SlideShare a Scribd company logo

Patching: answers to questions you probably were afraid to ask about oracle security updates

ā€¢Download as PPTX, PDFā€¢
ā€¢
DATA SECURITY SOLUTIONS
DATA SECURITY SOLUTIONS

This document discusses Oracle database security updates and patching. It begins by addressing common questions and concerns about patching, such as whether patching is needed if behind a firewall, how often to apply proactive bugfixes, and potential issues like downtime and breakage. It then covers the different types of proactive patches, how to apply them to reduce downtime, and resources for further information. The conclusion emphasizes the importance of reading the patch README for installation instructions and details.

Technology
1 of 27
Juris TroŔins juris.trosins@dbacc.lv www.dbacc.lv Answers To The Questions You Probably Were Afraid To Ask About Oracle Database Security Updates
What We Do ā€¢ DBA Outsourcing ā€¢ Remote Consulting ā€¢ Oracle Training ā€¢ Oracle Software ā€¢ Oracle Hardware
Portfolio
About me ā€¢ More than third of my life with Oracle tech ā€¢ OCE, OCP, OCM ā€¢ Co-founder of DBA Competence Center Ltd. ā€¢ Trainer at Oracle University ā€¢ Speaker at LVOUG, UKOUG, Harmony and other technology seminars
Sort of Agenda ā€¢ Few existential questions ā€¢ Some motivational stuff ā€¢ Bits of technical information
??? ā€¢ My databases are behind firewall, do I need security patches? ā€¢ Should I apply proactive bugfixes? ā€¢ How often? ā€¢ Do I need downtime? How long? ā€¢ What if I break something? ā€¢ There are so many recommended patches! Which one is right for me? ā€¢ If it works, do not fix it! ā€¢ Patching implies downtime ā€¢ Patch will break my DB, execution plans, everything ā€¢ Patch will introduce new errors or new features ā€¢ I need to test patch ā€¢ Patching is extra work!
To patchā€¦ or not to patch?
Yeah, fine! Letā€™s skip that patch!
CVE ā€¢ Industry standard ā€“ Common Vulnerabilities and Exposures ā€¢ CVSS Base Score
Patch is Like a Vaccine ā€¢ If you skip common sence, here are another reasons to apply patches: ā€“ Security standard recommendations (PCI/DSS, Oracle Support Compliance, internal rules, etc.) ā€“ Oracle Support will Ā«blameĀ» you when you hit Ā«that bugĀ» while being unpatched ā€“ Finally it justifies your position as a DBA in a world of Ā«self managing databasesĀ» ļŠ ā€“ Proactive patches are already tested and evaluated by Oracle development
Where to start?
Types of Proactive Patches
Whatā€™s New? ā€¢ Critical Security patches (CPU/SPU, pre-12c) contain only security fixes ā€¢ PSU/RU/RUR contain security fixes plus bugfixes ā€¢ RU (Update) vs RUR (Revision) ā€“ 12.2+ ā€“ Release Updates are like PSUs ā€“ Revisions contain previous RU plus additional fixes
How To Apply ā€¢ Read the README!!! ā€¢ OPatch utility ā€“ Patch: 6880880 (get the latest one for your version) ā€¢ BP, Combo or System patch ā€“ # opatchauto ā€¢ RU, RUR, CPU/SPU/PSU ā€“ $ opatch apply
How to Reduce Downtime ā€¢ RAC rolling installable ā€¢ DG Standby First installable ā€¢ Online (hot) patching ā€¢ Fiddeling with software provisioning
ā€¢ Rolling Patch - OPatch Support for RAC (Doc ID 244241.1 ā€¢ Oracle Patch Assurance - Data Guard Standby- First Patch Apply (Doc ID 1265700.1) ā€¢ How To Setup a Rapid Home Provisioning (RHP) Server and Client (Doc ID 2097026.1) ā€¢ Minimal downtime patching via cloning 12c ORACLE_HOME directories with OPlan (Doc ID 2087150.1)
What about OJVM Patch? ā€¢ It is recommended, and Ā«almostĀ» mandatory ā€¢ Yes, even if you do not use JVM in your database! ā€¢ Not RAC Rolling (?) nor DG Standby-First installable, hence implies outage ā€¢ Depending on your JVM usage downtime can be mitigated: ā€“ Mitigation Patch, or ā€“ Perform postinstall with Ā«open normalĀ» database
ā€¢ Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU and Update" (OJVM PSU and OJVM Update) Patches (Doc ID 1929745.1) ā€¢ RAC Rolling Install Process for the "Oracle JavaVM Component Database PSU/RU" (OJVM PSU/RU) Patches (Doc ID 2217053.1)
Ā«Installed but DisabledĀ» Mode ā€¢ No fixes that change execution plan were included in PSUsā€¦ untilā€¦ ā€¢ Fixes to the execution plan are included starting with 12.1.0.2 Apr18 DB BP ā€¢ Such fixes will be DISABLED by default ā€¢ New Feature: Automatic Fix Control Persistance ā€¢ New DBMS_OPTIM_BUNDLE package
Further Reading ā€¢ README of individual patch! ā€¢ Oracle Patch advisory https://www.oracle.com/technetwork/topics/security/ alerts-086861.html ā€¢ OPatch User's Guide and Opatch FAQ (Doc ID 1486109.1) ā€¢ Release Update Introduction and FAQ (Doc ID 2285040.1) ā€¢ Automatic Fix Control Persistence (FCP) for Database Proactive Bundle Patch (Doc ID 2147007.1) (12.2+) ā€¢ Patch Set Updates for Oracle Products (Doc ID 854428.1) (up to 12.1)
Conclusion ā€¢ Read the README! If you did not read the README, read that README!!!
Q/A @juristrosins juris.trosins@dbacc.lv (+371) 29 427247 www.dbacc.lv

