{"id":2243,"date":"2017-01-18T15:34:44","date_gmt":"2017-01-18T14:34:44","guid":{"rendered":"http:\/\/www.oradba.ch\/?p=2243"},"modified":"2017-01-18T16:31:01","modified_gmt":"2017-01-18T15:31:01","slug":"oracle-cpu-psu-announcement-january-2017","status":"publish","type":"post","link":"https:\/\/www.oradba.ch\/wordpress\/2017\/01\/oracle-cpu-psu-announcement-january-2017\/","title":{"rendered":"Oracle CPU \/ PSU Announcement January 2017"},"content":{"rendered":"<p>Oracle has published the first Critical Patch Update in 2017. It&#8217;s quite a huge update with not less than 270 new security vulnerability fixes across the Oracle products. For the Oracle Database itself are 5 security fixes available respectively 2 security fixes for the Oracle Database Server and 3 security fixes for Oracle Secure Backup and Oracle Big Data Graph.<br \/>\nNeither of the two vulnerabilities for Oracle Databases are remotely exploitable without authentication. None of these fixes are applicable to client-only installations.<\/p>\n<p>The highest CVSS Base Score of vulnerabilities affecting Oracle Database Server is 9.0. The following components are affected:<\/p>\n<ul>\n<li>OJVM<\/li>\n<li>RDBMS Security \/ Local Logon<\/li>\n<\/ul>\n<p>Over all the PSU for Oracle Database Server itself is relatively small. The tests for the Trivadis CPU-Report will show if there are any issues with this PSU respectively SPU.<\/p>\n<p>It seems that a bunch of Patch&#8217;s are not yet available. Oracle list the follow Post Release Patches beside the PSU and SPU for Oracle Database Server 11.2.0.4.<\/p>\n<table>\n<tr>\n<th style=\"padding: 2px;white-space:nowrap;\">Patch Number<\/th>\n<th style=\"padding: 2px;\">Patch<\/th>\n<th style=\"padding: 2px;\">Platform<\/th>\n<th style=\"padding: 2px;\">Availability<\/th>\n<\/tr>\n<tr>\n<td style=\"padding: 2px;white-space:nowrap;\"><a href=\"https:\/\/support.oracle.com\/epmos\/faces\/ui\/patch\/PatchDetail.jspx?parent=DOCUMENT&#038;sourceId=2203916.1&#038;patchId=24968615\" target=\"_blank\">24968615<\/a><\/td>\n<td style=\"padding: 2px;\">Database Proactive Bundle Patch 12.1.0.2.170117<\/td>\n<td style=\"padding: 2px;\">HP-UX Itanium (64-Bit) &#038; AIX (64-Bit)<\/td>\n<td style=\"padding: 2px;\">Expected: Wednesday 18-Jan-2017<\/td>\n<\/tr>\n<tr>\n<td style=\"padding: 2px;white-space:nowrap;\"><a href=\"https:\/\/support.oracle.com\/epmos\/faces\/ui\/patch\/PatchDetail.jspx?parent=DOCUMENT&#038;sourceId=2203916.1&#038;patchId=25395111\" target=\"_blank\">25395111<\/a><\/td>\n<td style=\"padding: 2px;\">Oracle Application Testing Suite BP 12.5.0.1<\/td>\n<td style=\"padding: 2px;\">All Platforms<\/td>\n<td style=\"padding: 2px;\">Expected: Wednesday 18-Jan-2017<\/td>\n<\/tr>\n<tr>\n<td style=\"padding: 2px;white-space:nowrap;\"><a href=\"https:\/\/support.oracle.com\/epmos\/faces\/ui\/patch\/PatchDetail.jspx?parent=DOCUMENT&#038;sourceId=2203916.1&#038;patchId=25115951\" target=\"_blank\">25115951<\/a><\/td>\n<td style=\"padding: 2px;\">Microsoft Windows BP 12.1.0.2.170117<\/td>\n<td style=\"padding: 2px;\">Windows 32-Bit and x86-64<\/td>\n<td style=\"padding: 2px;\">Expected: Tuesday 24-Jan-2017<\/td>\n<\/tr>\n<tr>\n<td style=\"padding: 2px;white-space:nowrap;\"><a href=\"https:\/\/support.oracle.com\/epmos\/faces\/ui\/patch\/PatchDetail.jspx?parent=DOCUMENT&#038;sourceId=2203916.1&#038;patchId=25112498\" target=\"_blank\">25112498<\/a><\/td>\n<td style=\"padding: 2px;\">Oracle JavaVM Component Microsoft Windows Bundle Patch 12.1.0.2.170117<\/td>\n<td style=\"padding: 2px;\">Windows 32-Bit and x86-64<\/td>\n<td style=\"padding: 2px;\">Expected: Tuesday 24-Jan-2017<\/td>\n<\/tr>\n<tr>\n<td style=\"padding: 2px;white-space:nowrap;\"><a href=\"https:\/\/support.oracle.com\/epmos\/faces\/ui\/patch\/PatchDetail.jspx?parent=DOCUMENT&#038;sourceId=2203916.1&#038;patchId=24918318\" target=\"_blank\">24918318<\/a><\/td>\n<td style=\"padding: 2px;\">Quarterly Full Stack download for Exadata (Jan2017) BP 12.1.0.2<\/td>\n<td style=\"padding: 2px;\">Linux x86-64 and Solaris x86-64<\/td>\n<td style=\"padding: 2px;\">Expected: Thursday 26-Jan-2017<\/td>\n<\/tr>\n<tr>\n<td style=\"padding: 2px;white-space:nowrap;\"><a href=\"https:\/\/support.oracle.com\/epmos\/faces\/ui\/patch\/PatchDetail.jspx?parent=DOCUMENT&#038;sourceId=2203916.1&#038;patchId=24918333\" target=\"_blank\">24918333<\/a><\/td>\n<td style=\"padding: 2px;\">Quarterly Full Stack download for SuperCluster (Jan2017) BP 12.1.0.2<\/td>\n<td style=\"padding: 2px;\">Solaris SPARC 64-Bit<\/td>\n<td style=\"padding: 2px;\">Expected: Thursday 26-Jan-2017<\/td>\n<\/tr>\n<\/table>\n<p>More details about the patch will follow soon on the Oracle Security Pages.