Wednesday Jul 16, 2014

CPU Quarterly - July 2014 Security Advisor and Java SE Updates Released

It is good practice to review the security updates for your Oracle products regularly. They are updated quarterly with latest just published (July 2014).
The Oracle Critical Patch Update Advisory lists best practices and latest patches with scope making Oracle products more stable and robust.
TheMOS authentication needed PSU and CPU July 2014  Availability Document gives a comprehensive listing of recommended patching  for products and releases effected. Note that all effected components of a product are listed there.

For example for an 11.1.2.2.0 Forms/Reports environment follow this navigation path:

  • "Patch Availability for Oracle Products"
  • "Oracle Fusion Middleware"
  • "Oracle Fusion Middleware"
  • 3.3.17.4 Oracle Forms and Reports 11.1.2.2

 leading to Table 78. There are references for Java SE, JRockit, WebLogic Server, Database client, Oracle ADF,
OPMN, HTTP Server that are strongly recommended to review an implement. Even though Forms/Reports may not be effected directly, partner components need an update.

 An important part is always Java. With July 2014,  Java 8u11, 7u65, 6u81, and 5u71 are now in place (8u11 and 7u65 are publicly available through OTN).  The Information Center: Installation & Configuration for Oracle Java SE (MOS authentication neededDoc ID 1412103.2) will give more details on Java SE  download and installation.

as

Tuesday Jul 09, 2013

JRE Updates and Oracle Forms - JRE 1.7.0_25 & 1.6.0_51

Java is a very dynamic area. We see frequently updates and enhancements. Typically new functionality is added, often with scope security, so definitely worth to consider.
For Oracle Forms end users, it is safe and recommended to follow those JRE maintenance updates for their clients - certainly within the certification range for client platforms (System Requirements and Supported Platforms for Oracle Forms and Reports 11g Release 2 (11.1.2.1.0) Certification Matrix ).

For JRE 1.7.0_25 & 1.6.0_51 Oracle Forms administrators and end users must be aware of this potential impact:

  • Some WebUtil HOST calls may not work.  Specifically those which include strings that contain spaces and/or special characters (e.g. > < * & |).
  • Messages like "Missing Permissions manifest attribute for: http://machinename:port/forms/java/frmall.jar" and "Missing Codebase manifest attribute for: http://machinename:port/forms/java/frmall.jar" indicate that the JAR file manifest files will now require  new entries. New Forms JARs need to be obtained via Oracle Support.
  • Calls from html Java script into a form may throw a warning "Block potentially unsafe components from being run?".

Find the heads-up for Oracle Forms system administrators and more details in "Requires My Oracle Support (MOS) Login Release of JRE 1.7.0_25 & 1.6.0_51 and Impact on Forms 11g [ID 1563023.1]]"

About


This is the official blog of the Proactive Support Team for Developer Tools: Oracle Forms, Oracle Reports, Apex, SQLDeveloper, ... . Find information about our activities, publications, product related information and more.

 

Follow @psdDevTools on Twitter

Search

Archives
« April 2015
SunMonTueWedThuFriSat
   
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
  
       
Today