Recommended

Multiply your Testing Effectiveness with Parameterized Testing, v1
Multiply your Testing Effectiveness with Parameterized Testing, v1Multiply your Testing Effectiveness with Parameterized Testing, v1
Multiply your Testing Effectiveness with Parameterized Testing, v1Brian Okken
Ā 
Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactAlessandro Selli
Ā 
Solaris Kernel Debugging V1.0
Solaris Kernel Debugging V1.0Solaris Kernel Debugging V1.0
Solaris Kernel Debugging V1.0Jarod Wang
Ā 
David container security-with_falco
David container security-with_falcoDavid container security-with_falco
David container security-with_falcoLorenzo David
Ā 
Active Web Development
Active Web DevelopmentActive Web Development
Active Web DevelopmentDivya Manian
Ā 
DiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalDiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalRobert Postill
Ā 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Brendan Gregg
Ā 
Deploying Prometheus stacks with Juju
Deploying Prometheus stacks with JujuDeploying Prometheus stacks with Juju
Deploying Prometheus stacks with JujuJ.J. Ciarlante
Ā 

Recommended

Multiply your Testing Effectiveness with Parameterized Testing, v1
Multiply your Testing Effectiveness with Parameterized Testing, v1Multiply your Testing Effectiveness with Parameterized Testing, v1
Multiply your Testing Effectiveness with Parameterized Testing, v1Brian Okken
Ā 
Linux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactLinux Capabilities - eng - v2.1.5, compact
Linux Capabilities - eng - v2.1.5, compactAlessandro Selli
Ā 
Solaris Kernel Debugging V1.0
Solaris Kernel Debugging V1.0Solaris Kernel Debugging V1.0
Solaris Kernel Debugging V1.0Jarod Wang
Ā 
David container security-with_falco
David container security-with_falcoDavid container security-with_falco
David container security-with_falcoLorenzo David
Ā 
Active Web Development
Active Web DevelopmentActive Web Development
Active Web DevelopmentDivya Manian
Ā 
DiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalDiUS Computing Lca Rails Final
DiUS Computing Lca Rails FinalRobert Postill
Ā 
Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Performance Wins with eBPF: Getting Started (2021)
Performance Wins with eBPF: Getting Started (2021)Brendan Gregg
Ā 
Deploying Prometheus stacks with Juju
Deploying Prometheus stacks with JujuDeploying Prometheus stacks with Juju
Deploying Prometheus stacks with JujuJ.J. Ciarlante
Ā 
YOW2020 Linux Systems Performance
YOW2020 Linux Systems PerformanceYOW2020 Linux Systems Performance
YOW2020 Linux Systems PerformanceBrendan Gregg
Ā 
Introduction to Perf
Introduction to PerfIntroduction to Perf
Introduction to PerfWang Hsiangkai
Ā 
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPFOSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPFBrendan Gregg
Ā 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtAnne Nicolas
Ā 
Linux kernel-rootkit-dev - Wonokaerun
Linux kernel-rootkit-dev - WonokaerunLinux kernel-rootkit-dev - Wonokaerun
Linux kernel-rootkit-dev - Wonokaerunidsecconf
Ā 
Tuning parallelcodeonsolaris005
Tuning parallelcodeonsolaris005Tuning parallelcodeonsolaris005
Tuning parallelcodeonsolaris005dflexer
Ā 
Linux Performance Tools
Linux Performance ToolsLinux Performance Tools
Linux Performance ToolsBrendan Gregg
Ā 
Linux Performance Tools 2014
Linux Performance Tools 2014Linux Performance Tools 2014
Linux Performance Tools 2014Brendan Gregg
Ā 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)Brendan Gregg
Ā 
Performance Wins with BPF: Getting Started
Performance Wins with BPF: Getting StartedPerformance Wins with BPF: Getting Started
Performance Wins with BPF: Getting StartedBrendan Gregg
Ā 
LSFMM 2019 BPF Observability
LSFMM 2019 BPF ObservabilityLSFMM 2019 BPF Observability
LSFMM 2019 BPF ObservabilityBrendan Gregg
Ā 
bcc/BPF tools - Strategy, current tools, future challenges
bcc/BPF tools - Strategy, current tools, future challengesbcc/BPF tools - Strategy, current tools, future challenges
bcc/BPF tools - Strategy, current tools, future challengesIO Visor Project
Ā 
Linux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloudLinux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloudAndrea Righi
Ā 
LPC2019 BPF Tracing Tools
LPC2019 BPF Tracing ToolsLPC2019 BPF Tracing Tools
LPC2019 BPF Tracing ToolsBrendan Gregg
Ā 
QCon 2015 Broken Performance Tools
QCon 2015 Broken Performance ToolsQCon 2015 Broken Performance Tools
QCon 2015 Broken Performance ToolsBrendan Gregg
Ā 
Performance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux KernelPerformance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux Kernellcplcp1
Ā 
Blazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBlazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBrendan Gregg
Ā 
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
Ā 
Linux Troubleshooting
Linux TroubleshootingLinux Troubleshooting
Linux TroubleshootingKeith Wright
Ā 
USENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsUSENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsBrendan Gregg
Ā 
SOA Suite Administration from OUGN 2014
SOA Suite Administration from OUGN 2014SOA Suite Administration from OUGN 2014
SOA Suite Administration from OUGN 2014Jon Petter Hjulstad
Ā 
Oracle Database : Addressing a performance issue the drilldown approach
Oracle Database : Addressing a performance issue the drilldown approachOracle Database : Addressing a performance issue the drilldown approach
Oracle Database : Addressing a performance issue the drilldown approachLaurent Leturgez
Ā 

