甲骨文发布2012 1月数据库安全补丁Critical Patch Update January 2012
甲骨文公司(Oracle Corp)会在今天的(2012-01-17 Tuesday)的晚些时候发布最新的数据库安全补丁Critical Patch Update January 2012;
在OTN的CPU security专题页面上已经生成了《Oracle Critical Patch Update Pre-Release Announcement - January 2012》的页面;将要发布的安全补丁涵盖多个版本的Oracle数据库:
Patch Availability for Oracle Database 11.2.0.2
Patch Availability for Oracle Database 11.1.0.7
Patch Availability for Oracle Database 10.2.0.5
Patch Availability for Oracle Database 10.2.0.4
Patch Availability for Oracle Database 10.1.0.5
Patch Set Update Availability for Oracle Database
在11gR2 当前最新版本11.2.0.3的第一个psu 11.2.0.3.1中修复了几十个bug:
Affected Products and Components
Security vulnerabilities addressed by this Critical Patch Update affect the following products:- Oracle Database 11g Release 2, versions 11.2.0.2, 11.2.0.3
- Oracle Database 11g Release 1, version 11.1.0.7
- Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
- Oracle Database 10g Release 1, version 10.1.0.5
Oracle Database 11.2.0.3 | UNIX | Microsoft Windows (32-Bit) | Microsoft Windows x64 (64-bit) | Advisory Number | Comments |
---|---|---|---|---|---|
Oracle Database home | CPU Patch 13466801, or DB PSU Patch 13343438, or GI PSU Patch 13348650, or Database patch for Exadata Patch 13513783, or Quarterly Full Stack download for Exadata Patch 13551280 | Bundle Patch 13413167 | Bundle Patch 13413168 |
Oracle Database 11.2.0.2 | UNIX | Microsoft Windows (32-Bit) | Microsoft Windows x64 (64-bit) | Advisory Number | Comments |
---|---|---|---|---|---|
Oracle Database home | CPU Patch 13343244, or DB PSU Patch 13343424, or GI PSU Patch 13343447, or Exadata Database Recommended Patch 14 Patch 13556724 | Bundle Patch 13413154 | Bundle Patch 13413155 | CVE-2012-0072, CVE-2012-0082 |
Oracle Database 11.1.0.7 | UNIX | Microsoft Windows (32-Bit) | Microsoft Windows x64 (64-Bit) | Advisory Number | Comments |
---|---|---|---|---|---|
Oracle Database home | CPU Patch 13343453, or PSU Patch 13343461 | Bundle Patch 13460955 | Bundle Patch 13460956 | CVE-2012-0072, CVE-2012-0082 | |
Oracle Database home | Patch 9288120 | Patch 9288120 | Patch 9288120 | Released April 2011 | Database UIX For Oracle Secure Enterprise Search 11.1.2.x installations, follow the instructions given in MOS note Note 1359600.1. |
Oracle Database home | Patch 10073948 | Patch 10073948 | Patch 10073948 | Released April 2011 | Enterprise Manager Database Control UIX Not applicable to Oracle Secure Enterprise Search 11.1.2.x |
Oracle Database home | Patch 11738232 | Patch 11738232 | Patch 11738232 | Released April 2011 | Warehouse Builder Not applicable to Oracle Secure Enterprise Search 11.1.2.x |
Oracle Database 10.2.0.5 | UNIX | Microsoft Windows (32-Bit) | Microsoft Windows Itanium (64-Bit) | Microsoft Windows x64 (64-Bit) | Advisory Number | Comments |
---|---|---|---|---|---|---|
Oracle Database home | CPU Patch 13343467, or PSU Patch 13343471 | Bundle Patch 13460967 | NA | Bundle Patch 13460968 | CVE-2012-0072, CVE-2012-0082 | |
Oracle Database home | Patch 12536181 | NA | NA | NA | Released July 2011 | Enterprise Manager Database Control For HP-UX PA-RISC and HP-UX Itanium platforms only |
Oracle Database home | Patch 11738172 | Patch 11738172 | Patch 11738172 | Patch 11738172 | Released April 2011 | Warehouse Builder |
Oracle Database 10.2.0.4 | UNIX | Advisory Number | Comments |
---|---|---|---|
Oracle Database home | CPU Patch 12879912, or PSU Patch 12879929 | CVE-2012-0072, CVE-2012-0082 | |
Oracle Database home | Patch 12536167 | Released July 2011 | Enterprise Manager Database Control For HP-UX PA-RISC and HP-UX Itanium platforms only |
Oracle Database home | Patch 9249369 | Released April 2011 | Database UIX |
Oracle Database home | Patch 12758181 | Released July 2011 | Enterprise Manager Database Control UIX |
Oracle Database home | Patch 9273865 | Released April 2011 | iSqlPlus UIX |
Component | IBM zSeries (z/OS) | Advisory Number | Comments |
---|---|---|---|
Oracle Database home | CPU Patch 13343479 | CVE-2012-0072, CVE-2012-0082 |
Oracle Database 10.1.0.5 | UNIX | Microsoft Windows (32-Bit) | Microsoft Windows Itanium (64-Bit) | Advisory Number | Comments |
