Posted by Fábio Galera on Dec 2, 2011
Hello everyone !
For my first time posting here on the Pythian Blog, I would like to share some of my tips/notes about patching Oracle Exadata, based on my experiences and not less important, research and googling =).
First, the Oracle Exadata Patch has 3 different components that should be patched. As we know about Oracle Exadata, the Exadata rack has a different components, like Cisco Switch, KVM, Power Distribuion Unit, etc… and we only are responsible for patching the Database Servers (usually referenced as compute nodes), Storage Servers (usually referenced as cell nodes) and the Infiniband Switches.
We can divide the patches in 3 different parts:
Storage Server Patch
Database Server Patch
Infiniband Switches Patch
Before starting, I would like to share and note here 2 documents from My Oracle Support, aka metalink. These notes must be the first place that you need to go to review before patching the Exadata environment.
Database Machine and Exadata Storage Server 11g Release 2 (11.2) Supported Versions (Doc ID. 888828.1)
- This is for the second and third generation (V2 and X2) for Oracle Exadata, using Sun hardware.
Database Machine and Exadata Storage Server 11g Release 1 (11.1) Supported Versions (Doc ID. 835032.1)
- This is for the first generation (V1) for Oracle Exadata, using HP hardware.
Oracle usually updates these documents for every patch that is released, including different information about that.
Posted by Brad Hudson, SA Team Lead on May 5, 2009
I said I would follow up. Who knew I actually would?
I love my new PC. It’s been a few years since I did a build for myself, so I took my time lovingly feeling every piece for the tactile joy of it, and completely ignoring any printed material that came with the parts. Well, I did read the bit about the front panel connectors, that one is kind of a must when it’s not printed on the board.
For the record it consists of an ASUS M3A78-EM with an AMD Athlon 64X2 7750 Black Box. I was on a budget so I could not go for the quad core as yet, so I made sure I got a mobo that would stand some upgrades when the price-point drops. Check out the ports on the mobo, it has everything. Check out the cache on the CPU (1MB L2, 2MB L3). I am sticking with the on-board video for now; I prefer NVidia to ATI, but for the moment it will do. It fit the price.
All of that has nothing to do with Kubuntu. Since I got the parts together late, I did not have as much time to play as I would have liked, but I do know that it boots very quickly. I will time it this weekend, but it was around 15 seconds from GRUB to KDM. I did some installs of apps that were not shipped with the default desktop, such as Firefox, mplayer, fglrx, and a few other choice bits I like (which I will mention by name in a follow-up). I was fairly impressed so far.
Now for the bad news. Read the rest of this entry . . .
Posted by Marc Fielding on Jul 15, 2008
The latest quarterly update came out this morning. There are oh-my-god smoking guns this time, but several medium-important patches:
CVE-2008-2607: Vulnerability in DBMS_AQELM (Advanced queueing package for e-mail and HTTP notifications)
CVE-2008-2613: Vulnerability in DBMS_SCHEDULER, requiring access to a local user in the oinstall group for exploitation
CVE-2007-1359: Remotely-exploitable vulnerability in Oracle App Server. This is an issue in the ModSecurity application firewall that was originally reported in March 2007 that allows some security checks to be bypassed given a specially-formatted string. The original advisory is here.
CVE-2008-2589: PL/SQL injection flaw in Oracle Portal. Details were posted to the full disclosure list in conjunction with the patch
CVE-2008-2594 and CVE-2008-2609: These look like two more injection flaws in Portal.
If you’re running Oracle Collaboration Suite, note that the patch blows away the login and logout pages (oops!). MetaLink note 445172.1 has info on how to restore the pages post-patch.
Posted by Marc Fielding on Jan 10, 2008
It’s yet again time for Oracle’s critical patch update (CPUJAN2008). The update will be released on Tuesday January 15, and as of yet there are no details on exactly what vulnerabilities have been found, but the description page mentions that the following products have unauthenticated remotely-exploitable issues discovered:
- Oracle Application Server (5)
- Oracle E-Business Suite (3)
- Oracle Enterprise Manager (1)
- PeopleSoft Enterprise (1)
So especially for you folks running the above products, start planning your maintenance windows!
