Asset ID:	1-79-2037108.1
Update Date:	2016-11-24
Keywords:

Solution Type Predictive Self-Healing Sure

Solution 2037108.1 : Patch Set Update and Critical Patch Update October 2015 Availability Document

Applies to:

Exadata Database Machine X2-2 Hardware
Information in this document applies to any platform.

Purpose

This document defines the patches and minimum releases for the Database Product Suite, Fusion Middleware Product Suite, Exalogic, and Enterprise Manager Suite Critical Patch Updates and Patch Set Updates released on October 20, 2015.

Details

Patch Set Update and Critical Patch Update Availability Document October 2015

My Oracle Support <Note 2037108.1>

Released October 20, 2015

This document contains the following sections:

Section 1, "Overview"
Section 2, "What's New in October 2015"
Section 3, "Patch Availability for Oracle Products"
Section 4, "Final Patch History"
Section 5, "Sources of Additional Information"
Section 6, "Modification History"
Section 7, "Documentation Accessibility"

1 Overview

Oracle provides quarterly Security Patch Updates (SPU) to address security vulnerabilities, and Patch Set Updates (PSU) to address proactive, critical fixes and security vulnerabilities. The security vulnerabilities addressed are announced in the Advisory for October 2015, available at:

http://www.oracle.com/technetwork/topics/security/cpuoct2015-2367953.html

This document lists the Oracle Database, Fusion Middleware and Enterprise Manager SPU and PSU patches for product releases under error correction. The October 2015 release supersedes earlier Critical Patch Updates and Patch Set Updates for the same product releases. This document is subject to continual update after the initial release, and the changes are listed in Section 6, "Modification History." If you print this document, check My Oracle Support to ensure you have the latest version.

This section contains the following:

Section 1.1, "How To Use This Document"
Section 1.2, "Terminology in the Tables"
Section 1.3, "On-Request Patches"
Section 1.4, "CPU Program and My Oracle Support Patch Recommendations"
Section 1.5, "Oracle Database Patching - SPU vs PSU/BP"

1.1 How To Use This Document

The following steps explain how to use this document.

Step 1 Assess your Environments: Determine the Oracle product suites and products and their release numbers for each of your environments.

Step 2 Read Important Announcements

Review Section 2, "What's New in October 2015," as it lists documentation and packaging changes along with important announcements such as upcoming final patches.

Step 3 Determine Patches to be Applied

For each environment, determine which patches need to be applied by using the tables in Section 3, "Patch Availability for Oracle Products." There is one availability table for each product suite release, such as Oracle Database 11.1.0.7, Oracle Identity Access Management 11.1.1.5, and Enterprise Manager Grid Control 10.2.0.5

The table lists the patches to be applied either to the product or to the appropriate product Oracle homes that are associated with the product suite
The patches are listed in the order released, with newest patches listed first
For some patches, multiple Oracle homes are listed. Apply the patch to all of the homes indicated that are applicable to your environment and only to the listed Oracle homes
The table lists only product releases that are under Premier Support or Extended Support and are under error correction as defined in My Oracle Support <Note 209768.1>, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy. Patches are provided only for these releases. If you do not see the release that you have installed, then check Table 181, "Final Patch History" and contact Oracle Support for further assistance
Patches that include security vulnerabilities announced in the current quarter's CPU Advisory, list the vulnerability CVE numbers in the Advisory Number column. If you are interested in the risk matrix for the vulnerabilities fixed in the patch, then see the CPU Advisory at http://www.oracle.com/technetwork/topics/security/alerts-086861.html. For patches that are listed from previous quarterly releases, or the current one without any security fixes, the column indicates "Released MMM YYYY"
When a section is referenced in a table, follow the link to determine which patches to install. For example, when Section 3.1.4, "Oracle Database" is referenced, determine the Oracle Database release that is installed, and find the patches to apply in the table for that Oracle Database release in Section 3.1.4, "Oracle Database."

Step 4 Apply the Patches

Download the patches, review the READMEs, and apply the patches according to the instructions.

Step 5 Planning for Future Critical Patch Updates

To help you plan for future Critical Patch Updates, this document includes final patch information based on Oracle's Lifetime Support Policy and error correction policies.

Section 2.3, "Final Patch Information (Error Correction Policies)" in Section 2, "What's New in October 2015," documents product releases for which final Critical Patch Updates are upcoming or are being announced. In each product section, there is also an Error Correction Information Table that documents the final CPU patch for the product. Products that have reached the end of error correction are documented in Section 4, "Final Patch History."

1.2 Terminology in the Tables

The following terminology is used in this patch availability document and in the subsequent tables.

BP Bundle Patch. An iterative, cumulative patch that is issued between patch sets. Bundle patches usually include only fixes, but some products may include minor enhancements.
CPU Critical Patch Update patch. Prior to October 2012, Security Patch Update (SPU) patches were called Critical Patch Update (CPU) patches. For patches that were previously released as CPU patches, this Patch Availability Document will continue to reference them as CPUs.
Final Patch is the last quarterly cycle until when patches will be provided as per the Premier Support or Extended Support policies. For more information, see Oracle Lifetime Support Policies at http://www.oracle.com/us/support/lifetime-support/index.html.
NA Not Applicable.
OR On-Request. The patch is made available through the On-Request program.
PSU Patch Set Update. An iterative, cumulative patch that contains both security fixes and non-security critical fixes that are high-value and low-risk.
SPU Security Patch Update. An iterative, cumulative patch consisting of security fixes. Formerly known as a Critical Patch Update. Note that Oracle's program for quarterly release of security fixes continues to be called the Critical Patch Update. Patches released as part of this program may be Patch Set Updates, Security Patch Updates, and Bundle Patches. Regardless of the patch type, the patches are cumulative.
Overlay SPU patch provided as an overlay on top of a PSU or BP instead of a base/patch set release.

1.3 On-Request Patches

Oracle does not release proactive patches for historically inactive platforms. However, Oracle will deliver these patches when requested.

The following guidelines describe how to initiate an on-request (OR) patch.

A request may be made:

At any time. However, a patch for a specific quarterly release, such as CPUOct2012, cannot be requested. Depending on when the request is received and processed, either the patch for the current quarterly release or the next quarterly release will be provided. Your Service Request (SR) will provide you the planned availability date for the patch.
As long as the version is in either Premier Support or Extended Support and error correction support has not expired. For example, if a product release is under Extended Support through the release of CPUJan2013 on January 15, 2013, then you can file a request for the product release through January 29, 2013. For more information, see Oracle Lifetime Support Policies at http://www.oracle.com/us/support/lifetime-support/index.html, and <Note 209768.1>, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.
For a platform-version combination when a major release or patch set is released on a platform after a quarterly release date. Oracle will provide the next patch for that platform-version combination, however you may request the current patch by following the on-request process. For example, if a patch is released for a platform on August 1, 2012, Oracle will provide the CPUOct2012 patch for that platform. You may request a CPUJul2012 patch for the platform, and Oracle will review the request and determine whether to provide CPUJul2012 or CPUOct2012.

A patch that is marked as on-request (OR) may already have been requested by another customer and be available on My Oracle Support. Before you file a Service Request (SR), check on My Oracle Support to see if the patch is already available for your platform.

1.4 CPU Program and My Oracle Support Patch Recommendations

My Oracle Support patch recommendation features are available on the Patches & Update tab. The patches announced in this document as part of the CPU program are classified as "Security" patch recommendations in My Oracle Support. If a new patch is being announced in this document, then the classification on any earlier patch is changed to "General", causing it to be removed from the My Oracle Support patch recommendations. If a patch has a "Security" classification, and a subsequent bundle, SPU, or PSU is released with a recommendation classification, then it will be classified as a "Security" recommendation in My Oracle Support.

Once a product release is no longer in error correction, its CPU patch information is removed from this document, but the last patch recommendation continues to be available in My Oracle Support.

1.5 Oracle Database Patching - SPU vs PSU/BP

The Database Security Patch Updates (SPU) and Patch Set Updates (PSU) / Bundle Patches (BP) that are released each quarter contain the same security fixes. However, they use different patching mechanisms, and PSU/BP include both security and recommended bug fixes. Consider the following guidelines when you are deciding to apply PSU/BP instead of SPU:

SPU are applied only on the base release version, for example 10.2.0.4.0
PSU/BP can be applied on the base release version or on any earlier PSU/BP. For example, 11.2.0.4.2 can be applied on 11.2.0.4.2 and 11.2.0.4.0
Once a PSU/BP has been applied, the recommended way to obtain future security content is to apply subsequent PSU/BP. Reverting from an applied PSU/BP to the SPU, while technically possible, requires significant time and effort, and therefore, is not advised. You would need to determine which individual, non-security patches that are included in the PSU/BP are pertinent to your deployment, and then apply them after installing the Security Patch Update
Applying a SPU on an installation with an installed PSU/BP is not supported

For more information on Patch Set Updates, see My Oracle Support <Note 854428.1>, Patch Set Updates (PSUs) for Oracle Products.

For more information on Database Patch Delivery Methods see My Oracle Support <Note 1962125.1> Oracle Database - Overview of Database Patch Delivery Methods.

2 What's New in October 2015

This section describes important changes in October 2015:

Section 2.1, "Pro-Active Replacement Interim Patches For Conflicts With Critical Patch Update Program Patches (PSUs and Bundles)"
Section 2.2, "My Oracle Support (MOS) Conflict Checker Tool"
Section 2.3, "Final Patch Information (Error Correction Policies)"
Section 2.4, "Changes to Database READMEs"
Section 2.5, "Post Release Patches"

2.1 Pro-Active Replacement Interim Patches For Conflicts With Critical Patch Update Program Patches (PSUs and Bundles)

Oracle produces new pro-active patches every quarter as part of the Critical Patch Update program. On Unix platforms, these pro-active patches or bundles may conflict with already installed interim patches. In order to allow such conflicts to be resolved quickly, Oracle pro-actively produces new interim patches for existing patches that would cause conflicts. Replacement patches are made available on the same date that the Database Patch Set Update or Bundle is released.

For more information, see My Oracle Support <Note 1998563.1> Pro-Active Replacement Interim Patches For Conflicts With Critical Patch Update Program Patches (PSUs and Bundles).

2.2 My Oracle Support (MOS) Conflict Checker Tool

The My Oracle Support (MOS) Conflict Checker tool is available as of July 21, 2014.

You can access MOS Conflict Checker at https://support.oracle.com/epmos/faces/PatchConflictCheck. This tool is also accessible from the Patch Search results screen ("Analyze with OPatch" button).

The MOS Conflict Checker Tool allows you to upload an OPatch inventory to check for conflicts with patches to apply to your environment. If no conflicts are found, you can download the patches. If conflicts are found, the tool finds an existing resolution to download. If no resolution is found, you can request a solution, and monitor your request in the Plans region.

For more information and a demonstration video, see Knowledge Document <Note 1091294.1>, How to use the My Oracle Support Conflict Checker Tool.

2.3 Final Patch Information (Error Correction Policies)

The Final patch is the last CPU or PSU release for which the product release is under error correction. Final patches for upcoming releases, as well as newly scheduled final patches, are listed in the following sections.

Final patches scheduled for January 2016

Oracle Real Time Decisions Server 3.0.0.1
Oracle WebCenter Interaction 6.5.1

Final patches scheduled for October 2015

Oracle Database Lite Server 10.3.0.3
Oracle Document Capture 10.1.3.5.1
Oracle Imaging and Process Management 10.1.3.6
Oracle WebCenter Content 10.1.3.5.1

Newly Scheduled final patches:

Oracle Database 12.1.0.2 - July 2021
Oracle Database 12.1.0.1 - July 2016

For additional final patch history information, see Table 181. For information on the error correction support policy for patches, refer to My Oracle Support <Note 209768.1>, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

2.4 Changes to Database READMEs

Oracle JavaVM (OJVM) Component Database PSU patches now require database instances to be started in "startup upgrade" mode prior to running the required post-installation SQL scripts.

2.5 Post Release Patches

Oracle Database Bundle patch 12.1.0.2.13

Linux x86-64, Available October 26, 2015

All other platforms, Available October 26, 2015
Oracle Database PSU 12.1.0.2.5 & GI PSU 12.1.0.2.5

Linux x86-64, Available October 22, 2015

Quarterly Full Stack Download for Exadata (Oct2015) 12.1.0.2 and 12.1.0.1 BP, Available October 26, 2015

All other ports, Available October 26, 2015
Oracle HTTP Server 10.1.3.5.0

Linux on POWER and IBM: Linux on System Z are On Request platforms

Linux Itanium, Estimated November 16, 2015
Oracle Business Intelligence Enterprise Edition 11.1.1.9.0

Available: Linux x86-64

Estimated Availability November 16, 2015: HP-UX Itanium, HP-UX PA RISC 64 Bit, IBM AIX Based Systems (64-Bit), Linux x86, Microsoft Windows (32-Bit), Microsoft Windows x64 (64-bit), Sun Solaris SPARC (64-Bit), Sun Solaris x86-64 (64-Bit)
Oracle Business Intelligence Enterprise Edition 11.1.1.7.0:

Available: Linux x86, Linux x86-64, Microsoft Windows x64 (64-bit)

Estimated Availability November 16, 2015: HP-UX Itanium, HP-UX PA RISC 64 Bit, IBM AIX Based Systems (64-Bit), Microsoft Windows (32-Bit), Sun Solaris SPARC (64-Bit), Sun Solaris x86-64 (64-Bit)

3 Patch Availability for Oracle Products

This section contains the following:

Section 3.1, "Oracle Database"
Section 3.2, "Oracle Enterprise Manager"
Section 3.3, "Oracle Fusion Middleware"
Section 3.4, "Oracle Sun Middleware"
Section 3.5, "Tools"

3.1 Oracle Database

This section contains the following:

Section 3.1.1, "Oracle APEX Listener"
Section 3.1.2, "Oracle Application Express"
Section 3.1.3, "Oracle Audit Vault"
Section 3.1.4, "Oracle Database"
Section 3.1.5, "Oracle Database Appliance"
Section 3.1.6, "Oracle Database Mobile/Lite Server"
Section 3.1.7, "Oracle GoldenGate Veridata"
Section 3.1.8, "Oracle Secure Backup"
Section 3.1.9, "Oracle Secure Enterprise Search"
Section 3.1.10, "Oracle TimesTen"

3.1.1 Oracle APEX Listener

Table 1 describes the Error Correction information for Oracle APEX Listener 1.1.4.

Table 1 Error Correction information for Oracle APEX Listener 1.1.4

Patch Information	1.1.4	Comments
Final Patch	-

Table 2 describes the minimum product requirements for Oracle APEX Listener. Critical Patch Update security vulnerabilities are fixed in the listed releases. For Oracle APEX Listener downloads and installation instructions, see http://www.oracle.com/technetwork/developer-tools/apex-listener/downloads/index.html.

Table 2 Minimum Product Requirements for Oracle APEX Listener

Component	Release	Advisory Number	Comments
Oracle APEX Listener	1.1.4	Released July 2012

3.1.2 Oracle Application Express

Table 3 describes the minimum product requirements for Oracle Application Express. Critical Patch Update security vulnerabilities are fixed in the listed releases. For Oracle Application Express downloads and installation instructions, see http://www.oracle.com/technetwork/developer-tools/apex/downloads/index.html.

Table 3 Minimum Product Requirements for Oracle Application Express

Component	Release	Advisory Number	Comments
Oracle Application Express	5.0.0.00.31	Released July 2015

3.1.3 Oracle Audit Vault

Table 4 describes the Error Correction information for Oracle Audit Vault.

Table 4 Error Correction information for Oracle Audit Vault

Patch Information	10.3	Comments
Final Patch	October 2016

Table 5 describes the available patches for Oracle Audit Vault 10.3.0.0.

Table 5 Patch Availability for Oracle Audit Vault 10.3.0.0

Product Home

Patch

Advisory Number

Comments

Agent home

CPU <Patch 13894921> and

CPU <Patch 13705483>

Released April 2012

Standalone OC4J 10.1.3.4 Patch Set (Special OPatch needed, see README)

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

Server home

CPU <Patch 13705483>

Released April 2012

OC4J 10.1.3.4 one-off patch (Special OPatch needed, see README)

3.1.4 Oracle Database

This section contains the following:

Section 3.1.4.1, "Patch Availability for Oracle Database"
Section 3.1.4.2, "Oracle Database 12.1.0.2"
Section 3.1.4.3, "Oracle Database 12.1.0.1"
Section 3.1.4.4, "Oracle Database 11.2.0.4"

3.1.4.1 Patch Availability for Oracle Database

For Oracle Database 10.2.0.4 and later releases, customers have the option to install the Security Patch Update (SPU) or the Patch Set Update (PSU). Both patch types are cumulative patches. The PSU includes the security vulnerability bug fixes, as well as additional non-security bug fixes recommended by Oracle. For more information on PSU patches, see My Oracle Support <Note 854428.1>, Patch Set Updates (PSUs) for Oracle Products.

