From: https://support.oracle.com

What is "Oracle JavaVM Component Database PSU" ?

Oracle JavaVM Component Database PSU is released as part of the Critical Patch Update program from October 2014 onwards.
It consists of two separate patches:

  • One for JDBC clients - applicable to Client, Instant Client, Database and Grid ORACLE_HOMES.
    This is referred to as "JDBC Patch" in the rest of this document.
  • One for the Oracle JavaVM component within the Oracle Database - applicable to database ORACLE_HOMEs only.
    This is referred to as "OJVM PSU" in the rest of this document.
    As of January 2015 the "OJVM PSU" patches include all fixes from the "JDBC Patch".

For situations where the latest OJVM PSU cannot be installed immediately there is a "Mitigation Patch" that can be used.

OJVM PSU

OJVM PSU patches:

  • include critical fixes for the Oracle JavaVM component within the Oracle Database
  • are packaged separately from the Database PSU (or equivalent) as they cannot be installed in a RAC Rolling manner, nor in Standby First manner.
    Keeping them separate allows customers to choose the most appropriate patching approach for each system
    • Oracle has also released "Combo" patches that bundle the OJVM
      PSU in the same ZIP file as DB PSU and/or GI PSU for ease of download.
      The OJVM component in these "Combo" patches is in a separate
      subdirectory with its own install steps still required.       October 2014 "Combo" patches do not include the JDBC Patch.
  • are applicable to all database installations regardless of which patching model is used (DB PSU, GI PSU, Security Patch Update (SPU), Windows Bundle Patch or Database Patch for Exadata)
  • require the database home to be patched to at least October 2014 DB PSU (or equivalent)
  • include binary changes to be applied to each Database ORACLE_HOME,
    and "post install" steps to be execute on each database running from the
    ORACLE_HOME
  • from January 2015 onwards: include the JDBC fixes

For situations where the latest OJVM PSU cannot be installed
immediately there is a "Mitigation Patch" that can be used as describe
below.

What is the "Mitigation Patch" ?

For situations where the latest OJVM PSU cannot be installed immediately there is a "Mitigation Patch" that can be used. The "Mitigation Patch" is an interim solution to protect against all currently known (Jul 2015) Oracle JavaVM security vulnerabilities in the database until such time as the OJVM PSU can be installed. It can also be used to protect database versions no longer covered by error correction support.

The "Mitigation Patch":

  • is applicable only to database homes, not client nor Grid homes
  • is only applicable to databases that have JavaVM installed
  • has no dependency on the DB PSU (or equivalent) level
  • can be installed in a RAC Rolling manner
  • is a SQL only patch that needs to be installed and activated in each database
    • hence it can be installed standby first but it
      requires SQL steps to be executed to be effective, which cannot be done
      on a read only standby
  • affects use of Java and Java development in the database
  • has been reviewed for January 2015, April 2015, July
    2015, October 2015, January 2016, April 2016 and July 2016 and provides
    mitigation against all currently known OJVM vulnerabilities
  • can be downloaded here: Patch:19721304

Read the "Using the Mitigation Patch" section later in this document to understand the impact of this patch.

JDBC Patch

The JDBC patches:

  • include security fixes for JDBC
    (Oct 2014 patches include fixes for CVE-2014-4289 and CVE-2014-6544 only)
  • are available packaged separately from the OJVM PSU and Database PSU (or equivalent) for ease of deployment to client environments
  • are applicable to Client, Instant Client and Grid ORACLE_HOMES The
    JDBC fixes are also applicable to the Database home regardless of
    whether Oracle JavaVM is used in a database or not:

    • For October 2014 the JDBC Patch should also be installed in the Database home
    • For January 2015 the OJVM PSU includes the JDBC fixes and so the
      JDBC patch does not need to be installed in the Database home unless
      OJVM PSU is not being installed yet
    • The JDBC Generic patches have been provided as a separate one-off
      from July 2016 so that all customers can install that without issue.
  • are applicable to all installations regardless of which patching model is used (DB PSU, GI PSU, Security Patch Update (SPU), Windows Bundle Patch or Database Patch for Exadata)
  • have no dependency on OJVM PSU nor Database PSU (or equivalent) patch level
  • can be installed in database server homes in a RAC Rolling manner
  • do not require the database and listeners to be shutdown for patching in non-RAC environments
  • do not require any post install steps be executed against individual databases

Latest JDBC patch availability information can be found in Document:756671.1 "Oracle Recommended Patches -- Oracle Database".

Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU" (OJVM PSU) Patches (文档 ID 1929745.1)的更多相关文章

  1. oracle数据库 PSU,SPU(CPU),Bundle Patches 和 Patchsets 补丁号码快速参考 (文档 ID 1922396.1)

    数据库 PSU,SPU(CPU),Bundle Patches 和 Patchsets 补丁号码快速参考 (文档 ID 1922396.1) 文档内容   用途   详细信息   Patchsets ...