---|---|---|---|---|---|
Oracle Database home | Patch 6640838 | Patch 6640838 | Patch 6640838 | Released October 2010 | Oracle Universal Installer |
Oracle Database home | Patch 11842285 | NA | NA | Released July 2011 | Oracle Universal Installer |
Oracle Database home | CPU Patch 13343482 | Bundle Patch 13413002 | Bundle Patch 13413003 | CVE-2012-0072, CVE-2012-0082 | |
Oracle Database home | Patch 12535977 | NA | NA | Released July 2011 | Enterprise Manager Database Control For HP-UX PA-RISC and HP-UX Itanium platforms only |
Oracle Workspace Manager home | Patch 7341989 | Patch 7341989 | Patch 7341989 | Released April 2009 | |
Oracle Database home | Patch 9249369 | Patch 9249369 | Patch 9249369 | Released April 2011 | Database UIX |
Oracle Database home | Patch 10036362 | Patch 10036362 | Patch 10036362 | Released April 2011 | Enterprise Manager Database Control UIX |
Oracle Database home | Patch 9273888 | Patch 9273888 | Patch 9273888 | Released April 2011 | iSqlPlus UIX |
Oracle Database | UNIX | Advisory Number | Comments |
---|---|---|---|
11.2.0.2.4 Database PSU | Patch 13343424 | See Section 3.1.3.3, "Oracle Database 11.2.0.2" | |
11.2.0.2.4 Grid Infrastructure PSU | Patch 13343447 | See Section 3.1.3.3, "Oracle Database 11.2.0.2" | Includes CPUJan2012 and 11.2.0.2.4 Database PSU IBM: Linux on System Z and HP-UX PA-RISC are On-Request Platforms for GI PSU 11.2.0.2.4 |
11.2.0.2 BP12 for Exadata | Patch 13556724 | See Section 3.1.3.3, "Oracle Database 11.2.0.2" | Includes CPUJan2012 and 11.2.0.2.4 Database and Grid Infrastructure PSU fixes for Exadata |
11.1.0.7.9 Database PSU | Patch 13343461 | See Section 3.1.3.4, "Oracle Database 11.1.0.7" | |
11.1.0.7.7 CRS PSU | Patch 11724953 | Released April 2011 | |
10.2.0.5.5 Database PSU | Patch 13343471 | See Section 3.1.3.5, "Oracle Database 10.2.0.5" | |
10.2.0.5.2 CRS PSU | Patch 9952245 | Released January 2011 | IBM: Linux on System Z, Solaris x86-64 and HP-UX PA-RISC are On-Request Platforms for CRS PSU 10.2.0.5.2 |
10.2.0.4.10 Database PSU | Patch 12879929 | See Section 3.1.3.6, "Oracle Database 10.2.0.4" | Overlay PSU |
10.2.0.4.4 Database PSU | Patch 9352164 | Released April 2010 | Base PSU for 10.2.0.4.10 |
10.2.0.4.4 CRS PSU | Patch 9294403 | Released April 2010 |
CPU molecules in PSU 11.2.0.3.1:
PSU 11.2.0.3.1 contains the following new PSU 11.2.0.3.1 molecules:
13499128 - DB-11.2.0.3-MOLECULE-001-CPUJAN2012
13528551 - DB-11.2.0.3-MOLECULE-002-CPUJAN2012
Bug Fixes
See My Oracle Support Note 1340011.1 that documents all the non-security bugs fixed in each 11.2.0.2 Patch Set Update (PSU). PSU 11.2.0.3.1 contains the following new fixes: Automatic Storage Management 9703627 - 11.2.0.2: ROOT USE OF ASMCMD PLACES ALERT.LOG IN USER DIRECTORY 12620823 - SOL-SP64-11203:ASM INSTANCE HANG DURING CRS STACK STARTING ON THE SECOND NODE 12797765 - SOL_SP64: AFTER ALL DISKS FAILURE, DG CAN'T BE DISMOUNTED ON T2000-3 12905058 - REBOOT 2 CELL NODES, CHECKFILE FOUND CORRUPTION BLOCK IN 3 UNDO DATAFILES 12938841 - 11203_ASM_SOL_SP64:RACE BETWEEN ADD DISK AND DISMOUNT MAY CAUSE KFGUSENUM01 12950644 - RBAL HIT ORA-07445:[KFDGLOBALOPEN()+738], ASM INST ABORT Generic 9873405 - ORA-600 DURING FAST REFRESH AFTER 11.2.0.1.0 TO 11.2.0.2.0 UPDATE. High Availability 12718090 - LNX64-11203-RAC:DB FG RROC HIT ORA-00600[KCLCHKBLK_3] 12834027 - ORA-00600 [KJBMPRLST:SHADOW] & [KJBRASR:PKEY] IN A READ MOSTLY & SKIP LOCK ENV 12847466 - AROLTP-C: HANG SIGNATURE: 'GC CURRENT REQUEST'<='GC BUFFER BUSY ACQUIRE' 12861463 - RAC PERF: DEFAULT VALUE FOR _LM_SINGLE_INST_AFFINITY_LOCK SHOULD BE FALSE 12917230 - QUERY WITH TEMP TABLE TRANSFORMATION RUNS 5X SLOWER WAITING FOR REMASTERING 12998795 - AROLTP-C: HANG SIGNATURE: 'GC CURRENT REQUEST'<='GC BUFFER BUSY ACQUIRE' 13035804 - LACK OF DLM PSEUDO RECONFIGURATION TEXTUAL REASON Oracle Space Management 13041324 - HCC ON ZFS AND PILLAR STORAGE 13492735 - DISALLOW ADDING NON-HCC DATAFILE TO HCC TABLESPACE Oracle Virtual Operating System Services 13362079 - HCC SHOULD NOT BE ENABLED FOR NON ZFS/ PILLAR STORAGE ARRAYposted on 2013-03-19 00:51 Oracle和MySQL 阅读(357) 评论(0) 编辑 收藏 举报