For the Microsoft Windows platforms, Oracle Database patches are released as cumulative patch bundles. You may install the indicated patch or later bundle in the Database Windows bundle series. The Windows patch bundles include the security vulnerability bug fixes, the PSU recommended non-security bug fixes, and other customer-requested bug fixes.

3.1.4.2 Oracle Database 12.1.0.2

Table 6 describes the Error Correction information for Oracle Database 12.1.0.2.

Table 6 Error Correction information for Oracle Database 12.1.0.2

Patch Information	12.1.0.2	Comments
Final Patch	July 2021
PSU On-Request platforms

Table 7 describes all combinations of patches that are available for Oracle Database 12.1.0.2.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 7 Patch Availability for Oracle Database 12.1.0.2

Product Home

Patch

Advisory Number

Comments

Oracle Database home

Combo OJVM PSU 12.1.0.2.5 and Database PSU 12.1.0.2.5 <Patch 21520444> for UNIX, or

Combo OJVM PSU 12.1.0.2.5 and GI PSU 12.1.0.2.5 <Patch 21523260>, or

Combo OJVM PSU 12.1.0.2.5 and Database BP 12.1.0.2.13 (October 2015) <Patch 21744313> for UNIX, or

Quarterly Full Stack download for Exadata (Oct2015) 12.1.0.2 BP <Patch 21814453>

CVE-2015-4873, CVE-2015-4900, CVE-2015-4857, CVE-2015-4794, CVE-2015-4796, CVE-2015-4888

CVE-2015-4863 (GI)

For availability dates, see Section 2.5, "Post Release Patches"

OJVM PSU Patches are not RAC Rolling installable

Combos are for environments that take a single downtime to apply all patches

See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

Oracle Database home

Database 12.1.0.2.5 PSU <Patch 21359755> for UNIX, or

GI 12.1.0.2.5 PSU <Patch 21523234> or

Microsoft Windows 32-Bit and x86-64 BP 10 <Patch 21821214>, or later;

Database patch for Engineered Systems and Database In-Memory 12.1.0.2.13 (October 2015) <Patch 21744410>, or

Quarterly Full Stack download for Exadata (Oct2015) 12.1.0.2 BP <Patch 21814453>

CVE-2015-4873, CVE-2015-4900, CVE-2015-4857

CVE-2015-4863 (GI)

For availability dates, see Section 2.5, "Post Release Patches"

Oracle Database home

Oracle JavaVM Component 12.1.0.2.5 Database PSU <Patch 21555660> for UNIX, or

Oracle JavaVM Component 12.1.0.2.4 Microsoft Windows Bundle Patch <Patch 21788394>

CVE-2015-4794, CVE-2015-4796, CVE-2015-4888

OJVM PSU Patches are not RAC Rolling installable

See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

3.1.4.3 Oracle Database 12.1.0.1

Table 8 describes the Error Correction information for Oracle Database 12.1.0.1.

Table 8 Error Correction information for Oracle Database 12.1.0.1

Patch Information	12.1.0.1	Comments
Final Patch	July 2016
PSU On-Request platforms

Table 9 describes all combinations of patches that are available for Oracle Database 12.1.0.1.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 9 Patch Availability for Oracle Database 12.1.0.1

Product Home	Patch	Advisory Number	Comments
Oracle Database home	Combo OJVM PSU 12.1.0.1.5 and Database PSU 12.1.0.1.9 <Patch 21744318>, for UNIX or Combo OJVM PSU 12.1.0.1.5 and GI PSU 12.1.0.1.9 <Patch 21744328> for UNIX, or Quarterly Full Stack download for Exadata (Oct2015) 12.1.0.1 BP <Patch 21523539>, or Quarterly Full Stack download for Supercluster (Oct2015) 12.1.0.1 BP <Patch 21523554>	CVE-2015-4873, CVE-2015-4900, CVE-2015-4857, CVE-2015-4794, CVE-2015-4796, CVE-2015-4888	OJVM PSU Patches are not RAC Rolling installable. Combos are for environments that take a single downtime to apply all patches See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
Oracle Database home	Database12.1.0.1.9 PSU <Patch 21352619> for UNIX, or GI 12.1.0.1.9 PSU <Patch 21551666> for Linux x86-64, Solaris X64 and Solaris SPARC, or GI 12.1.0.1.9 PSU <Patch 21551685> for AIX, HP IA and zLinux Microsoft Windows 32-Bit and x86-64 BP 21 <Patch 21744907>, or later; Quarterly Full Stack download for Exadata (Oct2015) 12.1.0.1 BP <Patch 21523539> Quarterly Full Stack download for Exadata Supercluster (Oct2015) 12.1.0.1 <Patch 21523554>	CVE-2015-4873, CVE-2015-4900, CVE-2015-4857	GI 12.1.0.1.9 PSU <Patch 21551666> is applicable to Exadata database servers running Oracle Database 12.1.0.1. For more information, see <Note 888828.1> GI 12.1.0.1.9 PSU <Patch 21551685> for AIX, HP IA and zLinux only contains DB PSU 12.1.0.1.9 sub-patch and no Clusterware sub-patches
Oracle Grid Infrastructure Home	TFA version 12.1.2.6.0 or later	CVE-2015-4863	If you previously downloaded and installed an older TFA version from My Oracle Support, then download the latest version from My Oracle Support. See <Note 1513912.1>, TFA Collector - Tool for Enhanced Diagnostic Gathering
Oracle Database home	Oracle JavaVM Component 12.1.0.1.5 Database PSU <Patch 21555669> for UNIX, or Oracle JavaVM Component 12.1.0.1.5 Database PSU <Patch 21788365> for Microsoft Windows AMD	CVE-2015-4794, CVE-2015-4796, CVE-2015-4888	OJVM PSU 12.1.0.1.2 and greater include OJVM 12.1.0.1.1 JDBC <Patch 19852357> fixes See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
Oracle Database home	Oracle JavaVM Component 12.1.0.1.1 Database PSU - Generic JDBC <Patch 19852357> for UNIX	Released October 2014	For RAC deployments, this patch is applied to Grid Infrastructure Home instead of OJVM PSU 12.1.0.1.2 or higher See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

3.1.4.4 Oracle Database 11.2.0.4

Table 10 describes the Error Correction information for Oracle Database 11.2.0.4.

Table 10 Error Correction information for Oracle Database 11.2.0.4

Patch Information

11.2.0.4

Comments

Final Patch

October 2020

SPU On-Request platforms

HP-UX PA RISC

IBM: Linux on System Z

32-bit client-only platforms except Linux x86

PSU On-Request platforms

32-bit client-only platforms except Linux x86

Table 11 describes all combinations of patches that are available for Oracle Database 11.2.0.4.

If the Combo patches that are listed in the first row are applied, then the patches listed in Rows 2 and 3 do not need to be applied.

Table 11 Patch Availability for Oracle Database 11.2.0.4

Product Home	Patch	Advisory Number	Comments
Oracle Database home	Combo OJVM PSU 11.2.0.4.5 and Database SPU 11.2.0.4 (CPUOct2015) <Patch 21744335> for UNIX, or Combo OJVM PSU 11.2.0.4.5 and Database PSU 11.2.0.4.8 <Patch 21744343> for UNIX, or Combo OJVM PSU 11.2.0.4.5 and GI PSU 11.2.0.4.8 <Patch 21744348>, or Combo OJVM PSU 11.2.0.4.5 and Exadata BP 11.2.0.4.20 <Patch 21744360>, or Quarterly Full Stack download for Exadata (Oct2015) BP <Patch 21814422>, or Quarterly Full Stack download for Supercluster (Oct2015) BP <Patch 21814476>	CVE-2015-4873, CVE-2015-4900, CVE-2015-4794, CVE-2015-4796, CVE-2015-4888 CVE-2015-4863 (GI)	OJVM PSU Patches are not RAC Rolling installable. Combos are for environments that take a single downtime to apply all patches See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
Oracle Database home	Database 11.2.0.4 SPU <Patch 21352646> for UNIX, or Database 11.2.0.4.8 PSU <Patch 21352635> for UNIX, or GI 11.2.0.4.8 PSU <Patch 21523375> for UNIX, or Microsoft Windows (32-Bit) and x64 (64-Bit) BP 20 <Patch 21821802>, or later; Quarterly Database Patch for Exadata (Oct2015) 11.2.0.4.20 BP <Patch 21800477> for UNIX, or Quarterly Full Stack download for Exadata (Oct2015) BP <Patch 21814422>, or Quarterly Full Stack download for Supercluster (Oct2015) BP <Patch 21814476>	CVE-2015-4873, CVE-2015-4900 CVE-2015-4863 (GI)
Oracle Database home	Oracle JavaVM (OJVM) Component 11.2.0.4.5 Database PSU <Patch 21555791> for UNIX, or Oracle JavaVM (OJVM) Component 11.2.0.4.5 Database PSU <Patch 21788344> for Microsoft Windows	CVE-2015-4794, CVE-2015-4796, CVE-2015-4888	OJVM PSU 11.2.0.4.4 and greater include OJVM 11.2.0.4.1 JDBC <Patch 19852360> fixes See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches
Oracle Database home	Oracle JavaVM Component 11.2.0.4.1 Database PSU - Generic JDBC <Patch 19852360> for UNIX	Released October 2014	For RAC deployments, this patch should be applied to Grid Infrastructure Home instead of OJVM PSU 11.2.0.4.4, or higher See <Note 1929745.1>, Oracle Recommended Patches -- Oracle JavaVM Component Database PSU (OJVM PSU) Patches

3.1.5 Oracle Database Appliance

Table 12 describes the minimum product requirements for Oracle Database Appliance. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle Database Appliance downloads and installation instructions can be found at http://www.oracle.com/technetwork/server-storage/engineered-systems/database-appliance/overview/index.html.

Table 12 Minimum Product Requirements for Oracle Database Appliance

Component	Release	Advisory Number	Comments
Oracle Database Appliance	12.1.2.4	Released July 2015

3.1.6 Oracle Database Mobile/Lite Server

Table 13 describes the Error Correction information for Oracle Database Mobile/Lite Server.

Table 13 Error Correction Information for Oracle Database Mobile Server

Patch Information	12.1 (Mobile Server)	11.3 (Mobile Server)	10.3 (Lite Server)	Comments
Final Patch	-	October 2021	October 2015

Table 14 describes the available patches for Oracle Database Mobile Server 12.1.x.

Table 14 Patch Availability for Oracle Database Mobile Server 12.1.x

Product Home	Patch	Advisory Number	Comments
12.1	12.1.0.0 BP <Patch 21974980>	CVE-2015-4894

Table 15 describes the available patches for Oracle Database Mobile Server 11.3.x.

Table 15 Patch Availability for Oracle Database Mobile Server 11.3.x

Product Home	Patch	Advisory Number	Comments
11.3	11.3.0.2 BP <Patch 21950285>	CVE-2015-4894

Table 16 describes the available patches for Oracle Database Lite Server 10.3.x.

Table 16 Patch Availability for Oracle Database Lite Server 10.3.x

Product Home	Patch	Advisory Number	Comments
10.3.0.3	10.3.0.3 BP <Patch 21089848>	CVE-2015-4894

3.1.7 Oracle GoldenGate Veridata

Table 17 describes the error correction information for Oracle GoldenGate Veridata.

Table 17 Error Correction information for Oracle GoldenGate Veridata

Component	11.2.1.0	Comments
Final Patches	-

Table 18 describes the available patches for Oracle GoldenGate Veridata.

Table 18 Patch Availability for Oracle GoldenGate Veridata

Product Home	Patch	Advisory Number	Comments
11.2.1.0	BP 11.2.1.0.1 <Patch 16291209> or later	Released April 2013

3.1.8 Oracle Secure Backup

Table 19 describes the Error Correction information for Oracle Secure Backup.

Table 19 Error Correction information for Oracle Secure Backup

Patch Information	10.4.x	Comments
Final Patch	October 2016

Table 20 describes the minimum product requirements for Oracle Secure Backup. Critical Patch Update security vulnerabilities are fixed in the listed releases.

Table 20 Minimum Product Requirements for Oracle Secure Backup 10.4.x

Product	Release	Advisory Number	Comments
Oracle Secure backup	10.4.0.2	Released July 2012

3.1.9 Oracle Secure Enterprise Search

Table 21 describes Error Correction information for Oracle Secure Enterprise Search.

Table 21 Error Correction information for Oracle Secure Enterprise Search

Patch Information	11.2.2.2	11.1.2.x	Comments
Final Patch	-	January 2015

Table 22 describes the available patches for Oracle Secure Enterprise Search 11.2.2.2.

Table 22 Patch Availability for Oracle Secure Enterprise Search 11.2.2.2

Product Home	Patch	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)

Table 23 describes the available patches for Oracle Secure Enterprise Search 11.1.2.x.

Table 23 Patch Availability for Oracle Secure Enterprise Search 11.1.2.x

Product Home

Patch

Advisory Number

Comments

11.1.2.x

SPU <Patch 14364893>

CPU <Patch 12875001>

CPU <Patch 12875006>

CPU <Patch 12874981>

CPU <Patch 13718626>

CPU <Patch 10625676>

CPU <Patch 18767762>

Released October 2012

Released October 2011

Released April 2012

Released January 2011

Released July 2013

WLS 10.3.2.0 CSS Patch (SU IDs: A6AX)

WLS 10.3.2.0 JMS Patch

WLS 10.3.2.0 WebServices Patch

WLS 10.3.2.0 Security Patch

WLS 10.3.2.0 WebApp Patch

WLS 10.3.2.0 Core Patch

WLS 10.3.2.0 Console Patch

3.1.10 Oracle TimesTen

Table 24 describes Error Correction information for Oracle TimesTen.

Table 24 Error Correction information for Oracle TimesTen

Patch Information	11.2.1.x	Comments
Final Patch	April 2017

Table 25 describes the minimum product requirements for Oracle TimesTen. The CPU security vulnerabilities are fixed in the listed release and later releases.

Table 25 Minimum Product Requirements for Oracle TimesTen

Product	Release	Advisory Number	Comments
Oracle TimesTen 11.2.1.x	11.2.1.6.1	Released July 2010

3.2 Oracle Enterprise Manager

This section contains the following:

Section 3.2.1, "Oracle Application Performance Management"
Section 3.2.2, "Oracle Enterprise Manager Cloud Control 12c,"
Section 3.2.3, "Oracle Enterprise Manager Grid Control 11g (11.1.0.1)"
Section 3.2.4, "Oracle Enterprise Manager Ops Center"
Section 3.2.5, "OSS Support Tools"

3.2.1 Oracle Application Performance Management

Table 26 describes Error Correction information for Oracle Application Performance Management

Table 26 Error Correction information for Oracle Application Performance Management

Patch Information	12.1.0.6	Comments
Final Patch	-
CPU On-Request platforms	-

Table 27 describes the minimum product requirements for Oracle Application Performance Management. Critical Patch Update security vulnerabilities are fixed in the listed releases. For more information on Oracle Application Performance Management, see http://www.oracle.com/technetwork/oem/app-performance-mgmt/index.html.

Table 27 Minimum Product Requirements for Oracle Application Performance Management

Product Version	Patch	Advisory Number	Comments
12.1.0.6	12.1.0.6.2 Release <Patch 19712806>	Released October 2014
12.1.0.6	12.1.0.6.1 Release <Patch 19498441>	Released October 2014

3.2.2 Oracle Enterprise Manager Cloud Control 12c

Table 28 describes Error Correction information for Oracle Enterprise Manager Cloud Control 12c.

Table 28 Error Correction information for Oracle Enterprise Manager Cloud Control 12c

Patch Information	12.1.0.5	12.1.0.4	Comments
Final Patch	-	April 2016
PSU On-Request Platforms	-	-

Table 29 describes the available patches for Oracle Enterprise Manager Cloud Control 12c Release 5 (12.1.0.5).

Table 29 Patch Availability for Oracle Enterprise Manager Cloud Control 12c Release 5 (12.1.0.5)

Product Home	UNIX	Microsoft Windows 32-Bit	Advisory Number	Comments
Base Platform Repository home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"
Base Platform Fusion Middleware home	See Section 3.3.58, "Oracle WebLogic Server" (Version 10.3.6.0)	See Section 3.3.58, "Oracle WebLogic Server" (Version 10.3.6.0)	See Section 3.3.58, "Oracle WebLogic Server" (Version 10.3.6.0)
Base Platform Agent home	BP <Patch 21745074>	BP <Patch 21745074>	CVE-2015-4859, CVE-2015-4875, CVE-2015-4874
Base Platform Fusion Middleware home	SPU <<21640624>>	SPU <<21640624>>	CVE-2015-4794, CVE-2015-1829, CVE-2015-4914	See <Note 1968542.1> before applying this patch Oracle HTTP Server 11.1.1.7 Patch for Oracle_WT OH
Plugin home	BP <Patch 21806679> or later	BP <Patch 21806679> or later	Released September 2015
Base Platform Fusion Middleware home	SPU <Patch 20807683>	SPU <Patch 20807683>	Released July 2015	Web Cache Patch Patch should be applied to Oracle_WT. Post installation steps are not applicable for Enterprise Manager
Base Platform Fusion Middleware home	SPU <Patch 21068288>	SPU <Patch 21068288>	Released July 2015	Oracle ADF 11.1.1.7 Patch for oracle_common OH
Base Platform Fusion Middleware home	CPU <Patch 19822893>	CPU <Patch 19822893>	Released January 2015	Oracle Business Intelligence Publisher BP 11.1.1.7.150120 patch for BIP home in Enterprise Manager
Base Platform Fusion Middleware home	CPU <Patch 19345576>	CPU <Patch 19345576>	Released January 2015	Oracle Process Management and Notification (OPMN) Patch for Oracle_WT OH
Base Platform OMS home	NA	NA	NA	The 12.1.0.5 Enterprise Manager Cloud Control release includes all security vulnerabilities announced in the CPU Advisory
Base Platform Fusion Middleware home	SPU <Patch 17337741>	SPU <Patch 17337741>	Released October 2013 (CVE-2013-0169, CVE-2011-3389)	Oracle Security Service (SSL/Network) Patch for Oracle_WT OH

Table 30 describes the available patches for Oracle Enterprise Manager Cloud Control 12c Release 4 (12.1.0.4).

