|
APPLIES TO:
Oracle
Fusion Middleware - Version 11.1.1.7.0 and later
Oracle Database Cloud Schema Service - Version N/A and
later
Oracle Database Exadata Cloud Machine - Version N/A and
later
Oracle Database Cloud Exadata Service - Version N/A and
later
Oracle Database Backup Service - Version N/A and later
Information in this document applies to any platform.
This document
defines the patches and minimum releases for the Database Product Suite,
Fusion Middleware Product Suite, Exalogic, and Enterprise Manager Suite
Critical Patch Updates and Patch Set Updates released on July 16, 2019.
The
document is for Database Administrators and/or others tasked with Quarterly
Security Patching.
Database, Fusion Middleware, and Enterprise Manager Critical
Patch Update July 2019 Patch Availability Document
My Oracle Support Note 2534806.1
Released July 16, 2019
This document contains the following
sections:
1 Overview
Oracle provides quarterly cumulative
patches to address security vulnerabilities. The patches may include critical
fixes in addition to the security fixes. The security vulnerabilities
addressed are announced in the Advisory for July 2019, available at:
Oracle Technical Network Advisory
This document lists the Oracle
Database, Fusion Middleware and Enterprise Manager CPU program cumulative
patches for product releases under error correction. The July 2019 release
supersedes earlier CPU program cumulative patches for the same product
releases. This document is subject to continual update after the initial
release, and the changes are listed in "Modification History." If you print this document, check My Oracle Support to
ensure you have the latest version.
This section contains the following:
·
Section 1.1 "How To Use This Document"
·
Section 1.2 "Terminology in the Tables"
·
Section 1.3 "On-Request Patches"
·
Section 1.4 "CPU Program and My Oracle Support
Patch Recommendations"
·
Section 1.5 "My Oracle Support (MOS) Conflict
Checker Tool"
1.1 How To
Use This Document
The following steps explain how to
use this document.
Step
1 Assess your Environments
Determine
the Oracle product suites and products and their release numbers for each of
your environments.
Step
2 Read Important Announcements
Review "What's New in July 2019," as it lists documentation and packaging changes along
with important announcements such as upcoming final CPUs.
Step
3 Determine Patches to be Applied
For each
environment, determine which patches need to be applied by using the tables
in "Patch Availability for Oracle Products." There is one availability table for each product suite
release, such as Oracle Database 12.2.0.1, Oracle Identity Access Management
11.1.2.3, and Enterprise Manager Cloud Control 12.1.0.5.
·
The table
lists the patches to be applied either to the product or to the appropriate
product Oracle homes that are associated with the product suite
·
The
patches are listed in the order released, with newest patches listed first
·
For some
patches, multiple Oracle homes are listed. Apply the patch to all of the
homes indicated that are applicable to your environment and only to the
listed Oracle homes
·
The table
lists only product releases that are under Premier Support or Extended
Support and are under error correction as defined in My Oracle Support Note 209768.1, Database, FMW,
Enterprise Manager, TimesTen In-Memory Database, and OCS Software Error
Correction Support Policy. Patches are provided only for these
releases. If you do not see the release that you have installed, then check "Final CPU History" and contact Oracle Support for further assistance
·
Patches
that include security vulnerabilities announced in the current quarter's CPU
Advisory, list the vulnerability CVE numbers in the Advisory Number column.
If you are interested in the risk matrix for the vulnerabilities fixed in the
patch, then see the CPU Advisory at http://www.oracle.com/technetwork/topics/security/alerts-086861.html. For patches that are listed from previous quarterly
releases, or the current one without any security fixes, the column indicates
"Released MMM YYYY"
·
When a
section is referenced in a table, follow the link to determine which patches
to install. For example, when "Oracle Database" is referenced, determine the Oracle Database release that
is installed, and find the patches to apply in the table for that Oracle
Database release in "Oracle Database."
Step
4 Apply the Patches
Download
the patches, review the READMEs, and apply the patches according to the
instructions.
Step
5 Planning for Future Critical Patch Updates
To help
you plan for future Critical Patch Updates, this document includes Final CPU
information based on Oracle's Lifetime Support Policy and error correction
policies.
"Final CPU Information (Error Correction
Policies)" in "What's New in July 2019," documents product releases for which final Critical Patch
Updates are upcoming or are being announced. In each product section, there
is also an Error Correction Information Table that documents the final CPU
program patch for the product. Products that have reached the end of error
correction are documented in "Final CPU History."
1.2 Terminology in the Tables
The following terminology is used in
this patch availability document and in the subsequent tables.
·
Update - Release Update
·
Revision -Release Update Revision
·
BP - Bundle Patch
·
Final CPU is the last quarter that a product is
supported in the CPU program as per the Premier Support and Extended Support
policies. http://www.oracle.com/us/support/lifetime-support/index.html.
·
NA Not Applicable.
·
OR On-Request. The patch is made available through the
On-Request program.
·
PSU - Patch Set Update
·
SPU - Security Patch Update. An iterative, cumulative patch
consisting of security fixes.
·
Overlay SPU patch provided as an overlay on top of a PSU
or BP instead of a base/patch set release.
1.3 On-Request Patches
Oracle does not proactively release
patches for historically inactive platforms. However, Oracle will deliver
these patches when requested.
The following guidelines describe how
to initiate an on-request (OR) patch.
A request may be made:
·
At any
time. However, a patch for a specific quarterly release, such as CPUOct2012,
cannot be requested. Depending on when the request is received and processed,
either the patch for the current quarterly release or the next quarterly
release will be provided. Your Service Request (SR) will provide you the
planned availability date for the patch.
·
As long
as the version is in either Premier Support or Extended Support and error
correction support has not expired. For example, if a product release is
under Extended Support through the release of CPUJan2013 on January 15, 2013,
then you can file a request for the product release through January 29, 2013.
For more information, see Oracle Lifetime Support Policies at http://www.oracle.com/us/support/lifetime-support/index.html, and Note 209768.1, Database, FMW,
Enterprise Manager, TimesTen In-Memory Database, and OCS Software Error
Correction Support Policy.
·
For a
platform-version combination when a major release or patch set is released on
a platform after a quarterly release date. Oracle will provide the next patch
for that platform-version combination, however you
may request the current patch by following the on-request process. For
example, if a patch is released for a platform on August 1, 2012, Oracle will
provide the CPUOct2012 patch for that platform. You may request a CPUOct2012
patch for the platform, and Oracle will review the request and determine
whether to provide CPUJul2012 or CPUOct2012.
A patch that is marked as on-request (OR) may already
have been requested by another customer and be available on My Oracle
Support. Before you file a Service Request (SR), check on My Oracle Support
to see if the patch is already available for your platform.
1.4 CPU Program and My Oracle
Support Patch Recommendations
My Oracle Support patch
recommendation features are available on the Patches & Update tab. The
patches announced in this document as part of the CPU program are classified
as "Security" patch recommendations in My Oracle Support. If a new
patch is being announced in this document, then the classification on any
earlier patch is changed to "General", causing it to be removed
from the My Oracle Support patch recommendations. If a patch has a
"Security" classification, and a subsequent bundle, SPU, or PSU is
released with a recommendation classification, then it will be classified as
a "Security" recommendation in My Oracle Support.
Once a product release is no longer
in error correction, its CPU patch information is removed from this document,
but the last patch recommendation continues to be available in My Oracle
Support. Ensure to select each of the products installed in your
environment to obtain all patches.
1.5 My Oracle Support (MOS)
Conflict Checker Tool
The My Oracle Support (MOS) Conflict
Checker tool is available as of July 21, 2014.
You can access MOS Conflict Checker
at https://support.oracle.com/epmos/faces/PatchConflictCheck. This tool is also accessible from the Patch Search
results screen ("Analyze with OPatch" button).
The MOS Conflict Checker Tool allows
you to upload an OPatch inventory to check for conflicts with patches to
apply to your environment. If no conflicts are found, you can download the
patches. If conflicts are found, the tool finds an existing resolution to
download. If no resolution is found, you can request a solution, and monitor
your request in the Plans region.
For more information and a
demonstration video, see Knowledge Document Note 1091294.1, How to Use the
My Oracle Support Conflict Checker Tool for Patches Installed with OPatch
[Video].
2 What's New in July 2019
This section describes important
changes in July 2019:
·
Section 2.1 "Final CPU Information (Error
Correction Policies)"
·
Section 2.2 "Post Release Patches"
2.1
Final CPU Information (Error Correction Policies)
The final CPU is the last quarter
that a product is supported in the CPU program as per the Premier Support and
Extended Support policies. Final CPUs for upcoming releases, as well as newly
scheduled final CPUs, are listed in the following sections.
Final CPUs
scheduled for Oct 2019
- Oracle GoldenGate Management
Pack Plugin 12.1.0 (Oct 2019)
- Oracle Identity Analytics
11.1.1.5.0 (Oct 2019)
- Oracle OpenSSO 8.0 u2 (8.0.2.0)
(Oct 2019)
- Oracle Waveset 8.1.1 (Oct 2019)
Final CPUs
scheduled for July 2019
- Oracle Enterprise Manager Cloud
Control 13.2
- Oracle Enterprise Data Quality
8.1
- Oracle Real Time Decisions
Applications 3.2
2.2 Post Release Patches
Oracle strives to complete
preparations and testing of each Quarterly Security Patch for each platform
by the quarterly release date. Occasionally, circumstances beyond our control
dictate that a particular patch be delayed and be released a few days after
the quarterly release date. The following table lists any current patch
delays and the estimated date of availability.
|
Patch
|
Patch Number
|
Platform
|
Availability
|
|
ODSEE BP 11.1.1.7.190716
|
Patch 29893742
|
Win.X64
|
Available
|
|
OHS (NATIVE) BUNDLE PATCH 12.2.1.3.0(ID:190808.0523)
|
Patch 30158713
|
All Platforms
|
Available
|
|
OHS 12.1.3.0.0 SPU FOR CPUJUL2019
|
Patch 30112527
|
All Platforms
|
Available
|
|
OSS Bundle Patch 11.1.1.9.190716
|
Patch 27047184
|
All Platforms available except Windows
|
30-Oct-2019
|
|
OSS Bundle Patch 12.2.1.3.190716
|
Patch 29321695
|
AIX
|
Available
|
|
11.2.0.4 DB PSU
|
Patch 29497421
|
HP-UX PA-RISC
|
Available
|
|
11.2.0.4 GI PSU
|
Patch 29698727
|
HP-UX PA-RISC
|
Available
|
|
Combo OJVM Update 19.4.0.0.190716 and
Database Update 19.4.0.0.190716
|
Patch 29699079
|
AIX
|
Available
|
|
19.4.0.0.190716 GI RU
|
Patch 29708769
|
HP-UX Itanium
|
Available
|
|
19.4.0.0.190716 GI RU
|
Patch 29708769
|
AIX
|
Available
|
|
Combo OJVM Update 19.4.0.0.190716 and
GI Update 19.4.0.0.190716
|
Patch 29699097
|
HP-UX Itanium
|
Available
|
|
Combo OJVM Update 19.4.0.0.190716 and
GI Update 19.4.0.0.190716
|
Patch 29699097
|
AIX
|
Available
|
|
12.2.0.1.190716 GI RU
|
Patch 29708720
|
AIX
|
Available
|
|
Combo OJVM Update 12.2.0.1.190716 and
GI Update 12.2.0.1.190716
|
Patch 29699173
|
AIX
|
Available
|
|
OJVM PSU 11.2.0.4.190716
|
Patch 29610422
|
HP-UX PA-RISC
|
Available
|
|
Combo OJVM + DBPSU 11.2.0.4.190716
|
Patch 29699294
|
HP-UX PA-RISC
|
Available
|
|
Combo OJVM + GIPSU 11.2.0.4.190716
|
Patch 29699309
|
HP-UX PA-RISC
|
Available
|
|
Microsoft Windows BP 19.4.0.0.190716
|
Patch 29859191
|
All Platforms
|
Available
|
|
Microsoft Windows BP 12.1.0.2.190716
|
Patch 29831650
|
Win.X64
|
Available
|
|
Microsoft Windows BP 11.2.0.4.190716
|
Patch 29596609
|
Win.X64
|
Available
|
|
Microsoft Windows BP 11.2.0.4.190716
|
Patch 29596609
|
Win 32-Bit
|
22-Oct-2019
|
|
OJVM Component Database RU
19.4.0.0.190716 for Microsoft Windows
|
Patch 29774421
|
64-bit
|
Available
|
|
OJVM Component Database PSU
11.2.0.4.190716 for Microsoft Windows
|
Patch 30012911
|
Win.X64
|
Available
|
|
OJVM Component Database PSU
11.2.0.4.190716 for Microsoft Windows
|
Patch 30012911
|
Win 32-Bit
|
22-Oct-2019
|
|
OJVM PSU 11.2.0.4.190716
|
Patch 29610422
|
ZLinux
|
29-Oct-2019
|
|
Combo OJVM + DBPSU 11.2.0.4.190716
|
Patch 29699294
|
ZLinux
|
29-Oct-2019
|
|
Combo OJVM + GIPSU 11.2.0.4.190716
|
Patch 29699309
|
ZLinux
|
29-Oct-2019
|
3 Patch Availability for Oracle Products
This section contains the following:
·
Section 3.1 "Oracle Database"
·
Section 3.2 "Oracle Enterprise Manager"
·
Section 3.3 "Oracle Fusion Middleware"
·
Section 3.4 "Oracle Sun Middleware"
·
Section 3.5 "Tools"
3.1 Oracle Database
This section contains the following:
·
Section 3.1.1 "Oracle REST Data Services (formally
called Oracle APEX Listener)"
·
Section 3.1.2 "Oracle Application Express"
·
Section 3.1.3 "Oracle Big Data Spatial and
Graph"
·
Section 3.1.4 "Oracle Database"
·
Section 3.1.5 "Oracle Database Mobile/Lite
Server"
·
Section 3.1.6 "Oracle GoldenGate"
·
Section 3.1.7 "Oracle GoldenGate for Big Data
(Formerly known as Oracle GoldenGate Application Adapters)"
·
Section 3.1.8 "Oracle GoldenGate Veridata"
·
Section 3.1.9 "Oracle Secure Backup"
3.1.1 Oracle REST Data Services
(formally called Oracle APEX Listener)
Error
Correction information for Oracle REST Data Services 3.0
|
Patch Information
|
3.0
|
Comments
|
|
Final CPU
|
-
|
|
Minimum
Product Requirements for Oracle REST Data Services
Critical Patch Update security
vulnerabilities are fixed in the listed releases. For Oracle REST Data
Services downloads and installation instructions, see http://www.oracle.com/technetwork/developer-tools/rest-data-services/overview/index.html.
|
Product
|
Release
|
Advisory Number
|
Comments
|
|
Oracle REST Data Services
|
3.0.10.25.02.36
|
Released July 2017
|
|
3.1.2 Oracle
Application Express
Minimum
Product Requirements for Oracle Application Express
Critical Patch Update security
vulnerabilities are fixed in the listed releases. For Oracle Application
Express downloads and installation instructions, see http://www.oracle.com/technetwork/developer-tools/apex/downloads/index.html.
|
Component
|
Release
|
Advisory Number
|
Comments
|
|
Oracle Application Express
|
19.1.0.00.15
|
|
|
3.1.3 Oracle Big
Data Spatial and Graph
Error
Correction information for Oracle Big Data Spatial
and Graph
|
Patch Information
|
2.0
|
1.2
|
Comments
|
|
Final CPU
|
-
|
-
|
|
Patch Availability for
Oracle Big Data Spatial and Graph
Critical
Patch Update security vulnerabilities are fixed in the listed releases. For
Oracle Big Data Spatial and Graph downloads and installation instructions,
see http://www.oracle.com/technetwork/database/database-technologies/bigdata-spatialandgraph/downloads/index.html.