More Related Content

What's hot

YOW2020 Linux Systems Performance
YOW2020 Linux Systems PerformanceYOW2020 Linux Systems Performance
YOW2020 Linux Systems PerformanceBrendan Gregg
Ā 
Introduction to Perf
Introduction to PerfIntroduction to Perf
Introduction to PerfWang Hsiangkai
Ā 
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPFOSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPFBrendan Gregg
Ā 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtAnne Nicolas
Ā 
Linux kernel-rootkit-dev - Wonokaerun
Linux kernel-rootkit-dev - WonokaerunLinux kernel-rootkit-dev - Wonokaerun
Linux kernel-rootkit-dev - Wonokaerunidsecconf
Ā 
Tuning parallelcodeonsolaris005
Tuning parallelcodeonsolaris005Tuning parallelcodeonsolaris005
Tuning parallelcodeonsolaris005dflexer
Ā 
Linux Performance Tools
Linux Performance ToolsLinux Performance Tools
Linux Performance ToolsBrendan Gregg
Ā 
Linux Performance Tools 2014
Linux Performance Tools 2014Linux Performance Tools 2014
Linux Performance Tools 2014Brendan Gregg
Ā 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)Brendan Gregg
Ā 
Performance Wins with BPF: Getting Started
Performance Wins with BPF: Getting StartedPerformance Wins with BPF: Getting Started
Performance Wins with BPF: Getting StartedBrendan Gregg
Ā 
LSFMM 2019 BPF Observability
LSFMM 2019 BPF ObservabilityLSFMM 2019 BPF Observability
LSFMM 2019 BPF ObservabilityBrendan Gregg
Ā 
bcc/BPF tools - Strategy, current tools, future challenges
bcc/BPF tools - Strategy, current tools, future challengesbcc/BPF tools - Strategy, current tools, future challenges
bcc/BPF tools - Strategy, current tools, future challengesIO Visor Project
Ā 
Linux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloudLinux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloudAndrea Righi
Ā 
LPC2019 BPF Tracing Tools
LPC2019 BPF Tracing ToolsLPC2019 BPF Tracing Tools
LPC2019 BPF Tracing ToolsBrendan Gregg
Ā 
QCon 2015 Broken Performance Tools
QCon 2015 Broken Performance ToolsQCon 2015 Broken Performance Tools
QCon 2015 Broken Performance ToolsBrendan Gregg
Ā 
Performance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux KernelPerformance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux Kernellcplcp1
Ā 
Blazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBlazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBrendan Gregg
Ā 
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Valeriy Kravchuk
Ā 
Linux Troubleshooting
Linux TroubleshootingLinux Troubleshooting
Linux TroubleshootingKeith Wright
Ā 
USENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsUSENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsBrendan Gregg
Ā 

What's hot (20)