Table 30 Patch Availability for Oracle Enterprise Manager Cloud Control 12c Release 4 (12.1.0.4)

Product Home	UNIX	Microsoft Windows 32-Bit	Advisory Number	Comments
Base Platform Repository home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"
Base Platform Fusion Middleware home	See Section 3.3.58, "Oracle WebLogic Server" (Version 10.3.6.0)	See Section 3.3.58, "Oracle WebLogic Server" (Version 10.3.6.0)	See Section 3.3.58, "Oracle WebLogic Server" (Version 10.3.6.0)
Base Platform Fusion Middleware home	SPU <Patch 21640624>	SPU <Patch 21640624>	CVE-2015-4794, CVE-2015-1829, CVE-2015-4914	Oracle HTTP Server 11.1.1.7 Patch See <Note 1984662.1> before applying this patch
Base Platform Agent home	BP <Patch 21759280>	BP <Patch 21759280>	CVE-2015-4859, CVE-2015-4875, CVE-2015-4874
Base Platform OMS home	PSU 12.1.0.4.5 <Patch 21462217>	PSU 12.1.0.4.5<Patch 21462217>	NA	The 12.1.0.4 Enterprise Manager Cloud Control release includes all security vulnerabilities announced in the CPU Advisory
Plugin home	BP <Patch 21806969>, or later	BP <Patch 21806969>, or later	Released September 2015
Base Platform Fusion Middleware home	SPU <Patch 21068288>	SPU <Patch 21068288>	Released July 2015	Oracle ADF 11.1.1.7 Patch
Base Platform Fusion Middleware home	SPU <Patch 20807683>	SPU <Patch 20807683>	Released July 2015	Web Cache Patch Patch should be applied to Oracle_WT Post installation steps are not applicable for Enterprise Manager
Base Platform Fusion Middleware home	SPU <Patch 19822893>	SPU <Patch 19822893>	Released January 2015	Oracle Business Intelligence Publisher BP 11.1.1.7.150120 patch for BIP home in Enterprise Manager See <Note 1968542.1>
Base Platform Fusion Middleware home	CPU <Patch 19345576>	CPU <Patch 19345576>	Released January 2015	Oracle Process Management and Notification (OPMN) Patch
Base Platform Fusion Middleware home	BP <Patch 19822893>	BP <Patch 19822893>	Released January 2015	Oracle Business Intelligence Publisher BP 11.1.1.7.150120 See <Note 1968542.1>
Base Platform Fusion Middleware home	SPU <Patch 18423831>	SPU <Patch 18423831>	Released July 2014	WLS Plugin 1.1 (11.1.1.7) for Oracle_WT
Base Platform Fusion Middleware home	BP <Patch 17617649>	BP <Patch 17617649>	Released January 2014 (CVE-2015-0426)	Oracle Help Technologies Patch
Base Platform Fusion Middleware home	SPU <Patch 17337741>	SPU <Patch 17337741>	Released October 2013 (CVE-2013-0169, CVE-2011-3389)	Oracle Security Service (SSL/Network) Patch

3.2.3 Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Table 31 describes Error Correction information for Oracle Enterprise Manager Grid Control 11g (11.1.0.1).

Table 31 Error Correction information for Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Patch Information	11.1.0.1	Comments
Final Patch	April 2018
PSU On-Request Platforms	-

Table 32 describes the available patches for Oracle Enterprise Manager Grid Control 11g (11.1.0.1).

Table 32 Patch Set Update Availability for Oracle Enterprise Manager Grid Control 11g (11.1.0.1)

Product Home	Patch	Advisory Number	Comments
Base Platform Repository Home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"
Base Platform OMS Home	PSU 11.1.0.1.12 <Patch 20436092>	Released July 2015
Base Platform Fusion Middleware home	SPU <Patch 14681307>	Released October 2012	WLS 10.3.2.0 JDBC Patch (Not a SU). Before installing this SPU, see <Note 1493990.1>, Patching for CVE-2012-3137
Base Platform Fusion Middleware home	SPU <Patch 18992301> SPU <Patch 18992319> SPU <Patch 18547380> SPU <Patch 12875001> SPU <Patch 20926784> SPU <Patch 18992399> SPU <Patch 20926800> SPU <Patch 20667689> SPU <Patch 20667647> SPU <Patch 20083974>	Released July 2014 Released July 2014 Released April 2014 Released October 2011 Released July 2015 Released July 2014 Released July 2015 Released April 2015 Released April 2015 Released January 2015	WLS 10.3.2.0 JVM Patch (SU ID: DHM2) WLS 10.3.2.0 Deployment Patch (SU ID: Y5B9) WLS 10.3.2.0 CSS Patch (SU ID: 9AVS) WLS 10.3.2.0 JMS Patch (SU ID: 9ZW7) WLS 10.3.2.0 WebServices Patch (SU IDs: SAGA, L8DT, A4JA, 2HLN, SK77, X8W6, NFFE, BIMC) WLS 10.3.2.0 Security Patch (SU IDs: VHAC, R4P6, NSYJ, 8279) WLS 10.3.2.0 WebApp Patch (SU ID: 8IWX, UTUT, G68P) WLS 10.3.2.0 Core Patch (SU IDs: 6XNL, KAE4, Q9VJ, Y3IR WLS 10.3.2.0 Console Patch (SU IDs: E8IW, 3IEY, ESFP) WLS 10.3.2.0 CIE Patch (SU ID: GVGW) For CVE-2014-4256, see <Note 1903763.1>, Download Request for Security Configuration
Base Platform Repository Home	CPU <Patch 13705493>	Released April 2012	OC4J 10.1.2.3 one-off Patch Enterprise Manager Grid Control
Base Platform Agent Home	PSU 11.1.0.1.7 <Patch 9346282>	Released April 2012

3.2.4 Oracle Enterprise Manager Ops Center

Table 33 describes Error Correction information for Oracle Enterprise Manager Ops Center.

Table 33 Error Correction information for Oracle Enterprise Manager Ops Center

Patch Information	12.1.4.x	Comments
Final Patch	-
CPU On-Request Platforms	-

Table 34 describes the available patches for Oracle Enterprise Manager Ops Center. These patches contain Critical Patch Update security vulnerabilities fixes for this release. All previous versions will need to be upgraded to the minimum version. Then, apply the following patches to fix the announced security vulnerabilities. For Oracle Enterprise Manager Ops Center downloads and installation instructions, see http://www.oracle.com/technetwork/oem/ops-center/oem-ops-center-188778.html.

Table 34 Patch Availability for Oracle Enterprise Manager Ops Center

Product Home	UNIX	Advisory Number	Comments
12.1.4	BP <Patch 22004168>	CVE-2015-2633

3.2.5 OSS Support Tools

Table 35 describes Error Correction information for OSS Support Tools.

Table 35 Error Correction information for OSS Support Tools

Patch Information	8.9.x	Comments
Final Patch	-

Table 36 describes the available patches for OSS Support Tools.

Table 36 Patch Availability for OSS Support Tools

Product Home	Solaris	Advisory Number	Comments
8.9.15.9.8	BP <Patch 21652346>	CVE-2015-1793	See My Oracle Support <Note 1153444.1>, Oracle Services Tools Bundle (STB) - RDA/Explorer, SNEEP, ACT

3.3 Oracle Fusion Middleware

This section contains the following:

Section 3.3.1, "Management Pack For Oracle GoldenGate"
Section 3.3.2, "Oracle AquaLogic Data Services Platform"
Section 3.3.3, "Oracle Beehive"
Section 3.3.4, "Oracle Business Intelligence App Mobile Designer"
Section 3.3.5, "Oracle Business Intelligence Enterprise Edition"
Section 3.3.6, "Oracle Business Intelligence Mobile"
Section 3.3.7, "Oracle Business Intelligence Publisher"
Section 3.3.8, "Oracle Business Process Management"
Section 3.3.9, "Oracle Communications Converged Application Server"
Section 3.3.10, "Oracle Complex Event Processing"
Section 3.3.11, "Oracle Data Quality for Oracle Data Integrator"
Section 3.3.12, "Oracle Data Service Integrator"
Section 3.3.13, "Oracle Document Capture"
Section 3.3.14, "Oracle Endeca Server"
Section 3.3.15, "Oracle Endeca Information Discovery Studio"
Section 3.3.16, "Oracle Endeca Information Discovery Studio Integrator"
Section 3.3.17, "Oracle Enterprise Data Quality"
Section 3.3.18, "Oracle Exalogic Patch Set Update (PSU)"
Section 3.3.19, "Oracle Forms and Reports 11g Release 2"
Section 3.3.20, "Oracle Fusion Middleware"
Section 3.3.21, "Oracle Hyperion Analytic Provider Services"
Section 3.3.22, "Oracle Hyperion BI+"
Section 3.3.23, "Oracle Hyperion Common Admin"
Section 3.3.24, "Oracle Hyperion Common Security"
Section 3.3.25, "Oracle Hyperion EAS"
Section 3.3.26, "Oracle Hyperion Enterprise Performance Management Architect"
Section 3.3.27, "Oracle Hyperion Essbase"
Section 3.3.28, "Oracle Hyperion Installation Technology"
Section 3.3.29, "Oracle Hyperion Smart View For Office"
Section 3.3.30, "Oracle Hyperion Strategic Finance"
Section 3.3.31, "Oracle Identity Access Management"
Section 3.3.32, "Oracle Identity Management"
Section 3.3.33, "Oracle Identity Management Connector"
Section 3.3.34, "Oracle Imaging and Process Management"
Section 3.3.35, "Oracle JDeveloper and Oracle ADF"
Section 3.3.36, "Oracle JRockit"
Section 3.3.37, "Oracle Map Viewer"
Section 3.3.38, "Oracle Mobile Security Suite"
Section 3.3.39, "Oracle Outside In Technology"
Section 3.3.40, "Oracle Portal, Forms, Reports, and Discoverer 11g Release 1"
Section 3.3.41, "Oracle Real Time Decisions Server"
Section 3.3.42, "Oracle Service Architecture Leveraging Tuxedo (SALT)"
Section 3.3.43, "Oracle SOA Suite"
Section 3.3.44, "Oracle Traffic Director"
Section 3.3.45, "Oracle Tuxedo"
Section 3.3.46, "Oracle Waveset"
Section 3.3.47, "Oracle Web-Tier 11g Utilities"
Section 3.3.48, "Oracle WebCenter"
Section 3.3.49, "Oracle WebCenter Content (Formerly Oracle Universal Content Management)"
Section 3.3.50, "Oracle WebCenter Forms Recognition"
Section 3.3.51, "Oracle WebCenter Interaction"
Section 3.3.52, "Oracle WebCenter Portal"
Section 3.3.53, "Oracle WebCenter Sites (Formerly FatWire Content Server)"
Section 3.3.54, "Oracle WebCenter Sites Community"
Section 3.3.55, "Oracle WebCenter Suite"
Section 3.3.56, "Oracle WebLogic Integration"
Section 3.3.57, "Oracle WebLogic Portal"
Section 3.3.58, "Oracle WebLogic Server"
Section 3.3.59, "Oracle WebLogic Server Plug-ins"

3.3.1 Management Pack For Oracle GoldenGate

Table 37 describes the Error Correction information for Management Pack For Oracle GoldenGate.

Table 37 Error Correction information for Management Pack For Oracle GoldenGate

Patch Information	12.1.3.x	11.2.1.x	11.1.1.x	Comments
Final Patch	April 2018	June 2016	June 2016

Table 38 describes the available patches for Error Correction information for Management Pack For Oracle GoldenGate.

Table 38 Patch Availability for Management Pack For Oracle GoldenGate

Product Home	Patch	Advisory Number	Comments
11.1.2.1.0	BP 11.2.1.0.11 (BP11) or later <Patch 19606348>	Released April 2015	Oracle GoldenGate Monitor patch
11.1.1.1.0	BP 11.1.1.1.1 (BP1) <Patch 16011619> or later	Released January 2013

3.3.2 Oracle AquaLogic Data Services Platform

Table 39 describes the Error Correction information for Oracle AquaLogic Data Services Platform.

Table 39 Error Correction information for Oracle AquaLogic Data Services Platform

Patch Information	ALDSP 3.2	ALDSP 3.0.1	Comments
Final Patch	April 2016	April 2016

Table 40 describes the available patches for Oracle AquaLogic Data Services Platform. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 40 Patch Availability for Oracle AquaLogic Data Services Platform

Product Home	Patch	Advisory Number	Smart Update Patch Set ID	Smart Update Patch IDs	Comments
3.0.1.0	CPU <Patch 13705113>	Released April 2012	NA	NA	WebLogic Server 9.2.2.0 one-off patch that needs to be applied to WebLogic Server home
3.2	CPU <Patch 8272933>	Released April 2009	NA	TXJJ
3.0.1	CPU <Patch 8284035>	Released April 2009	NA	QDWJ

3.3.3 Oracle Beehive

Oracle Beehive environments contain Oracle Database and Oracle Fusion Middleware homes. For more information, see My Oracle Support <Note 758816.1>, Applying Critical Patch Updates to Beehive 1.5.1.x though 2.0.1.x.

Table 41 describes Error Correction information for Oracle Beehive.

Table 41 Error Correction information for Oracle Beehive

Patch Information	Oracle Beehive 2.0.1.x	Comments
Minimum Product Requirement	2.0.1.4	Announced January 2011
Final Patch	January 2018
CPU On-Request Platforms	-

Table 42 describes the available patches for Oracle Beehive.

For each home you are about to administer, find the appropriate patches based on the components installed in that home. Then, apply those patches in the order listed.

Table 42 Patch Availability for Oracle Beehive

Product Home	UNIX	Microsoft Windows (32-Bit)	Advisory Number
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"
Oracle Beehive Server 2.0.1.x	CPU <Patch 9173038>	CPU <Patch 9173038>	Released January 2010
Oracle Beekeeper 2.0.1.x	NA	NA

3.3.4 Oracle Business Intelligence App Mobile Designer

Table 43 describes the Error Correction information for Oracle Business Intelligence App Mobile Designer.

Table 43 Error Correction information for Oracle Business Intelligence App Mobile Designer

Patch Information	11.1.1.7 iOS	Comments
Final Patch	-

Table 44 describes the available patches for Oracle Business Intelligence App Mobile Designer.

Table 44 Patch Availability for Oracle Business Intelligence App Mobile Designer

Product Home	Patch	Advisory Number	Comments
11.1.1.7	SPU <Patch 18794832>	Released July 2014

3.3.5 Oracle Business Intelligence Enterprise Edition

Table 45 describes the Error Correction information for Oracle Business Intelligence Enterprise Edition.

Table 45 Error Correction information for Oracle Business Intelligence Enterprise Edition

Patch Information	11.1.1.9	11.1.1.7	Comments
Final Patch	-	-

Table 46 describes the available patches for Oracle Business Intelligence Enterprise Edition.

Customers on earlier versions of Oracle Business Intelligence Enterprise Edition 10.x will need to apply 10.1.3.4.1 and then apply the patch.

Table 46 Patch Availability for Oracle Business Intelligence Enterprise Edition

Product Home	Patch	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
11.1.1.9	Oracle Business Intelligence Enterprise Edition BP 11.1.1.9.5 <Patch 22061111>, or later	CVE-2015-0286
11.1.1.7	Oracle Business Intelligence Enterprise Edition BP 11.1.1.7.151020 <Patch 21814325> or later	CVE-2015-0286
11.1.1.7	SPU <Patch 21640624>	CVE-2015-4794, CVE-2015-1829, CVE-2015-4914	Oracle HTTP Server 11.1.1.7 Patch
11.1.1.9	Oracle Business Intelligence Enterprise Edition BP 11.1.1.9.1 <Patch 21235195> or higher	Released July 2015	BIEE Third Party Bundle Patch
11.1.1.7	SPU <Patch 20715966>	Released July 2015	Oracle ADF 11.1.1.7 Patch
11.1.1.7	Oracle Business Intelligence Enterprise Edition BP 11.1.1.7.150714 <Patch 21103263> or later	Released July 2015	BIEE Third Party Bundle Patch
11.1.1.7	Oracle Business Intelligence Enterprise Edition BP 11.1.1.7.150120 <Patch 20124371> or higher	Released April 2015
11.1.1.7	SPU <Patch 18423801>	Released July 2014	Oracle Process Management and Notification (OPMN) Patch See <Note 1905314.1>, New SSL Protocol and Cipher Options for Oracle Fusion Middleware 11g OPMN/ONS
11.1.1.7	SPU <Patch 17617649>	Released January 2014	Oracle Help Technologies Patch
11.1.1.7	CPU <Patch 17337741>	Released October 2013	Oracle Security Service (SSL/Network) Patch

3.3.6 Oracle Business Intelligence Mobile

Table 47 describes the Error Correction information for Oracle Business Intelligence Mobile.