|
Product
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Big Data Spatial and Graph 2.0
|
Patch 28774674
|
Released October 2018
|
|
|
Oracle Big Data Spatial and Graph 2.1
|
Patch 28774701
|
Released October 2018
|
|
|
Oracle Big Data Spatial and Graph 2.1
|
Patch 28774764
|
Released October 2018
|
|
3.1.4 Oracle
Database
This section contains the following:
·
Section 3.1.4.1 "Patch Availability for Oracle
Database"
·
Section 3.1.4.2 "Oracle Database 19"
·
Section 3.1.4.3 "Oracle Database 18"
·
Section 3.1.4.4 "Oracle Database 12.2.0.1"
·
Section 3.1.4.5 "Oracle Database 12.1.0.2"
3.1.4.1 Patch Availability for Oracle
Database
For information regarding the
different types of patches for Database, refer to Oracle Database - Overview
of Database Patch Delivery Methods - 12.1.0.2 and older, Note 1962125.1 and Oracle Database - Overview of Database Patch Delivery
Methods for 12.2.0.1 and greater, Note 2337415.1
3.1.4.2 Oracle Database 19
|
Patch Information
|
19
|
Comments
|
|
Final CPU
|
-
|
|
|
On-Request platforms
|
32-bit client-only platforms
|
|
Patch
Availability for Oracle Database 19
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Database Server home
|
Combo OJVM Update 19.4.0.0.190716 and Database Update
19.4.0.0.190716 Patch 29699079 for UNIX, or
Combo OJVM Update 19.4.0.0.190716 and GI Update
19.4.0.0.190716 Patch 29699097, or
Quarterly Full Stack download for Exadata (Jul2019)
19.4.0.0.190716 Patch 29698987 for Linux x86-64
|
CVE-2018-11058, CVE-2019-2776,
CVE-2019-2749
|
See Note 1929745.1, Oracle Recommended Patches
-- Oracle JavaVM Component Database PSU (OJVM PSU) Patches.
|
|
Oracle Database Server home
|
Database Update 19.4.0.0.190716 Patch 29834717 for UNIX, or
GI Update 19.4.0.0.190716 Patch 29708769, or
Quarterly Full Stack download for Exadata (Jul2019)
19.4.0.0.190716 Patch 29698987 for Linux x86-64
|
CVE-2018-11058, CVE-2019-2776
|
|
|
Oracle Database Server home
|
OJVM Update 19.4.0.0.190716 Patch 29774421 for all platforms
|
CVE-2019-2749
|
See Note 1929745.1, Oracle Recommended Patches
-- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
OJVM Update Patches are not RAC Rolling installable
|
|
Oracle Database Server home
|
JDK Patch 29549154
|
Released April 2019
|
|
|
Oracle Database Server home
|
Perl Patch 29511771
|
Released April 2019
|
|
|
Oracle Database Client home
|
Database Update 19.4.0.0.190716 Patch 29834717 for UNIX
|
Released July 2019
|
The Instant Client installation is not
the same as the client-only Installation. For additional information about
Instant Client installations, see Oracle Call Interface Programmer's Guide.
|
3.1.4.3 Oracle Database 18
|
Patch Information
|
18
|
Comments
|
|
Final CPU
|
-
|
|
|
On-Request platforms
|
32-bit client-only platforms
|
|
Patch
Availability for Oracle Database 18
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Database Server home
|
Combo OJVM Update 18.7.0.0.190716 and Database Update
18.7.0.0.190716 Patch 29699112 for UNIX, or
Combo OJVM Update 18.7.0.0.190716 and GI Update
18.7.0.0.190716 Patch 29699160, or
Quarterly Full Stack download for Exadata (Jul2019)
18.7.0.0.190716 Patch 29698948
|
CVE-2018-11058, CVE-2019-2776,
CVE-2019-2753, CVE-2016-9572, CVE-2019-2749
|
OJVM Update patches from 18.4 onwards are RAC Rolling
installable. Please see Note 2217053.1, RAC Rolling Install
Process for the "Oracle JavaVM Component Database PSU/RU" (OJVM
PSU/RU) Patches
|
|
Oracle Database Server home
|
Database Update 18.7.0.0.190716 Patch 29757256, or
Database Update Revision 18.6.1.0.190716 Patch 29708235, or
Database Update Revision 18.5.2.0.190716 Patch 29708437, or
GI Update 18.7.0.0.190716 Patch 29708703, or
GI Update Revision 18.6.1.0.190716 Patch 29708736, or
GI Update Revision 18.5.2.0.190716 Patch 29708805, or
Microsoft Windows 32-Bit and x86-64 BP 18.7.0.0.190716 Patch 29859180 , or later;
Quarterly Full Stack download for Exadata (Jul2019)
18.7.0.0.190716 Patch 29698948, or
Quarterly Full Stack download for SuperCluster
(Q2.2019) Patch 29252451 for Solaris SPARC 64-Bit
|
CVE-2018-11058, CVE-2019-2776,
CVE-2019-2753, CVE-2016-9572, CVE-2019-2799 (Win only)
|
The Quarterly Full Stack download patch for
SuperCluster (Q3.2019) for Solaris SPARC 64-Bit is being skipped.
Until the Q4.2019 patch is available in the fourth quarter of
2019, use the Q2.2019 patch; Patch 29252451.
|
|
Oracle Database Server home
|
OJVM Update 18.7.0.0.190716 Patch 29774410 for all platforms
|
CVE-2019-2749
|
OJVM Update patches from 18.4 onwards
are RAC Rolling installable. Please see Note 2217053.1, RAC Rolling Install
Process for the "Oracle JavaVM Component Database PSU/RU" (OJVM
PSU/RU) Patches
|
|
Oracle Database Client home
|
Database Update 18.7.0.0.190716 Patch 29757256, or
Database Update Revision 18.6.1.0.190716 Patch 29708235, or
Database Update Revision 18.5.2.0.190716 Patch 29708437 or
Microsoft Windows 32-Bit and x86-64 BP 18.7.0.0.190716 Patch 29859180
|
Released July 2019
|
The Instant Client installation is not
the same as the client-only Installation. For additional information about
Instant Client installations, see Oracle Call Interface Programmer's Guide.
|
3.1.4.4 Oracle Database 12.2.0.1
|
Patch Information
|
12.2.0.1
|
Comments
|
|
Final CPU
|
-
|
|
|
On-Request platforms
|
32-bit client-only platforms
|
|
Patch
Availability for Oracle Database 12.2.0.1
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Database Server home
|
Combo OJVM Update 12.2.0.1.190716 and Database Update
12.2.0.1.190716 Patch 29699168 for UNIX, or
Combo OJVM Update 12.2.0.1.190716 and GI Update
12.2.0.1.190716 Patch 29699173, or
Quarterly Full Stack download for Exadata (Jul2019)
12.2.0.1 Patch 29698940, or
Quarterly Full Stack download for SuperCluster
(Q2.2019) Patch 29252451 for Solaris SPARC 64-Bit
|
CVE-2018-11058, CVE-2019-2776,
CVE-2019-2569, CVE-2019-2753, CVE-2016-9572, CVE-2019-2749
|
OJVM Update Patches are not RAC Rolling installable.
However, NOTE 2217053.1 defines a few specific situations
where the OJVM PSU patchset can be postinstalled into each database while
the database remains in unrestricted "startup" mode. Please refer
to the NOTE for more details.
Combos are for environments that take a single downtime
to apply all patches
See Note 1929745.1, Oracle Recommended Patches
-- "Oracle JavaVM Component Database PSU and Update" (OJVM PSU
and OJVM Update) Patches
The Quarterly Full Stack download patch for
SuperCluster (Q3.2019) for Solaris SPARC 64-Bit is being skipped.
Until the Q4.2019 patch is available in the fourth quarter of
2019, use the Q2.2019 patch; Patch 29252451.
|
|
Oracle Database Server home
|
Database Jul 2019 Update 12.2.0.1.190716 Patch 29757449 for UNIX, or
Database Jan 2019 Revision 12.2.0.1.190716 Patch 29708478, or
Database Apr 2019 Revision 12.2.0.1.190716 Patch 29708381, or
GI Jul 2019 Update 12.2.0.1.190716 Patch 29708720, or
GI Jan 2019 Revision 12.2.0.1.190716 Patch 29708822, or
GI Apr 2019 Revision 12.2.0.1.190716 Patch 29708786, or
Microsoft Windows 32-Bit and x86-64 RU 12.2.0.1.190716 Patch 29832062, or later;
Quarterly Full Stack download for Exadata (Jul2019)
12.2.0.1 Patch 29698940, or
Quarterly Full Stack download for SuperCluster
(Q2.2019) Patch 29252451 for Solaris SPARC 64-Bit
|
CVE-2018-11058, CVE-2019-2776,
CVE-2019-2569, CVE-2019-2753, CVE-2016-9572, CVE-2019-2799 (Win only)
|
The Quarterly Full Stack download patch for
SuperCluster (Q3.2019) for Solaris SPARC 64-Bit is being skipped.
Until the Q4.2019 patch is available in the fourth quarter of
2019, use the Q2.2019 patch; Patch 29252451.
|
|
Oracle Database Server home
|
OJVM Update 12.2.0.1.190716 Patch 29774415 for UNIX, or
OJVM Microsoft Windows Bundle Patch 12.2.0.1.190716 Patch 29837425
|
CVE-2019-2749
|
OJVM Update Patches are not RAC Rolling installable.
However, NOTE 2217053.1 defines a few specific situations
where the OJVM PSU patchset can be postinstalled into each database while
the database remains in unrestricted "startup" mode. Please refer
to the NOTE for more details.
See Note 1929745.1, Oracle Recommended Patches
-- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
|
|
Oracle Database Client home
|
Database Jul 2019 Update 12.2.0.1.190716 Patch 29757449 for UNIX, or
Database Jan 2019 Revision 12.2.0.1.190716 Patch 29708478, or
Database Apr 2019 Revision 12.2.0.1.190716 Patch 29708381, or
Microsoft Windows 32-Bit and x86-64 RU 12.2.0.1.190716 Patch 29832062, or
later
|
Released July 2019
|
The Instant Client installation is not
the same as the client-only Installation. For additional information about
Instant Client installations, see Oracle Call Interface Programmer's Guide.
|
3.1.4.5 Oracle Database 12.1.0.2
Error
Correction information for Oracle Database 12.1.0.2
|
Patch Information
|
12.1.0.2
|
Comments
|
|
Final CPU
|
July 2021
|
|
|
On-Request platforms
|
32-bit client-only platforms
|
|
Patch
Availability for Oracle Database 12.1.0.2
If the Combo patches that are listed
in the first row are applied, then the patches listed in Rows 2 and 3 do not
need to be applied.
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Database Server home
|
Combo OJVM PSU 12.1.0.2.190716 and Database PSU 12.1.0.2.190716 Patch 29699220 for UNIX, or
Combo OJVM PSU 12.1.0.2.190716 and GI PSU
12.1.0.2.190716 Patch 29699244 , or
Combo OJVM PSU 12.1.0.2.190716 and Database Proactive
BP 12.1.0.2.190716 Patch 29699255 for UNIX, or
Quarterly Full Stack download for Exadata (Jul2019) BP
12.1.0.2 Patch 29698894, or
Quarterly Full Stack download for SuperCluster
(Q2.2019) Patch 29252451 for Solaris SPARC 64-Bit
|
CVE-2018-11058, CVE-2019-2776,
CVE-2019-2569, CVE-2019-2753, CVE-2019-2749
|
OJVM PSU Patches are not RAC Rolling installable.
However, NOTE 2217053.1 defines a few specific situations
where the OJVM PSU patchset can be postinstalled into each database while
the database remains in unrestricted "startup" mode. Please refer
to the NOTE for more details.
Combos are for environments that take a single downtime
to apply all patches
See Note 1929745.1, Oracle Recommended Patches
-- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
The Quarterly Full Stack download patch for
SuperCluster (Q3.2019) for Solaris SPARC 64-Bit is being skipped.
Until the Q4.2019 patch is available in the fourth quarter of
2019, use the Q2.2019 patch; Patch 29252451.
|
|
Oracle Database Server home
|
Database PSU 12.1.0.2.190716 Patch 29494060 for UNIX, or
GI PSU 12.1.0.2.190716 Patch 29698592, or
Microsoft Windows 32-Bit and x86-64 BP 12.1.0.2.190716 Patch 29831650, or later;
Database Proactive Bundle Patch 12.1.0.2.190716 Patch 29698629 or
Quarterly Full Stack download for Exadata (Jul2019) BP
12.1.0.2 Patch 29698894, or
Quarterly Full Stack download for SuperCluster
(Q2.2019) Patch 29252451 for Solaris SPARC 64-Bit
|
CVE-2018-11058, CVE-2019-2776,
CVE-2019-2569, CVE-2019-2753, CVE-2019-2799 (Win only)
|
The Quarterly Full Stack download patch for
SuperCluster (Q3.2019) for Solaris SPARC 64-Bit is being skipped.
Until the Q4.2019 patch is available in the fourth quarter of
2019, use the Q2.2019 patch; Patch 29252451.
|
|
Oracle Database Server home
|
Oracle JavaVM Component Database PSU 12.1.0.2.190716 Patch 29774383 for UNIX, or
Oracle JavaVM Component Microsoft Windows Bundle Patch
12.1.0.2.190716 Patch 29837393
|
CVE-2019-2749
|
OJVM PSU Patches are not RAC Rolling installable.
However, NOTE 2217053.1 defines a few specific situations
where the OJVM PSU patchset can be postinstalled into each database while
the database remains in unrestricted "startup" mode. Please refer
to the NOTE for more details.
All OJVM PSU since 12.1.0.2.161018 includes Generic
JDBC Patch 23727148
See Note 1929745.1, Oracle Recommended Patches
-- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
|
|
Oracle Database Server home
|
Oracle JavaVM Component Database PSU -
Generic JDBC 12.1.0.2.160719 Patch 23727148
|
Released July 2016
|
|
|
Oracle Database Client home
|
Database PSU 12.1.0.2.190716 Patch 29494060 for UNIX, or
Microsoft Windows 32-Bit and x86-64 BP 12.1.0.2.190716 Patch 29831650
|
Released July 2019
|
The Instant Client installation is not
the same as the client-only Installation. For additional information about
Instant Client installations, see Oracle Call Interface Programmer's Guide.
|
3.1.4.6 Oracle Database 11.2.0.4
Error
Correction information for Oracle Database 11.2.0.4
|
Patch Information
|
11.2.0.4
|
Comments
|
|
Final CPU
|
October 2020
|
|
|
On-Request platforms
|
HP-UX PA RISC
IBM: Linux on System Z
32-bit client-only platforms except Linux x86
|
|
|
On-Request platforms
|
32-bit client-only platforms except
Linux x86
|
|
Patch
Availability for Oracle Database 11.2.0.4
If the Combo patches that are listed
in the first row are applied, then the patches listed in Rows 2 and 3 do not
need to be applied.
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Database Server home
|
Combo OJVM PSU 11.2.0.4.190716 and Database PSU
11.2.0.4.190716 Patch 29699294 for UNIX, or
Combo OJVM PSU 11.2.0.4.190716 and GI PSU
11.2.0.4.190716 Patch 29699309 for UNIX, or
Combo OJVM PSU 11.2.0.4.190716 and Exadata BP
11.2.0.4.190716 Patch 29699324
|
CVE-2018-11058, CVE-2019-2569,
CVE-2019-2753, CVE-2019-2749
|
From Jan2019 onwards the OJVM now only supports JDK7
for security compliance. Please ensure that if there are applications with
an OJVM dependency that they are compatible with JDK7.