YOW2020 Linux Systems Performance
YOW2020 Linux Systems PerformanceYOW2020 Linux Systems Performance
YOW2020 Linux Systems Performance
Ā 
Introduction to Perf
Introduction to PerfIntroduction to Perf
Introduction to Perf
Ā 
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPFOSSNA 2017 Performance Analysis Superpowers with Linux BPF
OSSNA 2017 Performance Analysis Superpowers with Linux BPF
Ā 
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven RostedtKernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Kernel Recipes 2017 - Understanding the Linux kernel via ftrace - Steven Rostedt
Ā 
Linux kernel-rootkit-dev - Wonokaerun
Linux kernel-rootkit-dev - WonokaerunLinux kernel-rootkit-dev - Wonokaerun
Linux kernel-rootkit-dev - Wonokaerun
Ā 
Tuning parallelcodeonsolaris005
Tuning parallelcodeonsolaris005Tuning parallelcodeonsolaris005
Tuning parallelcodeonsolaris005
Ā 
Linux Performance Tools
Linux Performance ToolsLinux Performance Tools
Linux Performance Tools
Ā 
Linux Performance Tools 2014
Linux Performance Tools 2014Linux Performance Tools 2014
Linux Performance Tools 2014
Ā 
BPF Internals (eBPF)
BPF Internals (eBPF)BPF Internals (eBPF)
BPF Internals (eBPF)
Ā 
Performance Wins with BPF: Getting Started
Performance Wins with BPF: Getting StartedPerformance Wins with BPF: Getting Started
Performance Wins with BPF: Getting Started
Ā 
LSFMM 2019 BPF Observability
LSFMM 2019 BPF ObservabilityLSFMM 2019 BPF Observability
LSFMM 2019 BPF Observability
Ā 
bcc/BPF tools - Strategy, current tools, future challenges
bcc/BPF tools - Strategy, current tools, future challengesbcc/BPF tools - Strategy, current tools, future challenges
bcc/BPF tools - Strategy, current tools, future challenges
Ā 
Linux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloudLinux kernel tracing superpowers in the cloud
Linux kernel tracing superpowers in the cloud
Ā 
LPC2019 BPF Tracing Tools
LPC2019 BPF Tracing ToolsLPC2019 BPF Tracing Tools
LPC2019 BPF Tracing Tools
Ā 
QCon 2015 Broken Performance Tools
QCon 2015 Broken Performance ToolsQCon 2015 Broken Performance Tools
QCon 2015 Broken Performance Tools
Ā 
Performance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux KernelPerformance Analysis Tools for Linux Kernel
Performance Analysis Tools for Linux Kernel
Ā 
Blazing Performance with Flame Graphs
Blazing Performance with Flame GraphsBlazing Performance with Flame Graphs
Blazing Performance with Flame Graphs
Ā 
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Tracing MariaDB server with bpftrace - MariaDB Server Fest 2021
Ā 
Linux Troubleshooting
Linux TroubleshootingLinux Troubleshooting
Linux Troubleshooting
Ā 
USENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame GraphsUSENIX ATC 2017: Visualizing Performance with Flame Graphs
USENIX ATC 2017: Visualizing Performance with Flame Graphs
Ā 

Similar to Patching: answers to questions you probably were afraid to ask about oracle security updates

SOA Suite Administration from OUGN 2014
SOA Suite Administration from OUGN 2014SOA Suite Administration from OUGN 2014
SOA Suite Administration from OUGN 2014Jon Petter Hjulstad
Ā 
Oracle Database : Addressing a performance issue the drilldown approach
Oracle Database : Addressing a performance issue the drilldown approachOracle Database : Addressing a performance issue the drilldown approach
Oracle Database : Addressing a performance issue the drilldown approachLaurent Leturgez
Ā 
Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...
Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...
Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...Aaron Shilo
Ā 
Maximizing Oracle RAC Uptime
Maximizing Oracle RAC UptimeMaximizing Oracle RAC Uptime
Maximizing Oracle RAC UptimeMarkus Michalewicz
Ā 
שבוע או×Øקל 2016
שבוע או×Øקל 2016שבוע או×Øקל 2016
שבוע או×Øקל 2016Aaron Shilo
Ā 
COUG_AAbate_Oracle_Database_12c_New_Features
COUG_AAbate_Oracle_Database_12c_New_FeaturesCOUG_AAbate_Oracle_Database_12c_New_Features
COUG_AAbate_Oracle_Database_12c_New_FeaturesAlfredo Abate
Ā 
香ęøÆ六合彩
香ęøÆ六合彩香ęøÆ六合彩
香ęøÆ六合彩taoyan
Ā 
Configuration / Patching of EM 12c
Configuration / Patching of EM 12cConfiguration / Patching of EM 12c
Configuration / Patching of EM 12cJon Petter Hjulstad
Ā 
Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)pasalapudi123
Ā 
Getting optimal performance from oracle e business suite
Getting optimal performance from oracle e business suiteGetting optimal performance from oracle e business suite
Getting optimal performance from oracle e business suiteaioughydchapter
Ā 
Oracle Enterprise Manager 12c - OEM12c Presentation
Oracle Enterprise Manager 12c - OEM12c PresentationOracle Enterprise Manager 12c - OEM12c Presentation
Oracle Enterprise Manager 12c - OEM12c PresentationFrancisco Alvarez
Ā 
Real Time Debugging - What to do when a breakpoint just won't do
Real Time Debugging - What to do when a breakpoint just won't doReal Time Debugging - What to do when a breakpoint just won't do
Real Time Debugging - What to do when a breakpoint just won't doLloydMoore
Ā 
Oracle SOA Suite 12.2.1 new features
Oracle SOA Suite 12.2.1 new featuresOracle SOA Suite 12.2.1 new features
Oracle SOA Suite 12.2.1 new featuresMaarten Smeets
Ā 
VMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The Sequel
VMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The SequelVMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The Sequel
VMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The SequelVMworld
Ā 
Problems with PostgreSQL on Multi-core Systems with MultiTerabyte Data
Problems with PostgreSQL on Multi-core Systems with MultiTerabyte DataProblems with PostgreSQL on Multi-core Systems with MultiTerabyte Data
Problems with PostgreSQL on Multi-core Systems with MultiTerabyte DataJignesh Shah
Ā 
Tips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdf
Tips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdfTips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdf
Tips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdfAkhashRamnath
Ā 
Oracle Cloud DBaaS
Oracle Cloud DBaaSOracle Cloud DBaaS
Oracle Cloud DBaaSArush Jain
Ā 
Con8780 nair rac_best_practices_final_without_12_2content
Con8780 nair rac_best_practices_final_without_12_2contentCon8780 nair rac_best_practices_final_without_12_2content
Con8780 nair rac_best_practices_final_without_12_2contentAnil Nair
Ā 