Table 47 Error Correction information for Oracle Business Intelligence Mobile

Patch Information	11.1.1.7 iOS	Comments
Minimum version	11.1.1.7.0 (11.6.39)
Final Patch	-

Table 48 describes the minimum product requirements for Oracle Business Intelligence Mobile.

Table 48 Minimum Product Requirements for Oracle Business Intelligence Mobile

Patch Information	11.1.1.7.0 iOS	Advisory Number	Comments
Minimum Version	11.1.1.7.0 (11.6.39)	Released July 2015

3.3.7 Oracle Business Intelligence Publisher

Table 49 describes the Error Correction information for Oracle Business Intelligence Publisher.

Table 49 Error Correction information for Oracle Business Intelligence Publisher

Patch Information	11.1.1.7	10.1.3.4.2	Comments
Final Patch	-	July 2015

Table 50 describes the available patches for Oracle Business Intelligence Publisher.

Customers on earlier versions of Oracle Business Intelligence Publisher 10.x will need to apply 10.1.3.4.1 and then apply the patch.

Table 50 Patch Availability for Oracle Business Intelligence Publisher

Product Home	Patch	Advisory Number	Comments
11.1.1.7	Oracle Business Intelligence Publisher BP 11.1.1.7.150120 <Patch 19822893> or higher	Released January 2015
10.1.3.4.2	Oracle Business Intelligence Publisher BP 10.1.3.4.2 December 2014 <Patch 20124489> or higher	Released January 2015	See <Note 797057.1>, Overview of Available Update Patches for Oracle BI Publisher Enterprise 10g

3.3.8 Oracle Business Process Management

Follow the special instructions below to download Oracle Business Process Management patches.

Click Patches & Updates after logging into My Oracle Support.
Search for Oracle Business Process Management Suite.
Search for the required BPM release by clicking Select up to 10.
Select the patch with the build number that is indicated in Table 52, or the patch with higher build number than what is indicated for the platform you are about to update, for example: EnterpriseJ2EE, Studio, or EnterpriseSA.
Download the patch.

Table 51 describes the Error Correction information for Oracle Business Process Management.

Table 51 Error Correction information for Oracle Business Process Management

Patch Information	10.3.2	Comments
Final Patch	January 2017

Table 52 describes the available patches for Oracle Business Process Management.

Table 52 Patch Availability for Oracle Business Process Management

Product Home	Patch	Advisory Number	Comments
BPM 10.3.2	100375	Released July 2010	See the instructions above on how to download the patch

3.3.9 Oracle Communications Converged Application Server

Table 53 describes the Error Correction information for Oracle Communications Converged Application Server.

Table 53 Error Correction information for Oracle Communications Converged Application Server

Patch Information	5.0	4.0	Comments
Final Patch	July 2018	July 2015

Table 54 describes the available patches for Oracle Communications Converged Application Server. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 54 Patch Availability for Oracle Communications Application Server

Oracle Communications Converged Application Server

Patch

Advisory Number

Comments

5.0

SPU <Patch 14364893>

CPU <Patch 12875001>

CPU <Patch 12875006>

CPU <Patch 12874981>

CPU <Patch 14825824>

CPU <Patch 10625676>

CPU <Patch 18767762>

Released October 2012

Released October 2011

Released January 2013

Released January 2011

Released July 2013

WLS 10.3.0.0 CSS Patch

WLS 10.3.3.0 JMS Patch

WLS 10.3.3.0 WebServices Patch

WLS 10.3.3.0 Security Patch

WLS 10.3.3.0 WebApp Patch

WLS 10.3.3.0 Core Patch

WLS 10.3.3.0 Console Patch

4.0

SPU <Patch 14364893>

CPU <Patch 12875001>

CPU <Patch 12875006>

CPU <Patch 12874981>

CPU <Patch 14825824>

CPU <Patch 10625676>

CPU <Patch 18767762>

Released October 2012

Released October 2011

Released January 2013

Released January 2011

Released July 2013

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

3.3.10 Oracle Complex Event Processing

Table 55 describes the Error Correction information for Oracle Complex Event Processing.

Table 55 Error Correction information for Oracle Complex Event Processing

Patch Information	CEP 12.1.3	CEP 11.1.7	Comments
Final Patch	-	October 2018

Table 56 describes the available patches for Oracle Complex Event Processing. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 56 Patch Availability for Oracle Complex Event Processing

Product Home	Patch	Advisory Number	Comments
12.1.3.0	SPU <Patch 21071699>	Released July 2015
11.1.1.7	SPU <Patch 21103154>	Released July 2015

3.3.11 Oracle Data Quality for Oracle Data Integrator

Table 57 describes the Error Correction information for Oracle Data Quality for Oracle Data Integrator.

Table 57 Error Correction information for Oracle Data Quality for Oracle Data Integrator

Patch Information	ODIDQ 10.3.0	Comments
Final Patch	-

Table 58 describes the available patches for Oracle Data Quality for Oracle Data Integrator.

Table 58 Patch Availability for Oracle Data Quality for Oracle Data Integrator

Product Home	Patch	Advisory Number	Comments
11.1.1.3.0	CPU <Patch 21418574>	Released July 2015

3.3.12 Oracle Data Service Integrator

Table 59 describes the Error Correction information for Oracle Data Service Integrator.

Table 59 Error Correction information for Oracle Data Service Integrator

Patch Information	ODSI 10.3.0	Comments
Final Patch	January 2017

Table 60 describes the available patches for Data Service Integrator. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

Table 60 Patch Availability for Oracle Data Service Integrator

Product Home

Patch

Advisory Number

Comments

10.3.0

SPU <Patch 18526551>

SPU <Patch 12875001>

SPU <Patch 14825824>

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released January 2013

Released July 2014

WLS 10.3.0.0 JVM Patch

WLS 10.3.0.0 Deployment Patch

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

10.3.0

CPU <Patch 8268258>

Released April 2009

ODSI Patch

3.3.13 Oracle Document Capture

Table 61 describes the Error Correction information for Oracle Document Capture.

Table 61 Error Correction information for Oracle Document Capture

Patch Information	10.1.3.5.1	Comments
Final Patch	October 2015

Table 62 describes the available patches for Oracle Document Capture.

Table 62 Patch Availability for Oracle Document Capture

Product Home	Patch	Advisory Number	Comments
Oracle Document Capture 10.1.3.5.1 home	CPU <Patch 16312671>	Released April 2013

3.3.14 Oracle Endeca Server

Table 63 describes the Error Correction information for Oracle Endeca Server.

Table 63 Error Correction information for Oracle Endeca Server

Patch Information	7.6	7.5	7.4	7.3	Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude)	Comments
Final Patch	-	-	July 2020	-	April 2016

Table 64 describes the minimum version information for Oracle Endeca Server.

Table 64 Minimum Product Requirements for Oracle Endeca Server 7.5.x

Patch Information	7.5.x	Advisory Number	Comments
Minimum Version	7.5.1.1	Released July 2013

Table 65 describes the available patches for Oracle Endeca Server.

Table 65 Patch availability for Oracle Endeca Server

Product Home	Patch	Advisory Number
Oracle Endeca Server 7.6 home	SPU <Patch 21666973>	CVE-2015-0286
Oracle Endeca Server 7.5 home	SPU <Patch 21666998>	CVE-2015-0286
Oracle Endeca Server 7.4 home	SPU <Patch 21667002>	CVE-2015-0286
Oracle Endeca Server 7.3 home	SPU <Patch 21667010>	CVE-2015-0286

Table 66 describes the available patches for Oracle Endeca Server (Formerly Latitude).

Table 66 Patch Availability for Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude)

Product Home	Patch	Advisory Number	Comments
Oracle Endeca Information Discovery 2.2.2 (Formerly Latitude) home	See <Note 1629648.1>	Released April 2014

3.3.15 Oracle Endeca Information Discovery Studio

Table 67 describes the Error Correction information for Oracle Endeca Information Discovery Studio.

Table 67 Error Correction information for Oracle Endeca Information Discovery Studio

Patch Information	3.1	3.0	2.4	2.3	2.2.2	Comments
Final Patch	-	-	-	-	-

Table 68 describes the available patches for Oracle Endeca Information Discovery Studio.

Table 68 Patch availability for Oracle Endeca Information Discovery Studio

Product Home	Patch	Advisory Number	Comments
Oracle Endeca Information Discovery Studio 3.1 home	SPU <Patch 19663929>	Released October 2014	See <Note 1906844.1> Transfer/reinstall Oracle Endeca Information Discovery (EID) Studio and migrate configuration to a newly-installed latest version of Apache Tomcat 6.0.x
Oracle Endeca Information Discovery Studio 3.0 home	SPU <Patch 19663937>	Released October 2014
Oracle Endeca Information Discovery Studio 2.4 home	SPU <Patch 19663946>	Released October 2014
Oracle Endeca Information Discovery Studio 2.3 home	SPU <Patch 19663972>	Released October 2014
Oracle Endeca Information Discovery Studio 2.2.2 home	SPU <Patch 19663982>	Released October 2014

3.3.16 Oracle Endeca Information Discovery Studio Integrator

Table 69 describes the Error Correction information for Oracle Endeca Information Discovery Studio Integrator.

Table 69 Error Correction information for Oracle Endeca Information Discovery Studio Integrator

Patch Information	3.1	3.0	2.4	2.3	2.2.2	Comments
Final Patch	-	-	-	-	-

Table 70 describes the available patches for Oracle Endeca Information Discovery Studio Integrator.

Table 70 Patch availability for Oracle Endeca Information Discovery Studio Integrator

Product Home	Patch	Advisory Number
Oracle Endeca Information Discovery Studio Integrator 3.1 home	SPU <Patch 21131619>	Released July 2015
Oracle Endeca Information Discovery Studio Integrator 3.0 home	SPU <Patch 21131630>	Released July 2015
Oracle Endeca Information Discovery Studio Integrator 2.4 home	SPU <Patch 21131634>	Released July 2015
Oracle Endeca Information Discovery Studio Integrator 2.3 home	SPU <Patch 21131639>	Released July 2015
Oracle Endeca Information Discovery Studio Integrator 2.2.2 home	SPU <Patch 21131642>	Released July 2015

3.3.17 Oracle Enterprise Data Quality

Table 71 describes the Error Correction information for Oracle Enterprise Data Quality.

Table 71 Error Correction information for Oracle Enterprise Data Quality

Patch Information	9.0.11	8.1.12	Comments
Final Patch	October 2019	July 2019

Table 72 describes the available patches for Oracle Enterprise Data Quality.

Table 72 Patch Availability for Oracle Enterprise Data Quality

Product Home	Patch	Advisory Number	Comments
Oracle Enterprise Data Quality 9.0.11 home	SPU <Patch 19320253>	Released October 2014	See <Note 1595538.1>, How To Upgrade The Apache Tomcat Version Installed By The EDQ (Enterprise Data Quality) Windows Installer
Oracle Enterprise Data Quality 8.1.12 home	SPU <Patch 18709680>	Released October 2014	See <Note 1595538.1>, How To Upgrade The Apache Tomcat Version Installed By The EDQ (Enterprise Data Quality) Windows Installer

3.3.18 Oracle Exalogic Patch Set Update (PSU)

Table 73 describes the Error Correction information for Exalogic Patch Set Update (PSU).

Table 73 Error Correction information for Oracle Exalogic Patch Set Update (PSU)

Patch Information	2.x	1.x	Comments
Final Patch	-	-

Table 74 describes the available patches for Oracle Exalogic.

Table 74 Patch Set Update Availability for Oracle Exalogic

Oracle Exalogic

Patch

Advisory Number

Comments

2.x Physical

2.0.6.2.3 Physical Linux x86-64 (for all X2-2, X3-2, X4-2, X5-2) PSU <Patch 21445814>

2.0.6.2.3 Physical Solaris x86-64 (for all X2-2, X3-2, X4-2, X5-2) PSU <Patch 21445814>

CVE-2015-1791

See <Note 1314535.1>, Announcing Exalogic PSUs (Patch Set Updates)

2.x Virtual

2.0.6.2.3 Virtual (for all X2-2, X3-2, X4-2, X5-2) PSU <Patch 21445837>

CVE-2015-1791

See <Note 1314535.1>, Announcing Exalogic PSUs (Patch Set Updates)

1.x

Upgrade to 2.x based on information in the Comments column. Then apply the patches listed above.

Released April 2015

See <Patch 14834860> EECS 2.0 PHYSICAL INFRASTRUCTURE UPGRADE KIT (V1.0.0.X.X -> EECS 2.0.0.0.0)

See <Patch 14834860> Oracle Exalogic 2.0.4.0.0 Upgrade Kit for Exalogic Solaris x86-64 (64 bit)

See <Note 1314535.1>, Announcing Exalogic PSUs (Patch Set Updates)

3.3.19 Oracle Forms and Reports 11g Release 2

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Forms and Reports 11g Release 2 installation. Only the relevant homes from those tables need to be patched.

Table 75 describes the available patches for Oracle Forms and Reports 11g Release 2.

Table 75 Patch Availability for Oracle Forms and Reports 11g Release 2

Product Home	Patches	Comments
Oracle Forms and Reports 11.1.2.2 home	See Section 3.3.20.3, "Oracle Forms and Reports 11.1.2.2"

3.3.20 Oracle Fusion Middleware

For more information on how to identify the components in an Oracle home, see <Note 1591483.1>, What is Installed in My Middleware or Oracle home?, and My Oracle Support <Note 2037112.1>, Critical Patch Update October 2015 Oracle Fusion Middleware Known Issues.

This section contains the following:

Section 3.3.20.1, "Oracle Fusion Middleware 12.1.3.0"
Section 3.3.20.2, "Oracle Fusion Middleware 12.1.2.0"
Section 3.3.20.3, "Oracle Forms and Reports 11.1.2.2"
Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"
Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"
Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"
Section 3.3.20.7, "Oracle Fusion Middleware 10.1.3.5.x"
Section 3.3.20.8, "Oracle Identity Access Management 11.1.2.3"
Section 3.3.20.9, "Oracle Identity Access Management 11.1.2.2"

3.3.20.1 Oracle Fusion Middleware 12.1.3.0

Table 76 describes the Error Correction information for Oracle Fusion Middleware 12.1.3.0.

Table 76 Error Correction information for Oracle Fusion Middleware 12.1.3.0

Patch Information	12.1.3.0	Comments
Final Patch	October 2019
CPU On-Request Platforms	-

Table 77 describes the available patches for Oracle Fusion Middleware 12.1.3.0.

Table 77 Patch Availability for Oracle Fusion Middleware 12.1.3.0

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g/12c Products
Oracle Infrastructure 12.1.3.0 home Oracle WebLogic Server 12.1.3.0 home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle HTTP Server 12.1.3.0 home	SPU <Patch 21640673>	CVE-2015-4794, CVE-2015-1829, CVE-2015-4914	Oracle HTTP Server Patch
Oracle Infrastructure 12.1.3.0 home Oracle SOA 12.1.3.0 home	SPU <Patch 21773981>	CVE-2015-4838, CVE-2015-4909	Oracle ADF Patch This patch is necessary for any co-located installations where ADF exists
Oracle SOA 12.1.3.0 home	Oracle SOA 12.1.3.0.1 BP <Patch 19707784> or later	Released January 2015	SOA Patch
Oracle HTTP Server 12.1.3.0 home	SPU <Patch 19485414>	Released January 2015	Oracle Security Service (SSL/Network) Patch
Oracle Infrastructure 12.1.3.0 home Oracle WebLogic Server 12.1.3.0 home Oracle HTTP Server 12.1.3.0 home	See <Note 1936300.1>	Released October 2014	SSL V3.0 "Poodle" Advisory

3.3.20.2 Oracle Fusion Middleware 12.1.2.0

Table 78 describes the Error Correction information for Oracle Fusion Middleware 12.1.2.0.

Table 78 Error Correction information for Oracle Fusion Middleware 12.1.2.0

Patch Information	12.1.2.0	Comments
Final Patch	April 2016
CPU On-Request Platforms	-

Table 79 describes the available patches for Oracle Fusion Middleware 12.1.2.0.

