根据最新的Update to Oracle Security Alert January 2012,Oracle Database的最新Critical Patch Updates将会在17 April 2012发布,即下个月的中旬, 包括针对版本11.2.0.3的 CPU、PSU补丁将 Release,因为版本10gR2已经实际进入Sustaining Support(Oracle Database 10.2 has now transitioned from Premier Support to Sustaining Support. Our records indicate the CSI used for this SR does not have Extended Support so you are only eligible to Sustaining Support. Sustaining Support includes assistance with service requests, on a commercially reasonable basis, 24 hours per day, 7 days a week. It does not include new program updates, fixes, security alerts and critical update. The support policy details can be accessed at “http://www.oracle.com/us/support/library/057419.pdf “. If you need Extended Support please contact your account team.),
所以我们有理由相信这次的CPU更新将不会再针对10gR2的Last Patchset 10.2.0.5 ,让11gR2来得更激烈一些吧!
Critical Patch Updates
Critical Patch Updates are the primary means of releasing security fixes for Oracle products to customers with valid support contracts. They are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:
- 17 April 2012
- 17 July 2012
- 16 October 2012
- 15 January 2013
For Oracle Java SE Critical Patch Updates, the next three dates are:
- 12 June 2012
- 16 October 2012
- 19 February 2013
Patch Set Update and Critical Patch Update April 2012 Availability Document 介绍了 2012 April CPU 相关的Database 补丁:
Patch Availability for Oracle Database 11.2.0.3
| Product Home | Patch | Advisory Number | Comments |
|---|---|---|---|
| Oracle Database home | Database 11.2.0.3 CPU Patch 13632717, orDatabase 11.2.0.3.2 PSU Patch 13696216, orGI 11.2.0.3.2 PSU Patch 13696251, orDatabase patch for Exadata (April 2012 – 11.2.0.3.5) Patch 13734832, or
Quarterly Full Stack download for Exadata (April 2012) Patch 13839416, or Microsoft Windows (32-Bit) Bundle Patch 13885388, or Microsoft Windows x64 (64-Bit) Bundle Patch 13885389 |
CVE-2012-0552, CVE-2012-0534, CVE-2012-0527, CVE-2012-0526, CVE-2012-0525 | |
| Oracle Database home | Patch 13705478 | CVE-2011-5035 | OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README) |
Patch Availability for Oracle Database 11.2.0.2
| Product Home | Patch | Advisory Number | Comments |
|---|---|---|---|
| Oracle Database home | Database 11.2.0.2 CPU Patch 13632725, orDatabase 11.2.0.2.6 PSU Patch 13696224, orGI 11.2.0.2.6 PSU Patch 13696242, orExadata Database Recommended Patch 16 Patch 13837673, or
Microsoft Windows (32-Bit) Bundle Patch 13697073, or Microsoft Windows x64 (64-Bit) Bundle Patch 13697074 |
CVE-2012-0552, CVE-2012-0534, CVE-2012-0527, CVE-2012-0526, CVE-2012-0525, CVE-2012-0520, CVE-2012-0512, CVE-2012-0519 (Windows only) | |
| Oracle Database home | Patch 13705478 | CVE-2011-5035 | OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README) |
Patch Availability for Oracle Database 11.1.0.7
| Product Home | Patch | Advisory Number | Comments |
|---|---|---|---|
| Oracle Database home | Database 11.1.0.7 CPU Patch 13632731, orDatabase 11.1.0.7.11 PSU Patch 13621679, orMicrosoft Windows (32-Bit) Bundle Patch 13715809, orMicrosoft Windows x64 (64-Bit) Bundle Patch 13715810 | CVE-2012-0552, CVE-2012-0534, CVE-2012-0528, CVE-2012-0527, CVE-2012-0526, CVE-2012-0525, CVE-2012-0520, CVE-2012-0512, CVE-2012-0511, CVE-2012-0510 | |
| Oracle Database home | Patch 13705478 | CVE-2011-5035 | OC4J 10.1.3.3 one-off patch |
| Oracle CRS home | CRS 11.1.0.7.7 PSU Patch 11724953 | Released April 2011 | Non-security content only |
| Oracle Database home | Patch 9288120 | Released April 2011 | Database UIXFor Oracle Secure Enterprise Search 11.1.2.x installations, follow the instructions given in MOS note Note 1359600.1. |
