===============================
Patch Set Update (PSU) for Bug: 29204657
===============================
Date: Tue Mar 5 13:23:42 2019
---------------------------------
Platform Patch for : Generic
Product Patched : ORACLE WEBLOGIC SERVER
Product Version : 12.1.3.0.0
This document describes how to install the interim patch for
bug # 29204657. It includes the following sections:
Section 1, "Zero Downtime Patching"
Section 2, "Prerequisites"
Section 3, "Pre-Installation Instructions"
Section 4, "Installation Instructions"
Section 5, "Post-Installation Instructions"
Section 6, "Deinstallation Instructions"
Section 7, "Post Deinstallation Instructions"
Section 8, "Bugs Fixed by This Patch"
Section 9, "Known Issues"
1 Zero Downtime Patching
------------------------------
This patch has been marked as eligible for Zero Downtime Patching.
With Zero Downtime Patching, a Patch can be applied to a system in a manner
that does not incur any downtime. This ensures that the system can remain
available and functioning during the patching process. Certain
pre-requisites, however, must be met before the patch can be applied.
For more information, consult the My Oracle Support MOS Note: 1942159.1
2 Prerequisites
----------------
Ensure that you meet the following requirements before you install or
deinstall the patch:
1. Before applying the non-mandatory patches, ensure that you have the
exact symptoms described in the bug.
2. Update Java SE (JDK/JRE):
For users of Oracle JDKs and JVMs, we strongly recommend applying the latest
Java Critical Patch Updates (CPUs) as soon as they are released. Refer to the
following for further information:
Doc ID 1506916.1 Obtaining Java SE (JDK/JRE) for Oracle Fusion Middleware Products
https://support.oracle.com/rs?type=doc&id=1506916.1
3. Oracle Fusion Middleware 12.1.x products are installed with OPatch
NextGen 13.2 to apply interim patches. The OPatch utility may be updated
over time to resolve known issues.
You can check your version using the following command:
ORACLE_HOME/OPatch/opatch version
OPatch should not be updated for 12.1.x unless specifically instructed to do so.
The installed OPatch should be sufficient to apply interim patches.
Review the following for more OPatch information:
Doc ID 1587524.1 Using OUI NextGen OPatch 13 for Oracle Fusion Middleware 12c
https://support.oracle.com/rs?type=doc&id=1587524.1
4. Verify the OUI Inventory.
OPatch needs access to a valid OUI inventory to apply patches.
Note: This needs the ORACLE_HOME to be set(refer section "2. Pre-Installation Instructions")
prior to run the below commands:
Validate the OUI inventory with the following commands:
$ opatch lsinventory -jre $ORACLE_HOME/jdk/jre
Note:
All OPatch commands should be run with -jre option.
Make sure the JDK version you use is the certified version for your product.
If the command errors out, contact Oracle Support and work to validate
and verify the inventory setup before proceeding.
5. Confirm the executables appear in your system PATH:
The patching process will use the unzip and the OPatch executables. After
setting the ORACLE_HOME environment, confirm if the following executables
exist, before proceeding to the next step:
- opatch
- unzip
If either of these executables do not show in the PATH, correct the
problem before proceeding.
6. Create a location for storing the unzipped patch:
This location will be referred to later in the document as PATCH_TOP.
NOTE: On WINDOWS, the preferred location is the drive root directory.
For example, "C:\PATCH_TOP" and avoid choosing locations like,
"C:\Documents and Settings\username\PATCH_TOP".
This is necessary due to the 256 characters limitation on windows
platform.
3 Pre-Installation Instructions
-------------------------------
1. Set the ORACLE_HOME environment variable to the directory where you have installed ORACLE WEBLOGIC SERVER.
4 Installation Instructions
---------------------------
1. Unzip the patch zip file into the PATCH_TOP.
$ unzip -d PATCH_TOP p29204657_121300_Generic.zip
NOTE: On WINDOWS, the unzip command has a limitation of 256 characters in the path name.
If you encounter this, please use an alternate ZIP utility like 7-Zip to unzip the patch.
For example: To unzip using 7-zip, run the command:
"c:\Program Files\7-Zip\7z.exe" x p29204657_121300_Generic.zip
2. Set your current directory to the directory where the patch is located.
$ cd PATCH_TOP/29204657
3. Run OPatch to apply the patch.
$ opatch apply
Note:
-----
When OPatch starts, it validates the patch and makes sure that there are no
conflicts with the software already installed in the ORACLE_HOME.