Similar to Patching: answers to questions you probably were afraid to ask about oracle security updates (20)

SOA Suite Administration from OUGN 2014
SOA Suite Administration from OUGN 2014SOA Suite Administration from OUGN 2014
SOA Suite Administration from OUGN 2014
Ā 
Oracle Database : Addressing a performance issue the drilldown approach
Oracle Database : Addressing a performance issue the drilldown approachOracle Database : Addressing a performance issue the drilldown approach
Oracle Database : Addressing a performance issue the drilldown approach
Ā 
Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...
Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...
Exploring Oracle Database Performance Tuning Best Practices for DBAs and Deve...
Ā 
Maximizing Oracle RAC Uptime
Maximizing Oracle RAC UptimeMaximizing Oracle RAC Uptime
Maximizing Oracle RAC Uptime
Ā 
שבוע או×Øקל 2016
שבוע או×Øקל 2016שבוע או×Øקל 2016
שבוע או×Øקל 2016
Ā 
COUG_AAbate_Oracle_Database_12c_New_Features
COUG_AAbate_Oracle_Database_12c_New_FeaturesCOUG_AAbate_Oracle_Database_12c_New_Features
COUG_AAbate_Oracle_Database_12c_New_Features
Ā 
Extreme Makeover OnBase Edition
Extreme Makeover OnBase EditionExtreme Makeover OnBase Edition
Extreme Makeover OnBase Edition
Ā 
香ęøÆ六合彩
香ęøÆ六合彩香ęøÆ六合彩
香ęøÆ六合彩
Ā 
PASS Summit 2020
PASS Summit 2020PASS Summit 2020
PASS Summit 2020
Ā 
Configuration / Patching of EM 12c
Configuration / Patching of EM 12cConfiguration / Patching of EM 12c
Configuration / Patching of EM 12c
Ā 
Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)Getting optimal performance from oracle e business suite(aioug aug2015)
Getting optimal performance from oracle e business suite(aioug aug2015)
Ā 
Getting optimal performance from oracle e business suite
Getting optimal performance from oracle e business suiteGetting optimal performance from oracle e business suite
Getting optimal performance from oracle e business suite
Ā 
Oracle Enterprise Manager 12c - OEM12c Presentation
Oracle Enterprise Manager 12c - OEM12c PresentationOracle Enterprise Manager 12c - OEM12c Presentation
Oracle Enterprise Manager 12c - OEM12c Presentation
Ā 
Real Time Debugging - What to do when a breakpoint just won't do
Real Time Debugging - What to do when a breakpoint just won't doReal Time Debugging - What to do when a breakpoint just won't do
Real Time Debugging - What to do when a breakpoint just won't do
Ā 
Oracle SOA Suite 12.2.1 new features
Oracle SOA Suite 12.2.1 new featuresOracle SOA Suite 12.2.1 new features
Oracle SOA Suite 12.2.1 new features
Ā 
VMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The Sequel
VMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The SequelVMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The Sequel
VMworld Europe 2014: Virtualizing Databases Doing IT Right ā€“ The Sequel
Ā 
Problems with PostgreSQL on Multi-core Systems with MultiTerabyte Data
Problems with PostgreSQL on Multi-core Systems with MultiTerabyte DataProblems with PostgreSQL on Multi-core Systems with MultiTerabyte Data
Problems with PostgreSQL on Multi-core Systems with MultiTerabyte Data
Ā 
Tips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdf
Tips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdfTips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdf
Tips_Tricks_for_Oracle_E-Business Suite_Database_Upgrade.pdf
Ā 
Oracle Cloud DBaaS
Oracle Cloud DBaaSOracle Cloud DBaaS
Oracle Cloud DBaaS
Ā 
Con8780 nair rac_best_practices_final_without_12_2content
Con8780 nair rac_best_practices_final_without_12_2contentCon8780 nair rac_best_practices_final_without_12_2content
Con8780 nair rac_best_practices_final_without_12_2content
Ā 