| Oracle Database home | Patch 10073948 | Released April 2011 | Enterprise Manager Database Control UIXNot applicable to Oracle Secure Enterprise Search 11.1.2.x |
| Oracle Database home | Patch 11738232 | Released April 2011 | Warehouse BuilderNot applicable to Oracle Secure Enterprise Search 11.1.2.x |
Patch Availability for Oracle Database 10.2.0.5
| Product Home | Patch | Advisory Number | Comments |
|---|---|---|---|
| Oracle Database home | Database 10.2.0.5 CPU Patch 13632738, orDatabase 10.2.0.5.7 PSU Patch 13632743, orMicrosoft Windows (32-Bit) Bundle Patch 13654814, orMicrosoft Windows x64 (64-Bit) Bundle Patch 13654815, or
Microsoft Windows Itanium (64-Bit) Patch 13870404 |
CVE-2012-0552, CVE-2012-0534, CVE-2012-0528, CVE-2012-0527, CVE-2012-0526, CVE-2012-0520 | |
| Oracle Database home | Patch 13705478 | CVE-2011-5035 | OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README) |
| Oracle Database home | Patch 12536181 | Released July 2011 | Enterprise Manager Database ControlFor HP-UX PA-RISC and HP-UX Itanium platforms only |
| Oracle Warehouse Builder home | Patch 11738172 | Released April 2011 | Warehouse Builder |
| Oracle CRS home | CRS 10.2.0.5.2 PSU Patch 9952245 | Released January 2011 | Non-security content only |
| Product Home | Patch | Advisory Number | Comments |
|---|---|---|---|
| Oracle Database home | Database 10.2.0.4 CPU Patch 12879926, orDatabase 10.2.0.4.12 PSU Patch 12879933 | CVE-2012-0552, CVE-2012-0534, CVE-2012-0528, CVE-2012-0527, CVE-2012-0526, CVE-2012-0520, CVE-2012-0511, CVE-2012-0510 | 10.2.0.4.4 PSU Patch 9352164 is base PSU for 10.2.0.4.12 Overlay PSU |
| Oracle Database home | Patch 13705478 | CVE-2011-5035 | OC4J 9.0.4.1 one-off patch |
| Oracle Database home | Patch 12536167 | Released July 2011 | Enterprise Manager Database ControlFor HP-UX PA-RISC and HP-UX Itanium platforms only |
| Oracle Database home | Patch 12758181 | Released July 2011 | Enterprise Manager Database Control UIX |
| Oracle Database home | Patch 9249369 | Released April 2011 | Database UIX |
| Oracle Database home | Patch 9273865 | Released April 2011 | iSqlPlus UIX |
| Oracle CRS home | CRS 10.2.0.4.4 PSU Patch 9294403 | Released April 2010 | Non-security content only |
比较令人惊讶的是虽然 版本10gR2已经实际进入Sustaining Support周期, 但是这一次仍释出了 10.2.0.5上最新的 PSU 10.2.0.5.7 ,和10.2.0.4上的 10.2.0.4.12 PSU。
虽然10.2.0.5.7当前的状态要求 有 Extended Support CSI 才能下载, 但是实际在几个月前 10.2.0.5.5 release时也如现在一般,但是10.2.0.5.6 又变成了只要有一般的premier support账号即可下载, 谁能摸得清Oracle Patch Support team的脾气呢?
PSU 10.2.0.5.7 修复的bug fix 包括:
PSU 10.2.0.5.7 contains all fixes previously released in PSU 10.2.0.5.6 and the following new fixes:
Buffer Cache Management
8822531 – TAKING AWR SNAP HANGS
12748240 – FIX FOR BUG 12748240
12780098 – FIX FOR BUG 12780098
13503598 – FIX FOR BUG 13503598
Generic
7115910 – ORA-7445 [KQLCHG] INTERMITTENTLY HIT DURING DBMS_REFRESH.REFRESH OF MV
9689310 – SPORADIC BUNCHES OF ORA-600 [17059]
9694101 – SHARED CURSOR TEST HANGS DUE TO ‘CURSOR: PIN S WAIT ON X’
11858315 – ORA-600 [17147] ORA-600 [KGHALO4] WITH PATCH 10277915 APPLIED
High Availability
9448311 – BOTH INSTANCE DOWN WITH ORA-00481.
11674645 – GCS DRM FREEZE IN ENTER SERVER MODE WAIT EVENT
13554409 – FIX FOR BUG 13554409
Oracle Space Management
6076890 – ORA-600[16622] WHEN SYNONYM IS SPECIFIED IN DBMS_SPACE.UNSUSED_SPACE
11790175 – SMON SPINS ON REDO APPLICATION ON BASICFILE LOBS
Oracle Virtual Operating System Services
10326338 – HIGH RESMGR:CPU QUANTUM WITH APPSQOS_PLAN IN PLACE
Server Manageability
13257247 – POPULATING WRH$_TEMPSTATXS MAY BE SLOW DUE TO INEFFICIENT QUERY EXECUTION PLAN
Leave a Reply