It is sometimes a bit of a hassle, to have the latest patch name or number on handy when you need them. Ok, you may create a search on My Oracle Support and save it as custom search. But it may happen that the search is inaccurate and the required patch is not found. A […]
↧
How to find latest oracle database patchset
↧
AVDF Linux kernel could not recognize whole RAM
After initial setup of an Audit Vault and Database Firewall engineering system, I’ve started to add several audit vault agents and secure targets. In the beginning it went quite smoothly. But after a certain number of secured targets, there were continuously ORA-04031 errors. Most of the errors were related to large pool and PX Msg […]
↧
↧
Audit Vault and Database Firewall 12.1.1 Bundle Patch 1
Oracle just released the new bundle patch for Audit Vault and Database Firewall 12.1.1. The patch can be downloaded on metaling as RPM patch set for existing installations or as full installation images for new installations. According the readme, the BP1 contains the July 2013 PSU 11.2.0.3.7 for the database as well several bug fix […]
↧
AVDF missing boot partition
While working on the problem with missing RAM on the AVDF test system (see ) I realized, that the linux boot partition is not available by default. [root@melete2 log]# ls -al /boot total 16 drwxr-xr-x 2 root root 4096 Jan 11 2013 . drwxr-xr-x 24 root root 4096 Jul 11 20:19 .. [root@melete2 log]# df […]
↧
OAV-46599 when trying to add new secure target on AVDV 12.1.1.1
It is the second time that I run into this problem. Therefore, it is time to write a quick note before I struggle a third time. At some point adding a new secure targets no longer works and breaks with an OAV-46599. Initially I was a bit confused about the error. Because there haven’t been […]
↧
↧
Oracle Database 12c New Feature: Last Login Time
As Markus Flechtner has already mentioned in his blog, Oracle has started to record the last login time. It is a small but very useful 12c security feature and operates independently of the database audit. Nevertheless, there are some restrictions. But let’s start at the beginning… A simple example Ok, lets try to connect as […]
↧
ORA-00600 [kpdbModAdminPasswdInRoot: not CDB] when changing password of default account
During the test on Oracle Database 12c I run into an interesting error respectively Chris Antongini has made me aware of it. If you try to change the password of an Oracle default account on a none CDB with SQL*Plus password you run into an ORA-00600 [kpdbModAdminPasswdInRoot: not CDB] and of course the password is […]
↧
Oracle 11.2.0.4.0 Patchset released
Oracle has released the patchset 11.2.0.4.0 for Oracle 11g Release 2. The current patchset is as well as the other 11g R2 patchsets a full installation. This means you will have to download quite a bit from Metalink, altogether 7 files. On My Oracle Support search for patchset 13390677 or follow the link to reach […]
↧
Update: ORA-00600 [kpdbModAdminPasswdInRoot: not CDB] when changing password of default account
As discussed in my post ORA-00600 [kpdbModAdminPasswdInRoot: not CDB] when changing password of default account There is an unpublished bug 16901482 which cause an ORA-00600 when trying to set a new password for an Oracle default account like DBSNMP, DIP or OUTLN. On september 4th Oracle released the one-off patch 16901482 for this bug. A […]
↧
↧
Update agent.jar on audit vault server
As I wrote in my post Error installing Audit Vault Agent 12.1.1 on AIX, there is a Audit Vault Agent bug 17058352 on AIX. Unfortunately it hasn’t yet been fixed in the latest bundle patch for Oracle Audit Vault and Database Firewall. If you haven’t changed your default profile in /etc/profile on your AIX server, […]
↧
Oracle CPU / PSU Pre-Release Announcement October 2013
Oracle has published the Pre-Release Announcement for the October CPU/SPU Patch. This Critical Patch Update contains 126 new security vulnerability fixes for several Oracle products. Despite the large amount of security fixes, it is a rather small update from the database point of view. There are only two security fix for the Oracle Database Server […]
↧
Changes in database security patching with 12c
During my preparation for the tests of October Critical Patch Updates (CPU), I stumbled over an interesting Oracle Support Document. I this document Oracle announced that there will nolonger be seperate SPU (Security Patch Update) respectively CPU (Critical Patch Update) for 12.1.0.1 and newer. Excerpt from Oracle support document 1581950.1 Database Security Patching from 12.1.0.1 […]
↧
Oracle released CPU / PSU October 2013
As announced yesterday in my post Oracle CPU / PSU Pre-Release Announcement October 2013, Oracle has now released the last Critical Patch Updates for 2013. Overall this CPU contains 126 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For Oracle Database it contains only 2 […]
↧
↧
AVCLI Audit Vault command line interface
When I started to deal with Oracle Audit Vault and Database Firewall (AVDF), I have always worked with the Web console. Since a few weeks I regularly use the AVCLI and start to like it. It is a simple java based command line utility, from which you can access Audit Vault and Database Firewall servers. […]
↧
AVCLI doubles audit trails, bug or feature?
I’ve start using the AV command line interface to administer AVDF. I use the tool fairly often to start, stop and monitor the audit trails. But recently I ran in a small issue after a typo. I just want to start the audit trail on the ADUMP directory of a database. AVCLI> LIST TRAIL FOR […]
↧
Oracle CPU / PSU Pre-Release Announcement January 2014
Today Oracle has published the Pre-Release Announcement for the first CPU Patch in 2014. This Critical Patch Update contains 147 new security vulnerability fixes for several Oracle products. From the Oracle database point of view it is a small update. There are only five security fix for the Oracle Database Server and no for client-only […]
↧
Oracle CPU / PSU Pre-Release Announcement April 2014
Today Oracle has published the Pre-Release Announcement of the CPU Advisory for April 2014. This Critical Patch Update contains 103 new security vulnerability fixes for several Oracle products. There are only a few days since the publication of the vulnerability CVE-2014-0160 known as “Heartbleed”. Therefore I assume, that this patch update does not yet address […]
↧
↧
Trivadis CBO Days 2014
The company I work for, Trivadis, organized again an exceptional event with top speakers in Zurich. This year’s focus will be on the Oracle Database query optimizer, also known as cost-based optimizer (CBO). The query optimizer is not only one of the most complex pieces of software that constitutes the Oracle kernel; it is also […]
↧
Oracle and OpenSSL ‘Heartbleed’ vulnerability
Earlier this week the OpenSSL Project as well US-CERT informed about a Security Vulnerability in OpenSSL. See OpenSSL Security Advisory or US-CERT Alert (TA14-098A) The vulnerability may affect Oracle Products as well, since some of them do use OpenSSL. So far Oracle did not provide dedicate information on it’s public Critical Patch Updates and Security […]
↧
Oracle released CPU / PSU April 2014
As announced last week in my post Oracle CPU / PSU Pre-Release Announcement April 2014, Oracle has now released the Critical Patch Updates for April 2014. Overall this CPU contains 104 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For Oracle Database it contains only […]
↧