More from DATA SECURITY SOLUTIONS

The Future of PKI. Using automation tools and protocols to bootstrap trust in...
The Future of PKI. Using automation tools and protocols to bootstrap trust in...The Future of PKI. Using automation tools and protocols to bootstrap trust in...
The Future of PKI. Using automation tools and protocols to bootstrap trust in...DATA SECURITY SOLUTIONS
Ā 
MLM or how to look at company users with new eyes
MLM or how to look at company users with new eyesMLM or how to look at company users with new eyes
MLM or how to look at company users with new eyesDATA SECURITY SOLUTIONS
Ā 
The artificial reality of cyber defense
The artificial reality of cyber defenseThe artificial reality of cyber defense
The artificial reality of cyber defenseDATA SECURITY SOLUTIONS
Ā 
How to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloudHow to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloudDATA SECURITY SOLUTIONS
Ā 
Forensic tool development with rust
Forensic tool development with rustForensic tool development with rust
Forensic tool development with rustDATA SECURITY SOLUTIONS
Ā 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapDATA SECURITY SOLUTIONS
Ā 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanDATA SECURITY SOLUTIONS
Ā 
How to discover vulnerabilities in business and mission critical systems
How to discover vulnerabilities in business and mission critical systemsHow to discover vulnerabilities in business and mission critical systems
How to discover vulnerabilities in business and mission critical systemsDATA SECURITY SOLUTIONS
Ā 
Protecting web aplications with machine learning and security fabric
Protecting web aplications with machine learning and security fabricProtecting web aplications with machine learning and security fabric
Protecting web aplications with machine learning and security fabricDATA SECURITY SOLUTIONS
Ā 
Practical approach to NIS Directive's incident management
Practical approach to NIS Directive's incident managementPractical approach to NIS Directive's incident management
Practical approach to NIS Directive's incident managementDATA SECURITY SOLUTIONS
Ā 
When network security is not enough
When network security is not enoughWhen network security is not enough
When network security is not enoughDATA SECURITY SOLUTIONS
Ā 
New security solutions for next generation of IT
New security solutions for next generation of ITNew security solutions for next generation of IT
New security solutions for next generation of ITDATA SECURITY SOLUTIONS
Ā 
Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data DATA SECURITY SOLUTIONS
Ā 
Let's hack your mobile device. Yes we can. And many other do.
Let's hack your mobile device. Yes we can. And many other do.Let's hack your mobile device. Yes we can. And many other do.
Let's hack your mobile device. Yes we can. And many other do.DATA SECURITY SOLUTIONS
Ā 
North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...DATA SECURITY SOLUTIONS
Ā 
IoT Technologies for Context-Aware Security
IoT Technologies for Context-Aware SecurityIoT Technologies for Context-Aware Security
IoT Technologies for Context-Aware SecurityDATA SECURITY SOLUTIONS
Ā 
Services evolution in cybercrime economics
Services evolution in cybercrime economicsServices evolution in cybercrime economics
Services evolution in cybercrime economicsDATA SECURITY SOLUTIONS
Ā 

More from DATA SECURITY SOLUTIONS (20)

The Future of PKI. Using automation tools and protocols to bootstrap trust in...
The Future of PKI. Using automation tools and protocols to bootstrap trust in...The Future of PKI. Using automation tools and protocols to bootstrap trust in...
The Future of PKI. Using automation tools and protocols to bootstrap trust in...
Ā 
MLM or how to look at company users with new eyes
MLM or how to look at company users with new eyesMLM or how to look at company users with new eyes
MLM or how to look at company users with new eyes
Ā 
The artificial reality of cyber defense
The artificial reality of cyber defenseThe artificial reality of cyber defense
The artificial reality of cyber defense
Ā 
How to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloudHow to maintain business equality secured in network and cloud
How to maintain business equality secured in network and cloud
Ā 
Forensic tool development with rust
Forensic tool development with rustForensic tool development with rust
Forensic tool development with rust
Ā 
IBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmapIBM Q-radar security intelligence roadmap
IBM Q-radar security intelligence roadmap
Ā 
Transform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wanTransform your enterprise branch with secure sd-wan
Transform your enterprise branch with secure sd-wan
Ā 
How to discover vulnerabilities in business and mission critical systems
How to discover vulnerabilities in business and mission critical systemsHow to discover vulnerabilities in business and mission critical systems
How to discover vulnerabilities in business and mission critical systems
Ā 
Protecting web aplications with machine learning and security fabric
Protecting web aplications with machine learning and security fabricProtecting web aplications with machine learning and security fabric
Protecting web aplications with machine learning and security fabric
Ā 
Practical approach to NIS Directive's incident management
Practical approach to NIS Directive's incident managementPractical approach to NIS Directive's incident management
Practical approach to NIS Directive's incident management
Ā 
When network security is not enough
When network security is not enoughWhen network security is not enough
When network security is not enough
Ā 
New security solutions for next generation of IT
New security solutions for next generation of ITNew security solutions for next generation of IT
New security solutions for next generation of IT
Ā 
Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data Botprobe - Reducing network threat intelligence big data
Botprobe - Reducing network threat intelligence big data
Ā 
Network is the Firewall
Network is the FirewallNetwork is the Firewall
Network is the Firewall
Ā 
Let's hack your mobile device. Yes we can. And many other do.
Let's hack your mobile device. Yes we can. And many other do.Let's hack your mobile device. Yes we can. And many other do.
Let's hack your mobile device. Yes we can. And many other do.
Ā 
Secure enterprise mobility
Secure enterprise mobilitySecure enterprise mobility
Secure enterprise mobility
Ā 
North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...North European Cybersecurity Cluster - an example of the regional trust platf...
North European Cybersecurity Cluster - an example of the regional trust platf...
Ā 
IoT Technologies for Context-Aware Security
IoT Technologies for Context-Aware SecurityIoT Technologies for Context-Aware Security
IoT Technologies for Context-Aware Security
Ā 
Cyber crime as a startup
Cyber crime as a startupCyber crime as a startup
Cyber crime as a startup
Ā 
Services evolution in cybercrime economics
Services evolution in cybercrime economicsServices evolution in cybercrime economics
Services evolution in cybercrime economics
Ā 

