’s quite a huge update with not less than 270 new security vulnerability fixes across the Oracle products. For the Oracle Database itself are 5 security fixes available respectively 2 security fixes for the Oracle Database Server and 3 security fixes for Oracle Secure Backup […]

Oracle CPU / PSU Pre-Release Announcement July 2016

Oracle has published the Pre-Release Announcement for the July 2016 Critical Patch Update. It’s quite a huge update with not less than 276 security vulnerability fixes across the Oracle products. For the Oracle Database itself are 9 security fixes available. Dies ist wiederum eines der größeren Critical Patch Update for databases. It does contain bug […]

Release of Audit Vault and Database Firewall 12.1.2 Bundle Patch 7

Today Oracle released the new Bundle Patch for Audit Vault and Database Firewall 12.1.2. The patch can be downloaded as usual on Oracle Metalink as Patchset 21920205 for existing installations. The full installation image for new installations is not yet available on Oracle eDelivery. I guess this will follow in a couple of days. Beside […]

OPatch silent and unattended

In general I use Oracle OPatch interactively in command line mode to install patch set updates. But recently I did patch a system cloud based system, with a confusing network timeout. As expected I did get a broken pipe while executing OPatch. Ok, the system is also damn slow, which is not exactly helpful. Never […]

Release of Audit Vault and Database Firewall 12.1.2 Bundle Patch 5

Today Oracle released the new Bundle Patch for Audit Vault and Database Firewall 12.1.2. The patch can be downloaded as usual on Oracle Metalink as Patchset 20829881 for existing installations. The full installation image for new installations is not yet available on Oracle eDelivery. I guess this will follow in a couple of days. Beside […]

Oracle CPU / PSU Pre-Release Announcement January 2015

Oracle has published the Pre-Release Announcement for the first Critical Patch Update in 2015. This Critical Patch Update contains 167 new security vulnerability fixes across all Oracle products. It looks like that this CPU does contain a bunch of critical security fixes for Oracle databases. Actually there are 7 fixes for security vulnerabilities, but none […]

Release of Audit Vault and Database Firewall 12.1.2 Bundle Patch 2

End of last week, Oracle has released the second Bundle Patch for Audit Vault and Database Firewall 12.1.2. I’ve missed the release due to public holiday here in Switzerland. 🙂 The patch can be downloaded as usual on Oracle Metalink as Patchset 19190265 for existing installations or on Oracle eDelivery as full installation image for […]

Oracle 12.1.0.2.0 Patchset released

About a week ago Oracle has released the first patchset 12.1.0.2.0 for Oracle 12c Release 1. So far the patch set is only available for Linux x86-64bit, Oracle Solaris SPARC 64bit and Oracle Solaris x86-64bit. You may download the Patchset on Oracle Software Delivery Cloud eDelivery.oracle.com, on Oracle Technology Network Oracle Database 12c Release 1 […]

Oracle CPU / PSU Pre-Release Announcement July 2014

Oracle has published the Pre-Release Announcement for the July 2014 Critical Patch Update. It looks like that the next Critical Patch Update is somewhat more extensive from the database point of view. It does contain six bug fix for some major security issues. Some of the vulnerabilities may be remotely exploitable without authentication. The security […]

Release of Audit Vault and Database Firewall 12.1.2 Bundle Patch 1

Earlier today, Oracle has released the first Bundle Patch for Audit Vault and Database Firewall 12.1.2. The patch can be downloaded on Oracle Metalink as Patchset 18728905 for existing installations or on Oracle eDelivery as full installation image for new installations. The installation image is split in two parts which need to be merged before […]

Enterprise Manager Cloud Control 12c Release 4

A bit less than a year after Oracle Enterprise Manager Cloud Control 12c Release 3 has been released, Oracle has now released the latest version of its Enterprise Manager Cloud Control. The new release is immediately available for all supported platforms on OTN Oracle Enterprise Manager downloads or via the following direct links: Linux x86 […]

Oracle released CPU / PSU April 2014

As announced last week in my post Oracle CPU / PSU Pre-Release Announcement April 2014, Oracle has now released the Critical Patch Updates for April 2014. Overall this CPU contains 104 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For Oracle Database it contains only […]

Oracle CPU / PSU Pre-Release Announcement April 2014

Today Oracle has published the Pre-Release Announcement of the CPU Advisory for April 2014. This Critical Patch Update contains 103 new security vulnerability fixes for several Oracle products. There are only a few days since the publication of the vulnerability CVE-2014-0160 known as “Heartbleed”. Therefore I assume, that this patch update does not yet address […]