  2. Oracle 11.2.0.4单实例打PSU,OJVM PSU补丁快速参考

    写在前面: 1.Oracel打每个补丁的操作有时存在差异,所以不管多熟悉,都应该在打任何补丁之前阅读新补丁中附带的readme. 2.Oracle每季度都会更新一个最新的PSU,本文最新指的是当前最新 ...

  3. Oracle 11.2.0.4 DataGuard 环境打PSU,OJVM PSU补丁快速参考

    环境:RHEL6.5 + Oracle 11.2.0.4 DataGuard physical standby 主库和备库都是单节点. 需求:主备库同时应用160719的PSU和OJVM PSU补丁. ...

  4. xtts v4for oracle 11g&12c(文档ID 2471245

    xtts v4for oracle 11g&12c(文档ID 2471245.1) 序号 主机 操作项目 操作内容 备注: 阶段一:初始阶段 1.1 源端 环境验证 migrate_check ...

  5. Oracle版本发布规划 (文档 ID 742060.1)

    Oracle Database Release Schedule of Current Database Releases (文档 ID 742060.1) Oracle Database RoadM ...

  6. 数据库 PSU,SPU(CPU),Bundle Patches 和 Patchsets 补丁号码快速参考 (文档 ID 1922396.1)

    数据库 PSU,SPU(CPU),Bundle Patches 和 Patchsets 补丁号码快速参考 (文档 ID 1922396.1)

  7. 11i - 12 Gather Schema Statistics fails with Ora-20001 errors after 11G database Upgrade (文档 ID 781813.1)

    11i - 12 Gather Schema Statistics fails with Ora-20001 errors after 11G database Upgrade (文档 ID 7818 ...

  8. Oracle Created Database Users: Password, Usage and Files References (文档 ID 160861.1)

    This document is no longer actively maintained, for info on specific (new) users in recent product e ...

  9. Database Initialization Parameters for Oracle E-Business Suite Release 12 (文档 ID 396009.1)

    In This Document Section 1: Common Database Initialization Parameters For All Releases Section 2: Re ...

随机推荐

  1. 移动端使用rem适配及相关问题

    移动端适配方案,说多也很多.可以使用百分比布局,但百分比与em都是基于父元素进行计算的,在实际应用中不是很方便.使用rem不仅可以设置字体大小,块大小也可以设置.而且可以良好的适配各种终端,所以这方案 ...

  2. NHibernate系列文章二十一:延迟加载

    摘要 NHibernate的延迟加载机制是很重要的内容.通过关系映射将数据库表之间的关系映射成对象之间的关系,如果没有延迟加载机制,从主表的一个对象的查询将直接查询出所有与该对象关联的其他对象,如果关 ...

  3. 在SQLSERVER中快速有条件删除海量数据技巧推荐

    解释: 如果你的硬盘空间小,并且不想设置数据库的日志为最小(因为希望其他正常的日志希望仍然记录),而且对速度要求比较高,并清除所有的数据建议你用turncate table1,因为truncate 是 ...

  4. 微软第四题 给定cost能遍历的最大城市数

    有向图中N*N矩阵 cost:M, 最多可以遍历的结点个数 例如A可以有0->1->2->0->1 代价:2+2+3+2=9<10 输出4 #include <io ...

  5. Ubuntu 14.10安装SecureCRT 7.3(转)

    原文 :http://blog.csdn.net/chszs/article/details/40623169 1.软件准备 Ubuntu14.04 x64 下载SecureCRT7.3的版本:scr ...

  6. XidianOJ 1057 卡尔的技能

    题目描述 dota中的英雄卡尔的技能说明如下,他拥有3种不同的元素(冰,雷,火),每次他需要释放技能的时候,他要先选择3次元素来决定释放技能的类型(比如,他可以选择火+火+火或冰+雷+火等等),生成技 ...

  7. PHP实现异步调用方法研究

    作者: Laruence 本文地址: http://www.laruence.com/2008/04/14/318.html 转载请注明出处 , ,); curl_setopt_array(, ); ...

  8. Java入门记(二):向上转型与向下转型

    在对Java学习的过程中,对于转型这种操作比较迷茫,特总结出了此文.例子参考了<Java编程思想>. 目录 几个同义词 向上转型与向下转型 例一:向上转型,调用指定的父类方法 例二:向上转 ...

  9. 写了cookie阻止通过输入地址直接访问下一个html,但是直接输入地址访问时,会闪一下下一个页面,怎么回事啊????、

    描述:做了两个页面login.html   index.html  在index的body加了onload事件,调用一个js,js中有cookie的判断,防止没有登录就打开index.html,如果没 ...

  10. 转: unix实际用户ID和有效用户ID解析

    今天在看APUE,这两个问题很难理解,GOOGLE一下,有篇文章总结的不错,看了一下才明白透彻了. 由于用户在UNIX下经常会遇到 SUID.SGID的概念,而且SUID和SGID涉及到系统安全,所以 ...