Oracle WebLogic Server Patch Set Update 10.3.6.0.190416 README
==============================================================
This README provides information about how to apply Oracle WebLogic Server
Patch Set Update 10.3.6.0.190416. It also provides information about reverting to
the original version.
Released: April, 2019
Smart Update Details of Oracle WebLogic Server Patch Set Update 10.3.6.0.190416
--------------------------------------------------------------------------
Patch ID - U5I2
Patch Number - 29204678
Preparing to Install Oracle WebLogic Server Patch Set Update 10.3.6.0.190416
-----------------------------------------------------------------------
- WebLogic Server Patch Set Update (PSU) can be applied on a per-domain basis
(or on a more fine-grained basis), Oracle recommends that PSU be applied on an installation-wide basis.
PSU applied to a WebLogic Server installation using this recommended practice
affect all domains and servers sharing that installation.
- Login as same "user" with which the component being patched is installed.
- Stop all WebLogic servers.
- Remove any previously applied WebLogic Server Patch Set Update and associated overlay patches
- *** NOTE: In order to be Security compliant for vulnerability fixes released as part of CPUOct2017,
Oracle recommends the use of the following JDK version:
Java SE Development Kit 7, Update 131 (JDK 7u131) or higher (refer MOS notes 1492980.1 and 1439822.1)
https://support.oracle.com/epmos/faces/DocumentDisplay?id=1439822.1
https://support.oracle.com/epmos/faces/DocumentDisplay?id=1492980.1
- If you are running with a security manager and experience java.io.SerializablePermission "serialFilter" permission exceptions,
then you will need to update the weblogic policy file to include the following line:
permission java.io.SerializablePermission "serialFilter";
in the coherence.jar section of the weblogic policy file:
grant codeBase "file:@WL_HOME/../coherence/lib/coherence.jar" {
Installing Oracle WebLogic Server Patch Set Update 10.3.6.0.190416
-------------------------------------------------------------
- unzip p28710912_1036_Generic.zip to {MW_HOME}/utils/bsu/cache_dir or any local directory
Note: You must make sure that the target directory for unzip has required write and executable permissions
for "user" with which the component being patched is installed.
- Navigate to the {MW_HOME}/utils/bsu directory.
- Execute bsu.sh -install -patch_download_dir={MW_HOME}/utils/bsu/cache_dir -patchlist={PATCH_ID} -prod_dir={MW_HOME}/{WL_HOME}
Where, WL_HOME is the path of the WebLogic home
Reference: BSU Command line interface
http://docs.oracle.com/cd/E14759_01/doc.32/e14143/commands.htm
Post-Installation Instructions
------------------------------
a) Restart all WebLogic servers.
b) The following command is a simple way to determine the application of WebLogic Server PSU.
$ . $WL_HOME/server/bin/setWLSEnv.sh
$ java weblogic.version
In the following example output, 10.3.6.0.190416 is the installed WebLogic Server PSU.
WebLogic Server 10.3.6.0.190416 PSU Patch for BUG29204678
* A note about the weblogic.policy file *
If you are using a Java security manager (for example, you use -Djava.security.manager to start up WebLogic Server),
you must ensure that the codeBase in your policy file points to the location where the patches are installed.
The policy file is specified by -Djava.security.policy during server startup.
By default, this is weblogic.policy file and resides in WL_HOME/server/lib, where WL_HOME is the WebLogic Server installation directory.
This is an example of what should be added to the weblogic.policy file for the installed patches:
grant codeBase "file:<path-to-WLS-patch-jars>/patch_wls1036/patch_jars/-" {
permission java.security.AllPermission;
};
The default weblogic.policy file is a sample. If you use it, you must modify it. Refer to the following URL for additional information:
http://download.oracle.com/docs/cd/E17904_01/web.1111/e13711/server_prot.htm
Uninstalling Oracle WebLogic Server Patch Set Update 10.3.6.0.190416
---------------------------------------------------------------
- Stop all WebLogic Servers
- Navigate to the {MW_HOME}/utils/bsu directory.
- Execute bsu.sh -remove -patchlist={PATCH_ID} -prod_dir={MW_HOME}/{WL_HOME}
Post-Uninstallation Instructions
--------------------------------
a) Restart all WebLogic Servers.
