序号 | 漏洞名称 | 加固建议 |
---|---|---|
1 | Oracle Fusion Middleware Oracle WebLogic Server组件安全漏洞(CVE-2017-10352) | http://www.oracle.com/technetwork/security-advisory/cpuoct2017-3236626.html |
2 | Oracle Fusion Middleware和Oracle WebLogic Server 输入验证错误漏洞(CVE-2021-35617) | https://www.oracle.com/security-alerts/cpuoct2021.html |
3 | Oracle WebLogic Server 安全漏洞(CVE-2023-21996) | https://www.oracle.com/security-alerts/cpuapr2023.html |
… |
一. 补丁文件下载
根据提示直接找最新的,官方补丁状况都是包含老补丁持续兼容更新
1.1 查找属于weblogic server 对应的内容
1.2 oracle weblogic server选择对应的版本,我这里对应最新的patch35247514
1.3 需要权限账号下载
1.4 下载完成后上传weblogic服务器补丁目录,目录根据自己安装修改
/home/weblogic/Oracle/Middleware/Oracle_Home
- 解压文件至PATCH_TOP
[root@osb1 Oracle_Home]# unzip -d PATCH_TOP/ p35247514_122130_Generic.zip
1.5 打补丁报错,提示Opatch版本过低
[root@osb1 Oracle_Home]# ./OPatch/opatch apply ./PATCH_TOP/35247514/
...
Oracle Interim Patch Installer version 13.9.2.0.0
Copyright (c) 2023, Oracle Corporation. All rights reserved.
Oracle Home : /home/weblogic/Oracle/Middleware/Oracle_Home
Central Inventory : /home/weblogic/oraInventory
from : /home/weblogic/Oracle/Middleware/Oracle_Home/oraInst.loc
OPatch version : 13.9.2.0.0
OUI version : 13.9.2.0.0
Log file location : /home/weblogic/Oracle/Middleware/Oracle_Home/cfgtoollogs/opatch/opatch2023-11-02_13-44-35PM_1.log
OPatch detects the Middleware Home as "/home/weblogic/Oracle/Middleware/Oracle_Home"
Verifying environment and performing prerequisite checks...
Prerequisite check "CheckMinimumOPatchVersion" failed.
The details are:
The OPatch being used has version 13.9.2.0.0 while the following patch(es) require higher versions:
Patch 35247514 requires OPatch version 13.9.4.2.5.
Please download latest OPatch from My Oracle Support.
UtilSession failed: Prerequisite check "CheckMinimumOPatchVersion" failed.
Log file location:</