OJVM PSU Patches are not RAC Rolling installable.
However, NOTE 2217053.1 defines a few specific situations
where the OJVM PSU patchset can be postinstalled into each database while
the database remains in unrestricted "startup" mode. Please refer
to the NOTE for more details.
Combos are for environments that take a single downtime
to apply all patches
See Note 1929745.1, Oracle
Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU)
Patches
There is no Database SPU for 11.2.0.4 for the July 2019
cycle as there are no new CPU security vulnerabilities applicable. Future
patches are planned until end of Error Correction listed in the table above.
|
|
Oracle Database Server home
|
Database PSU 11.2.0.4.190716 Patch 29497421 for UNIX, or
GI PSU 11.2.0.4.190716 Patch 29698727 for UNIX, or
Microsoft Windows (32-Bit) and x64 (64-Bit) BP
11.2.0.4.190716 Patch 29596609, or later;
Quarterly Database Patch for Exadata BP 11.2.0.4.190716 Patch 29698813 for UNIX, or
Quarterly Full Stack download for Exadata (Jul2019) BP
11.2.0.4 Patch 29698849, or
Quarterly Full Stack download for SuperCluster
(Q2.2019) Patch 29252451 for Solaris SPARC 64-Bit
|
CVE-2018-11058, CVE-2019-2569,
CVE-2019-2753, CVE-2019-2799 (Win only)
|
There is no Database SPU for 11.2.0.4 for the July 2019
cycle as there are no new CPU security vulnerabilities applicable. Future
patches are planned until end of Error Correction listed in the table
above.
The Quarterly Full Stack download patch for
SuperCluster (Q3.2019) for Solaris SPARC 64-Bit is being skipped.
Until the Q4.2019 patch is available in the fourth quarter of
2019, use the Q2.2019 patch; Patch 29252451.
|
|
Oracle Database Server home
|
Oracle JavaVM (OJVM) Component Database PSU
11.2.0.4.190716 Patch 29610422 for UNIX, or
Oracle JavaVM (OJVM) Component Database PSU
11.2.0.4.190716 Patch 30012911 for Microsoft Windows
|
CVE-2019-2749
|
From Jan2019 onwards the OJVM now only supports JDK7
for security compliance. Please ensure that if there are applications with
an OJVM dependency that they are compatible with JDK7.
OJVM PSU 11.2.0.4.161018 and greater includes Generic
JDBC Patch 23727132
See Note 1929745.1, Oracle
Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU)
Patches
|
|
Oracle Database Server home
|
Oracle JavaVM Component Database PSU - Generic JDBC
11.2.0.4.160719 Patch 23727132
|
Released July 2016
|
For RAC deployments, this patch should be applied to
Grid Infrastructure Home instead of OJVM PSU 11.2.0.4.4, or higher
See Note 1929745.1, Oracle
Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU)
Patches
|
|
Oracle Database Client home
|
Database PSU 11.2.0.4.190716 Patch 29497421 for UNIX, or
Microsoft Windows (32-Bit) and x64 (64-Bit) BP
11.2.0.4.190716 Patch 29596609, or
later
|
Released July 2019
|
The Instant Client installation is not
the same as the client-only Installation. For additional information about
Instant Client installations, see Oracle Call Interface Programmer's Guide.
|
3.1.5 Oracle
Database Mobile/Lite Server
Error Correction
Information for Oracle Database Mobile Server
|
Patch Information
|
12.1 (Mobile Server)
|
11.3 (Mobile Server)
|
Comments
|
|
Final CPU
|
-
|
October 2021
|
|
Patch
Availability for Oracle Database Mobile Server 12.1.x
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
12.1
|
12.1.0.0 BP Patch 21974980
|
Released October 2015
|
|
Patch
Availability for Oracle Database Mobile Server 11.3.x
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.3
|
11.3.0.2 BP Patch 21950285
|
Released October 2015
|
|
3.1.6 Oracle
GoldenGate
Error
Correction information for Oracle GoldenGate
|
Component
|
12.3.0.1
|
12.2.0.2
|
12.1.2.1
|
11.2.1.0
|
Comments
|
|
Final CPU
|
July 2025
|
October 2023
|
October 2021
|
January 2020
|
|
Patch
Availability for Oracle GoldenGate
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
12.3.0.1
|
Install 12.3.0.1.4 Path Set (Available on
edelivery/OTN)
|
Released October 2018
|
Refer to Note 1645495.1 for the latest release and
additional platforms.
|
|
12.2.0.2
|
Oracle GoldenGate 12.2.0.2.181009 for
Oracle 12c, Patch 28651610
Oracle GoldenGate 12.2.0.2.181009 for Oracle 11g, Patch 28651607
|
Released October 2018
|
Refer to Note 1645495.1 for the latest release and
additional platforms.
|
|
12.1.2.1
|
Oracle GoldenGate 12.1.2.1.181016 for
Oracle 12c, Patch 28696813
Oracle GoldenGate 12.1.2.1.181016 for Oracle 11g, Patch 28696808
|
Released October 2018
|
Refer to Note 1645495.1 for the latest release and
additional platforms.
|
|
11.2.1.0
|
Upgrade to OGG 12.1.2.1 or later and
apply the applicable Security patches listed above
|
-
|
Refer to Note 1645495.1 for the latest release and
additional platforms.
|
3.1.7 Oracle GoldenGate
for Big Data (Formerly known as Oracle GoldenGate Application Adapters)
Error
Correction information for Oracle GoldenGate for Big Data
|
Component
|
12.3.1.1.0
|
12.3.0.1.0
|
12.2.0.1.0
|
Comments
|
|
Final CPU
|
December 2019
|
December 2019
|
December 2018
|
|
Patch
Availability for Oracle GoldenGate for Big Data
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
12.3.1.1
|
Oracle GoldenGate for Big Data 12.3.1.1.6 Patch 28577949
|
Released October 2018
|
Refer to Note 1645495.1 for the latest release and
additional platforms
|
|
12.3.2.1
|
Oracle GoldenGate for Big Data
12.3.2.1.0 Release
|
Released January 2019
|
Download the release from OTN
|
|
12.2.0.1
|
Oracle GoldenGate Application
Adapters Patch 28330342
|
Released October 2018
|
Refer to Note 1645495.1 for the latest release and
additional platforms
|
3.1.8 Oracle
GoldenGate Veridata
Error
Correction information for Oracle GoldenGate Veridata
|
Component
|
11.2.1.0
|
Comments
|
|
Final CPU
|
October 2020
|
|
Patch
Availability for Oracle GoldenGate Veridata
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.2.1.0
|
oracle goldengate veridata v11.2.1.0.2 java agent - Patch 27425665
oracle goldengate veridata v11.2.1.0.2 server - Patch 27425668
|
Released April 2018
|
Golden Gate Veridata Patch
|
3.1.9 Oracle
Secure Backup
Error
Correction information for Oracle Secure Backup
|
Patch Information
|
|
Comments
|
|
Final CPU
|
January 2020
|
|
Minimum
Product Requirements for Oracle Secure Backup
Critical Patch Update security
vulnerabilities are fixed in the listed releases. The Oracle Secure Backup
downloads and installation instructions can be found at http://www.oracle.com/technetwork/database/database-technologies/secure-backup/overview/index.html
|
Product
|
Release
|
Advisory Number
|
Comments
|
|
Oracle Secure Backup
|
12.1.0.3
|
Released April 2017
|
|
3.2 Oracle Enterprise Manager
This section contains the following:
·
Section 3.2.1 "Oracle Application Performance
Management"
·
Section 3.2.2 "Oracle Application Testing
Suite"
·
Section 3.2.3 "Oracle Business Transaction
Management"
·
Section 3.2.4 "Oracle Enterprise Manager Cloud
Control"
·
Section 3.2.5 "Oracle Enterprise Manager Ops
Center"
·
Section 3.2.6 "OSS Support Tools"
·
Section 3.2.7 "Oracle Configuration Manager"
3.2.1 Oracle Application Performance
Management
Error
Correction information for Oracle Application Performance Management
|
Patch Information
|
12.1.0.7
|
Comments
|
|
Final CPU
|
-
|
|
|
On-Request platforms
|
-
|
|
Minimum
Product Requirements for Oracle Application Performance Management
Critical Patch Update security
vulnerabilities are fixed in the listed releases. For more information on
Oracle Application Performance Management, see http://www.oracle.com/technetwork/oem/app-performance-mgmt/index.html.
|
Product Version
|
Patch
|
Advisory Number
|
Comments
|
|
12.1.0.7
|
12.1.0.7.11 Release Patch 25244272
|
Released July 2017
|
|
3.2.2 Oracle
Application Testing Suite
Error
Correction information for Oracle Application Testing Suite
|
Patch Information
|
13.3.0.1
|
13.2.0.1
|
13.1.0.1
|
12.5.0.3
|
Comments
|
|
Final CPU
|
-
|
-
|
-
|
April 2020
|
|
Patch
Availability for Oracle Application Testing Suite
These patches contain Critical Patch Update
security vulnerabilities fixes for this release. All previous versions will
need to be upgraded to the minimum version. Then, apply the following patches
to fix the announced security vulnerabilities. For Oracle Application Testing
Suite downloads and installation instructions, see http://www.oracle.com/technetwork/oem/downloads/index-084446.html.
|
Product Home
|
UNIX
|
Advisory Number
|
Comments
|
|
Base Platform Fusion Middleware home
|
See "Oracle WebLogic Server"
(Version 12.1.3.0)
|
Released January 2019
|
See "Oracle WebLogic Server"
(Version 12.1.3.0.0)
|
|
13.3.0.1
|
EM BP Application Testing Suite CPU
Jul2019 Patch 29920866
|
CVE-2019-2727, CVE-2016-1000031,
CVE-2019-2725
|
|
|
13.2.0.1
|
EM BP Application Testing Suite CPU Jul2019 Patch 29920864
|
CVE-2016-1000031, CVE-2019-2725
|
|
|
13.1.0.1
|
EM BP Application Testing Suite CPU
Jul2019 Patch 29907188
|
CVE-2016-1000031, CVE-2019-2725
|
|
|
12.5.0.3
|
Please upgrade to 13.x version of OATS
|
Released January 2019
|
|
3.2.3 Oracle
Business Transaction Management
Error
Correction Information for Oracle Business Transaction Management
|
Component
|
12.1.0.7
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for Oracle Business Transaction Management
|
Product Home
|
Patch
|
Advisory Number
|
Comment
|
|
BTM Home
|
BTM Patch 12.1.0.7.15 Patch 29135901
|
Released April 2019
|
|
3.2.4 Oracle Enterprise
Manager Cloud Control
If your plans include updating the
JDK version, please be sure that the JDK version that you choose is certified
with your OEM Cloud Control Component. Please refer to Note 2241358.1 for upgrading the JDK Component related to OEM Cloud
Control Component.
Error
Correction information for Oracle Enterprise Manager Cloud Control
|
Patch Information
|
13.3.0.0
|
13.2.0.0
|
12.1.0.5
|
Comments
|
|
Final CPU
|
-
|
July 2019
|
October 2019
|
|
|
On-Request platforms
|
-
|
-
|
-
|
|
Availability
for Oracle Enterprise Manager Cloud Control 13c Release 2 (13.3.0.0)
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
Base Platform Repository home
|
See "Oracle Database"
|
|
|
|
Base Platform Fusion Middleware home
|
See "Oracle WebLogic Server" (Version 12.1.3.0)
|
|
|
|
Base Platform OMS home
|
Base Release 13.3
|
Released April 2019
|
Fix is included in the Base release
itself
|
|
Base Platform OMS home
|
EM BP Patch Set Update 13.3.0.0.190716 Patch 29835547
|
CVE-2019-2725, CVE-2018-8039,
CVE-2019-0222, CVE-2018-11775, CVE-2019-1559
|
|
|
Base Platform OMS home
|
OSS Bundle Patch 12.1.3.0.190716. All
Platforms are on-request. For details, see section 1.3 On-Request Patches
|
CVE-2018-11058
|
Oracle Security Service (SSL/Network) Patch for Oracle
HTTP server (OHS)
Note 2573251.1 Critical Patch Update July 2019
Mitigation Steps for OHS/OSS 12.1.3 Patches
All Platforms are on-request. For details, see section 1.3 On-Request Patches
|
|
Base Platform OMS home
|
OHS 12.1.3 SPU for July 2019CPU Patch 30112527
|
CVE-2019-2751
|
Note 2572758.1 Cumulative README Post-Install
Steps for Oracle HTTP Server 12.1.3 Critical Patch Update
Refer to 2.2 Post Release Patches for patch availability
Note 2314658.1 SSL Configuration Required to
Secure Oracle HTTP Server After Applying Security Patch Updates
Note 2350321.1 Preventing Slow HTTP DoS Attacks
on Oracle HTTP Server After Applying Security Patch Updates
|
|
Base Platform Agent home
|
EM VT Plugin Bundle Patch 13.3.1.0.190630
(Agent Monitoring) Patch 29906157
|
CVE-2018-19362
|
|
|
EM Cloud Control Connectors
|
See Announcement on MOSC
|
Released April 2019
|
|
|
EM for Fusion Middleware
|
EM for OMS plugin 13.3.1.0.190630 Patch 29893537
|
CVE-2018-1000180
|
|
Patch
Availability for Oracle Enterprise Manager Cloud Control 13c Release 1 (13.2.0.0)
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
Base Platform Repository home
|
See "Oracle Database"
|
See "Oracle Database"
|
|
|
Base Platform Fusion Middleware home
|
See "Oracle WebLogic Server" (Version 12.1.3.0)
|
See "Oracle WebLogic Server" (Version 12.1.3.0.0)
|
|
|
Base Platform OMS home
|
Base Release 13.2
|
Released April 2019
|
Fix is included in the Base release
itself
|
|
Base Platform OMS home
|
EM BP Patch Set Update 13.2.0.0.190716 Patch 29835501
|
CVE-2019-2725, CVE-2018-8039,
CVE-2019-0222, CVE-2018-11775, CVE-2019-1559
|
|
|
EM Cloud Control Connectors
|
See Announcement on MOSC
|
Released April 2019
|
|
|
Base Platform OMS home
|
EM for OMS Plugins 13.2.3.0.180630 Patch 28170938 or later
EM for OMS Plugins 13.2.2.0.180630
Patch 28170918 or later
|
Released July 2018
|
|
|
Base Platform Agent home
|
EM VT Plugin Bundle Patch
13.2.3.0.181231 (Agent Monitoring) Patch 29047624 Patch 28195767
|
Released January 2019
|
|
|
Base Platform Agent Home
|
EM for OMS plugin 13.2.3.0.190630 Patch 29893499 or later
EM for OMS plugin 13.2.2.0.190630 Patch 29893490 or later
|
CVE-2018-1000180
|
|
|
Base Platform Agent home
|
EM VT Plugin Bundle Patch
13.2.2.0.190630 (Agent Monitoring) Patch 29893650
|
CVE-2018-19362
|
|
|
Base Platform Agent home
|
EM for PeopleSoft 13.2.1.1.0 Patch 28243206 or EM for PeopleSoft 13.1.1.1.0 Patch 28243212
|
Released July 2018
|
|
|
Base Platform Agent home
|
EM for MYSQL Database 13.2.4.0.0 Patch 28788540
|
Released October 2018
|
|
|
Base Platform OMS home
|
OSS Bundle Patch 12.1.3.0.190716. All
Platforms are on-request. For details, see section 1.3 On-Request Patches
|
CVE-2018-11058
|
Oracle Security Service (SSL/Network) Patch for Oracle
HTTP server (OHS)
Note 2573251.1 Critical Patch Update July 2019
Mitigation Steps for OHS/OSS 12.1.3 Patches
All Platforms are on-request. For details, see section 1.3 On-Request Patches
|
|
Base Platform OMS home
|
OHS 12.1.3 SPU for July 2019CPU Patch 30112527
|
CVE-2019-2751
|
Note 2572758.1 Cumulative README Post-Install
Steps for Oracle HTTP Server 12.1.3 Critical Patch Update
Refer to 2.2 Post Release Patches for patch
availability
Note 2314658.1 SSL Configuration Required to
Secure Oracle HTTP Server After Applying Security Patch Updates
Note 2350321.1 Preventing Slow HTTP DoS Attacks
on Oracle HTTP Server After Applying Security Patch Updates
|
|
Base Platform OMS home
|
SPU Patch 25322055
|
Released in January 2017
|
Oracle ADF Patch 12.1.3.0
This patch is necessary for any co-located installations where ADF exists.