Oracle CPU / PSU Pre-Release Announcement January 2014

Today Oracle has published the Pre-Release Announcement for the first CPU Patch in 2014. This Critical Patch Update contains 147 new security vulnerability fixes for several Oracle products. From the Oracle database point of view it is a small update. There are only five security fix for the Oracle Database Server and no for client-only […]

Oracle released CPU / PSU October 2013

As announced yesterday in my post Oracle CPU / PSU Pre-Release Announcement October 2013, Oracle has now released the last Critical Patch Updates for 2013. Overall this CPU contains 126 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For Oracle Database it contains only 2 […]

Changes in database security patching with 12c

During my preparation for the tests of October Critical Patch Updates (CPU), I stumbled over an interesting Oracle Support Document. I this document Oracle announced that there will nolonger be seperate SPU (Security Patch Update) respectively CPU (Critical Patch Update) for 12.1.0.1 and newer. Excerpt from Oracle support document 1581950.1 Database Security Patching from 12.1.0.1 […]

Oracle CPU / PSU Pre-Release Announcement October 2013

Oracle has published the Pre-Release Announcement for the October CPU/SPU Patch. This Critical Patch Update contains 126 new security vulnerability fixes for several Oracle products. Despite the large amount of security fixes, it is a rather small update from the database point of view. There are only two security fix for the Oracle Database Server […]

Oracle 11.2.0.4.0 Patchset released

Oracle has released the patchset 11.2.0.4.0 for Oracle 11g Release 2. The current patchset is as well as the other 11g R2 patchsets a full installation. This means you will have to download quite a bit from Metalink, altogether 7 files. On My Oracle Support search for patchset 13390677 or follow the link to reach […]

Audit Vault and Database Firewall 12.1.1 Bundle Patch 1

Oracle just released the new bundle patch for Audit Vault and Database Firewall 12.1.1. The patch can be downloaded on metaling as RPM patch set for existing installations or as full installation images for new installations. According the readme, the BP1 contains the July 2013 PSU 11.2.0.3.7 for the database as well several bug fix […]

How to find latest oracle database patchset

It is sometimes a bit of a hassle, to have the latest patch name or number on hand, when you need them. Ok, you may search on My Oracle Support and save it as custom search. But it may happen that the search is inaccurate and the required patch is not found. A much easier […]

Oracle released CPU / PSU July 2013

About a week ago Oracle has released the July Critical Patch Updates. Overall this CPU contains 89 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For Oracle Database Server it does contain 6 fixes, but none of them is for client-only installation. 1 of these […]

Enterprise Manager Cloud Control 12c Release 3

Oracle just released Enterprise Manager Cloud Control 12c Release 3. (see Oracle Enterprise Manager Downloads ) for all supported platforms. Is assume this release is related to Oracle Database 12c which has been released about a week ago. The new release can immediately be downloaded downloaded on OTN for the following platforms: Linux x86-64 (64-bit) […]

Oracle released CPU / PSU January 2013

As announced in my post about Oracle’s pre-release announcement of last week, Oracle has now released the first Critical Patch Updates for 2013. Overall this CPU contains 86 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For products like Oracle Database Mobile it does contain […]

Oracle CPU / PSU Pre-Release Announcement January 2013

Once again, Oracle has published the Pre-Release Announcement for the first CPU Patch in 2013. This Critical Patch Update is reasonably small and contains 86 new security vulnerability fixes for several Oracle products. Only one of these fixes is just for the Oracle Database Server.

Enterprise Manager Cloud Control 12c Release 2

Oracle announced the general availability of Enterprise Manager Cloud Control 12c Release 2. The release introduces a bunch of new and improve capabilities for deploying and managing business applications in an enterprise private cloud, such as Java Platform-as-a-Service (PaaS), enhanced business application management, and integrated hardware-software management for Oracle Exalogic Elastic Cloud.

Important links around the Oracle CPU / PSU April 2012

A few weeks ago oracle officially released the CPU / PSU Patches for April 2012. The Critical Patch Updates contains 88 security fixes across all products. But only 6 out of this 88 fixes are for Oracle databases. This post will summarize a bit the information and links around this CPU / PSU release.

Oracle CPU Pre-Release Announcement – April 2011

Late last week Oracle published the Oracle Critical Patch Update Pre-Release Announcement – April 2011. The official Oracle Critical Patch Update for April 2011 will be released somewhen on the 19th of april. This CPU includes up to 73 security fixes for all kind of Oracle products. 6 out of them are just forfor the […]