Table 79 Patch Availability for Oracle Fusion Middleware 12.1.2.0

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g/12c Products
Oracle Infrastructure 12.1.2.0 home Oracle WebLogic Server 12.1.2.0 home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle HTTP Server 12.1.2.0 home Oracle Infrastructure 12.1.2.0 home	SPU <Patch 21768251>	CVE-2015-4794, CVE-2015-1829, CVE-2015-4914	Oracle HTTP Server Patch
Oracle HTTP Server 12.1.2.0 home	SPU <Patch 21773977>	CVE-2015-4838, CVE-2015-4909	Oracle ADF 12.1.2.0 Patch
Oracle HTTP Server 12.1.2.0 home	SPU <Patch 19485397>	Released January 2015	Oracle Security Service (SSL/Network) Patch
Oracle Infrastructure 12.1.2.0 home Oracle WebLogic Server 12.1.2.0 home Oracle HTTP Server 12.1.2.0 home	See <Note 1936300.1>	Released October 2014	SSL V3.0 "Poodle" Advisory
Oracle HTTP Server 12.1.2.0 home Oracle Infrastructure 12.1.2.0 home	SPU <Patch 17621876>	Released January 2014	Oracle Help Technologies Patch This patch is necessary for any co-located installations where ADF exists

3.3.20.3 Oracle Forms and Reports 11.1.2.2

Table 80 describes the Error Correction information for Oracle Forms and Reports 11.1.2.2.

Table 80 Error Correction information for Oracle Forms and Reports 11.1.2.2

Patch Information	11.1.2.2	Comments
Final Patch	-
CPU On-Request Platforms	-

Table 81 describes the available patches for Oracle Forms and Reports 11.1.2.2.

Table 81 Patch Availability for Oracle Forms and Reports 11.1.2.2

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle Forms and Reports 11.1.2.2 home	SPU <Patch 21640624>	CVE-2015-4794, CVE-2015-1829, CVE-2015-4914	Oracle HTTP Server 11.1.1.7 Patch
Oracle Forms and Reports 11.1.2.2 home	SPU <Patch 20715966>	Released July 2015	Oracle ADF 11.1.1.7 Patch
Oracle Forms and Reports 11.1.2.2 home	SPU <Patch 19562319>	Released January 2015	Oracle Forms Patch
Oracle Forms and Reports 11.1.2.2 home	SPU <Patch 20002141>	Released January 2015	Oracle Reports, Developer 11.1.2.2 Patch
Oracle Forms and Reports 11.1.2.2 home	See <Note 1936300.1>	Released October 2014	SSL V3.0 "Poodle" Advisory
Oracle Forms and Reports 11.1.2.2 home	SPU <Patch 18423801>	Released July 2014	Oracle Process Management and Notification (OPMN) Patch See <Note 1905314.1>, New SSL Protocol and Cipher Options for Oracle Fusion Middleware 11g OPMN/ONS
Oracle Forms and Reports 11.1.2.2 home	SPU <Patch 17617649>	Released January 2014	Oracle Help Technologies Patch
Oracle Forms and Reports 11.1.2.2 home	CPU <Patch 17337741>	Released October 2013	Oracle Security Service (SSL/Network) Patch
Oracle Forms and Reports 11.1.2.2 home	See <Note 1608683.1>	Released January 2014	Oracle Reports Advisory

3.3.20.4 Oracle Fusion Middleware 11.1.1.9

Table 82 describes the Error Correction information for Oracle Fusion Middleware 11.1.1.9.

Table 82 Error Correction information for Oracle Fusion Middleware 11.1.1.9

Patch Information	11.1.1.9	Comments
Final Patch	-	Oracle Fusion Middleware 11.1.1.9
CPU On-Request Platforms	-

Table 83 describes the available patches for Oracle Fusion Middleware 11.1.1.9.

Table 83 Patch Availability for Oracle Fusion Middleware 11.1.1.9

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle Web Tier 11.1.1.9 home Identity Management 11.1.1.9 home	SPU <Patch 21663064>	CVE-2015-1829, CVE-2015-4914, CVE-2015-4812	Oracle HTTP Server 11.1.1.9 Patch
Oracle WebCenter 11.1.1.9 home	Oracle WebCenter Portal BP 11.1.1.9.2 <Patch 21354925> or later	Released July 2015	Oracle WebCenter Portal 11.1.1.9 Patch See <Note 2029169.1>, Changes to Portlet standards request dispatching of Resource Requests

3.3.20.5 Oracle WebCenter 11.1.1.8

Table 84 describes the Error Correction information for Oracle WebCenter 11.1.1.8.

Table 84 Error Correction information for Oracle WebCenter 11.1.1.8

Patch Information	11.1.1.8	Comments
Final Patch	May 2016
CPU On-Request Platforms	-

Table 85 describes the available patches for Oracle WebCenter 11.1.1.8.

Table 85 Patch Availability for Oracle WebCenter 11.1.1.8

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle WebCenter 11.1.1.8 home	Oracle WebCenter Portal BP 11.1.1.8.8 <Patch 21281035> or later	Released July 2015	Oracle WebCenter Portal 11.1.1.8 patch See <Note 2029169.1>, Changes to Portlet standards request dispatching of Resource Requests
Oracle WebCenter 11.1.1.8 home	SPU <Patch 20715966>	Released July 2015	Oracle ADF 11.1.1.7 Patch
Oracle WebCenter 11.1.1.8 home	Oracle WebCenter Content BP 11.1.1.8.9 <Patch 20022599>	Released January 2015	Oracle WebCenter Content 11.1.1.8 patch
Oracle WebCenter 11.1.1.8 home	See <Note 1936300.1>	Released October 2014	SSL V3.0 "Poodle" Advisory
Oracle WebCenter 11.1.1.8 home	SPU <Patch 17617649>	Released January 2014	Oracle Help Technologies 11.1.1.7 Patch
Oracle WebCenter Content 11.1.1.8 home	Oracle WebCenter Content BP 2 <Patch 17453460> or later	Released October 2013

3.3.20.6 Oracle Fusion Middleware 11.1.1.7

Table 86 describes the Error Correction information for Oracle Fusion Middleware 11.1.1.7.

Table 86 Error Correction information for Oracle Fusion Middleware 11.1.1.7

Patch Information	11.1.1.7	Comments
Final Patch	December 2018	Oracle Fusion Middleware 11.1.1.7
CPU On-Request Platforms	-

Table 87 describes the available patches for Oracle Fusion Middleware 11.1.1.7.

Table 87 Patch Availability for Oracle Fusion Middleware 11.1.1.7

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle Identity Access Management 11.1.1.7 home	Oracle Identity Manager BP 2 (11.1.1.7.2) <Patch 21881425> or later	CVE-2015-4832	Oracle Identity Manager Patch
Oracle Identity Management 11.1.1.7 home Oracle Web Tier 11.1.1.7 home Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	SPU <Patch 21640624>	CVE-2015-4794, CVE-2015-1829, CVE-2015-4914	Oracle HTTP Server 11.1.1.7 Patch
Oracle Web Tier 11.1.1.7 home Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	SPU <Patch 20807683>	Released July 2015	Web Cache Patch
Oracle Identity Management 11.1.1.7 home Oracle Web Tier 11.1.1.7 home Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home Oracle SOA Suite 11.1.1.7 home Oracle WebCenter Suite 11.1.1.7 home	SPU <Patch 20715966>	Released July 2015	Oracle ADF 11.1.1.7 Patch
Oracle Identity Access Management 11.1.1.7 home	Oracle Access Manager BP 5 (11.1.1.7.5) <Patch 21033489> or later	Released July 2015	Oracle Access Manager (OAM 11.1.1.7.5) Patch See <Note 1952939.1>, Oracle Access Manager 11g Logout Confirmation Features and Configuration
Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	SPU <Patch 19562278>	Released January 2015	Oracle Forms 11.1.1.7 Patch
Oracle SOA Suite 11.1.1.7 home	Oracle SOA 11.1.1.7.6 BP <Patch 19953598> or later	Released January 2015	SOA Patch. For CVE-2014-6548, see << Note 1962206.1>>
Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	SPU <Patch 20002159>	Released January 2015	Oracle Reports, Developer 11.1.1.7 Patch
Oracle Identity Access Management 11.1.1.7 home	SPU <Patch 20060599>	Released January 2015	Oracle Adaptive Access Manager Patch
Oracle Web Tier 11.1.1.7 home Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home Oracle SOA Suite 11.1.1.7 home Oracle WebCenter Suite 11.1.1.7 home	See <Note 1936300.1>	Released October 2014	SSL V3.0 "Poodle" Advisory
Oracle Identity Management 11.1.1.7 home Oracle Identity Access Management 11.1.1.7 home	SPU <Patch 19666962>	Released October 2014	Oracle Identity Manager Patch See <Note 1927796.1>, Instructions For Enabling OIM CPU Bug 17937383 Fix For OIM BPs (11.1.2.1.9 and 11.1.2.2.4 Versions) / Overlay SPU (11.1.1.7 and 11.1.1.5 Versions)
Oracle Identity Management 11.1.1.7 home Oracle Web Tier 11.1.1.7 home Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	SPU <Patch 18423801>	Released July 2014	Oracle Process Management and Notification (OPMN) Patch See <Note 1905314.1>, New SSL Protocol and Cipher Options for Oracle Fusion Middleware 11g OPMN/ONS
Oracle WebCenter 11.1.1.7 home	Overlay SPU <Patch 18792010> and 11.1.1.7 BP 1 <Patch 16761779>	Released July 2014	WebCenter Portal 11.1.1.7 Overlay SPU patch
Oracle Identity Access Management 11.1.1.7 home	See <Note 1643382.1>	Released April 2014	OAM/WebGate Advisory
Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	See <Note 1608683.1>	Released January 2014	Oracle Reports Advisory
Oracle Identity Management 11.1.1.7 home	CPU <Patch 17842883> and CPU <Patch 17839633>	Released January 2014	Oracle Internet Directory Patch <Patch 17842883> for HP-UX Itanium, HP-UX PA-RISC (64-bit), Linux x86, Microsoft Windows (32-bit) <Patch 17839633> for Linux x86-64, IBM AIX Based Systems (64-bit), Sun Solaris x86-64 (64-bit), Sun Solaris SPARC (64-bit), Microsoft Windows x64 (64-bit)
Oracle Identity Management 11.1.1.7 home Oracle Identity Access Management 11.1.1.7 home Oracle Web Tier 11.1.1.7 home Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home Oracle SOA Suite 11.1.1.7 home Oracle WebCenter Suite 11.1.1.7 home	SPU <Patch 17617649>	Released January 2014	Oracle Help Technologies Patch
Oracle Identity Management 11.1.1.7 home Oracle Web Tier 11.1.1.7 home Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	CPU <Patch 17337741>	Released October 2013	Oracle Security Service (SSL/Network) Patch
Oracle WebCenter Content 11.1.1.7 home	BP 2 <Patch 17180477> or higher	Released October 2013

3.3.20.7 Oracle Fusion Middleware 10.1.3.5.x

Table 88 describes the Error Correction information for Oracle Fusion Middleware 10.1.3.5.x.

Table 88 Error Correction information for Oracle Fusion Middleware 10.1.3.5.x

Patch Information

10.1.3.5.x

Comments

Final Patch

Oracle SOA Suite: October 2014

JDeveloper: April 2017

Application Development Framework: April 2017

Oracle HTTP Server: April 2017

Oracle Container for Java (OC4J): April 2017

TopLink: April 2017

For all other components that are NOT listed here, see the Comments section in the LSP document.

For more information, see Lifetime Support Policy for Oracle Fusion Middleware

CPU On-Request Platforms

IBM: Linux on System Z

Linux on POWER

Oracle HTTP Server 10.1.3.5.0

Oracle Solaris x86-64

Table 89 describes the available patches for Oracle Fusion Middleware 10.1.3.5.x.

Table 89 Patch Availability for Oracle Fusion Middleware 10.1.3.5.x

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update
Oracle Application Server 10g Release 3 home Oracle HTTP Server 2.0 standalone home Oracle SOA Suite 10g home Oracle WebCenter Suite 10g home Oracle SOA Suite 10g for WebLogic Server home	UNIX: CPU <Patch 21845960> Microsoft Windows (32-Bit): CPU <Patch 21845962> Microsoft Windows Itanium (64-Bit): CPU <Patch 21845971>	CVE-2015-1829, CVE-2015-4914, CVE-2011-3389, CVE-2013-0169	See <Note 1905314.1>, New SSL Protocol and Cipher Options for Oracle Fusion Middleware's OPMN/ONS Component See <Note 1301699.1>, How the SSL/TLS Renegotiation Protocol Change Affects Oracle HTTP Server See <Note 1936300.1>, How to Change SSL Protocols (to Disable SSL 3.0) in Oracle Fusion Middleware Products
OC4J Standalone home	SPU <Patch 20034769>	Released January 2015	Patch for OC4J Standalone 10.1.3.5 media available on OTN
Oracle Application Server 10g Release 3 home Oracle HTTP Server 2.0 standalone home Oracle SOA Suite 10g home Oracle WebCenter Suite 10g home Oracle SOA Suite 10g for WebLogic Server home	See <Note 1586861.1>	Released October 2013	OC4J Advisory
Oracle Application Server 10g Release 3 home OC4J Standalone home Oracle SOA Suite 10g home	SPU <Patch 16920865>	Released October 2013	WebServices Patch
OC4J Standalone home	CPU <Patch 14123312>	Released July 2012	Enterprise Manager AS Control Patch Patch for OC4J Standalone 10.1.3.5 media available on OTN
Oracle SOA Suite 10g for WebLogic Server home	CPU <Patch 12539587>	Released October 2011	Oracle Web Services Manager (OWSM) Patch
Oracle SOA Suite 10g home Oracle WebCenter Suite 10g home	CPU <Patch 12957596>	Released October 2011	Oracle Web Services Manager (OWSM) Patch

3.3.20.8 Oracle Identity Access Management 11.1.2.3

Table 90 describes the Error Correction information for Oracle Identity Access Management 11.1.2.3.

Table 90 Error Correction information for Oracle Identity Access Management 11.1.2.3

Patch Information	11.1.2.3	Comments
Final Patch	-
CPU On-Request Platforms	-

Table 91 describes the available patches for Oracle Identity Access Management 11.1.2.3.

Table 91 Patch Availability for Oracle Identity Access Management 11.1.2.3

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle Identity Access Management 11.1.2.3 home	Oracle Identity Management Suite BP 2 (11.1.2.3.2) <Patch 21698880> or later	CVE-2015-4912	Oracle Access Manager Patch
Oracle Identity Access Management 11.1.2.3 home	Oracle Identity Management Suite BP 2 (11.1.2.3.2) <Patch 21698880> or later	CVE-2015-4832	Oracle Identity Manager Patch

3.3.20.9 Oracle Identity Access Management 11.1.2.2

Table 92 describes the Error Correction information for Oracle Identity Access Management 11.1.2.2.

Table 92 Error Correction information for Oracle Identity Access Management 11.1.2.2

Patch Information	11.1.2.2	Comments
Final Patch	April 2016
CPU On-Request Platforms	-

Table 93 describes the available patches for Oracle Identity Access Management 11.1.2.2.

Table 93 Patch Availability for Oracle Identity Access Management 11.1.2.2

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle Identity Access Management 11.1.2.2 home	Oracle Identity Management Suite BP 7 (11.1.2.2.7) <Patch 21660126> or later	CVE-2015-4912	Oracle Access Manager Patch
Oracle Identity Access Management 11.1.2.2 home	Oracle Identity Management Suite BP 7 (11.1.2.2.7) <Patch 21660126> or later	CVE-2015-4832	Oracle Identity Manager Patch See <Note 1927796.1>, Instructions For Enabling OIM CPU Bug 17937383 Fix For OIM BPs (11.1.2.1.9 and 11.1.2.2.4 Versions) / Overlay SPU (11.1.1.7 and 11.1.1.5 Versions)
Oracle Identity Access Management 11.1.1.7 home	Oracle Identity Manager BP 2 (11.1.1.7.2) <Patch 21881425> or later	CVE-2015-4832	Oracle Identity Manager Patch
Oracle Identity Access Management 11.1.2.2 home	SPU <Patch 20715966>	Released July 2015	Oracle ADF 11.1.1.7 Patch
Oracle Identity Access Management 11.1.2.2 home	Oracle Identity Manager Suite BP 6 (11.1.2.2.6) <Patch 20963120> or later	Released July 2015	Oracle Access Manager (OAM 11.1.2.2.6) Patch Oracle Adaptive Access Manager (OAAM 11.1.2.2.1) Patch See <Note 1952939.1>, Oracle Access Manager 11g Logout Confirmation Features and Configuration
Oracle Identity Access Management 11.1.2.2 home	My Oracle Support <Note 1643382.1>	Released April 2014
Oracle Identity Access Management 11.1.2.2 home	SPU <Patch 17617649>	Released January 2014	Oracle Help Technologies Patch

3.3.21 Oracle Hyperion Analytic Provider Services

Table 94 describes the Error Correction information for Oracle Hyperion Analytic Provider Services.

