Applying Patch 19948000: OHS SECURITY PATCH UPDATE 11.1.1.7.0 (CPUJAN2015)
- Download and extract the patch 19948000 onto the staging area PATCH_TOP of the server.
- Ensure environment variables are set eg: ORACLE_HOME=$MW_HOME/Oracle_WT1
- Download latest OPatch, ensure access to valid inventory.
- Stop all opmn, OHS services.
Applying patch 19948000
- Unzip the patch zip file into the PATCH_TOP.
unzip -d PATCH_TOP p19948000_111170_Linux-x86-64.zip
- cd PATCH_TOP/19948000
- Run following command:
opatch apply
Post Install Instructions:
--------------------------
- Disable SSLv2 and SSLv3 from config files.
A. SSLProtocol
Check config files like ORACLE_INSTANCE/config/OHS/<OHS name>/ssl.conf, ORACLE_INSTANCE/config/OHS/<OHS name>/admin.conf and any other custom files.
Change SSLProtocol directive to disable SSLv2, SSLv3 protocols by either:
SSLProtocol -All +TLSv1 (allows the one TLS protocol currently supported in this version)
or
SSLProtocol All -SSLv2 -SSLv3 (allows for future scaling to newer TLS version if later upgraded)
or
SSLProtocol nzos_Version_1_0
B. SSLProxyProtocol
This directive must also be configured to disable SSLv2, SSLv3 protocols similar to SSLProtocol.
- Remove ciphers from SSLCipherSuite directive that are deprecated in this release. Check patch README file for more details.
Alternatively, enable only the valid ciphers for this release.
- Start all opmn, OHS services.
Rollback patch
If any issues post patching and a roll back is needed, follow below steps:
- Stop the services
- cd PATCH_TOP/19948000
- Run following command:
opatch rollback -id 19948000
- Restart all opmn, OHS services.
Related Posts:
FMW 12.1.2.0.0 - Oracle HTTP Server - Applying Patch 21768251: MERGE REQUEST ON TOP OF 12.1.2.0.0 FOR BUGS 19948089 19304888 20806507 20900385
FMW 11.1.1.7.0 - Applying Oracle HTTP Server Patch 20394174: MERGE REQUEST ON TOP OF 11.1.1.7.0 FOR BUGS 19948000 17905017
FMW 11.1.1.7.0 - Applying Patch 20493440: MERGE REQUEST ON TOP OF 11.1.1.7.0 FOR BUGS 18423801 18025250
FMW 11.1.1.7.0 - Applying Patch 20124292: OPTIC NEEDS BETTER DIAGNOSTICS FOR CONNECTION ERRORS
Applying Patch 19849290 - CPU CONFLICT MERGE REQUEST ON TOP OF 11.1.1.7.0 FOR BUGS 17337741 17555224
Applying Patch 17337741: OSS SECURITY PATCH UPDATE 11.1.1.7.0 (CPUOCT2013)
FMW 11.1.1.7.0 - Applying Patch 18423831: WLSPLUGINS (OHS) SECURITY PATCH UPDATE 11.1.1.7.0 (CPUJUL2014)
FMW 11.1.1.7.0 - Applying Patch 18423801: OPMN SECURITY PATCH UPDATE 11.1.1.7.0 (CPUJUL2014)
Applying Patch 19948000: OHS SECURITY PATCH UPDATE 11.1.1.7.0 (CPUJAN2015)
FMW 12.1.3.0.0 - Applying Patch 19948154: OHS SECURITY PATCH UPDATE 12.1.3.0.0 (CPUJAN2015)
FMW 12.1.3.0.0 - Applying Patch 19229422: OHS 12C UNABLE TO CONNECT TO WLS DYNAMIC CLUSTER
Applying Patch 16856341: CPU: OHS CORE DUMPS AFTER MOD_SECURITY PATCH/CONF APPLIED
No comments:
Post a Comment