Recently uploaded

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMESafe Software
Ā 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAndrey Devyatkin
Ā 
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot ModelDeepika Singh
Ā 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MIND CTI
Ā 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Zilliz
Ā 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native ApplicationsWSO2
Ā 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Christopher Logan Kennedy
Ā 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodJuan lago vƔzquez
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamUiPathCommunity
Ā 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKJago de Vreede
Ā 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontologyjohnbeverley2021
Ā 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerThousandEyes
Ā 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusZilliz
Ā 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesrafiqahmad00786416
Ā 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobeapidays
Ā 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century educationjfdjdjcjdnsjd
Ā 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Victor Rentea
Ā 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Jeffrey Haguewood
Ā 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWERMadyBayot
Ā 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMKumar Satyam
Ā 

Recently uploaded (20)

Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FMECloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Cloud Frontiers: A Deep Dive into Serverless Spatial Data and FME
Ā 
AWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of TerraformAWS Community Day CPH - Three problems of Terraform
AWS Community Day CPH - Three problems of Terraform
Ā 
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot ModelMcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Mcleodganj Call Girls šŸ„° 8617370543 Service Offer VIP Hot Model
Ā 
MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024MINDCTI Revenue Release Quarter One 2024
MINDCTI Revenue Release Quarter One 2024
Ā 
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)Introduction to Multilingual Retrieval Augmented Generation (RAG)
Introduction to Multilingual Retrieval Augmented Generation (RAG)
Ā 
Architecting Cloud Native Applications
Architecting Cloud Native ApplicationsArchitecting Cloud Native Applications
Architecting Cloud Native Applications
Ā 
Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..Understanding the FAA Part 107 License ..
Understanding the FAA Part 107 License ..
Ā 
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin WoodPolkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Polkadot JAM Slides - Token2049 - By Dr. Gavin Wood
Ā 
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 AmsterdamDEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
DEV meet-up UiPath Document Understanding May 7 2024 Amsterdam
Ā 
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUKSpring Boot vs Quarkus the ultimate battle - DevoxxUK
Spring Boot vs Quarkus the ultimate battle - DevoxxUK
Ā 
Six Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal OntologySix Myths about Ontologies: The Basics of Formal Ontology
Six Myths about Ontologies: The Basics of Formal Ontology
Ā 
How to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected WorkerHow to Troubleshoot Apps for the Modern Connected Worker
How to Troubleshoot Apps for the Modern Connected Worker
Ā 
Exploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with MilvusExploring Multimodal Embeddings with Milvus
Exploring Multimodal Embeddings with Milvus
Ā 
ICT role in 21st century education and its challenges
ICT role in 21st century education and its challengesICT role in 21st century education and its challenges
ICT role in 21st century education and its challenges
Ā 
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, AdobeApidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Apidays New York 2024 - Scaling API-first by Ian Reasor and Radu Cotescu, Adobe
Ā 
presentation ICT roal in 21st century education
presentation ICT roal in 21st century educationpresentation ICT roal in 21st century education
presentation ICT roal in 21st century education
Ā 
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Finding Java's Hidden Performance Traps @ DevoxxUK 2024
Ā 
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Web Form Automation for Bonterra Impact Management (fka Social Solutions Apri...
Ā 
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWEREMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
EMPOWERMENT TECHNOLOGY GRADE 11 QUARTER 2 REVIEWER
Ā 
Introduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDMIntroduction to use of FHIR Documents in ABDM
Introduction to use of FHIR Documents in ABDM
Ā 

Patching: answers to questions you probably were afraid to ask about oracle security updates