In case of opatch conflict, you will see a warning message similar to the one mentioned below:
Interim Patch XXXX has Conflict with patch(es) [ YYYY ] in OH ...
Conflict patches: YYYY
Patch(es) YYYY conflict with the patch currently being installed (XXXX).
If you continue, patch(es) YYYY will be rolled back and the new patch (XXXX) will be installed.
If a merge of the new patch (XXXX) and the conflicting patch(es) ( YYYY) is required,contact Oracle Support Services and request a Merged patch.
Do you want to proceed? [y|n]
n
You must stop the patch installation and contact oracle support on how to proceed.
5 Post-Installation Instructions
---------------------------------
Start all servers (AdminServer and all Managed server(s)).
6 Deinstallation Instructions
------------------------------
If you experience any problems after installing this patch, remove the patch as
follows:
1. Make sure to follow the same Prerequisites or pre-install steps (if any)
when deinstalling a patch.
This includes setting up any environment variables like ORACLE_HOME and
verifying the OUI inventory before deinstalling.
2. Change to the directory where the patch was unzipped.
$ cd PATCH_TOP/29204657
3. Run OPatch to deinstall the patch.
$ opatch rollback -id 29204657
7 Post Deinstallation Instructions
-----------------------------------
Restart all servers (AdminServer and all Managed server(s)).
This is necessary to redeploy the original applications and bring the
environment back to it's original state.
8 Bugs Fixed by This Patch
--------------------------
WLS Patch Set Update 12.1.3.0.190416
28891448: CVE-2019-2618
29140549: Fix for Bug 29140549
29140551: CVE-2019-2649
29140555: Fix for Bug 29140555
29140516: Fix for Bug 29140516
29140508: CVE-2019-2645
26791760: CVE-2019-2568
28874066: CVE-2019-2615
28998139: CVE-2016-1000031
29140540: CVE-2019-2647
WLS Patch Set Update 12.1.3.0.190115
26624375: NODEMANAGER MEMORY LEAK ON SSL HANDSHAKE FAILURES
28626991: CVE-2019-2452
28110087: CVE-2019-2418
28313163: HTTP SESSION OBJECTS DOESN'T ADHER SESSION TIMEOUT WHEN CLIENT TERMINATES REQUES
26353793: CVE-2019-2398
28594324: PERF PROD HUGE TIME SPENT IN WEBLOGIC.SECURITY.ACL.INTERNAL.AUTHENTICATEDSUBJECT
WLS Patch Set Update 12.1.3.0.181016
28043040: CVE-2018-3197
28140800: BYPASS VERSION STRING CHECKS WHEN NON-ORACLE JDK IS USED.
20020455: CVE-2018-2902
28375702: CVE-2018-3246
17905354: Fix for Bug 17905354
28375173: CVE-2018-3245
27988175: CVE-2018-3191
28481582: FIX FOR BUG 22690676
28409586: CVE-2018-3252
WLS Patch Set Update 12.1.3.0.180717
27417245: CVE-2018-2894
27948303: CVE-2018-2893
27234961: IMPROVE PERFORMANCE IN BEAN CREATION TO REDUCE STUCK THREADS WHEN DATABASE IS SLOW OR DOWN
27416586: FIXED A WLST PERFORMANCE ISSUE IN ASSIGNING JMS RESOURCES TO CLUSTER AFTER APPLYING THE 171017 PSU
27819370: CVE-2018-2987
27934864: CVE-2018-2998
27445260: CVE-2018-2935
18412312: FIXED NODEMANAGER TO RESTART MANAGED SERVER THAT IS SHUT DOWN DUE TO OVERLOAD PROTECTION
25993295: CVE-2013-1768
27947832: FIXED AN ISSUE WHERE JAVAX.XML.XMLCONSTANTS.FEATURE_SECURE_PROCESSING WASN'T BEING PROPERLY PROPAGATED IN WSDLREADER.