Table 94 Error Correction information for Oracle Hyperion Analytic Provider Services

Patch Information	11.1.2.x	Comments
Final Patch	April 2021

Table 95 describes the available patches for Oracle Hyperion Analytic Provider Services, based on release.

Table 95 Patch Availability for Oracle Hyperion Analytic Provider Services

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU <Patch 20184072 >

SPU <Patch 20184082>

CVE-2012-0036

11.1.2.2

SPU <Patch 18148649>

Released July 2014

3.3.22 Oracle Hyperion BI+

Table 96 describes the Error Correction information for Oracle Hyperion BI+.

Table 96 Error Correction information for Oracle Hyperion BI+

Patch Information	11.1.2.x	Comments
Final Patch	April 2018

Table 97 describes the available patches for Oracle Hyperion BI+, based on release.

Table 97 Patch Availability for Oracle Hyperion BI+

Product Home	Patch	Advisory Number	Comments
11.1.2.3	SPU <Patch 20029854>	Released April 2015
11.1.2.2	SPU <Patch 18659116>	Released April 2015

3.3.23 Oracle Hyperion Common Admin

Table 98 describes the Error Correction information for Oracle Hyperion Common Admin.

Table 98 Error Correction information for Oracle Hyperion Common Admin

Patch Information	11.1.2.x	Comments
Final Patch	April 2018

Table 99 describes the available patches for Oracle Hyperion Common Admin.

Table 99 Patch Availability for Oracle Hyperion Common Admin

Product Home	Patch	Advisory Number	Comments
11.1.2.3	CPU <Patch 18672071>	Released July 2014
11.1.2.2	CPU <Patch 18659116>	Released July 2014

3.3.24 Oracle Hyperion Common Security

Table 100 describes the Error Correction information for Oracle Hyperion Common Security.

Table 100 Error Correction information for Oracle Hyperion Common Security

Patch Information	11.1.2.x	Comments
Final Patch	April 2018

Table 101 describes the available patches for Oracle Hyperion Common Security.

Table 101 Patch Availability for Oracle Hyperion Common Security

Product Home	Patch	Advisory Number
11.1.2.4	SPU <Patch 20876722>	Released July 2015
11.1.2.3	SPU <Patch 20675028>	Released July 2015
11.1.2.2	SPU <Patch 21052487>	Released July 2015

3.3.25 Oracle Hyperion EAS

Table 102 describes the Error Correction information for Oracle Hyperion EAS.

Table 102 Error Correction information for Oracle Hyperion EAS

Patch Information	11.1.2.x	Comments
Final Patch	April 2018

Table 103 describes the available patches for Oracle Hyperion EAS, based on release.

Table 103 Patch Availability for Oracle Hyperion EAS

Product Home

Patch

Advisory Number

Comments

11.1.2.3

Admin Server <Patch 17417347>

Admin Console <Patch 17417344>

Released January 2014

11.1.2.2

Admin Server <Patch 17277761>

Admin Console <Patch 17277764>

Released January 2014

11.1.2.1

Admin Server <Patch 17545122>

Admin Console <Patch 17545124>

Released January 2014

3.3.26 Oracle Hyperion Enterprise Performance Management Architect

Table 104 describes the Error Correction information for Oracle Hyperion Enterprise Performance Management Architect.

Table 104 Error Correction information for Oracle Hyperion Enterprise Performance Management Architect

Patch Information	11.1.2.x	Comments
Final Patch	April 2021

Table 105 describes the available patches for Oracle Hyperion Enterprise Performance Management Architect.

Table 105 Patch Availability for Oracle Hyperion Enterprise Performance Management Architect

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU <Patch 19466859>

SPU <Patch 20929659>

Released July 2015

11.1.2.2

SPU On-Request

Released July 2015

3.3.27 Oracle Hyperion Essbase

Table 106 describes the Error Correction information for Oracle Hyperion Essbase.

Table 106 Error Correction information for Oracle Hyperion Essbase

Patch Information	11.1.2.x	Comments
Final Patch	April 2021

Table 107 describes the available patches for Oracle Hyperion Essbase.

Table 107 Patch Availability for Oracle Hyperion Essbase

Product Home

Patch

Advisory Number

Comments

11.1.2.3

SPU <Patch 20184072>

SPU <Patch 20184082>

Released July 2015

11.1.2.2

Upgrade to Hyperion Essbase 11.1.2.3, then apply the patches listed above

Released July 2015

3.3.28 Oracle Hyperion Installation Technology

Table 108 describes the Error Correction information for Oracle Hyperion Installation Technology.

Table 108 Error Correction information for Oracle Hyperion Installation Technology

Patch Information	11.1.2.x	Comments
Final Patch	April 2018

Table 109 describes the available patches for Oracle Hyperion Installation Technology.

Table 109 Patch Availability for Oracle Hyperion Installation Technology

Product Home	Patch	Advisory Number	Comments
11.1.2.3	SPU <Patch 17424524>	CVE-2015-4823

3.3.29 Oracle Hyperion Smart View For Office

Table 110 describes the Error Correction information for Oracle Hyperion Smart View For Office.

Table 110 Error Correction information for Oracle Hyperion Smart View For Office

Patch Information	11.1.2.x	Comments
Final Patch	April 2018

Table 111 describes the available patches for Oracle Hyperion Smart View For Office.

Table 111 Patch Availability for Oracle Hyperion Smart View For Office

Product Home	Patch	Advisory Number	Comments
11.1.2.x	SPU <Patch 20327649>	Released April 2015

3.3.30 Oracle Hyperion Strategic Finance

Table 112 describes the Error Correction information for Oracle Hyperion Strategic Finance.

Table 112 Error Correction information for Oracle Hyperion Strategic Finance

Patch Information	11.1.2.x	Comments
Final Patch	April 2018

Table 113 describes the available patches for Oracle Hyperion Strategic Finance.

Table 113 Patch Availability for Oracle Hyperion Strategic Finance

Product Home	Patch	Advisory Number	Comments
11.1.2.2	CPU <Patch 14593946>	Released April 2014
11.1.2.1	CPU <Patch 17636270>	Released April 2014

3.3.31 Oracle Identity Access Management

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Identity Access Management installation. Only the relevant homes from those tables need to be patched.

Table 114 describes the available patches for Oracle Identity Access Management.

Table 114 Patch Availability for Oracle Identity Access Management

Product Home	Patches	Comments
Oracle Identity Access Management 11.1.2.3 home	See Section 3.3.20.8, "Oracle Identity Access Management 11.1.2.3"
Oracle Identity Access Management 11.1.2.2 home	See Section 3.3.20.9, "Oracle Identity Access Management 11.1.2.2"
Oracle Identity Access Management 11.1.1.7 home	See Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"
Oracle Identity Access Management 11.1.1.5 home	See Section 3.3.31, "Patch Availability for Oracle Identity Access Management 11.1.1.5"

Table 115 describes the Error Correction Information for Oracle Identity Access Management 11.1.1.5.

Table 115 Error Correction information for Oracle Identity Access Management 11.1.1.5

Patch Information	11.1.1.5	Comments
Final Patch	July 2015

Table 116 describes the available patches for Oracle Identity Access Management 11.1.1.5.

Table 116 Patch Availability for Oracle Identity Access Management 11.1.1.5

Product Home	Patches	Advisory Number	Comments
Oracle Database home	See Section 3.1.4, "Oracle Database"	See Section 3.1.4, "Oracle Database"	Patch any Database Server associated to a Fusion Middleware installation
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server home	See Section 3.3.58, "Oracle WebLogic Server"	See Section 3.3.58, "Oracle WebLogic Server"	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
Oracle WebLogic Server Proxy Plug-Ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
Oracle Identity Access Management 11.1.1.5 home	Oracle Access Manager BP 9 (11.1.1.5.9) <Patch 20385295> or later	Released April 2015	Oracle Access Manager (OAAM 11.1.1.5.9) Patch See <Note 1952939.1>, Oracle Access Manager 11g Logout Confirmation Features and Configuration
Oracle Identity Access Management 11.1.1.5 home	Oracle Adaptive Access Manager BP 4 (11.1.1.5.4) <Patch 19822606> or later	Released January 2015	Oracle Adaptive Access Manager (OAAM 11.1.1.5.4) Patch
Oracle Identity Management 11.1.1.5 home Oracle Identity Access Management 11.1.1.5 home	SPU <Patch 19696852>	Released October 2014	Oracle Identity Manager Patch See <Note 1927796.1>, Instructions For Enabling OIM CPU Bug 17937383 Fix For OIM BPs (11.1.2.1.9 and 11.1.2.2.4 Versions) / Overlay SPU (11.1.1.7 and 11.1.1.5 Versions) See <Note 1952939.1>, Oracle Access Manager 11g Logout Confirmation Features and Configuration
Oracle Identity Access Management 11.1.1.5 home	See <Note 1643382.1>	Released April 2014
Oracle Identity Management Suite home	BP 11.1.1.5.7 <Patch 18490364> or later	Released April 2014	Oracle Identity Manager Patch
Oracle Identity Access Management 11.1.1.5 home	Oracle Identity Analytics BP 11.1.1.5.7 <Patch 18182466> or higher	Released April 2014	Oracle Identity Analytics Patch
Oracle Identity Access Management 11.1.1.5 home	SPU <Patch 18355263> and BP <Patch 14828904>	Released April 2014	WebGate Patch
Oracle Identity Access Management 11.1.1.5 home	SPU <Patch 17617673>	Released January 2014	Oracle Help Technologies Patch
Oracle Identity Access Management 11.1.1.5 home	Oracle Identity Management Suite BP 11.1.1.5.5 <Patch 17178952> or later	Released October 2013	Oracle Access Manager Patch
Oracle Identity Access Management 11.1.1.5 home	11.1.1.5.4 BP <Patch 14188199> or higher	Released July 2013	Oracle Access Manager Patch
Oracle Identity Access Management 11.1.1.5 home	CPU <Patch 14003475>	Released July 2012	Oracle HTTP Server Patch
Oracle Identity Access Management 11.1.1.5 home	CPU <Patch 13113602>	Released January 2012	Oracle Web Services Manager Patch
Oracle Identity Access Management 11.1.1.5 home	CPU <Patch 12434187>	Released July 2011	Network For Solaris x86-64, (Identity Management and Web Tier homes), apply specific mandatory patches. For more information, see <Note 1343107.1>

3.3.32 Oracle Identity Management

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Identity Management installation. Only the relevant homes from those tables need to be patched.

Table 117 describes the available patches for Oracle Identity Management.

Table 117 Patch Availability for Oracle Identity Management

Product Home	Patches	Comments
Oracle Identity Management 11.1.1.7 home	See Section Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"

3.3.33 Oracle Identity Management Connector

Table 118 describes the Error Correction information for Oracle Identity Management Connector.

Table 118 Error Correction information for Oracle Identity Management Connector

Patch Information	9.1.0.4	Comments
Final Patch	April 2017

Table 119 describes the available patches for Oracle Identity Manager.

Table 119 Patch Availability for Oracle Identity Management Connector

Product Home	Patch	Advisory Number	Comments
9.1.0.4	CPU <Patch 13636081>	Released April 2012

3.3.34 Oracle Imaging and Process Management

Table 120 describes the Error Correction information for Oracle Imaging and Process Management.

Table 120 Error Correction information for Oracle Imaging and Process Management

Patch Information	10.1.3.6	Comments
Final Patch	October 2015

Table 121 describes the available patches for Oracle Imaging and Process Management.

Table 121 Critical Patch Update Availability for Oracle Imaging and Process Management

Release	Patch	Advisory Number	Comments
10.1.3.6	CPU <Patch 14756862>	Released October 2012

3.3.35 Oracle JDeveloper and Oracle ADF

Table 122 describes the Error Correction information for Oracle JDeveloper and Oracle ADF.

Table 122 Error Correction information for Oracle JDeveloper and Oracle ADF

Patch Information	12.1.3.0	12.1.2.0	11.1.2.4	11.1.1.7	10.1.3.5	Comments
Final Patch	-	June 2016	October 2021		April 2017

Table 123 describes the available patches for Oracle JDeveloper and Oracle ADF.

Table 123 Critical Patch Update Availability for Oracle JDeveloper and Oracle ADF

Release	Patch	Advisory Number	Comments
12.1.3.0	SPU <Patch 21773981>	CVE-2015-4838, CVE-2015-4909
12.1.2.0	SPU <Patch 21773977>	CVE-2015-4838, CVE-2015-4909
11.1.2.4	SPU <Patch 21773974>	CVE-2015-4838, CVE-2015-4909
11.1.1.7	SPU <Patch 20715966>	Released July 2015
Oracle JDeveloper 12.1.2.0 home Oracle ADF 12.1.2.0 home	SPU <Patch 17621876>	Released January 2014	Oracle Help Technology Patch
Oracle JDeveloper 11.1.7.0.0 home Oracle ADF 11.1.7.0 home	SPU <Patch 17617649>	Released January 2014	Oracle Help Technology Patch
10.1.3.5	SPU <Patch 14756862>	Released October 2012

3.3.36 Oracle JRockit

Table 124 describes the Critical Patch Update availability for Oracle JRockit.

Oracle JRockit R28.3.8 includes fixes for all security advisories that have been released through CPUOct2015.

Table 124 Critical Patch Update Availability for Oracle JRockit

Oracle JRockit	R28.3.8	Advisory Number	Comments
JRE and JDK 6	<Patch 21689792 >	Released October 2015

3.3.37 Oracle Map Viewer

Table 125 describes the Error Correction information for Oracle Map Viewer.

Table 125 Error Correction information for Oracle Map Viewer

Patch Information	11.1.1.6	10.1.3.1	Comments
Final Patch	April 2014	-

Table 126 describes the available patches for Oracle Map Viewer.

Table 126 Patch Availability for Oracle Map Viewer

Product Home	Patch	Advisory Number	Comments
11.1.1.6	CPU <Patch 14065245>	Released July 2012
10.1.3.1	CPU <Patch 13997316>	Released July 2012

3.3.38 Oracle Mobile Security Suite

Table 127 describes the Error Correction information for Oracle Mobile Security Suite.

Table 127 Error Correction information for Oracle Mobile Security Suite

Patch Information	11.1.2.3	3.0.5	Comments
Final Patch	-	-

Table 128 describes the available patches for Oracle Mobile Security Suite.

Table 128 Patch Availability for Oracle Mobile Security Suite

Product Home	Patch	Advisory Number	Comments
3.0.5	CPU <Patch 21639665>	CVE-2014-3571

3.3.39 Oracle Outside In Technology

Table 129 describes the Error Correction information for Oracle Outside In Technology.

Table 129 Error Correction information for Oracle Outside In Technology

Patch Information	8.5.2	8.5.1	8.5.0	Comments
Final Patch	-	-	July 2016

Table 130 describes the available patches for Oracle Outside in Technology.

Table 130 Patch Availability for Oracle Outside In Technology

Product Home	Patch	Advisory Number
Oracle Outside In Technology 8.5.2	SPU <Patch 21494657>	CVE-2015-4809, CVE-2015-4811, CVE-2015-4877, CVE-2015-4878
Oracle Outside In Technology 8.5.1	SPU <Patch 21494624>	CVE-2015-4809, CVE-2015-4811, CVE-2015-4877, CVE-2015-4878
Oracle Outside In Technology 8.5.0	SPU <Patch 21494643>	CVE-2015-4809, CVE-2015-4811, CVE-2015-4877, CVE-2015-4878

3.3.40 Oracle Portal, Forms, Reports, and Discoverer 11g Release 1

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Portal, Forms, Reports, and Discoverer 11g Release 1 installation. Only the relevant homes from those tables need to be patched.

Table 131 describes the available patches for Oracle Portal, Forms, Reports, and Discoverer 11g Release 1.

Table 131 Patch Availability for Oracle Portal, Forms, Reports, and Discoverer 11g Release 1

Product Home	Patches	Comments
Oracle Portal, Forms, Reports and Discoverer 11.1.1.7 home	See Section Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"

3.3.41 Oracle Real Time Decisions Server

Table 132 describes the Error Correction information for Oracle Real Time Decisions Server.

Table 132 Error Correction information for Oracle Real Time Decisions Server

Patch Information	11.1.1.7	3.0.0.1	Comments
Final Patch	-	January 2016

Table 133 describes the available patches for Oracle Real Time Decisions Server.

Table 133 Patch Availability for Oracle Real Time Decisions Server

Product Home	Patch	Advisory Number	Comments
Oracle Real Time Decisions Server 11.1.1.7.0 home	BP 11.1.1.7.150120 <Patch 19823874>	Released January 2015
Oracle Real Time Decisions Platform 3.0.0.1 home	BP 3.0.0.1.18 <Patch 19982199>	Released January 2015

3.3.42 Oracle Service Architecture Leveraging Tuxedo (SALT)

Table 134 describes the Error Correction information for Oracle Service Architecture Leveraging Tuxedo (SALT).

Table 134 Error Correction information for Oracle Service Architecture Leveraging Tuxedo (SALT)

Patch Information	11.1.1.2.2	10.3	Comments
Final Patch	-	-

Table 135 describes the available patches for Oracle Service Architecture Leveraging Tuxedo (SALT).