  • 1. Juris TroÅ”ins juris.trosins@dbacc.lv www.dbacc.lv Answers To The Questions You Probably Were Afraid To Ask About Oracle Database Security Updates
  • 2. What We Do ā€¢ DBA Outsourcing ā€¢ Remote Consulting ā€¢ Oracle Training ā€¢ Oracle Software ā€¢ Oracle Hardware
  • 4. About me ā€¢ More than third of my life with Oracle tech ā€¢ OCE, OCP, OCM ā€¢ Co-founder of DBA Competence Center Ltd. ā€¢ Trainer at Oracle University ā€¢ Speaker at LVOUG, UKOUG, Harmony and other technology seminars
  • 5. Sort of Agenda ā€¢ Few existential questions ā€¢ Some motivational stuff ā€¢ Bits of technical information
  • 6.
  • 7. ??? ā€¢ My databases are behind firewall, do I need security patches? ā€¢ Should I apply proactive bugfixes? ā€¢ How often? ā€¢ Do I need downtime? How long? ā€¢ What if I break something? ā€¢ There are so many recommended patches! Which one is right for me? ā€¢ If it works, do not fix it! ā€¢ Patching implies downtime ā€¢ Patch will break my DB, execution plans, everything ā€¢ Patch will introduce new errors or new features ā€¢ I need to test patch ā€¢ Patching is extra work!
  • 8. To patchā€¦ or not to patch?
  • 9. Yeah, fine! Letā€™s skip that patch!
  • 10. CVE ā€¢ Industry standard ā€“ Common Vulnerabilities and Exposures ā€¢ CVSS Base Score
  • 11.
  • 12. Patch is Like a Vaccine ā€¢ If you skip common sence, here are another reasons to apply patches: ā€“ Security standard recommendations (PCI/DSS, Oracle Support Compliance, internal rules, etc.) ā€“ Oracle Support will Ā«blameĀ» you when you hit Ā«that bugĀ» while being unpatched ā€“ Finally it justifies your position as a DBA in a world of Ā«self managing databasesĀ» ļŠ ā€“ Proactive patches are already tested and evaluated by Oracle development
  • 14.
  • 15.
  • 17. Whatā€™s New? ā€¢ Critical Security patches (CPU/SPU, pre-12c) contain only security fixes ā€¢ PSU/RU/RUR contain security fixes plus bugfixes ā€¢ RU (Update) vs RUR (Revision) ā€“ 12.2+ ā€“ Release Updates are like PSUs ā€“ Revisions contain previous RU plus additional fixes
  • 18. How To Apply ā€¢ Read the README!!! ā€¢ OPatch utility ā€“ Patch: 6880880 (get the latest one for your version) ā€¢ BP, Combo or System patch ā€“ # opatchauto ā€¢ RU, RUR, CPU/SPU/PSU ā€“ $ opatch apply
  • 19. How to Reduce Downtime ā€¢ RAC rolling installable ā€¢ DG Standby First installable ā€¢ Online (hot) patching ā€¢ Fiddeling with software provisioning
  • 20. ā€¢ Rolling Patch - OPatch Support for RAC (Doc ID 244241.1 ā€¢ Oracle Patch Assurance - Data Guard Standby- First Patch Apply (Doc ID 1265700.1) ā€¢ How To Setup a Rapid Home Provisioning (RHP) Server and Client (Doc ID 2097026.1) ā€¢ Minimal downtime patching via cloning 12c ORACLE_HOME directories with OPlan (Doc ID 2087150.1)
  • 21. What about OJVM Patch? ā€¢ It is recommended, and Ā«almostĀ» mandatory ā€¢ Yes, even if you do not use JVM in your database! ā€¢ Not RAC Rolling (?) nor DG Standby-First installable, hence implies outage ā€¢ Depending on your JVM usage downtime can be mitigated: ā€“ Mitigation Patch, or ā€“ Perform postinstall with Ā«open normalĀ» database
  • 22.
  • 23. ā€¢ Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU and Update" (OJVM PSU and OJVM Update) Patches (Doc ID 1929745.1) ā€¢ RAC Rolling Install Process for the "Oracle JavaVM Component Database PSU/RU" (OJVM PSU/RU) Patches (Doc ID 2217053.1)
  • 24. Ā«Installed but DisabledĀ» Mode ā€¢ No fixes that change execution plan were included in PSUsā€¦ untilā€¦ ā€¢ Fixes to the execution plan are included starting with 12.1.0.2 Apr18 DB BP ā€¢ Such fixes will be DISABLED by default ā€¢ New Feature: Automatic Fix Control Persistance ā€¢ New DBMS_OPTIM_BUNDLE package
  • 25. Further Reading ā€¢ README of individual patch! ā€¢ Oracle Patch advisory https://www.oracle.com/technetwork/topics/security/ alerts-086861.html ā€¢ OPatch User's Guide and Opatch FAQ (Doc ID 1486109.1) ā€¢ Release Update Introduction and FAQ (Doc ID 2285040.1) ā€¢ Automatic Fix Control Persistence (FCP) for Database Proactive Bundle Patch (Doc ID 2147007.1) (12.2+) ā€¢ Patch Set Updates for Oracle Products (Doc ID 854428.1) (up to 12.1)
  • 26. Conclusion ā€¢ Read the README! If you did not read the README, read that README!!!

Editor's Notes

  1. Nedaudz par mani... Sākumā es gribētu nedaudz iepazÄ«ties ar auditoriju ā€“ cik no jums ir dba un cik cilvēki, kuri traucē dba dzÄ«vot? Piemēram, power users, vai cilvēki no droŔības departamenta, vai vadÄ«tāji, kuri nosaka attÄ«stÄ«bas virzienus vai biznesa prasÄ«bas
  2. Nedaudz par mani... Sākumā es gribētu nedaudz iepazÄ«ties ar auditoriju ā€“ cik no jums ir dba un cik cilvēki, kuri traucē dba dzÄ«vot? Piemēram, power users, vai cilvēki no droŔības departamenta, vai vadÄ«tāji, kuri nosaka attÄ«stÄ«bas virzienus vai biznesa prasÄ«bas