|
Patch
Availability for Oracle Enterprise Manager Cloud Control 12c Release 5
(12.1.0.5)
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
Base Platform Repository home
|
See "Oracle Database"
|
See "Oracle Database"
|
|
|
Base Platform Fusion Middleware home
|
See "Oracle WebLogic Server" (Version 10.3.6.0)
|
See "Oracle WebLogic Server" (Version 10.3.6.0)
|
|
|
Base Platform Fusion Middleware home
|
CPU Patch 23703041
|
Released July 2016
|
Oracle Business Intelligence Publisher
BP 11.1.1.7.160719 patch for BIP home in Enterprise Manager
|
|
Base Platform OMS home
|
EM BP Patch Set Update 12.1.0.5.190716 Patch 29835388
|
CVE-2019-2725, CVE-2018-8039,
CVE-2019-0222, CVE-2018-11775, CVE-2019-1559
|
|
|
Base Platform Fusion Middleware home
|
JSP 11.1.1.7.0 SPU for EM 12.1.0.5
(CPUAPR2018) Patch 27872862
|
Released April 2018
|
JSP 11.1.1.7.0 SPU patch
|
|
Base Platform Agent home
|
BP Patch 22317311
|
Released January 2016
|
Apply to Agent core Oracle Home, after
applying agent patch 25456449, 22342358
|
|
Base Platform Agent home
|
BP Patch 22342358
|
Released January 2016
|
Apply 22342358 to Agent sbin Oracle Home after applying
agent Patch 28193486. Then apply Patch 22317311.
If patches 22342358 and 22317311 were applied earlier, no need to reapply.
|
|
Base Platform Fusion Middleware home
|
SPU Patch 22013598
|
Released January 2016
|
Web Cache Patch
Apply to Oracle_WT
Post installation steps are not applicable for
Enterprise Manager
|
|
Plugin home
|
BP Patch 28347732
|
Released July 2018
|
|
|
Base Platform Agent home
|
BP Patch 28193486
|
Released July 2018
|
|
|
Base Platform Fusion Middleware home
|
OHS 11.1.1.7.0 SPU for cpujan2018 Patch 27197885
|
Released January 2018
|
Note 2314658.1 SSL Configuration Required to
Secure Oracle HTTP Server After Applying Security Patch Updates
Note 2350321.1 Preventing Slow HTTP DoS Attacks
on Oracle HTTP Server After Applying Security Patch Updates
See Note 2400141.1 before applying this patch
Oracle HTTP Server 11.1.1.7 Patch for Oracle_WT OH
|
|
Base Platform Fusion Middleware home
|
CPU Patch 19345576
|
Released January 2015
|
Oracle Process Management and Notification (OPMN) Patch
for Oracle_WT OH
Note 1905314.1
|
|
Base Platform Fusion Middleware home
|
SPU Patch 17337741
|
Released October 2013
|
Oracle Security Service (SSL/Network)
Patch for Oracle_WT OH
|
3.2.5 Oracle
Enterprise Manager Ops Center
Error
Correction information for Oracle Enterprise Manager Ops Center
|
Patch Information
|
12.4.x
|
12.3.x
|
Comments
|
|
Final CPU
|
-
|
Jun 2020
|
|
Patch
Availability for Oracle Enterprise Manager Ops Center
These patches contain Critical Patch
Update security vulnerabilities fixes for this release. All previous versions
will need to be upgraded to the minimum version. Then, apply the following
patches to fix the announced security vulnerabilities. For Oracle Enterprise
Manager Ops Center downloads and installation instructions,
see http://www.oracle.com/technetwork/oem/ops-center/oem-ops-center-188778.html.
|
Product Home
|
UNIX
|
Advisory Number
|
Comments
|
|
12.4.0
|
OpsCenter UCE patches for CPU Jul2019 Patch 30044132
|
CVE-2019-3822, CVE-2019-0211,
CVE-2019-1559, CVE-2019-2728
|
|
|
12.3.3
|
OpsCenter UI and other patches for CPU
Apr2019 Patch 29623898
|
Released April 2019
|
|
|
12.3.3
|
OpsCenter UCE patches for CPU Jul2019 Patch 29943334
|
CVE-2019-2728, CVE-2019-1559, CVE-2019-0211,
CVE-2019-3822
|
|
3.2.6 OSS
Support Tools
Error
Correction information for OSS Support Tools
|
Patch Information
|
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for OSS Support Tools
|
Product Home
|
Solaris
|
Advisory Number
|
Comments
|
|
|
Patch 22783063
|
|
See My Oracle Support Note 1153444.1, Oracle
Services Tools Bundle (STB) - RDA/Explorer, SNEEP, ACT
|
3.2.7 Oracle
Configuration Manager
Minimum
Product Requirements for Oracle Configuration Manager
Critical Patch Update security
vulnerabilities are fixed in the listed releases.
Oracle Configuration Manager can be downloaded from MOS (support.oracle.com).
Customer can use collector tab to down the Oracle Configuration Manager
Collector.
|
Component
|
Release
|
Advisory Number
|
Comments
|
|
Oracle Configuration Manager
|
12.1.2.0.6
|
Released October 2018
|
|
3.3 Oracle Fusion Middleware
This section contains the following:
·
Section 3.3.1 "Management Pack For Oracle
GoldenGate"
·
Section 3.3.2 "NetBeans IDE"
·
Section 3.3.3 "Oracle API Gateway"
·
Section 3.3.4 "Oracle Big Data Discovery"
·
Section 3.3.5 "Oracle Business Intelligence
Enterprise Edition"
·
Section 3.3.6 "Oracle Business Intelligence
Publisher"
·
Section 3.3.7 "Oracle Complex Event
Processing"
·
Section 3.3.8 "Oracle Data Quality for Oracle Data
Integrator"
·
Section 3.3.9 "Oracle Data Visualization
Desktop"
·
Section 3.3.10 "Oracle Endeca Server"
·
Section 3.3.11 "Oracle Endeca Information
Discovery Integrator"
·
Section 3.3.12 "Oracle Endeca Information
Discovery Studio"
·
Section 3.3.13 "Oracle Enterprise Data
Quality"
·
Section 3.3.14 "Oracle Enterprise Repository"
·
Section 3.3.15 "Oracle Exalogic Patch Set Update
(PSU)"
·
Section 3.3.16 "Oracle Fusion Middleware"
·
Section 3.3.17 "Oracle Hyperion Analytic Provider
Services"
·
Section 3.3.18 "Oracle Hyperion Workspace"
·
Section 3.3.19 "Oracle Hyperion Common
Security"
·
Section 3.3.20 "Oracle Hyperion Data Relationship
Management"
·
Section 3.3.21 "Oracle Hyperion Enterprise
Performance Management Architect"
·
Section 3.3.22 "Oracle Hyperion Essbase"
·
Section 3.3.23 "Oracle Hyperion Financial
Management"
·
Section 3.3.24 "Oracle Hyperion Financial
Reporting"
·
Section 3.3.25 "Oracle Hyperion Planning"
·
Section 3.3.26 "Oracle Hyperion Strategic
Finance"
·
Section 3.3.27 "Oracle Identity and Access
Management"
·
Section 3.3.28 "Oracle Identity Analytics"
·
Section 3.3.29 "Reserved for Future Use"
·
Section 3.3.30 "Oracle Identity Management
Connector"
·
Section 3.3.31 "Oracle JDeveloper and Oracle
ADF"
·
Section 3.3.32 "Oracle Map Viewer"
·
Section 3.3.33 "Reserved for Future Use"
·
Section 3.3.34 "Oracle Outside In Technology"
·
Section 3.3.35 "Oracle Real Time Decisions
Applications"
·
Section 3.3.36 "Oracle Real Time Decisions
Platform"
·
Section 3.3.37 "Oracle Service Architecture
Leveraging Tuxedo (SALT)"
·
Section 3.3.38 "Oracle SOA Suite"
·
Section 3.3.39 "Oracle Traffic Director"
·
Section 3.3.40 "Oracle Tuxedo"
·
Section 3.3.41 "Oracle Tuxedo System and
Applications Monitor Plus (TSAM Plus)"
·
Section 3.3.42 "Oracle Web-Tier 11g Utilities"
·
Section 3.3.43 "Oracle WebCenter"
·
Section 3.3.44 "Oracle WebCenter Content (Formerly
Oracle Universal Content Management)"
·
Section 3.3.45 "Oracle WebCenter Portal"
·
Section 3.3.46 "Oracle WebCenter Sites (Formerly
FatWire Content Server)"
·
Section 3.3.47 "Oracle WebCenter Sites
Community"
·
Section 3.3.48 "Oracle WebCenter Suite"
·
Section 3.3.49 "Oracle WebLogic Portal"
·
Section 3.3.50 "Oracle WebLogic Server"
3.3.1 Management Pack For Oracle
GoldenGate
Error
Correction information for Management Pack For Oracle GoldenGate
|
Patch Information
|
12.1.3.x
|
11.2.1.0
|
Comments
|
|
Final CPU
|
July 2022
|
April 2020
|
|
Patch
Availability for Management Pack For Oracle GoldenGate
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.2.1.0
|
Oracle Goldengate Monitor v11.2.1.0.13 or later Patch 27221310
|
Released April 2018
|
Oracle GoldenGate Monitor patch
|
3.3.2 NetBeans IDE
Minimum
Product Requirements for NetBeans IDE
Critical Patch Update security
vulnerabilities are fixed in the listed releases. For NetBeans IDE downloads,
see https://netbeans.org/downloads/
|
Product Home
|
Release
|
Advisory Number
|
Comments
|
|
NetBeans IDE
|
8.2
|
Released October 2016
|
|
3.3.3 Oracle API Gateway
Error
Correction information for Oracle API Gateway
|
Patch Information
|
11.1.2.4.0
|
Comments
|
|
Final CPU
|
March 2021
|
|
Patch
Availability for Oracle API Gateway
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2.4.0
|
OAG 11.1.2.4.0 SPU for AprCPU2019 Patch 29494469
|
Released April 2019
|
|
3.3.4 Oracle Big Data Discovery
Minimum Product Requirements for Oracle Big Data Discovery
Critical
Patch Update security vulnerabilities are fixed in the listed release only
and installations with any prior versions will need to move to the listed version. For Oracle Big Data
Discovery downloads, see https://edelivery.oracle.com and search for "Oracle Big Data Discovery".
|
Product
|
Release
|
Advisory
Number
|
Comments
|
|
Oracle Big Data Discovery
|
Big Data Discovery 1.6 SPU for October Patch 28780089
|
Released October 2018
|
|
3.3.5 Oracle
Business Intelligence Enterprise Edition
Error
Correction information for Oracle Business Intelligence Enterprise Edition
|
Patch Information
|
12.2.1.4.0
|
11.1.1.9
|
Comments
|
|
Final CPU
|
-
|
|
11.1.1.9.0 End of Error Correction for
Extended Support Customer only beyond Dec 2018
|
Patch Availability
for Oracle Business Intelligence Enterprise Edition
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Database home
|
See "Oracle Database"
|
See "Oracle Database"
|
Patch any Database Server associated to a Fusion
Middleware installation
|
|
Oracle Java SE home
Oracle JRockit 28.x home
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 1492980.1, How to
Install and Maintain the Java SE Installed or Used with FMW 11g/12c
Products
|
|
Oracle WebLogic Server home
|
See "Oracle WebLogic Server"
|
See "Oracle WebLogic Server"
|
See Note 1306505.1, Patch Set
Update (PSU) Administration Guide for Oracle WebLogic Server (WLS)
|
|
OBIEE 12.2.1.4 home
|
See "Oracle Fusion Middleware 12c"
|
See "Oracle Fusion Middleware 12c"
|
Apply all 12.2.1.3 patches listed for
"Oracle Fusion Middleware Infrastructure (WebLogic Server for FMW)"
|
|
12.2.1.4 Oracle Business Intelligence
Enterprise Edition
|
OSS Bundle Patch 12.2.1.3.190716 Patch 29321695
|
CVE-2018-11058
|
Oracle Security Service (SSL/Network) Patch
Please refer to 2.2 Post Release Patches for AIX Platform Patch
|
|
12.2.1.4 Oracle Business Intelligence
Enterprise Edition
|
OBI Bundle Patch 12.2.1.4.190716 Patch 29640387
|
CVE-2019-2768, CVE-2019-2771,
CVE-2019-2742, CVE-2019-2767, CVE-2015-9251
|
|
|
11.1.1.9
|
Oracle BI Suite BP 11.1.1.9.190716 Patch 29994430
|
CVE-2019-2768, CVE-2019-2771, CVE-2019-2742,
CVE-2019-2767, CVE-2015-9251
|
|
|
11.1.1.9
|
Oracle Business Intelligence Enterprise Edition Third Party BP 11.1.1.9.1 Patch 21235195 or higher
|
Released July 2015
|
BIEE Third Party Bundle Patch
|
|
DAC 11.1.1.6.4 home
|
Patch 27825965- DAC
11.1.1.6.4 / OBI application 7.9.6.4 SPU for apr2018cpu
|
Released April 2018
|
Patch can be installed in any home
|
3.3.6 Oracle
Business Intelligence Publisher
Error
Correction information for Oracle Business Intelligence Publisher
|
Patch Information
|
12.2.1.4
|
11.1.1.9
|
Comments
|
|
Final CPU
|
-
|
|
|
Patch
Availability for Oracle Business Intelligence Publisher
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.1.9
|
Oracle BI Suite BP 11.1.1.9.190416 Patch 29492717
|
Released April 2019
|
|
|
|
Patch 24580895
|
Released October 2016
|
|
|
|
Patch 17081528
|
Released October 2016
|
|
|
|
WLS 10.3.6.0.181016 Patch 28343311 SU Patch [GENM] or Later
|
Released October 2018
|
WLS 10.3.6 Interim Patch or WLS PSU
|
3.3.7 Oracle
Complex Event Processing
Error
Correction information for Oracle Complex Event Processing
|
Patch Information
|
CEP 12.1.3
|
Comments
|
|
Final CPU
|
December 2019
|
|
Patch
Availability for Oracle Complex Event Processing
See also the underlying product stack
tables (JRockit and WLS) for any applicable patches.
