资深Oracle数据库专家 OCM认证大师 10年数据库相关服务及开发经验 各类数据库相关方案的编写,管理及实施 数据中心数据库日常运维、大型项目割接、性能优化等方面有丰富的实战经验 客户包括: 电信,银行,保险,航空,国网,汽车,烟草等 想要一起学习探讨数据安全技术的请加qq群 256041954
全部博文(163)
分类: Oracle
2016-05-14 20:44:00
Patch 22502456 - Database Patch Set Update 11.2.0.4.160419 (Includes CPUApr2016)
Released: April 19, 2016
This document is accurate at the time of release. For any changes and additional information regarding PSU 11.2.0.4.160419, see these related documents that are available at My Oracle Support ():
Document Patch Set Update and Critical Patch Update April 2016 Availability Document
Document Patch Set Updates for Oracle Products
Document Oracle Database Patch Set Update 11.2.0.4.160419 Known Issues
This document includes the following sections:
From CPUJan2016 onwards, the 5th digit of the version number will be changed to reflect the release date in the format YYMMDD. See My Oracle Support Document for more information.
Patch Set Update (PSU) patches are cumulative. That is, the content of all previous PSUs is included in the latest PSU patch.
PSU 11.2.0.4.160419 includes the fixes listed in .
To install the PSU 11.2.0.4.160419 patch, the Oracle home must have the 11.2.0.4.0 Database installed. Subsequent PSU patches can be installed on Oracle Database 11.2.0.4.0 or any PSU with a lower 5th numeral version than the one being installed.
This patch is Oracle RAC Rolling Installable.
This patch is Database Vault installable. Review My Oracle Support Document 1195205.1 for details on how to apply this patch to a Database Vault environment.
This patch is Data Guard Standby-First Installable. See My Oracle Support Document Oracle Patch Assurance - Data Guard Standby-First Patch Apply for details on how to remove risk and reduce downtime when applying this patch.
This patch contains a security fix due to which a SELECT query's plan MAY change under the following conditions:
The SELECT queries a table protected with a Fined Grained Auditing policy
And the policy condition is NULL
describes installation types and security content. For each installation type, it indicates the most recent PSU patch to include new security fixes that are pertinent to that installation type. If there are no security fixes to be applied to an installation type, then "None" is indicated. If a specific PSU is listed, then apply that or any later PSU patch to be current with security fixes.
Table 1 Installation Types and Security Content
| Installation Type | Latest PSU with Security Fixes |
|---|---|
|
Server homes |
PSU 11.2.0.4.160419 |
|
Client-Only Installations |
PSU 11.2.0.4.160119 |
|
Instant Client Installations |
PSU 11.2.0.4.160119 (The Instant Client installation is not the same as the client-only Installation. For additional information about Instant Client installations, see Oracle Call Interface Programmer's Guide.) |
This section includes the following section:
You must use the OPatch utility version 11.2.0.3.6 or later to apply this patch. Oracle recommends that you use the latest released OPatch version for 11.2, which is available for download from My Oracle Support patch by selecting the 11.2.0.0.0 release.
For information about OPatch documentation, including any known issues, see My Oracle Support Document OPatch documentation list.
These instructions are for all Oracle Database installations.
Before you install PSU 11.2.0.4.160419, perform the following actions to check the environment and to detect and resolve any one-off patch conflicts.
From October 2014 onwards, the Oracle JavaVM Component 11.2.0.4.x Database PSU patch is also available as a separate patch. This patch is not Oracle RAC Rolling Installable. For customers wanting to install both patches together during a single downtime window, follow the various Patching Options listed in the My Oracle Support Document - Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU" (OJVM PSU) Patches.
If you are installing the PSU to an environment that has a Grid Infrastructure (GI) home, note the following:
Grid Infrastructure PSU 11.2.0.4.160419 Patch should be applied to the Grid Infrastructure home and Database home using the readme instructions provided with the patch.
Ensure that the $PATH definition has the following executables: make, ar, ld, and nm.
The location of these executables depends on your operating system. On many operating systems, they are located in /usr/ccs/bin, in which case you can set your PATH definition as follows:
export PATH=$PATH:/usr/ccs/bin
For an introduction to the PSU one-off patch concepts, see "Patch Set Updates Patch Conflict Resolution" in My Oracle Support Document Patch Set Updates for Oracle Products.