<\/p>\n<ul>\n<li><a href=\"http:\/\/www.oracle.com\/technetwork\/topics\/security\/alerts-086861.html\">Critical Patch Updates and Security Alerts<\/a><\/li>\n<li><a href=\"http:\/\/www.oracle.com\/technetwork\/security-advisory\/cpujan2017-2881727.html\">Oracle Critical Patch Update Advisory &#8211; January 2017<\/a><\/li>\n<li>Or posted here \ud83d\ude42<\/li>\n<\/ul>\n","protected":false},"excerpt":{"rendered":"<p>Oracle has published the first Critical Patch Update in 2017. It&#8217;s quite a huge update with not less than 270 new security vulnerability fixes across the Oracle products. For the Oracle Database itself are 5 security fixes available respectively 2 security fixes for the Oracle Database Server and 3 security fixes for Oracle Secure Backup [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":true,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"#OracleCPU \/ PSU Announcement January 2017 #Security Advisory. Will be reviewed for the next #Trivadis CPU-Report","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[8,83,158,46,11],"tags":[130,18,111],"class_list":["post-2243","post","type-post","status-publish","format-standard","hentry","category-11gr2","category-12cr1","category-12cr2","category-cpu","category-security","tag-trivadis","tag-trivadiscontent","tag-tvdsecexpert"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1aErb-Ab","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":2397,"url":"https:\/\/www.oradba.ch\/wordpress\/2017\/10\/oracle-cpu-psu-announcement-october-2017\/","url_meta":{"origin":2243,"position":0},"title":"Oracle CPU \/ PSU Announcement October 2017","author":"Stefan","date":"18. October 2017","format":false,"excerpt":"The Oracle open world 2017 is over, the dust just settled down. A perfect time for Oracle to release the October critical patch advisory. With not less than 270 new security vulnerability fixes across the Oracle products it seems to be a rather huge update. From the DB perspective it\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2270,"url":"https:\/\/www.oradba.ch\/wordpress\/2017\/04\/oracle-cpu-psu-announcement-april-2017\/","url_meta":{"origin":2243,"position":1},"title":"Oracle CPU \/ PSU Announcement April 2017","author":"Stefan","date":"19. April 2017","format":false,"excerpt":"Last night Oracle released there new Critical Patch Update. From the DB perspective it is a rather small patch update. It just includes 2 fixes for security vulnerabilities on Oracle database 11.2.0.4 and 12.1.0.2. None of the vulnerabilities are remote exploitable without authentication but one fix is also for client\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2168,"url":"https:\/\/www.oradba.ch\/wordpress\/2016\/07\/oracle-cpu-psu-pre-release-announcement-july-2016\/","url_meta":{"origin":2243,"position":2},"title":"Oracle CPU \/ PSU Pre-Release Announcement July 2016","author":"Stefan","date":"15. July 2016","format":false,"excerpt":"Oracle has published the Pre-Release Announcement for the July 2016 Critical Patch Update. It's quite a huge update with not less than 276 security vulnerability fixes across the Oracle products. For the Oracle Database itself are 9 security fixes available. Dies ist wiederum eines der gr\u00f6\u00dferen Critical Patch Update for\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":683,"url":"https:\/\/www.oradba.ch\/wordpress\/2011\/10\/oracle-cpu-psu-pre-release-announcement-october-2011\/","url_meta":{"origin":2243,"position":3},"title":"Oracle CPU \/ PSU Pre-Release Announcement October 2011","author":"Stefan","date":"14. October 2011","format":false,"excerpt":"Oracle has recently published the Pre-Release Announcement for the CPU Patch. This Critical Patch Update contains 56 new security vulnerability fixes for several Oracle products. 4 of these fixes are just for the Oracle Database Server.","rel":"","context":"In &quot;10gR2&quot;","block_context":{"text":"10gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/10gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":724,"url":"https:\/\/www.oradba.ch\/wordpress\/2012\/01\/oracle-cpu-psu-pre-release-announcement-januar-2012\/","url_meta":{"origin":2243,"position":4},"title":"Oracle CPU \/ PSU Pre-Release Announcement Januar 2012","author":"Stefan","date":"13. January 2012","format":false,"excerpt":"Oracle has recently published the Pre-Release Announcement for the CPU Patch. This Critical Patch Update contains 78 new security vulnerability fixes for several Oracle products. 2 of these fixes are just for the Oracle Database Server.","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2549,"url":"https:\/\/www.oradba.ch\/wordpress\/2018\/04\/oracle-cpu-psu-april-2018\/","url_meta":{"origin":2243,"position":5},"title":"Oracle CPU \/ PSU April 2018","author":"Stefan","date":"18. April 2018","format":false,"excerpt":"Oracle recently released the spring Critical Patch Advisory. It is the first critical patch update, which also includes fixes for Oracle 18c. Over all it includes 254 new security fixes across the product families. Overall a rather large update, although only a security vulnerability is patched for the Oracle databases.\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/2243","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/comments?post=2243"}],"version-history":[{"count":3,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/2243\/revisions"}],"predecessor-version":[{"id":2246,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/2243\/revisions\/2246"}],"wp:attachment":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/media?parent=2243"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/categories?post=2243"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/tags?post=2243"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}