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
12.1.3.0
|
SPU Patch 21071699
|
Released July 2015
|
|
3.3.8 Oracle
Data Quality for Oracle Data Integrator
Error
Correction information for Oracle Data Quality for Oracle Data Integrator
|
Patch Information
|
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for Oracle Data Quality for Oracle Data Integrator
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.1.3.0
|
CPU Patch 21418574
|
Released July 2015
|
|
3.3.9 Oracle
Data Visualization Desktop
Error
Correction information for Oracle Data Visualization Desktop
|
Patch Information
|
12.2.4.1.1
|
Comments
|
|
Final CPU
|
-
|
|
Patch
availability for Oracle Data Visualization Desktop
3.3.10 Oracle
Endeca Server
Error
Correction information for Oracle Endeca Server
|
Patch Information
|
7.7
|
Comments
|
|
Final CPU
|
January 2021
|
|
Patch availability
for Oracle Endeca Server
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Endeca Server 7.7 home
|
ORACLE ENDECA SERVER 7.7 CPU JULY 2019 Patch 29632403
|
CVE-2018-0734, CVE-2019-1559
|
|
3.3.11 Oracle
Endeca Information Discovery Integrator
Error Correction
information for Oracle Endeca Information Discovery Studio Integrator
|
Patch Information
|
3.2
|
Comments
|
|
Final CPU
|
January 2021
|
|
Patch
availability for Oracle Endeca Information Discovery Studio Integrator
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Endeca Information Discovery
Integrator 3.2 home
|
ORACLE ENDECA INFORMATION DISCOVERY
INTEGRATOR 3.2 CPU JULY 2019 Patch 29940911
|
CVE-2018-15756
|
All Patches are cumulative of prior
fixes
|
3.3.12 Oracle
Endeca Information Discovery Studio
Error
Correction information for Oracle Endeca Information Discovery Studio
|
Patch Information
|
3.2
|
Comments
|
|
Final CPU
|
January 2021
|
|
Patch
availability for Oracle Endeca Information Discovery Studio
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Endeca Information Discovery
Studio 3.2 home
|
Endeca Information Discovery Studio 3.2
SPU for OctCPU2018 Patch 28771368
|
Released October 2018
|
|
3.3.13 Oracle
Enterprise Data Quality
Error
Correction information for Oracle Enterprise Data Quality
|
Patch Information
|
11.1.1.x
|
9.0
|
8.1
|
Comments
|
|
Final CPU
|
October 2021
|
October 2019
|
July 2019
|
|
Patch
Availability for Oracle Enterprise Data Quality
3.3.14 Oracle
Enterprise Repository
Error
Correction information for Oracle Enterprise Repository
|
Patch Information
|
12.1.3
|
Comments
|
|
Final CPU
|
October 2019
|
|
Patch
Availability for Oracle Enterprise Repository
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
12.1.3.0.0
|
Security Patch for OER 12.1.3 Patch 29803166
|
CVE-2019-0222
|
|
3.3.15 Oracle Exalogic
Patch Set Update (PSU)
Error
Correction information for Oracle Exalogic Patch Set Update (PSU)
|
Patch Information
|
2.x
|
1.x
|
Comments
|
|
Final CPU
|
-
|
-
|
|
Patch Set
Update Availability for Oracle Exalogic
|
Oracle Exalogic
|
Patch
|
Advisory Number
|
Comments
|
|
2.x Physical
|
2.0.6.3.181016 Physical (for all X2-2, X3-2, X4-2,
X5-2) PSU Patch 28428820
|
Released in Oct 2018
|
Note 1314535.1
|
|
2.x Virtual
|
2.0.6.3.181016 virtual (for all X2-2, X3-2, X4-2, X5-2)
PSU Patch 28428820
|
Released in Oct 2018
|
Note 1314535.1
|
|
1.x
|
Upgrade to 2.x based on information in the Comments
column. Then apply the patches listed above.
|
Released March 2012 (13795376)
Released Februrary 2013 (15931901)
|
See Patch 14834860 EECS 2.0 PHYSICAL INFRASTRUCTURE
UPGRADE KIT (V1.0.0.X.X -> EECS 2.0.0.0.0)
See Patch 14834860 Oracle Exalogic 2.0.4.0.0 Upgrade
Kit for Exalogic Solaris x86-64 (64 bit)
See Note 1314535.1, Announcing
Exalogic PSUs (Patch Set Updates)
|
3.3.16 Oracle
Fusion Middleware
For more information on how to
identify the components in an Oracle home, see Note 1591483.1, What is
Installed in My Middleware or Oracle home?.
This section contains the following:
·
Section 3.3.16.1 "Oracle Fusion Middleware
12c"
o Section 3.3.16.1.1 "Oracle Fusion Middleware
12.2.1.3"
o Section 3.3.16.1.2 "Oracle Fusion Middleware
12.1.3.0"
·
Section 3.3.16.2 "Oracle Fusion Middleware
11.1.1.9"
·
Section 3.3.16.3 "Oracle Identity Access Management
11.1.2.3"
3.3.16.1 Oracle
Fusion Middleware 12c
The sections below cover Oracle
Fusion Middleware version 12.2.x and 12.1.x
·
Section 3.3.16.1.1 "Oracle Fusion Middleware
12.2.1.3"
·
Section 3.3.16.1.2 "Oracle Fusion Middleware
12.1.3.0"
3.3.16.1.1 Oracle
Fusion Middleware 12.2.1.3
Error
Correction information for Oracle Fusion Middleware 12.2.1.3
|
Patch Information
|
12.2.1.3
|
Comments
|
|
Final CPU
|
|
See Note 1933372.1, Error Correction Support
Dates for Oracle Fusion Middleware 12c - FMW/WLS
|
|
On-Request platforms
|
-
|
|
|
Determine Components in an Oracle Home
|
-
|
See Note 1591483.1, What is Installed in My
Middleware or Oracle home?
|
|
Understanding Patch Release Versions
|
-
|
See Note 2565576.1, Understanding WebLogic
Server Patch Set Update (PSU) Release Versions
|
Patch
Availability for Oracle Fusion Middleware 12.2.1.3
|
Distribution
|
Patches
|
Advisory Number
|
Comments
|
|
Oracle Database home
|
See "Oracle Database"
|
See "Oracle Database"
|
Patch any Database Server associated to a Fusion
Middleware installation
|
|
Oracle Java SE home
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 1492980.1, How to
Maintain the Java SE Installed or Used with FMW 11g/12c Products
|
|
All 12.2.1.3 Fusion Middleware
Distributions & WebLogic home
|
OPatch 13.9.4.x for FMW/WLS 12.2.1.3.x Patch 28186730
OUI Patch Patch 29909359
|
Released in July 2019
|
Apply Opatch 13.9.4.x before applying WLS PSU. (Re
download the patch if used older patch before Feb 8 2019)
Apply Opatch 13.9.4.2 + OUI patch before applying WLS
PSU
|
|
Oracle WebLogic Server and Coherence
Oracle Fusion Middleware Infrastructure
(WebLogic Server for FMW)
Oracle HTTP Server
Oracle Forms and Reports (Standalone Forms Builder)
Oracle Internet Directory
|
WLS PATCH SET UPDATE 12.2.1.3.190522 Patch 29814665
|
CVE-2019-2729, CVE-2019-2827,
CVE-2019-2824, CVE-2019-2856, CVE-2016-7103
|
Refer to Note 2566635.1 for Patch Conflict issue.
WLS PSU should also be applied to all homes with a WLS
full or standalone domain
See Note 2395745.1, April 2018 Critical Patch
Update: Additional Information about the Oracle WebLogic Server
Vulnerability CVE-2018-2628
See Note 2421480.1, July 2018 Critical Patch
Update: Additional information about the Oracle WebLogic Server
Vulnerability CVE-2018-2933.
See Note 2076338.1, July 2018 Critical Patch
Update: Additional information about the Oracle WebLogic Server
Vulnerability CVE-2015-4852
|
|
Oracle WebLogic Server and Coherence
Oracle Fusion Middleware Infrastructure
(WebLogic Server for FMW)
|
WEBLOGIC SAMPLES SPU 12.2.1.3.190716 Patch 29659488
|
CVE-2018-15756
|
This patch is a cumulative patch for all Struts 2 CVEs
to date.
See Note 2255054.1, Oracle WebLogic Server
Requirements for Apache Struts 2 Vulnerabilities
|
|
Oracle HTTP Server
Oracle Traffic Director
Oracle Forms and Reports
|
OAM Webgate Bundle Patch
12.2.1.3.180622 Patch 28243743 or later
|
Released July 2018
|
|
|
Identity and Access Management
|
Oracle Access Manager Bundle Patch 12.2.1.3.180622 Patch 28305164 or later
|
Released July 2018
|
See Note 2386496.1, OAM CVE-2018-2879
|
|
Oracle HTTP Server
Oracle Forms and Reports
|
OHS (NATIVE) BUNDLE PATCH 12.2.1.3.0 (ID:190808.0523) Patch 30158713, or
later
|
CVE-2019-0211, CVE-2019-2751
|
Note 2568225.1 Cumulative README Post-Install
Steps for Oracle HTTP Server 12.2.1.3 Bundle Patches
Note 2314658.1 SSL Configuration Required to
Secure Oracle HTTP Server After Applying Security Patch Updates
Note 2350321.1 Preventing Slow HTTP DoS Attacks
on Oracle HTTP Server After Applying Security Patch Updates
|
|
Identity and Access Management
Oracle Unified Directory
|
Oracle Identity Manager Bundle Patch
12.2.1.3.190624 Patch 29950141
or IDM Suite Bundle Patch 12.2.1.3.190716 Patch 29830547
|
CVE-2019-2858
|
|
|
Oracle Service Bus
|
OSB BUNDLE PATCH 12.2.1.3.181006 Patch 28757972
|
Released April 2019
|
The fix was delivered to 12.2.1.3 in
Jan2019, but we are announcing it in April as 11.1.1.9 patch was delayed to
April.
|
|
Oracle HTTP Server
Oracle Forms and Reports (Standalone Forms Builder)
Oracle Internet Directory
|
OSS Bundle Patch 12.2.1.3.190716 Patch 29321695 or later
|
CVE-2018-11058
|
For AIX Platform Patch refer to 2.2 Post Release Patches
|
|
Oracle WebCenter Portal
|
WebCenter Portal Bundle Patch 12.2.1.3.190416 Patch 29510069 or Later
AND
WebCenter Core Bundle Patch 12.2.1.3.180910 Patch 28633811 or later
|
Released April 2019
|
|
|
Oracle WebCenter Sites
|
Webcenter Sites Bundle Patch
12.2.1.3.190715 Patch 29957990
|
CVE-2018-15756, CVE-2016-1000031,
CVE-2018-8013, CVE-2016-6814
|
|
|
Oracle WebCenter Content
|
WebCenter Content Bundle Patch
12.2.1.3.180417 Patch 27393392 or later
|
Released April 2018
|
|
|
Oracle Internet Directory
|
Oracle Internet Directory Bundle Patch 12.2.1.3.180116 Patch 27396651 or later
|
Released January 2018
|
|
|
Oracle SOA Suite and Business Process
|
SOA BUNDLE PATCH 12.2.1.3.190618 Patch 29928100
|
CVE-2017-5645
|
|
|
Oracle Data Integrator
|
ODI Bundle Patch 12.2.1.3.190708 Patch 29778645
|
CVE-2018-1000180
|
|
|
Oracle Fusion Middleware Infrastructure
(WebLogic Server for FMW)
|
ADF Bundle Patch 12.2.1.3.190404 Patch 29620828 or later
|
CVE-2018-14718, CVE-2017-5645,
CVE-2015-9251
|
Apply to all Oracle homes installed with an FMW
Infrastructure
|
|
Oracle Enterprise Data Quality
|
EDQ 12.2.1.3.0 SPU Patch 28263628
|
Released July 2018
|
|
|
Oracle Fusion Middleware Infrastructure
(WebLogic Server for FMW)
Oracle HTTP Server
|
FMW Platform 12.2.1.3.0 SPU FOR
APRCPU2019 Patch 29650702
|
Released April 2019
|
Apply to all Oracle Fusion Middleware homes
|
|
Oracle HTTP Server
Oracle WebLogic Server Proxy Plug-In
(Apache, IIS, iPlanet)
Oracle Forms and Reports
|
ONS 12.2.1.3.0 SPU Patch Patch 27323998
|
Released July 2018
|
|
3.3.16.1.2 Oracle
Fusion Middleware 12.1.3.0
Error
Correction information for Oracle Fusion Middleware 12.1.3.0
|
Patch Information
|
12.1.3.0
|
Comments
|
|
Final CPU
|
October 2019
|
Note 1933372.1 Error Correction Support Dates for
Oracle Fusion Middleware 12c - FMW/WLS
|
|
On-Request platforms
|
OSS Bundle Patch 12.1.3 All Platforms
|
For details, see section 1.3 On-Request Patches
|
Patch
Availability for Oracle Fusion Middleware 12.1.3.0
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
Oracle Database home
|
See "Oracle Database"
|
See "Oracle Database"
|
Patch any Database Server associated to a Fusion
Middleware installation
|
|
Oracle Java SE home
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 1492980.1, How to
Maintain the Java SE Installed or Used with FMW 11g/12c Products
|
|
|
See "Oracle WebLogic Server"
|
See "Oracle WebLogic Server"
|
|
|
12.1.3.0.0 home
|
ADF Bundle Patch 12.1.3.0.190416 Patch 29348040
|
Released April 2019
|
Oracle JDeveloper (ADF) Patch
|
|
12.1.3.0.0 home
|
OSS Bundle Patch 12.1.3.0.190716. All
Platforms are on-request. For details, see section 1.3 On-Request Patches
|
CVE-2018-11058
|
Oracle Security Service (SSL/Network) Patch for Oracle
HTTP server (OHS)
Note 2573251.1 Critical Patch Update July 2019
Mitigation Steps for OHS/OSS 12.1.3 Patches
All Platforms are on-request. For details, see section 1.3 On-Request Patches
|
|
12.1.3.0.0 home
|
SOA Bundle Patch 12.1.3.0.190416 Patch 29422187
|
Released April 2019
|
SOA Patch
|
|
|
OHS SPU for Jul2019CPU Patch 30112527
|
CVE-2019-2751
|
Oracle HTTP Server Patch
Refer to 2.2 Post Release Patches for patch availability.