The fastest and easiest way to determine whether you have one-off patches in the Oracle home that conflict with the PSU, and to get the necessary conflict resolution patches, is to use the Patch Recommendations andPatch Plans features on the Patches & Updates tab in My Oracle Support. These features work in conjunction with the My Oracle Support Configuration Manager. Recorded training sessions on these features can be found in Document .
However, if you are not using My Oracle Support Patch Plans, the My Oracle Support Conflict Checker tool enables you to upload an OPatch inventory and check the patches that you want to apply to your environment for conflicts.
If no conflicts are found, you can download the patches. If conflicts are found, the tool finds an existing resolution to download. If no resolution is found, it will automatically request a resolution, which you can monitor in thePlans and Patch Requests region of the Patches & Updates tab.
For more information, see Knowledge Document , How to use the My Oracle Support Conflict Checker Tool.
Or, use the following steps to manually discover conflicts and resolutions:
Determine whether any currently installed one-off patches conflict with the PSU patch as follows:
unzip p22502456_112040_.zip cd 22502456 opatch prereq CheckConflictAgainstOHWithDetail -ph ./
The report will indicate the patches that conflict with PSU 22502456 and the patches for which PSU 22502456 is a superset.
Note that Oracle proactively provides PSU 11.2.0.4.160419 one-off patches for common conflicts.
Use My Oracle Support Document Database Patch conflict resolution to determine, for each conflicting patch, whether a conflict resolution patch is already available, and if you need to request a new conflict resolution patch or if the conflict may be ignored.
When all the one-off patches that you have requested are available at My Oracle Support, proceed with .
Conflicting patches should be rolled back before applying the patch, otherwise opatch apply will report conflicts again.
Follow these steps:
If you are using a Data Guard Physical Standby database, you must install this patch on both the primary database and the physical standby database, as described by My Oracle Support Document .
If this is an Oracle RAC environment, install the PSU patch using the OPatch rolling (no downtime) installation method as the PSU patch is rolling Oracle RAC installable. Refer to My Oracle Support Document Rolling Patch - OPatch Support for RAC.
If this is not a Oracle RAC environment, shut down all instances and listeners associated with the Oracle home that you are updating. For more information, see Oracle Database Administrator's Guide.
Rollback any patches found during the One-off Patch Conflict Detection.
Set your current directory to the directory where the patch is located and then run the OPatch utility by entering the following commands:
unzip p22502456_112040_
Install all resolutions to conflicts found during the One-off Patch Conflict Detection.
If there are errors, refer to .
After installing the patch, perform the following actions:
Apply conflict resolution patches as explained in .
Load modified SQL files into the database, as explained in .
Apply the patch conflict resolution one-off patches that were determined to be needed when you performed the steps in .
The following steps load modified SQL files into the database. For an Oracle RAC environment, perform these steps on only one node.
For each database instance running on the Oracle home being patched, connect to the database using SQL*Plus. Connect as SYSDBA and run the catbundle.sql script as follows:
cd $ORACLE_HOME/rdbms/admin sqlplus /nolog SQL> CONNECT / AS SYSDBA SQL> STARTUP SQL> @catbundle.sql psu apply SQL> QUIT
The catbundle.sql execution is reflected in the dba_registry_history view by a row associated with bundle series PSU.
For information about the catbundle.sql script, see My Oracle Support Document Introduction to Oracle Database catbundle.sql.
If the OJVM PSU was applied for a previous PSU patch, you may see invalid Java classes after execution of the catbundle.sql script in the previous step. If this is the case, run utlrp.sql to re-validate these Java classes.
cd $ORACLE_HOME/rdbms/admin sqlplus /nolog SQL> CONNECT / AS SYSDBA SQL> @utlrp.sql
Check the following log files in $ORACLE_HOME/cfgtoollogs/catbundle or $ORACLE_BASE/cfgtoollogs/catbundle for any errors:
catbundle_PSU__APPLY_ .log catbundle_PSU_ _GENERATE_<TIMESTAMP>.log
where TIMESTAMP is of the form YYYYMMMDD_HH_MM_SS. If there are errors, refer to .