Table 135 Patch Availability for Oracle Service Architecture Leveraging Tuxedo (SALT)

Product Home

Patch

Advisory Number

Comments

Oracle Service Architecture Leveraging Tuxedo (SALT) 11.1.1.2.2 home

CVE-2014-3566

Oracle Service Architecture Leveraging Tuxedo (SALT) 10.3 home

Linux X86/64-Bit SPU <Patch 20014288>

Linux X86 SPU <Patch 20380065>

IBM AIX/32-Bit SPU <Patch 20380112>

IBM AIX/64-Bit SPU <<Patch20380205>>

Solaris SPARC 64-Bit SPU <<Patch20380159>>

Solaris SPARC 32-Bit SPU <<Patch20380176>>

HP IA 64-Bit SPU <Patch 20380216>

CVE-2014-3566

3.3.43 Oracle SOA Suite

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle SOA Suite installation. Only the relevant homes from those tables need to be patched.

Table 136 describes the available patches for Oracle SOA Suite.

Table 136 Patch Availability for Oracle SOA Suite

Product Home	Patches	Comments
Oracle SOA Suite 12.1.3.0 home	See Section 3.3.20.1, "Oracle Fusion Middleware 12.1.3.0"
Oracle SOA Suite 11.1.1.7 home	See Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"

3.3.44 Oracle Traffic Director

Table 137 describes the Error Correction information for Oracle Traffic Director.

Table 137 Error Correction information for Oracle Traffic Director

Patch Information	11.1.1.9	11.1.1.7	Comments
Final Patch	-	-

Table 138 describes the available patches for Oracle Traffic Director.

Table 138 Patch Availability for Oracle Traffic Director

Product Home	Patch	Advisory Number	Comments
11.1.1.9	SPU <Patch 21689493>	CVE-2014-1569
11.1.1.7	SPU <Patch 21220270>	CVE-2014-1569

3.3.45 Oracle Tuxedo

Table 139 describes the Error Correction information for Oracle Tuxedo.

Table 139 Error Correction information for Oracle Tuxedo

Patch Information	12.1.1.0	Comments
Final Patch	-

Table 140 describes the available patches for Oracle Tuxedo.

Table 140 Patch Availability for Oracle Tuxedo

Product Home

Patch

Advisory Number

Comments

12.1.1.0

SPU <Patch 20906548> Windows 64-bit VS2010/X86_64

SPU <Patch 21030490> Solaris SPARC 64-bit, Solaris SPARC 32-bit, and Solaris x86 64-bit

SPU <Patch 20747853> all other platforms

CVE-2014-3567, CVE-2015-0286, CVE-2014-3571

3.3.46 Oracle Waveset

Table 141 describes the Error Correction information for Oracle Waveset.

Table 141 Error Correction information for Oracle Waveset

Patch Information	8.1.1.10	Comments
Final Patch	October 2017

Table 142 describes the available patches for Oracle Waveset.

Table 142 Patch Availability for Oracle Waveset

Product Home	Patch	Advisory Number	Comments
Oracle Waveset 8.1.1.0 home	Oracle Waveset 8.1.1.10 BP <Patch 19428350>	Released January 2015

3.3.47 Oracle Web-Tier 11g Utilities

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle Web-Tier 11g Utilities installation. Only the relevant homes from those tables need to be patched.

Table 143 describes the available patches for Oracle Web-Tier 11g Utilities.

Table 143 Patch Availability for Oracle Web-Tier 11g Utilities

Product Home	Patches	Comments
Oracle Web-Tier 11g Utilities 11.1.1.7 home	See Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"

3.3.48 Oracle WebCenter

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle WebCenter installation. Only the relevant homes from those tables need to be patched.

Table 144 describes the available patches for Oracle WebCenter.

Table 144 Patch Availability for Oracle WebCenter

Product Home	Patches	Comments
Oracle WebCenter 11.1.1.9 home	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"
Oracle WebCenter 11.1.1.8 home	See Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"
Oracle WebCenter 11.1.1.7 home	See Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"

3.3.49 Oracle WebCenter Content (Formerly Oracle Universal Content Management)

Table 145 describes the Error Correction information for Oracle WebCenter Content (formerly Oracle Universal Content Management).

Table 145 Error Correction information for WebCenter Content

Patch Information	10.1.3.5.1	Comments
Final Patch	October 2015

Table 146 describes the available patches for Oracle WebCenter Content (formerly Oracle Universal Content Management).

Table 146 Patch Availability for Oracle WebCenter Content

Component	Patch	Advisory Number
Oracle WebCenter Content 11.1.1.9 home	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"
Oracle WebCenter Content 11.1.1.8 home	See Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"	See Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"
Oracle WebCenter Content 11.1.1.7 home	See Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"	See Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"
Oracle WebCenter Content 10.1.3.5.1 home	SPU <Patch 21617488 >	CVE-2015-4867, CVE-2015-4880
Oracle WebCenter Content 10.1.3.5.1 home	SPU <Patch 17289573>	Released October 2013
Oracle WebCenter Content 10.1.3.5.1 home	SPU <Patch 16920680>	Released July 2013
Oracle WebCenter Content 10.1.3.5.1 home	SPU <Patch 16313031>	Released April 2013

3.3.50 Oracle WebCenter Forms Recognition

Table 147 describes the Error Correction information for Oracle WebCenter Forms Recognition.

Table 147 Error Correction information for Oracle WebCenter Forms Recognition

Patch Information	10.1.3.5	Comments
Final Patch	-

Table 148 describes the available patches for Oracle WebCenter Forms Recognition. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 148 Patch Availability for Oracle WebCenter Forms Recognition

Oracle WebCenter Forms Recognition	Patch	Advisory Number	Comments
10.1.3.5	CPU <Patch 13882540>	Released April 2012

3.3.51 Oracle WebCenter Interaction

Table 149 describes the Error Correction information for Oracle WebCenter Interaction.

Table 149 Error Correction information for Oracle WebCenter Interaction

Patch Information	10.3.3.0	6.5.1	Comments
Final Patch	January 2017	January 2016

Table 150 describes the available patches for Oracle WebCenter Interaction. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 150 Patch Availability for Oracle WebCenter Interaction

Oracle WebCenter Interaction	Patch	Advisory Number	Comments
10.3.3.0	CPU <Patch 16398622>	Released April 2013
6.5.1	CPU <Patch 16417563>	Released April 2013
6.5.1	CPU <Patch 13718635>	Released April 2012	WebLogic Server 9.2.0.0 one-off patch that needs to be applied to WebLogic Server home

3.3.52 Oracle WebCenter Portal

Table 151 describes the Error Correction information for Oracle WebCenter Portal.

Table 151 Error Correction information for Oracle WebCenter Portal

Patch Information	11.1.1.9	11.1.1.8	Comments
Final Patch	-	-

Table 152 describes the available patches for Oracle WebCenter Portal.

Table 152 Patch Availability for Oracle WebCenter Portal

Product Home	Patches	Comments
Oracle WebCenter 11.1.1.9 home	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"
Oracle WebCenter 11.1.1.8 home	See Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"

3.3.53 Oracle WebCenter Sites (Formerly FatWire Content Server)

Table 153 describes the Error Correction information for Oracle WebCenter Sites (formerly FatWire Content Server).

Table 153 Error Correction information for Oracle WebCenter Sites (formerly FatWire Content Server)

Patch Information	11.1.1.8	11.1.1.6.1	7.6.2	Comments
Final Patch	-	April 2016	-

Table 154 describes the available patches for Oracle WebCenter Sites. See also the underlying product stack tables.

Table 154 Patch Availability for Oracle WebCenter Sites

Product Home	Patch	Advisory Number	Comments
11.1.1.9 home	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"
11.1.1.8 home	11.1.1.8.0 patch 11 <Patch 21494888> or later	CVE-2010-1622, CVE-2015-4799	See Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"
11.1.1.6 home	11.1.1.6.1 Patch 21 <Patch 21494867> or later	CVE-2010-1622, CVE-2015-4799
7.6.2 home	7.6.2 Patch 17 <Patch 21834997> or later	CVE-2010-1622, CVE-2015-4799

3.3.54 Oracle WebCenter Sites Community

Table 155 describes the Error Correction information for Oracle WebCenter Sites Community.

Table 155 Error Correction information for Oracle WebCenter Sites Community

Patch Information	11.1.1.8	11.1.1.6.1	Comments
Final Patch	-	April 2016

Table 156 describes the available patches for Oracle WebCenter Sites. See also the underlying product stack tables.

Table 156 Patch Availability for Oracle WebCenter Sites Community

Product Home	Patch	Advisory Number	Comments
11.1.1.8 home	11.1.1.8.0 Patch 5 <Patch 21314921> or later	CVE-2010-1622, CVE-2015-4799	See Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"
11.1.1.6 home	11.1.1.6.1 Patch 5 <Patch 21315020> or later	CVE-2010-1622, CVE-2015-4799

3.3.55 Oracle WebCenter Suite

For the appropriate product versions listed below, refer to the corresponding Oracle Fusion Middleware patch availability sections that contain information on Error Correction, and for the patches to apply. Not all homes that are listed in those sections might be present in the Oracle WebCenter Suite installation. Only the relevant homes from those tables need to be patched.

Table 157 describes the available patches for Oracle WebCenter Suite.

Table 157 Patch Availability for Oracle WebCenter Suite

Product Home	Patches	Comments
Oracle WebCenter Suite 11.1.1.9 home	See Section 3.3.20.4, "Oracle Fusion Middleware 11.1.1.9"
Oracle WebCenter Suite 11.1.1.8 home	See Section 3.3.20.5, "Oracle WebCenter 11.1.1.8"
Oracle WebCenter Suite 11.1.1.7 home	See Section 3.3.20.6, "Oracle Fusion Middleware 11.1.1.7"
Oracle WebCenter Suite 10g home	See Section 3.3.20.7, "Oracle Fusion Middleware 10.1.3.5.x"

3.3.56 Oracle WebLogic Integration

Table 158 describes the Error Correction information for Oracle WebLogic Integration.

Table 158 Error Correction information for Oracle WebLogic Integration

Patch Information	10.3.1.0	Comments
Final Patch	January 2017

Table 159 describes the availability for Critical Patch Updates for Oracle WebLogic Integration. See also the underlying product stack tables.

Table 159 Critical Patch Update Availability for Oracle WebLogic Integration

Product Home

Patch

Advisory Number

Comments

10.3.1.0

SPU <Patch 18526551>

SPU <Patch 12875001>

SPU <Patch 14825824>

Released July 2014

Released April 2014

Released October 2011

Released July 2014

Released January 2013

Released July 2014

WLS 10.3.0.0 JVM Patch

WLS 10.3.0.0 Deployment Patch

WLS 10.3.0.0 CSS Patch

WLS 10.3.0.0 JMS Patch

WLS 10.3.0.0 WebServices Patch

WLS 10.3.0.0 Security Patch

WLS 10.3.0.0 WebApp Patch

WLS 10.3.0.0 Core Patch

WLS 10.3.0.0 Console Patch

3.3.57 Oracle WebLogic Portal

Table 160 describes the Error Correction information for Oracle WebLogic Portal.

Table 160 Error Correction information for Oracle WebLogic Portal

Patch Information	10.3.6.0	Comments
Final Patch	October 2021

Table 161 describes the available patches for WebLogic Portal. See also the underlying product stack tables (JRockit and WLS) for any applicable patches.

WebLogic Portal patches are cumulative to include all the prior published advisories. For more information, see My Oracle Support <Note 1355929.1>, October 2011 Updates Introduce New WebLogic Portal (WLP) Configuration Options for SSL Session ID and SSL Filters.

WebLogic Portal 9.2.3.0 is bundled with WebLogic Server 9.2.3.0, which is out of error correction. Contact Oracle support for security patches needed for WebLogic Server 9.2.3.0

Table 161 Critical Patch Update Availability for WebLogic Portal

Product Home	Patch	Advisory Number	Comments
10.3.6.0	SPU <Patch 20069588>	Released January 2015	WebLogic Portal Patch for WebLogic Portal 10.3.6.0 home

3.3.58 Oracle WebLogic Server

Table 162 describes the Error Correction information for Oracle WebLogic Server.

Table 162 Error Correction information for Oracle WebLogic Server Patch Set Update

Patch Information	12.1.3.0	12.1.2.0	10.3.6.0	Comments
Final Patch	October 2019	June 2016	October 2021

Table 163 describes the available patches for Oracle WebLogic Server. For more information, see MyOracleSupport <Note 1470197.1>, Master Note on WebLogic Server Patch Set Updates (PSUs).

Table 163 Patch Set Update Availability for Oracle WebLogic Server

Product Home	Patch	Advisory Number	Comments
Oracle Java SE home	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1992462.1>, Oracle Java SE Critical Patch Update	See <Note 1492980.1>, How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home	See Section 3.3.36, "Oracle JRockit"	See Section 3.3.36, "Oracle JRockit"
Oracle WebLogic Server Plug-ins home	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	See Section 3.3.59, "Oracle WebLogic Server Plug-ins"	WLS Plug-In patch for Oracle HTTP Server, Apache, IIS, and iPlanet
WebLogic Server 12.1.3.0 home	PSU 12.1.3.0.5 <Patch 21370953>	Released October 2015	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates) For CVE-2014-6499 released in October 2014, see <Note 1930466.1>, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server See <Note 1607170.1>, SSL Authentication Problem Using WebLogic 10.3.6 and 12.1.1 With JDK1.7.0_40 or Higher
WebLogic Server 12.1.2.0 home	PSU 12.1.2.0.7 <Patch 21364493>	Released October 2015	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates) For CVE-2014-4256, see <Note 1903763.1>, Download Request for Security Configuration For CVE-2014-6499 released in October 2014, see <Note 1930466.1>, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server See <Note 1607170.1>, SSL Authentication Problem Using WebLogic 10.3.6 and 12.1.1 With JDK1.7.0_40 or Higher
WebLogic Server 10.3.6.0 home	PSU 10.3.6.0.12 <Patch 20780171>	Released July 2015	See <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates) See <Note 1607170.1>, SSL Authentication Problem Using WebLogic 10.3.6 and 12.1.1 With JDK1.7.0_40 or Higher For CVE-2014-4256, see <Note 1903763.1>, Download Request for Security Configuration For CVE-2014-6499 released in October 2014, see <Note 1930466.1>, Deprecation of Link Level Encryption (LLE) in Tuxedo and WebLogic Server
WebLogic Server 12.1.3.0 home WebLogic Server 12.1.2.0 home WebLogic Server 12.1.1.0 home WebLogic Server 10.3.6.0 home	See <Note 1936300.1>	Released October 2014	SSL V3.0 "Poodle" Advisory

3.3.59 Oracle WebLogic Server Plug-ins

Table 164 the available patches for Oracle WebLogic Server Plug-ins (Oracle HTTP Server/Apache/IIS/iPlanet).

The WebLogic plug-ins include all cumulative bug fixes and thus include fixes for all previously released advisories. For more information, see My Oracle Support <Note 1111903.1>.

Table 164 Critical Patch Update Availability for Oracle WebLogic Server Plug-ins

Product Home

Patch

Advisory Number

Comments

WLS Plugin 12c (12.1.2.0)

SPU <Patch 18423842>

SPU <Patch 18603723>

SPU <Patch 18603725>

SPU <Patch 18603728>

Released July 2014

WLS Plug-in for Oracle HTTP Server (mod_wl_ohs)

WLS Plug-in for Apache (mod_wl)

WLS Plug-in for NSAPI (iPlanet)

WLS Plug-in for ISAPI (Microsoft IIS)

WLS Plugin 1.1 (11.1.1.7)

SPU <Patch 18423831>

SPU <Patch 18603703>

SPU <Patch 18603707>

SPU <Patch 18603714>

Released July 2014

WLS Plug-in for Oracle HTTP Server (mod_wl_ohs)

WLS Plug-in for Apache (mod_wl)

WLS Plug-in for NSAPI (iPlanet)

WLS Plug-in for ISAPI (Microsoft IIS)

WLS Plugin 1.0 (10.3.4 and older)

CPU <Patch 11845433>

Released April 2011

See <Note 1111903.1>, WebLogic Server Web Server Plug-In Support

3.4 Oracle Sun Middleware

This section contains the following:

Section 3.4.1, "Directory Server Enterprise Edition"
Section 3.4.2, "iPlanet Web Server"
Section 3.4.3, "iPlanet Web Proxy Server"
Section 3.4.4, "Oracle GlassFish Communications Server"
Section 3.4.5, "Oracle GlassFish Server"
Section 3.4.6, "Oracle OpenSSO Agents"
Section 3.4.7, "Sun Role Manager"

3.4.1 Directory Server Enterprise Edition

Table 165 describes the Error Correction information for Directory Server Enterprise Edition.

Table 165 Error Correction information for Directory Server Enterprise Edition

Patch Information	11.1.1.7	7.0	Comments
Final Patch	April 2017	October 2017

Table 166 describes the minimum revisions of Directory Server Enterprise Edition server patches that are required to resolve the vulnerabilities for CPUOct2015.