Note 2314658.1 SSL Configuration Required to
Secure Oracle HTTP Server After Applying Security Patch Updates
Note 2350321.1 Preventing Slow HTTP DoS Attacks
on Oracle HTTP Server After Applying Security Patch Updates
Note 2572758.1 Cumulative README Post-Install
Steps for Oracle HTTP Server 12.1.3 Critical Patch Update
|
|
12.1.3.0.0 home
|
OER 12.1.3.0.0 SPU for July2018CPU Patch 28076713
|
Released October 2018
|
|
|
12.1.3.0.0 home
|
EDQ BP 12.1.3.0.1 Patch 24672265
|
Released April 2017
|
Enterprise Data Quality patch
Install prior to Java CPUApr2017 JDK/JRE or later version
|
|
12.1.3.0.0 home
|
ODI BP 12.1.3.0.170418 Patch 25774021
|
Released July 2017
|
Oracle Data Integrator Patch
Install prior to Java CPUApr2017 JDK/JRE or later version.
|
|
12.1.3.0.0 home
|
Patch 25375317
|
Released April 2017
|
Oracle Stream Analytics Patch
Install prior to Java CPUApr2017 JDK/JRE or later version
|
|
12.1.3.0.0 home
|
OSB Bundle Patch 12.1.3.0.190115 Patch 28730845
|
Released April 2019
|
OSB patch
|
|
|
Patch 27074880
|
Released January 2018
|
|
|
|
SPU Patch 24327938
|
Released July 2016
|
|
|
|
See Note 1936300.1
|
Released October 2014
|
SSL V3.0 "Poodle" Advisory
|
3.3.16.2 Oracle
Fusion Middleware 11.1.1.9
Error
Correction information for Oracle Fusion Middleware 11.1.1.9
|
Patch Information
|
11.1.1.9
|
Comments
|
|
Final CPU
|
October 2021
|
Note 1290894.1 Error Correction Support Dates for
Oracle Fusion Middleware 11g (11.1.1/11.1.2)
|
|
On-Request platforms
|
AIX, HPUX, and Windows are on request.
|
|
Patch
Availability for Oracle Fusion Middleware 11.1.1.9
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
Oracle Database home
|
See "Oracle Database"
|
See "Oracle Database"
|
Patch any Database Server associated to a Fusion
Middleware installation
|
|
Oracle Java SE home
Oracle JRockit 28.x home
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 1492980.1, How to
Install and Maintain the Java SE Installed or Used with FMW 11g/12c
Products
|
|
Oracle WebLogic Server home
|
See "Oracle WebLogic Server"
|
See "Oracle WebLogic Server"
|
See Note 1306505.1, Patch Set
Update (PSU) Administration Guide for Oracle WebLogic Server (WLS)
|
|
SOA 11.1.1.9 home
|
SOA Bundle Patch 11.1.1.9.181218 Patch 29123005
|
Released January 2019
|
SOA Patch
|
|
Oracle Identity Management 11.1.1.9
home
|
OVD 11.1.1.9.0 spu for October 18 Patch 28761794
|
Released October 2018
|
Oracle Virtual Directory (OVD) Patch
|
|
Oracle Identity Management 11.1.1.9
home
|
OID bundle patch 11.1.1.9.171127 Patch 26850241, or
later
|
Released January 2018
|
Oracle Internet Directory Patch
See Note 2420947.1 for additional information about
Oracle Internet Directory Vulnerability CVE-2015-0204
|
|
Oracle Identity Management 11.1.1.9
home (with OID)
Oracle Web Tier 11.1.1.9 home
|
OSS Bundle Patch 11.1.1.9.190716 Patch 27047184
|
CVE-2018-11058
|
Note 2572809.1 OSS Patch Removes MD5 - Steps to
Evaluate and Update SSL Wallet for FMW 11.1.1.9
|
|
Oracle Identity Management 11.1.1.9 home (with OID)
Oracle Web Tier 11.1.1.9 home
|
OPMN Patch 23716938
|
N/A
|
OPMN 11.1.1.9 required patch for integration with OSS
Note 2566042.1 SSL Configuration Required to
Secure OPMN 11.1.1.9 After Applying Security Patch Updates
|
|
Oracle Web Tier 11.1.1.9 home
Identity Management 11.1.1.9 home
|
OHS 11.1.1.9.0 SPU for JanCPU2018 Patch 27301611
|
Released January 2018
|
Oracle HTTP Server 11.1.1.9 Patch
Note 2314658.1 SSL Configuration Required to
Secure Oracle HTTP Server After Applying Security Patch Updates
Note 2350321.1 Preventing Slow HTTP DoS Attacks
on Oracle HTTP Server After Applying Security Patch Updates
|
|
OSB 11.1.1.9 home
|
OSB Bundle Patch 11.1.1.9.190115 Patch 29123137
|
Released April 2019
|
Please apply WLS 10.3.6 XMLBeans Patch 28512369
|
|
ODI 11.1.1.9 Home
|
ODI BP 11.1.1.9.190118 Patch 29194561
|
Released April 2019
|
Oracle Data Integrator Patch
|
|
Oracle WebCenter 11.1.1.9 home
|
WCC BP 11.1.1.9.180226 Patch 27393411
|
Released April 2018
|
WebCenter Content Patch
|
|
OSB 11.1.1.9 home
|
Patch 24847885
|
Released April 2017
|
OSB Patch
Install prior to Java CPUApr2017 JDK/JRE or later version
|
|
|
Patch 23243563
|
|
|
|
|
Patch 24580895
|
Released October 2016
|
|
|
Oracle Web Tier 11.1.1.9 home
|
Oracle Web Cache SPU 11.1.1.9.0 CPUJan2019 Patch 28855717
|
Released January 2019
|
Web Cache Patch
See Note 2095166.1, Oracle Web
Cache 11.1.1.7/11.1.1.9 SSL Cipher Suite Changes Beginning with CPU January
2016 and Note 2494468.1, How to
Disable ESI in Oracle Web Cache
|
|
Oracle Web Tier 11.1.1.9 home
Identity Management 11.1.1.9 home
|
DB PSU Patch 22290164 for Unix
DB BP Patch 22607089 for Windows 32-Bit
DB BP Patch 22607090 for Windows x64
|
Release January 2016
|
Database 11.1.0.7 client patches for FMW
11.1.1.x/11.1.2.x only
|
|
Oracle WebCenter 11.1.1.9 home
|
WebCenter Portal Bundle Patch 11.1.1.9.181008 Patch 28538855
|
Released October 2018
|
Oracle WebCenter Portal 11.1.1.9 Patch
See Note 2029169.1, Changes to
Portlet standards request dispatching of Resource Requests
|
|
Oracle Fusion Middleware 11.1.1.9.0 ORACLE_COMMON home
|
SPU Patch 22567790
|
Released in July 2016
|
FMW Control Patch applies to oracle_common OH for
11.1.1.9.0
|
3.3.16.3 Oracle
Identity Access Management 11.1.2.3
Error
Correction information for Oracle Identity Access Management 11.1.2.3
|
Patch Information
|
11.1.2.3
|
Comments
|
|
Final CPU
|
-
|
Note 1290894.1 Error Correction Support Dates for
Oracle Fusion Middleware 11g (11.1.1/11.1.2)
|
|
On-Request platforms
|
-
|
|
Patch
Availability for Oracle Identity Access Management 11.1.2.3
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
Oracle Database home
|
See "Oracle Database"
|
See "Oracle Database"
|
Patch any Database Server associated to a Fusion
Middleware installation
|
|
Oracle Java SE home
Oracle JRockit 28.x home
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 1492980.1, How to Install and
Maintain the Java SE Installed or Used with FMW 11g/12c Products
|
|
Oracle WebLogic Server home
|
See "Oracle WebLogic Server"
|
See "Oracle WebLogic Server"
|
See Note 1306505.1, Patch Set Update (PSU)
Administration Guide for Oracle WebLogic Server (WLS)
|
|
Oracle Identity Management 11.1.2.3 home
|
OIM Bundle Patch 11.1.2.3.190328 Patch 29551893 or IDM Suite Bundle Patch
11.1.2.3.190416 Patch 29347961
|
CVE-2019-2858
|
|
|
Oracle Identity Access Management 11.1.2.3 home
|
Patch 28116779 - IDM Suite Bundle Patch
11.1.2.3.180717
OR
Patch 27897816 - OAM bundle patch 11.1.2.3.180717
|
Released July 2018
|
OAM Webgates BP April 2018 or later has to be applied.
Also refer to the MOS Note 2386496.1. Included few additional
fixes delivered as one offs post April CPU.
|
|
Oracle Identity Access Management
11.1.2.3.0 home
|
OAAM Server 11.1.2.3.0 SPU for
October18 Patch 28750460
|
Released October 2018
|
Oracle Adaptive Access Manager Patch
|
|
Oracle WebGate 11.1.2.3 Home
|
Patch 27953548 - OAM webgate bundle patch
11.1.2.3.180717 or Later
|
Released July 2018
|
|
3.3.17 Oracle Hyperion Analytic Provider Services
Error
Correction information for Oracle Hyperion Analytic Provider Services
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
April 2021
|
|
Patch
Availability for Oracle Hyperion Analytic Provider Services
3.3.18 Oracle
Hyperion Workspace
Error
Correction information for Oracle Hyperion Workspace
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
October 2021
|
|
Patch
Availability for Oracle Hyperion Workspace
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2 Home
|
11.1.2.4.009 SPU Patch 29115044
apply
Weblogic 10.3.6 Latest PSU. See "Oracle WebLogic Server" Section
|
CVE-2019-2735
|
R&A Framework Patch
|
3.3.19 Oracle
Hyperion Common Security
Error
Correction information for Oracle Hyperion Common Security
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
April 2018
|
|
Patch
Availability for Oracle Hyperion Common Security
3.3.20 Oracle
Hyperion Data Relationship Management
Error
Correction information for Oracle Hyperion Data
Relationship Management
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
October 2021
|
|
Patch
Availability for Oracle Hyperion Data
Relationship Management
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2.4
|
Hyperion Data Relationship Management
11.1.2.4.346 Patch 28367949
|
Released October 2018
|
|
3.3.21 Oracle
Hyperion Enterprise Performance Management Architect
Error Correction
information for Oracle Hyperion Enterprise Performance Management Architect
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
April 2021
|
|
Patch
Availability for Oracle Hyperion Enterprise Performance Management Architect
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2.3
|
SPU Patch 19466859
SPU Patch 20929659
|
Released July 2015
|
|
|
11.1.2.2
|
SPU On-Request
|
Released July 2015
|
|
3.3.22 Oracle
Hyperion Essbase
Error
Correction information for Oracle Hyperion Essbase
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
April 2021
|
|
Patch
Availability for Oracle Hyperion Essbase
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2.4
|
11.1.2.4.025 PSU Patch 27797123 (Essbase RTC)
11.1.2.4.025 PSU Patch 27797126 (Essbase Client)
11.1.2.4.025 PSU Patch 27797117 (Essbase Client MSI)
11.1.2.4.025 PSU Patch 27797131 (Essbase Server)
11.1.2.4.025 PSU Patch 27797138 (ANALYTIC PROVIDER SERVICES)
11.1.2.4.016 PSU Patch 25225889 (Studio Server)
11.1.2.4.016 PSU Patch 25225885 (Studio Console)
11.1.2.4.0.025 PSU Patch 28285151 (ESSBASE ADMINISTRATION SERVICES
SERVER)
11.1.2.4.025 PSU Patch 28285134 (ESSBASE ADMIN SERVICES CONSOLE)
|
Released October 2018
|
Install prior to Java CPUApr2017
JDK/JRE or later version
|
|
11.1.2.3
|
11.1.2.3.508 PSU Patch 22347375 (RTC)
11.1.2.3.508 PSU Patch 22347367 (Client)
11.1.2.3.508 PSU Patch 22314799 (Server)
|
Released April 2017
|
|
|
11.1.2.2
|
Upgrade to Hyperion Essbase 11.1.2.3, then apply the
patches listed above
|
Released July 2015
|
|
3.3.23 Oracle
Hyperion Financial Management
Error
Correction information for Oracle Hyperion Financial Management
|
Patch Information
|
11.1.2.0
|
Comments
|
|
Final CPU
|
October 2021
|
|
Patch
Availability for Oracle Hyperion Financial Management
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2.0
|
SPU Patch Patch 28314691
|
Released October 2018
|
Hyperion Shared Service Patch for
Common Events Service used by Hyperion Financial Management
|
3.3.24 Oracle
Hyperion Financial Reporting
Error
Correction information for Oracle Hyperion Financial Reporting
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
October 2021
|
|
Patch Availability
for Oracle Hyperion Financial Reporting
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2
|
Jdev 11.1.1.7.1 SPU Patch 27457998
|
Released July 2018
|
Jdev ADF Patch needs to be applied to
Hyperion Financial Reporting Home. To download this patch
please contact support to get the password.
|
3.3.25 Oracle
Hyperion Planning
Error
Correction information for Oracle Hyperion Planning
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
October 2021
|
|
Patch
Availability for Oracle Hyperion Planning
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.2.4
|
PSU Patch 29889455
|
CVE-2019-2861,CVE-2019-2770
|
|
3.3.26 Oracle
Hyperion Strategic Finance
Error
Correction information for Oracle Hyperion Strategic Finance
|
Patch Information
|
11.1.2.x
|
Comments
|
|
Final CPU
|
October 2021
|
|
Patch
Availability for Oracle Hyperion Strategic Finance
3.3.27 Oracle
Identity and Access Management
For the appropriate product versions
listed below, refer to the corresponding Oracle Fusion Middleware patch
availability sections that contain information on Error Correction, and for
the patches to apply. Not all homes that are listed in those sections might
be present in the Oracle Identity Access Management installation. Only the
relevant homes from those tables need to be patched.
Patch
Availability for Oracle Identity Access Management
3.3.28 Oracle
Identity Analytics
Error
Correction Information for Oracle Identity Analytics
|
Patch Information
|
11.1.1.5.0
|
Comments
|
|
Final CPU
|
December 2019
|
|
Patch
Availability for Oracle Identity Analytics
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.1.5.0
|
OIA SPU for April 19 Patch 29470723
|
Released April 2019
|
Install prior to Java CPUApr2017
JDK/JRE or later version
|
3.3.29 Reserved
for Future Use
3.3.30 Oracle
Identity Management Connector
Error Correction information for Oracle
Identity Management Connector
|
Patch Information
|
9.1.1.5
|
Comments
|
|
Final CPU
|
-
|
|
Patch Availability for Oracle Identity
Management Connector
|
Product Version
|
Patch
|
Advisory Number
|
Comments
|
|
Microsoft
AD connector 9.1.1.5
|
OIM Connector 9.1.1.5.15 Patch 25028999
|
Released October 2017
|
|
|
ca
top secret connector 9.0.4.20.6
|
OIM Connector 9.0.4.20.6 Patch 26566700
|
Released January 2018
|
|
|
RACF
adv connector 9.0.4.25.4
|
OIM Connector 9.0.4.20.6 Patch 26599074
|
Released January 2018
|
|
|
acf2
connector 9.0.4.21
|
OIM Connector 9.0.4.21 bpl Patch 26615477
|
Released January 2018
|
|
3.3.31 Oracle
JDeveloper and Oracle ADF
Error Correction information for Oracle
JDeveloper and Oracle ADF
|
Patch Information
|
12.2.1.3
|
12.1.3.0
|
11.1.2.4
|
11.1.1.9
|
Comments
|
|
Final CPU
|
-
|
October 2019
|
October 2021
|
October 2021
|
|
Critical
Patch Update Availability for Oracle JDeveloper and Oracle ADF
|
Release
|
Patch
|
Advisory Number
|
Comments
|
|
12.2.1.3.0
|
ADF Bundle Patch 12.2.1.3.190404 Patch 29620828
|
Released April 2019
|
Refer to 2.2 Post Release Patches for patch availability.
|
|
12.1.3.0.0
|
ADF Bundle Patch 12.1.3.0.190416 Patch 29348040
|
Released April 2019
|
Install prior to Java CPUApr2017
JDK/JRE or later version
|
|
11.1.2.4.0
|
ADF SPU 11.1.2.4.0 for JanCPU2018 Patch 27213077
|
Released January 2018
|
Install prior to Java CPUApr2017
JDK/JRE or later version
|
|
.0
|
ADF SPU 11.1.1.9.0 FOR APRCPU2019 Patch 29669847
|
Released April 2019
|
Refer to 2.2 Post Release Patches for patch availability.
|
3.3.32 Oracle
Map Viewer
Error
Correction information for Oracle Map Viewer
|
Patch Information
|
12.2.1.3
|
12.1.3.0
|
11.1.1.9
|
Comments
|
|
Final CPU
|
-
|
-
|
October 2021
|
|
Patch
Availability for Oracle Map Viewer
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
12.2.1.3
|
Mapviewer 12.2.1.3.0 MAR 2019 SPU Patch 29456345
|
Released April 2019
|
|
|
12.1.3.0
|
Mapviewer 12.1.3 SPU for CPUOct2018 Patch 28794663
|
Released October 2018
|
Install prior to Java CPUApr2017
JDK/JRE or later version
|
|
11.1.1.9
|
SPU Patch 27534923
|
Released April 2018
|
|
3.3.33 Reserved
for Future Use
Error
Correction information for Reserved for Future Use
|
Patch Information
|
x.x.xx
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for Reserved for Future Use
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
|
|
|
|
3.3.34 Oracle
Outside In Technology
Error
Correction information for Oracle Outside In Technology
|
Patch Information
|
8.5.4
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for Oracle Outside In Technology
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Outside In Technology 8.5.4
|
ORACLE OUTSIDE IN TECHNOLOGY (OIT) JULY
2019 8.5.4 BUNDLE PATCH #5 Patch 29917170
|
CVE-2019-2756, CVE-2019-2792,
CVE-2019-2853, CVE-2019-2764, CVE-2019-2852, CVE-2019-2759, CVE-2019-2835,
CVE-2019-2855, CVE-2019-2854
|
|
3.3.35 Oracle
Real Time Decisions Applications
Error
Correction information for Oracle Real Time Decisions Applications
|
Patch Information
|
3.2
|
Comments
|
|
Final CPU
|
July 2019
|
|
Patch
Availability for Oracle Real Time Decisions Applications
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Real Time Decisions (RTD) Application 3.2 home
|
RTD applications 3.2 SPU for April 2018 Patch 27860903
|
Released April 2018
|
|
3.3.36 Oracle
Real Time Decisions Platform
Error
Correction information for Oracle Real Time Decisions Platform
Describes the Error Correction
information for Oracle Real Time Decisions Platform.
|
Patch Information
|
3.2
|
Comments
|
|
Final CPU
|
July 2022
|
|
Patch
Availability for Oracle Real Time Decisions Platform
Describes the available patches for
Oracle Real Time Decisions Platform.