There are no actions required for databases that have been upgraded or created after installation of PSU 11.2.0.4.160419.
These instructions apply if you need to deinstall the patch.
Follow these steps:
Verify that an $ORACLE_HOME/rdbms/admin/catbundle_PSU_
Shut down all instances and listeners associated with the Oracle home that you are updating. For more information, see Oracle Database Administrator's Guide.
Run the OPatch utility specifying the rollback argument as follows.
opatch rollback -id 22502456
If there are errors, refer to .
Follow these steps:
Start all database instances running from the Oracle home. (For more information, see Oracle Database Administrator's Guide.)
For each database instance running out of the ORACLE_HOME, connect to the database using SQL*Plus as SYSDBA and run the rollback script as follows:
cd $ORACLE_HOME/rdbms/admin
sqlplus /nolog
SQL> CONNECT / AS SYSDBA
SQL> STARTUP
SQL> @catbundle_PSU_
In an Oracle RAC environment, the name of the rollback script will have the format catbundle_PSU_
If the OJVM PSU was applied for a previous PSU patch, you may see invalid Java classes after execution of the catbundle.sql script in the previous step. If this is the case, run utlrp.sql to re-validate these Java classes.
cd $ORACLE_HOME/rdbms/admin sqlplus /nolog SQL> CONNECT / AS SYSDBA SQL> @utlrp.sql
Check the log file for any errors. The log file is found in $ORACLE_BASE/cfgtoollogs/catbundle and is named catbundle_PSU_
Follow these steps for each node in the cluster, one node at a time:
Shut down the instance on the node.
Run the OPatch utility specifying the rollback argument as follows.
opatch rollback -id 22502456
If there are errors, refer to .
Start the instance on the node as follows:
srvctl start instance –d-n
Follow the instructions listed in Section only on the node for which the steps in were executed during the patch application.
All other instances can be started and accessed as usual while you are executing the deinstallation steps.
For information about OPatch issues, see My Oracle Support Document OPatch documentation list.
For issues documented after the release of this PSU, see My Oracle Support Document Oracle Database Patch Set Update 11.2.0.4.160419 Known Issues.
Other known issues are as follows.
Issue 1The following ignorable errors may be encountered while running the catbundle.sql script or its rollback script:
ORA-29809: cannot drop an operator with dependent objects ORA-29931: specified association does not exist ORA-29830: operator does not exist ORA-00942: table or view does not exist ORA-00955: name is already used by an existing object ORA-01430: column being added already exists in table ORA-01432: public synonym to be dropped does not exist ORA-01434: private synonym to be dropped does not exist ORA-01435: user does not exist ORA-01917: user or role 'XDB' does not exist ORA-01920: user name 'Issue 2' conflicts with another user or role name ORA-01921: role name ' ' conflicts with another user or role name ORA-01952: system privileges not granted to 'WKSYS' ORA-02303: cannot drop or replace a type with type or table dependents ORA-02443: Cannot drop constraint - nonexistent constraint ORA-04043: object does not exist ORA-29832: cannot drop or replace an indextype with dependent indexes ORA-29844: duplicate operator name specified ORA-14452: attempt to create, alter or drop an index on temporary table already in use ORA-06512: at line . If this error follow any of above errors, then can be safely ignored. ORA-01927: cannot REVOKE privileges you did not grant
Warnings may be returned during the re-link phase of 22502456. These warnings may be ignored.
warning: overriding commands for target `nmosudo' warning: ignoring old commands for target `nmosudo'
See the following document for additional information.
