甲骨文发布2012 4月数据库安全补丁Critical Patch Update April 2012

根据最新的Update to Oracle Security Alert January 2012 ，Oracle Database的最新Critical Patch Updates将会在17 April 2012发布，即下个月的中旬， 包括针对版本11.2.0.3的 CPU、PSU补丁将 Release，因为版本10gR2已经实际进入Sustaining Support( Oracle Database 10.2 has now transitioned from Premier Support to Sustaining Support. Our records indicate the CSI used for this SR does not have Extended Support so you are only eligible to Sustaining Support. Sustaining Support includes assistance with service requests, on a commercially reasonable basis, 24 hours per day, 7 days a week. It does not include new program updates, fixes, security alerts and critical update. The support policy details can be accessed at “http://www.oracle.com/us/support/library/057419.pdf “. If you need Extended Support please contact your account team. )，   所以我们有理由相信这次的CPU更新将不会再针对10gR2的Last Patchset 10.2.0.5 ，让11gR2来得更激烈一些吧！  

Critical Patch Updates

Critical Patch Updates are the primary means of releasing security fixes for Oracle products to customers with valid support contracts. They are released on the Tuesday closest to the 17th day of January, April, July and October. The next four dates are:

• 17 April 2012
• 17 July 2012
• 16 October 2012
• 15 January 2013

For Oracle Java SE Critical Patch Updates, the next three dates are:

• 12 June 2012
• 16 October 2012
• 19 February 2013

    Patch Set Update and Critical Patch Update April 2012 Availability Document 介绍了 2012 April CPU 相关的Database 补丁：   Patch Availability for Oracle Database 11.2.0.3

Product Home	Patch	Advisory Number	Comments
Oracle Database home	Database 11.2.0.3 CPU Patch 13632717, orDatabase 11.2.0.3.2 PSU Patch 13696216, orGI 11.2.0.3.2 PSU Patch 13696251, orDatabase patch for Exadata (April 2012 - 11.2.0.3.5) Patch 13734832, or Quarterly Full Stack download for Exadata (April 2012) Patch 13839416, or Microsoft Windows (32-Bit) Bundle Patch 13885388, or Microsoft Windows x64 (64-Bit) Bundle Patch 13885389	CVE-2012-0552, CVE-2012-0534, CVE-2012-0527, CVE-2012-0526, CVE-2012-0525
Oracle Database home	Patch 13705478	CVE-2011-5035	OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

 

Patch Availability for Oracle Database 11.2.0.2

Product Home	Patch	Advisory Number	Comments
Oracle Database home	Database 11.2.0.2 CPU Patch 13632725, orDatabase 11.2.0.2.6 PSU Patch 13696224, orGI 11.2.0.2.6 PSU Patch 13696242, orExadata Database Recommended Patch 16 Patch 13837673, or Microsoft Windows (32-Bit) Bundle Patch 13697073, or Microsoft Windows x64 (64-Bit) Bundle Patch 13697074	CVE-2012-0552, CVE-2012-0534, CVE-2012-0527, CVE-2012-0526, CVE-2012-0525, CVE-2012-0520, CVE-2012-0512, CVE-2012-0519 (Windows only)
Oracle Database home	Patch 13705478	CVE-2011-5035	OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

 

Patch Availability for Oracle Database 11.1.0.7

Product Home	Patch	Advisory Number	Comments
Oracle Database home	Database 11.1.0.7 CPU Patch 13632731, orDatabase 11.1.0.7.11 PSU Patch 13621679, orMicrosoft Windows (32-Bit) Bundle Patch 13715809, orMicrosoft Windows x64 (64-Bit) Bundle Patch 13715810	CVE-2012-0552, CVE-2012-0534, CVE-2012-0528, CVE-2012-0527, CVE-2012-0526, CVE-2012-0525, CVE-2012-0520, CVE-2012-0512, CVE-2012-0511, CVE-2012-0510
Oracle Database home	Patch 13705478	CVE-2011-5035	OC4J 10.1.3.3 one-off patch
Oracle CRS home	CRS 11.1.0.7.7 PSU Patch 11724953	Released April 2011	Non-security content only
Oracle Database home	Patch 9288120	Released April 2011	Database UIXFor Oracle Secure Enterprise Search 11.1.2.x installations, follow the instructions given in MOS note Note 1359600.1.
Oracle Database home	Patch 10073948	Released April 2011	Enterprise Manager Database Control UIXNot applicable to Oracle Secure Enterprise Search 11.1.2.x
Oracle Database home	Patch 11738232	Released April 2011	Warehouse BuilderNot applicable to Oracle Secure Enterprise Search 11.1.2.x

 

Patch Availability for Oracle Database 10.2.0.5

Product Home	Patch	Advisory Number	Comments
Oracle Database home	Database 10.2.0.5 CPU Patch 13632738, orDatabase 10.2.0.5.7 PSU Patch 13632743, orMicrosoft Windows (32-Bit) Bundle Patch 13654814, orMicrosoft Windows x64 (64-Bit) Bundle Patch 13654815, or Microsoft Windows Itanium (64-Bit) Patch 13870404	CVE-2012-0552, CVE-2012-0534, CVE-2012-0528, CVE-2012-0527, CVE-2012-0526, CVE-2012-0520
Oracle Database home	Patch 13705478	CVE-2011-5035	OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)
Oracle Database home	Patch 12536181	Released July 2011	Enterprise Manager Database ControlFor HP-UX PA-RISC and HP-UX Itanium platforms only
Oracle Warehouse Builder home	Patch 11738172	Released April 2011	Warehouse Builder
Oracle CRS home	CRS 10.2.0.5.2 PSU Patch 9952245	Released January 2011	Non-security content only

 

Patch Availability for Oracle Database 10.2.0.4

Product Home	Patch	Advisory Number	Comments
Oracle Database home	Database 10.2.0.4 CPU Patch 12879926, orDatabase 10.2.0.4.12 PSU Patch 12879933	CVE-2012-0552, CVE-2012-0534, CVE-2012-0528, CVE-2012-0527, CVE-2012-0526, CVE-2012-0520, CVE-2012-0511, CVE-2012-0510	10.2.0.4.4 PSU Patch 9352164 is base PSU for 10.2.0.4.12 Overlay PSU
Oracle Database home	Patch 13705478	CVE-2011-5035	OC4J 9.0.4.1 one-off patch
Oracle Database home	Patch 12536167	Released July 2011	Enterprise Manager Database ControlFor HP-UX PA-RISC and HP-UX Itanium platforms only
Oracle Database home	Patch 12758181	Released July 2011	Enterprise Manager Database Control UIX
Oracle Database home	Patch 9249369	Released April 2011	Database UIX
Oracle Database home	Patch 9273865	Released April 2011	iSqlPlus UIX
Oracle CRS home	CRS 10.2.0.4.4 PSU Patch 9294403	Released April 2010	Non-security content only

  比较令人惊讶的是虽然 版本10gR2已经实际进入Sustaining Support周期， 但是这一次仍释出了 10.2.0.5上最新的 PSU 10.2.0.5.7 ，和10.2.0.4上的 10.2.0.4.12 PSU。   虽然10.2.0.5.7当前的状态要求 有

本文转自maclean_007 51CTO博客，原文链接:http://blog.51cto.com/maclean/1278298