Bugs Fixed By This Patch
------------------------
WLS Patch Set Update 10.3.6.0.190416
-------------------------------------------
27122975 UDDIEXPLORER.SETUP.GETCOOKIE NPE INCIDENT GENERATION IN CUSTOMER PODS
29140508 CVE-2019-2645
29140551 CVE-2019-2649
29140549 CVE-2019-2648
29140540 CVE-2019-2647
29140516 CVE-2019-2646
26791760 CVE-2019-2568
29140555 CVE-2019-2650
28998139 CVE-2016-1000031
16706262 CHANGE PROXY RELATED VARS FROM STATIC VAR TO INSTANCE VAR
28762025 WLS PSU 10.3.6.0.181016 DOESN'T INCLUDE THE FIX 13729611
28874066 CVE-2019-2615
28891448 CVE-2019-2618
WLS Patch Set Update 10.3.6.0.190115
-------------------------------------------
26624375 NODEMANAGER MEMORY LEAK ON SSL HANDSHAKE FAILURES
17390029 SUB COORDINATOR URL USES SSL, THEN FUTURE RESOURCE WILL GET INFECTED WITH SAME
19706551 CVE-2019-2395
26353793 CVE-2019-2398
28110087 CVE-2019-2418
28626991 CVE-2019-2452
WLS Patch Set Update 10.3.6.0.181016
-------------------------------------------
20020455 CVE-2018-2902
28140800 Bypass version string checks when non-Oracle JDK is used.
28409586 CVE-2018-3252
28375173 CVE-2018-3245
27988175 CVE-2018-3191
28389003 CVE-2018-3250
28381528 CVE-2018-3248
28381538 CVE-2018-3249
WLS Patch Set Update 10.3.6.0.180717
-------------------------------------------
27819370 CVE-2018-2987
27948303 CVE-2018-2893
18233844 Fixed a datasource hang during rollback if the database was hung
25993295 CVE-2013-1768
27445260 CVE-2018-2935
27934864 CVE-2018-2998
WLS Patch Set Update 10.3.6.0.180417
-------------------------------------------
27043684 Clarify unclear verbiage in a MultiPool connect failure message
26439373 CVE-2017-5645
25987400 Fixed an issue where it wasn't possible to provide indirect transaction propagation between servers that are on different networks
26916941 Fixed an issue that was causing SoapCodec.getOperation() to return null
13421981 Fixed an issue where WLS was failing to collect an automatic thread dump when JDK7 is used
26608537 CVE-2018-2628
WLS Patch Set Update 10.3.6.0.171017
-------------------------------------------
24818026 CVE-2017-10271
26044754 CVE-2017-10334, CVE-2017-10336
19763916 CVE-2017-10152
26144830 CVE-2017-10352
18492020 Fixes an issue with an unexpected RuntimeException if the MaxThreadsConstraint is exceeded
WLS Patch Set Update 10.3.6.0.170718
-------------------------------------------
24533963 CVE-2013-2027
16844206 Updated Jython to recognize Windows 2012
16199510 Fixed an issue with the closure of initial context when creating JMX connection
19687084 Fixed an issue where startNodeManager() would fail if the 'block' argument was set to 'true'
22935339 Fixed an issue where the processor load column in the Admin console displayed N/A with JDK 1.7
21562338 Fixed an issue where a Connection.isClosed() call returned false when the real connection had been closed because of a internal driver condition
17780911 Fixed an issue where very long running statements might cause the pool to incorrectly retract the connection as if it were idle
18084750 Moved the server threads used for processing Oracle FAN messages from the self-tuning thread pool to a Java thread pool
21241854 Fixed a case where a failover callback for an MDS was not called
20463542 Provide an option to allow early-used connections within a global transaction to go back into the pool when logically closed rather than be held to the end of the transaction
13729611 Ensure t
没有合适的资源?快使用搜索试试~ 我知道了~
21984589-26519424-28710912-29204678-31178492.rar
共3个文件
txt:1个
xml:1个
jar:1个
5星 · 超过95%的资源 需积分: 9 39 下载量 72 浏览量
2020-08-12
11:33:40
上传
评论
收藏 486.88MB RAR 举报
温馨提示
weblogic 10.3.6.0 漏洞补丁打包下载 , 最新p31178492补丁2020年7月
资源推荐
资源详情
资源评论
收起资源包目录
21984589-26519424-28710912-29204678-31178492.rar (3个子文件)
README.txt 60KB
U5I2.jar 88.81MB
patch-catalog_26516.xml 130.08MB
共 3 条
- 1
资源评论
- phitibo2021-06-11不错,这个到202007月的补丁
猛买家
- 粉丝: 20
- 资源: 34
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功