Document Relinking the DB Control 11.2.0.3 Agent Displays a Warning Message "overriding commands for target 'nmosudo'"
Issue 3On HP-UX systems, the following ignorable warnings may be encountered during the relinking of the oracle binary:
WARNING:OUI-67215: OPatch found the word "failed" in the stderr of the make command.Please look at this stderr. You can re-run this make command. cc: warning 487: Possibly incorrect message catalog. total_lntt_bytes is 0, assuming size of .debug_lntt Failed to mmap lntt temp file.Issue 4
On AIX systems, the following ignorable warnings may be encountered during the relinking of the oracle binary:
WARNING:OUI-67215: OPatch found the word "failed" in the stderr of the make command.Please look at this stderr. You can re-run this make command. ld: 0711-224 WARNING: Duplicate symbol:Issue 5ld: 0711-345 WARNING: Duplicate symbol: ld: 0711-773 WARNING: Duplicate symbol: ld: 0711-783 WARNING: Duplicate symbol: ld: 0711-301 WARNING: Duplicate symbol: ld: 0711-415 WARNING: Duplicate symbol: ld: 0711-319 WARNING: Duplicate symbol:
On IBM: Linux on System Z, the following ignorable warnings may be encountered during relinking of e2eme binary:
OUI-67215: OPatch found the word "warning" in the stderr of the make command. Please look at this stderr. You can re-run this make command. Stderr output: ins_emagent.mk:113: warning: overriding commands for target `nmosudo' ins_emagent.mk:52: warning: ignoring old commands for target `nmosudo'Issue 6
If Oracle Database Vault is enabled, the following error can occur during the execution of the Post Installation or Deinstallation steps:
initjvmaux.drop_sros(); EXECUTE IMMEDIATE 'create or replace java system'; ... ORA-01031: insufficient privileges ORA-06512: at "SYS.INITJVMAUX", line 535 ORA-06512: at line 3
To recover from this issue, see the following My Oracle Support Document ORA-01031 during Post Install / De-install for Database PSU or OJVM PSU
The following documents are references for this patch.
Document OPatch documentation list
Document Impact of Java Security Vulnerabilities on Oracle Products
Document Database Patch conflict resolution
Document Database 11.2.0.4.160419 Patch Set Update (PSU)
Document 11.2.0.4 Patch Set Updates - List of Fixes in each PSU
Document Patching Assistant: Oracle Database/Client - Select PSU/SPU (aka CPU)
This patch includes the following bug fixes.
CPU molecules in PSU 11.2.0.4.160419:
PSU 11.2.0.4.160419 contains the following new PSU 11.2.0.4.160419 molecules:
|
|
22683212 - DB-11.2.0.4-MOLECULE-042-CPUAPR2016 |
|
|
22683225 - DB-11.2.0.4-MOLECULE-043-CPUAPR2016 |
|
|
22893153 - DB-11.2.0.4-MOLECULE-044-CPUAPR2016 |
See My Oracle Support Document that documents all the non-security bugs fixed in each 11.2.0.4 Patch Set Update (PSU).
PSU 11.2.0.4.160419 contains the following new fixes:
Advanced Queuing
16596890 - KWQICGPC: CURSOR CLOSE ERROR 604 IN Q00 PROCESS 21286665 - EXPORT IS SLOW WAITING FOR "STREAMS AQ: ENQUEUE BLOCKED ON LOW MEMORY"
Automatic Storage Management
21983325 - ACFS FILESYSTEM CRASHES WHEN RESIZED BEYOND 128 TB
Generic
21387964 - DROP USER FAILS BECAUSE OF DICTIONARY INCONSISTENCY
High Availability
21868720 - RMAN-06054 ON BACKUP BASED DUPLICATE
Oracle OLAP
20596234 - Fix for bug 20596234
Oracle Security
19721304 - SCRIPT TO LOCK DOWN JAVA DEVELOPMENT 21756661 - Fix for bug 21756661 21756677 - Fix for bug 21756677
Oracle Utilities
22353199 - TRACKING BUG TO INCLUDE ORACHK 12.1.0.2.6 IN APRIL 2016 PSU
Oracle Virtual Operating System Services
18093615 - CREATE MAKE TARGETS FOR FEATURE ENABLING AND DISABLING
Server Manageability
19258504 - DIAGENH: NEED TO HAVE WRITE IO THROUGHPUT STATISTICS IN AWR
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at .
Access to Oracle Support
Oracle customers have access to electronic support through My Oracle Support. For information, visit or visit if you are hearing impaired.
Patch 22502456 - Database Patch Set Update 11.2.0.4.160419 (Includes CPUApr2016) for UNIX
Copyright © 2006, 2016, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.
This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark licensed through X/Open Company, Ltd.
This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.