WLS Patch Set Update 12.1.3.0.180417
26439373: CVE-2017-5645
26806438: F
没有合适的资源?快使用搜索试试~ 我知道了~
weblogic_12c_patch.rar
共2477个文件
class:2373个
properties:37个
xml:34个
需积分: 9 2 下载量 112 浏览量
2022-06-20
15:20:41
上传
评论 1
收藏 37.38MB ZIP 举报
温馨提示
使用weblogic版本:12.1.3.0.0 p29204657_122130_Generic.zip (2020年10月weblogic反序列化漏洞补丁)
资源详情
资源评论
资源推荐
收起资源包目录
weblogic_12c_patch.rar (2477个子文件)
ServerTemplateMBeanImpl.class 172KB
ScriptExecutor.class 134KB
WebAppServletContext.class 117KB
WLSAutoDeployer.class 111KB
ServerTemplateMBeanImplBeanInfo.class 91KB
JspJavaTransform.class 87KB
ServerTransactionImpl.class 78KB
DomainTemplate.class 77KB
EnvironmentBuilder.class 67KB
JDBCStoreIO.class 67KB
ServerTemplateMBeanImpl$Helper.class 65KB
PythonGrammar.class 65KB
WLScriptContext.class 64KB
ConnectionPool.class 62KB
ServerTransactionManagerImpl.class 61KB
QueueImpl.class 61KB
ServletRequestImpl.class 61KB
ConnectionEnv.class 59KB
DeploymentTaskRuntime.class 59KB
DataSource.class 58KB
BaseJ2eeAnnotationProcessor.class 57KB
BEDestinationImpl.class 56KB
BEConsumerImpl.class 56KB
MessageDrivenBeanInfoImpl.class 54KB
JMSConnectionPoller.class 53KB
ResourcePoolImpl.class 52KB
ChannelService.class 48KB
MessageImpl.class 48KB
MessageImpl.class 48KB
Py.class 48KB
TransactionImpl.class 48KB
TransactionImpl.class 48KB
EJBDeployer.class 48KB
IIOPInputStream.class 48KB
WLSJmsHelper.class 47KB
ServletResponseImpl.class 47KB
FEProducer.class 47KB
Connection.class 46KB
HAConnectionPool.class 45KB
ProviderUtils.class 45KB
SSLMBeanImpl.class 45KB
ScriptHelper.class 44KB
PlatformHelperImpl.class 44KB
NodeManagerTextTextFormatter.class 43KB
IIOPOutputStream.class 43KB
WSDLReaderImpl.class 43KB
DomainChecker.class 41KB
ServerSCInfo.class 40KB
JAMTagParser.class 40KB
J2EELogger.class 39KB
JspScriptTransform.class 39KB
SessionData.class 38KB
CodeCompiler.class 38KB
JMSService.class 38KB
PersistentStoreDataArchive.class 37KB
BESessionImpl.class 37KB
PythonGrammarTokenManager.class 37KB
RJVMImpl.class 37KB
RJVMImpl.class 37KB
JDBCModule.class 37KB
T3Srvr.class 37KB
Bean.class 36KB
ConnectionManager.class 36KB
ConnectionManager.class 36KB
SingletonMonitor.class 35KB
XAConnection.class 35KB
DeploymentPlanProcessor.class 34KB
DeploymentServiceServlet.class 34KB
SecurityInterceptor.class 33KB
MigratableTargetMBeanImpl.class 33KB
HttpURLConnection.class 33KB
HttpURLConnection.class 33KB
PyString.class 32KB
WLSProvider.class 32KB
RequestManager.class 32KB
RequestManager.class 32KB
BootStrapServiceImpl.class 32KB
AbstractConfigAspect.class 31KB
JDBCLogger.class 31KB
CertGen.class 31KB
ReservedConnection.class 30KB
EnvUtils.class 30KB
SSLContextManager.class 30KB
SSLMBeanImplBeanInfo.class 30KB
NodeManagerRuntime.class 29KB
DiagnosticsLogger.class 29KB
ServerLifeCycleRuntime.class 28KB
SecurityHelper.class 28KB
UCPRACModuleImpl.class 28KB
JTSConnection.class 28KB
EJBTimerManager.class 28KB
EJBModule.class 28KB
ClientIdentityRegistry.class 28KB
CDIAppDeploymentExtension.class 27KB
InterceptionMetadata.class 27KB
CDIModuleExtension.class 27KB
DomainNodeManagerHelper.class 26KB
TimerImpl.class 26KB
ServerCoordinatorDescriptorManagerImpl.class 26KB
PyObject.class 26KB
共 2477 条
- 1
- 2
- 3
- 4
- 5
- 6
- 25
yzf20089
- 粉丝: 3
- 资源: 7
上传资源 快速赚钱
- 我的内容管理 展开
- 我的资源 快来上传第一个资源
- 我的收益 登录查看自己的收益
- 我的积分 登录查看自己的积分
- 我的C币 登录后查看C币余额
- 我的收藏
- 我的下载
- 下载帮助
安全验证
文档复制为VIP权益,开通VIP直接复制
信息提交成功
评论0