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Real Time Decisions Platform 3.2
home
|
RTD Platform 3.2.1 SPU for October CPU
2018 Patch 28722658
|
Released October 2018
|
|
3.3.37 Oracle
Service Architecture Leveraging Tuxedo (SALT)
Error
Correction information for Oracle Service Architecture Leveraging Tuxedo
(SALT)
|
Patch Information
|
12.2.2.0.x
|
12.1.3
|
Comments
|
|
Final CPU
|
Oct 2024
|
Oct 2019
|
|
Patch
Availability for Oracle Service Architecture Leveraging Tuxedo (SALT)
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Service Architecture Leveraging
Tuxedo (SALT) 12.2.2.0.x home
|
Oracle SALT 12.2.2.0.0 SPU FOR
CPUJan2019 Patch 29169314
|
Released January 2019
|
|
|
Oracle Service Architecture Leveraging
Tuxedo (SALT) 12.1.3.0.x home
|
Oracle SALT 12.1.3.0.0 SPU FOR
CPUJan2019 Patch 29169322
|
Released January 2019
|
|
3.3.38 Oracle
SOA Suite
For the appropriate product versions
listed below, refer to the corresponding Oracle Fusion Middleware patch
availability sections that contain information on Error Correction, and for
the patches to apply. Not all homes that are listed in those sections might
be present in the Oracle SOA Suite installation. Only the relevant homes from
those tables need to be patched.
Patch
Availability for Oracle SOA Suite
3.3.39 Oracle
Traffic Director
Error
Correction information for Oracle Traffic Director
|
Patch Information
|
11.1.1.9
|
Comments
|
|
Final CPU
|
October 2021
|
|
Patch
Availability for Oracle Traffic Director
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.1.9
|
Oracle Traffic Director SPU Patch 29340480
|
Released April 2019
|
|
3.3.40 Oracle
Tuxedo
Error
Correction information for Oracle Tuxedo
|
Patch Information
|
12.2.2.0
|
12.1.3.0
|
12.1.1.0
|
Comments
|
|
Final CPU
|
April 2024
|
April 2022
|
July 2020
|
|
Patch
Availability for Oracle Tuxedo
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
12.2.2.0
|
rp029 oracle tuxedo 12.2.2 SPU for JULCPU2018 Linux Patch 28090531
rp029 oracle tuxedo 12.2.2 SPU for JULCPU2018 win-64
with vs2015 Patch 28124771
rp029 oracle tuxedo 12.2.2 SPU for
JULCPU2018 win-32 with vs2015 Patch 28124779
|
Released July 2018
|
For CVE-2017-10269, see extra settings required with
these cumulative patches in Note 2326009.1
|
|
12.1.3.0
|
rp108 oracle tuxedo 12.1.3 SPU for JULCPU2018 Linux Patch 28005865
rp108 oracle tuxedo 12.1.3 SPU for JULCPU2018 (win
vs2013/32bit) Patch 28060108
rp108 oracle tuxedo 12.1.3 SPU for JULCPU2018 (win
vs2012/64bit) Patch 28058873
rp108 oracle tuxedo 12.1.3 SPU for JULCPU2018 (win x64
vs2010/64-bit) Patch 28060030
|
Released July 2018
|
For CVE-2017-10269, see extra settings required with
these cumulative patches in Note 2326009.1
|
|
12.1.1.0
|
RP099 Oracle Tuxedo 12.1.1.0 SPU for CPU Apr2019 Patch 29387615
RP099 Oracle Tuxedo 12.1.1.0 SPU (Windows vs2010) for CPU Apr2019Patch 29202243
RP099 Oracle Tuxedo 12.1.1.0 SPU (Windows vs2012) for CPU Apr2019Patch 29202255
|
Released April 2019
|
|
3.3.41 Oracle
Tuxedo System and Applications Monitor Plus (TSAM Plus)
Error
Correction Information for Oracle Tuxedo System and Applications Monitor Plus
(TSAM Plus)
|
Patch Information
|
12.2.2
|
12.1.3
|
12.1.1.1
|
Comments
|
|
Final CPU
|
April 2024
|
April 2022
|
July 2020
|
|
Patch Availability
for Oracle Tuxedo System and Applications Monitor Plus (TSAM Plus)
|
Product Home
|
Patches
|
Advisory Number
|
Comments
|
|
TSAM Plus 12.2.2
|
RP002 Patch 25389632
|
Released July 2017
|
|
|
TSAM Plus 12.1.3
|
RP019 FOR LINUX 64-BIT X86 Patch 27379436
|
Released January 2018
|
|
|
TSAM Plus 12.1.1.1
|
RP025 Patch 23707307
|
Released July 2017
|
|
3.3.42 Oracle
Web-Tier 11g Utilities
For the appropriate product versions
listed below, refer to the corresponding Oracle Fusion Middleware patch
availability sections that contain information on Error Correction, and for
the patches to apply. Not all homes that are listed in those sections might
be present in the Oracle Web-Tier 11g Utilities installation. Only the
relevant homes from those tables need to be patched.
Patch
Availability for Oracle Web-Tier 11g Utilities
3.3.43 Oracle
WebCenter
For the appropriate product versions
listed below, refer to the corresponding Oracle Fusion Middleware patch
availability sections that contain information on Error Correction, and for
the patches to apply. Not all homes that are listed in those sections might
be present in the Oracle WebCenter installation. Only the relevant homes from
those tables need to be patched.
Patch
Availability for Oracle WebCenter
3.3.44 Oracle
WebCenter Content (Formerly Oracle Universal Content Management)
Patch
Availability for Oracle WebCenter Content
3.3.45 Oracle
WebCenter Portal
Error
Correction information for Oracle WebCenter Portal
|
Patch Information
|
11.1.1.9
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for Oracle WebCenter Portal
3.3.46 Oracle
WebCenter Sites (Formerly FatWire Content Server)
Error
Correction information for Oracle WebCenter Sites (formerly FatWire Content
Server)
|
Patch Information
|
12.2.1.3.0
|
11.1.1.8
|
Comments
|
|
Final CPU
|
-
|
October 2021
|
|
Patch Availability
for Oracle WebCenter Sites
3.3.47 Oracle
WebCenter Sites Community
Error
Correction information for Oracle WebCenter Sites Community
|
Patch Information
|
11.1.1.8
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for Oracle WebCenter Sites Community
3.3.48 Oracle
WebCenter Suite
For the appropriate product versions
listed below, refer to the corresponding Oracle Fusion Middleware patch
availability sections that contain information on Error Correction, and for
the patches to apply. Not all homes that are listed in those sections might
be present in the Oracle WebCenter Suite installation. Only the relevant
homes from those tables need to be patched.
Patch
Availability for Oracle WebCenter Suite
3.3.49 Oracle
WebLogic Portal
Error
Correction information for Oracle WebLogic Portal
|
Patch Information
|
10.3.7.0
|
Comments
|
|
Final CPU
|
October 2021
|
Note 1308963.1 Error Correction Policy as it
applies to Oracle WebLogic Portal (WLP)
|
Critical
Patch Update Availability for WebLogic Portal
See also the underlying product stack
tables (JRockit and WLS) for any applicable patches.
WebLogic Portal patches are
cumulative to include all the prior published advisories. For more
information, see My Oracle Support Note 1355929.1, October 2011
Updates Introduce New WebLogic Portal (WLP) Configuration Options for SSL
Session ID and SSL Filters.
WebLogic Portal 9.2.3.0 is bundled
with WebLogic Server 9.2.3.0, which is out of error correction. Contact
Oracle support for security patches needed for WebLogic Server 9.2.3.0
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
WebLogic Portal 10.3.7.0 home
|
There are no CPU patches to document on
10.3.7.0
|
none
|
|
3.3.50 Oracle
WebLogic Server
Error
Correction information for Oracle WebLogic Server Patch Set Update
|
Patch Information
|
12.2.1.3.0
|
12.1.3.0
|
10.3.6.0
|
Comments
|
|
Final CPU
|
-
|
October 2019
|
October 2021
|
Note 950131.1 Error Correction Support Dates for
Oracle WebLogic Server
|
|
Understanding Patch Release Versions
|
-
|
-
|
-
|
See Note 2565576.1, Understanding WebLogic
Server Patch Set Update (PSU) Release Versions
|
Patch Set
Update Availability for Oracle WebLogic Server
For more information, see
MyOracleSupport Note 1470197.1, Patch Set
Update (PSU) Release Listing for Oracle WebLogic Server (WLS). Note 1306505.1
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
Oracle Java SE home
Oracle JRockit 28.x home
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 2552042.1, Critical Patch Update July
2019 Patch Availability Document for Oracle Java SE
|
See Note 1492980.1, How to
Install and Maintain the Java SE Installed or Used with FMW 11g/12c
Products
|
|
Oracle WebLogic Server 12.2.1.3 home
|
OPatch 13.9.4.x for FMW/WLS 12.2.1.3.x Patch 28186730
OUI Patch Patch 29909359
|
Released in July 2019
|
Apply Opatch 13.9.4.2 + OUI patch before applying WLS
PSU
|
|
WebLogic Server 12.2.1.3 home
|
WLS PATCH SET UPDATE 12.2.1.3.190522 Patch 29814665
|
CVE-2019-2729, CVE-2019-2827,
CVE-2019-2824, CVE-2019-2856, CVE-2016-7103
|
Refer to Note 2566635.1 for Patch Conflict issue.
CVE-2018-3213 Is addressed in Docker Images published
after September 13, 2018. Latest docker image at https://container-registry.oracle.com.
See Note 2395745.1, April 2018 Critical Patch
Update: Additional Information about the Oracle WebLogic Server
Vulnerability CVE-2018-2628
See Note 2421480.1, July 2018 Critical Patch
Update: Additional information about the Oracle WebLogic Server
Vulnerability CVE-2018-2933.
See Note 2076338.1 July 2018 Critical Patch Update:
Additional information about the Oracle WebLogic Server Vulnerability
CVE-2015-4852
|
|
WebLogic Server 12.1.3.0 home
|
WLS PATCH SET UPDATE 12.1.3.0.190716 Patch 29633448
|
CVE-2019-2729, CVE-2019-2725, CVE-2019-2827,
CVE-2019-2824, CVE-2016-7103
|
Refer to Note 2566635.1 for Overlay Patch Conflict issue
See Note 2395745.1, April 2018 Critical Patch
Update: Additional Information about the Oracle WebLogic Server
Vulnerability CVE-2018-2628
See Note 2421480.1, July 2018 Critical Patch
Update: Additional information about the Oracle WebLogic Server
Vulnerability CVE-2018-2933
See Note 2076338.1 July 2018 Critical Patch Update:
Additional information about the Oracle WebLogic Server Vulnerability
CVE-2015-4852
|
|
WebLogic Server 10.3.6.0 home
|
WLS PATCH SET UPDATE 10.3.6.0.190716 Patch 29633432
|
CVE-2019-2729, CVE-2019-2725,
CVE-2019-2827, CVE-2019-2824, CVE-2016-7103
|
See Note 1607170.1, SSL Authentication Problem
Using WebLogic 10.3.6 and 12.1.1 With JDK1.7.0_40 or Higher
See Note 2395745.1, April 2018 Critical Patch
Update: Additional Information about the Oracle WebLogic Server
Vulnerability CVE-2018-2628
See Note 2421480.1, July 2018 Critical Patch
Update: Additional information about the Oracle WebLogic Server
Vulnerability CVE-2018-2933.
See Note 2076338.1 July 2018 Critical Patch Update:
Additional information about the Oracle WebLogic Server Vulnerability
CVE-2015-4852
|
|
WebLogic Server 12.1.3.0 home
WebLogic Server 10.3.6.0 home
|
WLS 12.1.3 JDBC Patch 20741228
WLS 10.3.6 JDBC Patch 27541896
|
Released January 2018
|
Please refer to Note 1970437.1 How To Update the JDBC and UCP
Drivers Bundled with WebLogic Server 10.3.6 and 12c
|
|
WebLogic Server 12.2.1.3.0 home
WebLogic Server 12.1.3.0.0 home
WebLogic Server 10.3.6.0.0 home
|
WEBLOGIC SAMPLES SPU 12.2.1.3.190716 Patch 29659488
WEBLOGIC SAMPLES SPU 12.1.3.0.190716 Patch 29663844
WEBLOGIC SAMPLES SPU 10.3.6.0.190716 Patch 29659185
|
CVE-2018-15756
|
This patch is a cumulative patch for all Struts 2 CVEs
to date. For more information, see: Note 2255054.1 Oracle WebLogic Server
Requirements for Apache Struts 2 Vulnerabilities
|
|
WebLogic Server 12.1.3.0 home
|
SPU Patch 24327938
|
Released July 2016
|
TopLink JPA-RS patch
|
|
WebLogic Server 12.1.3.0 home
WebLogic Server 10.3.6.0 home
|
See Note 1936300.1
|
Released October 2014
|
SSL V3.0 "Poodle" Advisory
|
3.4 Oracle Sun Middleware
This section contains the following:
·
Section 3.4.1 "Directory Server Enterprise
Edition"
·
Section 3.4.2 "Reserved for Future Use"
3.4.1 Directory Server Enterprise
Edition
Error
Correction information for Directory Server Enterprise Edition
|
Patch Information
|
11.1.1.7.0
|
Comments
|
|
Final CPU (Premier Support)
|
October 2019
|
|
|
Final CPU (Extended Support)
|
October 2022
|
|
Patch
Availability for Directory Server Enterprise Edition
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
11.1.1.7.0
|
ODSEE BP 11.1.1.7.190716 Patch 29893742
|
CVE-2018-18508
|
CVE-2018-18508 is not applicable to Windows Platform.