Table 166 Patch Availability for Directory Server Enterprise Edition

Product Home Patch Advisory Number Comments

Directory Server Enterprise Edition 11.1.1.7

BP 3 (11.1.1.7.3) <Patch 20874613> or later

CVE-2014-1568

For CVE-2014-3566, see SSL V3.0 "Poodle" Vulnerability, at http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html

Directory Server Enterprise Edition 7.0

Upgrade to Directory Server Enterprise Edition 11.1.1.7, then apply the patches listed above

CVE-2014-1568

For CVE-2014-3566, see SSL V3.0 "Poodle" Vulnerability, at http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html

See <Note 1373397.1> for Oracle DSEE New Bundle Patch Process

3.4.2 iPlanet Web Server

Table 167 describes the Error Correction information for iPlanet Web Server.

Table 167 Error Correction information for iPlanet Web Server

Patch Information	7.0	Comments
Final Patch	January 2017

Table 168 describes the minimum revisions of iPlanet Web Server patches that are required to resolve the vulnerabilities for CPUOct2015.

Table 168 Patch Availability for iPlanet Web Server

Product Home	Patch	Advisory Number	Comments
iPlanet Web Server 7.0 home	7.0.22 or later <Patch 21102763>	CVE-2014-1569

3.4.3 iPlanet Web Proxy Server

Table 169 describes the Error Correction information for iPlanet Web Proxy Server.

Table 169 Error Correction information for iPlanet Web Proxy Server

Patch Information	4.0	Comments
Final Patch	January 2017

Table 170 describes the minimum revisions of iPlanet Web Proxy Server patches that are required to resolve the vulnerabilities for CPUOct2015.

Table 170 Patch Availability for iPlanet Web Proxy Server

Product Home

Patch

Advisory Number

Comments

iPlanet Web Proxy Server 4.0 home

4.0.26 or later <Patch 21127754> (All)

4.0.26 or later <Patch 21271078> (Linux 2.4)

CVE-2014-1569

3.4.4 Oracle GlassFish Communications Server

Table 171 describes the Error Correction information for Oracle GlassFish Communications Server.

Table 171 Error Correction information for Oracle GlassFish Communications Server

Patch Information	2.0	Comments
Final Patch	October 2017

Table 172 describes the minimum revisions of Oracle GlassFish Communications Server patches that are required to resolve the vulnerabilities for CPUOct2015.

Table 172 Patch Availability for Oracle GlassFish Communications Server

Product Home

Patch

Advisory Number

Comments

Oracle GlassFish Communications Server 2.0

Linux x86: 143477-19

Linux x86-64: 143478-19

Solaris x86 and x86-64: 143476-07

Solaris SPARC 32 and 64 bit: 143475-16

Released July 2015

3.4.5 Oracle GlassFish Server

Table 173 describes the Error Correction information for Oracle GlassFish Server.

Table 173 Error Correction information for Oracle GlassFish Server

Patch Information	3.1.2	3.0.1	2.1.1	Comments
Final Patch	January 2019	October 2017	January 2017

Table 174 describes the minimum revisions of GlassFish server patches that are required to resolve the vulnerabilities for CPUOct2015.

Table 174 Patch Availability for Oracle GlassFish Server

Product Home Patch Advisory Number Comments

Oracle GlassFish Server 3.1.2

3.1.2.13 or later <Patch 21691220> (Closed Network)

3.1.2.13 or later <Patch 21691195> (Full Profile)

3.1.2.13 or later <Patch 21691209> (Web Profile)

CVE-2015-4899

For CVE-2014-3566, see SSL V3.0 "Poodle" Vulnerability, at http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html

Oracle GlassFish Server 3.0.1

3.0.1.13 or later <Patch 21691257>

CVE-2015-4899

For CVE-2014-3566, see SSL V3.0 "Poodle" Vulnerability, at http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html

Oracle GlassFish Server 2.1.1

2.1.1.26 or later <Patch 21126671> (EE)

2.1.1.26 or later <Patch 21126686> (PE)

Released July 2015

For CVE-2014-3566, see SSL V3.0 "Poodle" Vulnerability, at http://www.oracle.com/technetwork/topics/security/poodlecve-2014-3566-2339408.html

3.4.6 Oracle OpenSSO Agents

Table 175 describes the On-Request information for Oracle OpenSSO Server platforms.

Table 175 On-Request information for Oracle OpenSSO Server Platforms

Apache Web Server 2.0.5x

Apache Web Server 2.2

iPlanet Web Server 7.0

Domino 8.5.2

IIS 6

IIS 7/7.5

iPlanet Web Proxy Server 4.0

Comments

Solaris SPARC 9/10 (32/64 bit)

Solaris x86 9/10 (32/64 bit)

Windows 2003 (32 bit)

Windows 2008 (32 bit)

Linux RHEL 4.0/5.0 (32/64 bit)

Linux Debian/GNU 4.x (32/64 bit)

Linux SUSE 9.x (32/64 bit)

Linux Ubantu 8.x (32/64 bit)

AIX 5.x/6.1

HPUX 11iv2

Solaris SPARC 9/10 (32 bit)

Solaris x86 9/10 (32/64 bit)

Windows 2008 (32 bit)

Linux Debian/GNU 4.x (32/64 bit)

Linux SUSE 9.x (32/64 bit)

Linux Ubantu 8.x (32/64 bit)

AIX 5.x/6.1HPUX 11iv2

Solaris SPARC 9/10 (32 bit)

Solaris x86 9/10 (32 bit)

Windows 2003 (32 bit)

Linux RHEL 4.0/5.0 (32 bit)

Linux SUSE 10.3/11.1 (64 bit)

Solaris SPARC 10 (32 bit)

Windows 2003 (32 bit)

Windows 2008 (32 bit)

Linux RHEL 5.5 (32/64 bit)

Solaris SPARC 9/10 (32 bit)

Solaris x86 9/10 (32 bit)

Windows 2003 (32 bit)

Linux RHEL 4.0/5.0 (32 bit)

Linux Sue 10.3/11.1 (64 bit)

Table 176 describes the Error Correction information for Oracle OpenSSO Agents.

Table 176 Error Correction information for Oracle OpenSSO Agents

Patch Information	3.0	Comments
Final Patch	October 2017

Table 177 describes the available patches for Oracle OpenSSO Agents.

Table 177 Patch Availability for Oracle OpenSSO Agents

Product Home	Patch	Advisory Number	Comments
Oracle OpenSSO Agent 3.0 home	BP 3.0.0.5 SPU <Patch 20450584> or later	Released April 2015	iPlanet Proxy Server 4.0 patch
Oracle OpenSSO Agent 3.0 home	BP 3.0.0.6 SPU <Patch	CVE-2014-1568	Apache HTTP Server 2.2.X Patch
Oracle OpenSSO Agent 3.0 home	BP 3.0.0.6 <Patch	CVE-2014-1568	IBM Lotus Domino Server 8.5 Patch
Oracle OpenSSO Agent 3.0 home	BP 3.0.0.5 SPU <Patch 19003807> or later	Released October 2014	IIS 6 Patch
Oracle OpenSSO Agent 3.0 home	BP 3.0.0.6 <Patch	CVE-2014-1568	IIS 7 Patch
Oracle OpenSSO Agent 3.0 home	BP 3.0.0.6 <Patch	CVE-2014-1568	Sun Java System Web Server Patch

3.4.7 Sun Role Manager

Table 178 describes the Error Correction information for Sun Role Manager.

Table 178 Error Correction information for Sun Role Manager

Patch Information	5.0.3.2	Comments
Final Patch	October 2017
On-Request platforms

Table 179 describes the available patches for Sun role Manager. See also the underlying product stack tables for any applicable patches. Refer to comments section and apply the patch to the respective product home.

Table 179 Patch Availability for Sun Role Manager

Oracle Sun Role Manager	Patch	Advisory Number	Comments
Sun Role Manager 5.0.3.3 home	BP 3 <Patch 18175969> or higher	Released April 2014

3.5 Tools

This section contains the following:

Section 3.5.1, "Oracle OPatch"

3.5.1 Oracle OPatch

Table 180 describes the minimum product requirements for Oracle OPatch. The CPU security vulnerabilities are fixed in the listed release and later releases. The Oracle OPatch downloads can be found at <Patch 6880880>.

Table 180 Minimum Product Requirements for Oracle OPatch

Component	Release	Advisory Number	Comments
Oracle OPatch	1.0.0.0.64	Announced July 2011

4 Final Patch History

Table 181 describes the final patch history.

The final patch is the last CPU/PSU release for which the product release is under error correction. For more information, see My Oracle Support <Note 209768.1>, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.

Table 181 Final Patch History

Release	Final Patches	Comments
July 2015	Oracle API Gateway 11.1.2.2.0 Oracle Business Intelligence EE and Publisher 10.1.3.4.2 Oracle Communications Converged Application Server 4.0 Oracle Database 11.2.0.3 Oracle Database 11.1.0.7 Oracle Fusion Middleware 12.1.1.0.0 Oracle Identity and Access Management 11.1.1.5.0 Oracle iPlanet Web Server 6.1.x Oracle iPlanet Web Server (Java System Web Server 6.1.x) Oracle WebLogic Server 12.1.1.0
April 2015	Oracle Database Management Plug-in 12.1.0.5 Oracle Enterprise Manager Cloud Control 12.1.0.3 Oracle JDeveloper and Oracle ADF 12.1.2.0 Oracle Outside In Technology 8.4.1
January 2015	JRockit 5.x Oracle Identity and Access Management 11.1.2.1 Oracle TimesTen 7.0.x WebLogic Integration 10.2.1.0 WebLogic Integration 10.0.1.0 WebLogic Portal 10.2.1.0 WebLogic Portal 10.0.1.0 WebLogic Server 10.0.2.0 WebLogic Workshop 10.2.1.0 WebLogic Workshop 10.0.1.0
October 2014	Oracle Access Manager 10gR3 (10.1.4.x) Oracle Database Management Plug-in 12.1.0.4 Oracle Enterprise Manager Grid Control 10.2.0.5 Oracle Forms and Reports 11.1.2.1.0 Oracle Fusion Middleware 10.1.3.5 SOA Suite Oracle WebGate 10.1.4.3.0
July 2014	Oracle Business Process Management 6.0.5 Oracle Complex Event Processing and Weblogic Event Server 2.0 Oracle WebCenter Portal 11.1.1.7 Oracle WebLogic Portal 10.3.5.0
April 2014	Oracle Application Performance Management 6.5.5 Oracle Business Intelligence EE and Publisher 11.1.1.6.0 Oracle Data Integrator 11.1.1.6.0 Oracle Database Management Plug-in 12.1.0.3 Oracle Enterprise Manager Cloud Control 12.1.0.2 Oracle Identity Access Management 11.1.2.0 Oracle JDeveloper 11.1.2.3.0 Oracle Outside In Technology 8.4.0 Oracle Universal Content Management 11.1.1.6
January 2014	Oracle Complex Event Processing 11.1.1.6.0 Oracle Data Integrator 11.1.1.6.0 Oracle Database Management Plug-in 12.1.0.2 Oracle Directory Server Enterprise Edition 11.1.1.5.0 Oracle Fusion Middleware 11.1.1.6.0
October 2013	Oracle Access Manager 10.1.4.0 Oracle Database 11.2.0.2 Oracle Directory Server Enterprise Edition 6.3.1 Oracle Identity Manager 9.1.0.2 Oracle Real user Experience Insight 6.0.x Oracle WebCenter Sites 11.1.1.6.0 Sun Java System Directory Server Enterprise Edition 6.3.1 Sun Role Manager 4.x WebLogic Communications Server 3.x WebLogic Integration 9.2.3.0 WebLogic Portal 9.2.3.0 WebLogic Server 9.2.4.0 WebLogic SIP Server 3.x WebLogic Workshop 9.2.3.0
July 2013	Oracle Application Performance Management 12.1.0.2 Oracle AquaLogic Enterprise Repository 2.5 Oracle Collaboration Suite 10.1.x Oracle Database 10.2.0.5 Oracle Database 10.2.0.4 Oracle Enterprise Manager Cloud Control 12.1.0.1 Oracle Enterprise Repository 2.6 Oracle GoldenGate 10.4.1.0 Oracle GoldenGate Veridata 3.x Oracle Hyperion BI+ 11.1.1.x Oracle JDeveloper 11.1.2.2 Oracle Management Pack for Oracle GoldenGate 2.x Oracle Outside In Technology 8.3.7 Oracle WebLogic Server 10.3.5.0 Oracle WebLogic Portal 10.3.0 Oracle Workflow Server 2.6.4 with Database 10gR2

5 Sources of Additional Information

The following documents provide additional information about Critical Patch Updates:

My Oracle Support <Note 2037760.1>, Critical Patch Update October 2015 Database Known Issues
My Oracle Support <Note 2037757.1>, Oracle Database Patch for Engineered Systems and DB In-Memory 12.1.0.2.13 (Oct2015) Known Issues
My Oracle Support <Note 2037732.1>, Oracle Database PSU 12.1.0.2.5 Oracle JavaVM Component Known Issues
My Oracle Support <Note 2037733.1>, Oracle Database PSU 12.1.0.1.5 Oracle JavaVM Component Known Issues
My Oracle Support <Note 2037734.1>, Oracle Database PSU 11.2.0.4.5 Oracle JavaVM Component Known Issues
My Oracle Support <Note 2037752.1>, Oracle Grid Infrastructure Patch Set Update 12.1.0.2.5 Known Issues
My Oracle Support <Note 2037753.1>, Oracle Grid Infrastructure Patch Set Update 12.1.0.1.9 Known Issues
My Oracle Support <Note 2037736.1>, Oracle Grid Infrastructure Patch Set Update 11.2.0.4.8 Known Issues
My Oracle Support <Note 2006094.1>, Critical Patch Update October 2015 Database Patch Security Vulnerability Molecule Mapping
My Oracle Support <Note 2037112.1>, Critical Patch Update October 2015 Oracle Fusion Middleware Known Issues.
My Oracle Support <Note 2037114.1>, Critical Patch Update October 2015 Oracle Enterprise Manager Grid Control Known Issues
My Oracle Support <Note 1591483.1>, What is Installed in My Middleware or Oracle home?
My Oracle Support <Note 1571367.1>, Patch Set Update for Exalogic Known Issues
My Oracle Support <Note 1306505.1>, Announcing Oracle WebLogic Server PSUs (Patch Set Updates)
My Oracle Support <Note 1365205.1>, Getting Started with Oracle WebLogic Server: How to Make Sure that Recommended Patches are Applied
My Oracle Support <Note 1314535.1>, Announcing Exalogic PSUs (Patch Set Updates)
My Oracle Support <Note 1227443.1>, Patch Set Updates Known Issues Notes
My Oracle Support <Note 854428.1>, Patch Set Updates (PSUs) for Oracle Products.
My Oracle Support <Note 605795.1>, Introduction to catbundle.sql.
My Oracle Support <Note 605398.1>, How To Find The Version Of The Main EM Components.
My Oracle Support <Note 438314.1>, Critical Patch Update - Introduction to Database n-Apply CPU Patches.
My Oracle Support <Note 209768.1>, Database, FMW, EM Grid Control, and OCS Software Error Correction Support Policy.
My Oracle Support <Note 161549.1>, Oracle Database Server and Networking Patches for Microsoft Platforms.

6 Modification History

Table 182 describes the modification history for this document.

Table 182 Modification History

Date	Modification
9 December 2015	Updated Section 3.3.20
18 November 2015	Updated Table 10
9 November 2015	Updated Table 11
3 November 2015	Updated Section 2.5
2 November 2015	Updated Table 9 Updated Section 2.5 Updated Table 29 Updated Table 30
29 October 2015	Updated Table 7 Updated Table 29
27 October 2015	Updated Section 2.5 Updated Table 11 Updated Table 14
26 October 2015	Updated Section 2.5
22 October 2015	Updated Section 2.5 Updated Table 11
21 October 2015	Updated Table 9 Updated Table 11 Updated Table 124 Updated Section 2.5
20 October 2015	Released

7 Documentation Accessibility

For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/pls/topic/lookup?ctx=acc&id=docacc.

Access to Oracle Support

Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=info or visit http://www.oracle.com/pls/topic/lookup?ctx=acc&id=trs if you are hearing impaired.

Patch Set Update and Critical Patch Update Availability Document October 2015

This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.

The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.

If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:

U.S. GOVERNMENT RIGHTS Programs, software, databases, and related documentation and technical data delivered to U.S. Government customers are "commercial computer software" or "commercial technical data" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, the use, duplication, disclosure, modification, and adaptation shall be subject to the restrictions and license terms set forth in the applicable Government contract, and, to the extent applicable by the terms of the Government contract, the additional rights set forth in FAR 52.227-19, Commercial Computer Software License (December 2007). Oracle America, Inc., 500 Oracle Parkway, Redwood City, CA 94065.

This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark of The Open Group.

This software or hardware and documentation may provide access to or information on content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services.

Attachments

This solution has no attachment