Tuesday, January 13 was a full day rather than in terms of patch simultaneously with the release of security bulletin MS09-001
Microsoft on the Windows SMB protocol and Critical
Patch Update released by Oracle for this first quarter of 2009.
take advantage of this double issue to create a parallel between my own personal activities of the system and the database administrator with regard to the installation of the patches (I have no certificates for any of the two roles, but in fact is what I'm involved to work):
1) both must be able to document any patch updates even before they are issued, in order to gather information on the vulnerabilities covered by the patches, set up a test on which to test it before going into production, the operation schedule update and experience, as a result, users of any downtime of the services offered by the servers affected by the update. In this sense, a good starting point it provides the network. The administrator of Microsoft Windows will not wait for the automatic notification of Windows Update, but will use sites like Feliciano Intini Blog
, for example, in the same way, the Oracle DBA can refer to
OTN (Oracle Technology Network )
.
short, the imperative is
ALWAYS BE ADVISED!
2) the output of a new patch, both the sysadmin and the DBA should consider the impact that the application of the patch itself will have on their servers can test it, if time permits, on a 
The testing phase is vital to ensure that the update is successful and does not create problems, once installed, the configuration of server / DBMS 3) after a necessary and crucial phase of testing, the application the patch must be done also in the production (which should take place when users are not connected and should not cause problems, if enough testing has been carried out as described in step 2) The purpose of this post First of all, is to acquire the skills necessary to install the CPU January 2009 (1), while the phase installation of the patch update in a test environment (step 2) will be the topic of a post I will publish soon!
Ok first of all need to read up on so I head
section dedicated to the OTN Critical Patch Update
, my goal is to answer some questions: *
what vulnerabilities are resolved by the January 2009 CPU?
* in which products (and version) Oracle can apply? * should install it or are there any contraindications? * as you install it? Link on CPU on OTN contains lots of useful information, for example, we learn that the update patches are issued on a quarterly basis, In fact, the upcoming release dates are: April 14, 2009 *
* * July 14, 2009 October 13, 2009 * January 12, 2010
addition, OTN provides two useful links to resources that indicate respectively how to enable the notification
the CPU as soon as they are released and a PDF document with
"Best Practices"
to install the patch updates.
In particular, the OTN
page dedicated to the CPU
January 2009 contains a list setting out for comfort even in the picture below, with all the versions of Oracle software and interested in the application of the patch:
Assuming, as in my case, it will apply the patch to the component of Oracle Database Server 10g, you can see from the above table, for example, as the version 10.2.0.1 of the DBMS is not supported (some more information it can
read from this thread on the forum
OTN), as well as Oracle Database Server versions prior to 9.2.0.8, and so on.
you read on the same page on OTN, it was discovered that the patch updates are cumulative for many Oracle products (not all though), that is, each CPU includes all previous fixes of the CPU. Fortunately, this case applies to Oracle Database Server and then just install the patch to update for January 2009 also fixes the previous patch updates!
Still the same page of OTN contains a table, reproduced below, with the list of products affected by the January 2009 CPU, the links to the risk matrices (tables that set out a list of vulnerabilities and their description for each family of commodities for which Oracle recommends that you install the patch), links to Metalink, etc..
It follows, then, include a table taken from the Metalink note 753340.1 on the CPU in January 2009, as supplied, the summary notes, also on Metalink, to access documentation and download the CPU JAN 2009 for various platforms and versions of Oracle Database Server:
For this time all the material there is plenty to digest. In the next post will deal installing CPU Jan 2009 on my test system, ie a virtual machine Debian GNU / Linux installed with Oracle Database version 10.2.0.4, all VMware ESXi! 
0 comments:
Post a Comment