Please refer to 2.2 Post Release Patches for Windows Patch.
|
3.4.2 Reserved
for Future Use
Error
Correction information for Reserved for Future Use
|
Patch Information
|
1.0
|
Comments
|
|
Final CPU
|
-
|
|
Patch
Availability for Reserved for Future Use
|
Product Home
|
Patch
|
Advisory Number
|
Comments
|
|
1.0
|
Reserved for Future Use
|
-
|
|
3.5 Tools
This section contains the following:
·
Section 3.5.1 "Oracle OPatch"
3.5.1 Oracle OPatch
Minimum
Product Requirements for Oracle OPatch
The CPU security vulnerabilities are
fixed in the listed release and later releases. The Oracle OPatch downloads
can be found at Patch 6880880.
|
Component
|
Release
|
Advisory Number
|
Comments
|
|
Oracle OPatch
|
11.2.0.3.21, 12.2.0.1.14
|
CVE-2017-15095
|
Download the latest versions available
to install Database Patches
|
4 Final CPU History
Final CPU
History
The Final CPU is the last quarter that
a product is supported in the CPU program as per the Premier Support and
Extended Support policies. For more information, see My Oracle Support Note 209768.1, Database, FMW,
EM Grid Control, and OCS Software Error Correction Support Policy.
|
Release
|
Final CPUs
|
Comments
|
|
April 2019
|
Oracle Business Intelligence Enterprise
Edition 12.2.1.3.0
Oracle Business Intelligence Publisher 12.2.1.3
Oracle Enterprise Manager Ops Center 12.2.x
Management Pack For Oracle GoldenGate 11.1.1
Oracle Outside In Technology 8.5.3
|
|
|
January 2019
|
Oracle Application Performance
Management 11.1.x
Oracle GlassFish Server 3.1.2
Oracle Mobile Security Suite 3.0
|
|
|
October 2018
|
Oracle Business Intelligence App Mobile
Designer
Oracle Business Intelligence Enterprise Edition 11.1.1.7
Oracle Business Intelligence Mobile
Oracle Business Intelligence Publisher 11.1.1.7
Oracle Communications Converged Application Server 5.x
Oracle Complex Event Processing 11.1.7
Oracle Data Integrator 11.1.1.7.0
Oracle Endeca Server 7.6
Oracle Endeca Server 7.6.1
Oracle Endeca Information Discovery Integrator 3.1
Oracle Endeca Information Discovery Studio 3.1
Oracle Enterprise Repository 11.1.1.7
Oracle Forms and Reports 11.1.2.2
Oracle Fusion Middleware 11.1.1.7
Oracle Hyperion BI+ 11.1.2.x
Oracle Identity Access Management 11.1.1.7
Oracle JDeveloper and Oracle ADF 11.1.1.7
Oracle Mapviewer 11.1.1.7.0
Oracle Portal, Forms, Reports and Discoverer 11.1.1.7
Oracle Real Time Decisions Server 11.1.1.7
Oracle Service Bus 11.1.1.7.0
Oracle SOA Suite 11.1.1.7.0
Oracle Traffic Director 11.1.1.7
Oracle WebCenter Suite 11.1.1.7
Oracle WebGate 10.1.4.3
Oracle WebLogic Portal 10.3.6.0
Oracle WebLogic Server Plug-in 11.1.1.7
Oracle Web-Tier 11g Utilities 11.1.1.7
|
|
|
July 2018
|
Oracle Business Intelligence Enterprise
Edition 12.2.1.2.0
Oracle Communications Converged Application Server 5.0
Oracle Fusion Middleware 12.2.1.2
Oracle JDeveloper and Oracle ADF 12.2.1.2.0
Oracle WebCenter Sites 12.2.1.2.0 (Formerly FatWire Content Server
12.2.1.2.0)
Oracle WebLogic Server 12.2.1.2.0
FMW 12.2.1.2 all components
|
|
|
April 2018
|
Oracle Endeca Server 7.5 home
Oracle Enterprise Manager Grid Control 11.1.0.1
Oracle Hyperion BI+ 11.1.2.x
Oracle Hyperion Common Admin 11.1.2.x
Oracle Hyperion EAS 11.1.2.x
Oracle Hyperion Financial Reporting 11.1.2.x
Oracle Hyperion Installation Technology 11.1.2.x
Oracle Hyperion Smart View For Office 11.1.2.x
Oracle Service Architecture Leveraging Tuxedo (SALT) 11.1.1.2.x
Oracle Tuxedo System and Applications Monitor Plus (TSAM Plus) 11.1.1.2.x
WebLogic Server 12.2.1.0 home
WebLogic Server 12.1.2.0 home
WebLogic Server 12.1.1.0 home
WLS Plugin 12c (12.1.2.0)
WLS Plugin 1.0 (10.3.4 and older)
|
|
|
January 2018
|
Oracle Endeca Information Discovery
Studio 3.1, 3.0, 2.4
Oracle Endeca Information Discovery Studio Integrator 3.1, 3.0, 2.4
Oracle Secure Enterprise Search 11.2.2.2
iPlanet Web Server 7.0
|
|
|
October 2017
|
Directory Server Enterprise Edition 7.0
Oracle Fusion Middleware 12.2.1.1
Oracle GlassFish Communications Server 2.0
Oracle GlassFish Server 3.0.1
Oracle JDeveloper and Oracle ADF 12.2.1.1.0
Oracle Map Viewer 12.2.1.1
Oracle OpenSSO Agents 3.0
Oracle Waveset 8.1.1.0
Oracle WebLogic Server 12.2.1.1.0
Sun Role Manager 5.0.3.2
|
|
|
July 2017
|
Oracle Endeca Server 7.4
Oracle Enterprise Manager Cloud Control 13.1.0.0
|
|
|
April 2017
|
Oracle TimesTen 11.2.1.x
Oracle Business Intelligence Enterprise Edition 12.2.1.0.0
Business Intelligence Publisher 12.2.1.0.0
Oracle Fusion Middleware 12.2.1.0
Oracle Fusion Middleware 10.1.3.5
Oracle Identity Management Connector 9.1.0.4
Oracle JDeveloper and Oracle ADF 12.2.1.0.0
Oracle JDeveloper and Oracle ADF 10.1.3.5
Oracle WebLogic Server 12.2.1.0.0
|
|
|
January 2017
|
Oracle Business Process Management
10.3.2
Oracle Data Service Integrator 10.3.0
Oracle Outside In Technology 8.5.2
Oracle Service Architecture Leveraging Tuxedo (SALT) 10.3
Oracle WebCenter Interaction 10.3.3.0
Oracle WebLogic Integration 10.3.1.0
iPlanet Web Server 7.0
iPlanet Web Proxy Server 4.0
Oracle GlassFish Server 2.1.1
|
|
|
October 2016
|
Oracle Endeca Server 7.3
Oracle Access Manager 10gR3 (10.1.4.x)
Oracle Access Manager 10g WebGates / ASDK working with OAM 10gR3 (10.1.4.x)
Oracle WebLogic Server Proxy Plug-In 10gR3 (formerly known as WebLogic
Server Proxy Plug-In 1.0)
Oracle Outside In Technology 8.5.1
Oracle Audit Vault 10.3
Oracle Secure Backup 10.4.x
|
|
|
July 2016
|
Oracle Outside In Technology 8.5.0
Oracle Database 12.1.0.1 (See MOS Note 742060.1)
|
|
|
April 2016
|
AquaLogic Data Services Platform 3.2
AquaLogic Data Services Platform 3.0.1
Oracle Business Intelligence Enterprise Edition 11.1.1.7
Oracle Endeca Information Discovery 2.3
Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude)
Oracle Enterprise Manager Cloud Control 12.1.0.4
Oracle Fusion Middleware 12.1.2.0
Oracle Identity Access Management 11.1.2.2
Oracle Tuxedo 11.1.1
Oracle WebCenter 11.1.1.8
Oracle WebCenter Portal 11.1.1.8
Oracle WebCenter Sites 7.6.2
|
|
|
January 2016
|
Oracle Real Time Decisions Server
3.0.0.1
Oracle WebCenter Interaction 6.5.1
|
|
|
July 2015
|
Oracle API Gateway 11.1.2.2.0
Oracle Business Intelligence EE and Publisher 10.1.3.4.2
Oracle Communications Converged Application Server 4.0
Oracle Database 11.2.0.3
Oracle Database 11.1.0.7
Oracle Fusion Middleware 12.1.1.0.0
Oracle Identity and Access Management 11.1.1.5.0
Oracle iPlanet Web Server 6.1.x
Oracle iPlanet Web Server (Java System Web Server 6.1.x)
Oracle WebLogic Server 12.1.1.0
|
|
5 Sources of Additional Information
The following documents provide
additional information about Critical Patch Updates:
·
My Oracle
Support Note 756671.1, Master Note for Database Proactive Patch Program
·
My Oracle
Support Note 822485.1, Master Note for Enterprise Manager Proactive Patch
Program
·
My Oracle
Support Note 1494151.1, Master Note on Fusion Middleware
Proactive Patching - Patch Set Updates (PSUs) and Bundle Patches (BPs)
- My Oracle Support Note 209768.1, Database, FMW, Enterprise Manager, TimesTen In-Memory
Database, and OCS Software Error Correction Support Policy
6 Modification History
Modification
History
|
Date
|
Modification
|
|
July 16, 2019
|
Released
Corrected table formatting problem in section 2.2
Added row for 'Oracle Identity Access Management 12.2.1.3 home' to section
3.3.27
|
|
July 17, 2019
|
Added Patch 29909359 in section
3.3.16.1.1
Modified section 3.1.4.2 to indicate that Patch 29774421 is for all
platforms
Removed section 3.1.4.2 references to RUR 19.3.1, since it is replacement
for the 19.3 RU and not a normal RUR
|
|
July 19, 2019
|
Updated patch availability in section
2.2
Added comments about Note 2566635.1 to section 3.3.50 and 3.3.16.1.1
Modified titles in section 3.3.27
Corrected Product Home value for Patch 30044132
|
|
July 22, 2019
|
Updated patch availability in section
2.2
Updated data for '12.1.3.0.0 home' in section 3.3.16.1.2
Removed 12.2.1.3 from section 3.3.5 as it is out of support now
|
|
July 29, 2019
|
Updated patch availability in section
2.2
Added OBIEE 12.2.1.3 to section 3.3.5
Updated availability of Patch 29794278 in section 3.3.16.1.1
Updated CVE-2019-2799 to CVE-2019-2824 in sections 3.3.16.1.1 and 3.3.50
Removed patch number for OSS Bundle Patch 12.1.3.0.190716 and replaced with
emphasis that 'All Platforms are on-request' in section 3.3.16.1.2
Removed patch number of '29794278' for OHS (Native) Bundle Patch
12.2.1.3.190517 in section 2.2, since a new patch number will be issued
Upgraded text to 'Refer to section 2.2' to intra-document links, in several
locations
|
|
July 30, 2019
|
Updated patch availability in section
2.2
|
|
July 31, 2019
|
Updated patch availability in section
2.2
Corrected the title, comments and several other typos for Patch 29321695 in
section 3.3.5
|
|
August 01, 2019
|
Updated patch availability in section
2.2
|
|
August 02, 2019
|
Updated comment for Patch 27047184 in
section 3.3.16.2
Updated patch availability in section 2.2
|
|
August 05, 2019
|
Added comment for Note 2572809.1 to
Patch 27047184 in section 3.3.16.2
Updated patch availability in section 2.2
Removed internal only e-mail address
|
|
August 07, 2019
|
Updated patch availability in section
2.2
Corrected table formatting problem with section 4
|
|
August 08, 2019
|
Updated OHS (Native) Bundle Patch
12.2.1.3 details in section 3.3.16.1.1
Updated patch availability in section 2.2
Updated Q3.2019 patch details to direct to Q2.2019 in sections under 3.1.4
|
|
August 09, 2019
|
Updated patch availability in section
2.2
|
|
August 12, 2019
|
Emphasized availability for OHS patches
in section 3.3.16.1.1 and 3.3.16.1.2
Updated patch availability in section 2.2
|
|
August 13, 2019
|
Updated patch availability in section
2.2
|
|
August 15, 2019
|
Updated patch availability in section
2.2
|
|
August 19, 2019
|
Updated patch availability in section
2.2
|
|
August 20, 2019
|
Updated patch availability in section
2.2
|
|
August 27, 2019
|
Updated patch availability in section
2.2
|
|
August 28, 2019
|
Updated patch availability in section
2.2
|
|
August 30, 2019
|
Updated notes for OSS Bundle Patch 12.1.3.0.190716 in section 3.3.16.1.2
|
|
September 04, 2019
|
Added row for Patch 23716938 in section
3.3.16.2
Updated comments for Patch 27047184 in section 3.3.16.2
Updated section 3.3.16.1.1 with availability for Patch 30158713
Modified comments for Patch 30112527 in section 3.3.16.1.2
Changed Patch 27244723 to Patch 30112527 (and other row details) in section
3.2.4
Updated patch availability in section 2.2
|
|
September 06, 2019
|
Updated patch availability in section
2.2
Added a row for OSS Bundle Patch 12.1.3.0.190716 to the 13.2.0.0 table in
section 3.2.4
Added a row for Patch 30112527 to the 13.3.0.0 table in section 3.2.4
Modified Product Home for '12.1.3.0.0 home' to 'Base Platform OMS home' in
section 3.2.4
|
|
September 10, 2019
|
Added comment on JDK7 to section
3.1.4.6
Updated patch availability in section 2.2
|
|
September 13, 2019
|
Updated patch availability in section
2.2
|
|
September 30, 2019
|
Updated patch availability in section
2.2
|
|
October 02, 2019
|
Updated patch availability in section
2.2
|
|
October 09, 2019
|
Updated patch availability in section
2.2
|
|
October 15, 2019
|
Updated patch availability in section
2.2
|
7 Documentation Accessibility
For information about Oracle's
commitment to accessibility, visit the Oracle Accessibility Program website
at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.
Access to Oracle
Support
Oracle customers have access to
electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.
Critical Patch Update Availability
Document July 2019
Copyright @ 2019, Oracle and/or
its affiliates. All rights reserved.
This software and related
documentation are provided under a license agreement containing restrictions
on use and disclosure and are protected by intellectual property laws. Except
as expressly permitted in your license agreement or allowed by law, you may
not use, copy, reproduce, translate, broadcast, modify, license, transmit,
distribute, exhibit, perform, publish, or display any part, in any form, or
by any means. Reverse engineering, disassembly, or decompilation of this
software, unless required by law for interoperability, is prohibited.
The information contained herein is
subject to change without notice and is not warranted to be error-free. If
you find any errors, please report them to us in writing.
If this is software or related
documentation that is delivered to the U.S. Government or anyone licensing it
on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs,
software, databases, and related documentation and technical data delivered
to U.S. Government customers are "commercial computer software" or
"commercial technical data" pursuant to the applicable Federal
Acquisition Regulation and agency-specific supplemental regulations. As such,
the use, duplication, disclosure, modification, and adaptation shall be
subject to the restrictions and license terms set forth in the applicable
Government contract, and, to the extent applicable by the terms of the
Government contract, the additional rights set forth in FAR 52.227-19,
Commercial Computer Software License (December 2007). Oracle America, Inc., 500
Oracle Parkway, Redwood City, CA 94065.
This software or hardware is
developed for general use in a variety of information management
applications. It is not developed or intended for use in any inherently
dangerous applications, including applications that may create a risk of
personal injury. If you use this software or hardware in dangerous
applications, then you shall be responsible to take all appropriate
fail-safe, backup, redundancy, and other measures to ensure its safe use.
Oracle Corporation and its affiliates disclaim any liability for any damages
caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered
trademarks of Oracle and/or its affiliates. Other names may be trademarks of
their respective owners.
Intel and Intel Xeon are trademarks
or registered trademarks of Intel Corporation. All SPARC trademarks are used
under license and are trademarks or registered trademarks of SPARC
International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are
trademarks or registered trademarks of Advanced Micro Devices. UNIX is a
registered trademark of The Open Group.
This software or hardware and
documentation may provide access to or information on content, products, and
services from third parties. Oracle Corporation and its affiliates are not
responsible for and expressly disclaim all warranties of any kind with
respect to third-party content, products, and services. Oracle Corporation
and its affiliates will not be responsible for any loss, costs, or damages
incurred due to your access to or use of third-party content, products, or
services.
|