Patch 26609445 - Database Patch Set Update 11.2.0.4.170814 (Includes CPUJul2017)
This document is accurate at the time of release. For any changes and additional information regarding PSU 11.2.0.4.170814, see these related documents that are available at My Oracle Support (http://support.oracle.com/):
Document 2261562.1 Database, Fusion Middleware, and Enterprise Manager Critical Patch Update July 2017 Patch Availability Document
Document 854428.1 Patch Set Updates for Oracle Products
Document 2264627.1 Oracle Database Patch Set Update 11.2.0.4.170718 Known Issues
This document includes the following sections:
From CPUJan2016 onwards, the 5th digit of the version number will be changed to reflect the release date in the format YYMMDD. See My Oracle Support Document 2061926.1 for more information.
Patch Set Update (PSU) patches are cumulative. That is, the content of all previous PSUs is included in the latest PSU patch.
PSU 11.2.0.4.170814 includes the fixes listed in Section 7, "Bugs Fixed by This Patch".
To install the PSU 11.2.0.4.170814 patch, the Oracle home must have the 11.2.0.4.0 Database installed. Subsequent PSU patches can be installed on Oracle Database 11.2.0.4.0 or any PSU with a lower 5th numeral version than the one being installed.
This patch is Oracle RAC Rolling Installable.
This patch is Database Vault installable. Review My Oracle Support Document 1195205.1 for details on how to apply this patch to a Database Vault environment.
This patch is Data Guard Standby-First Installable. See My Oracle Support Document 1265700.1 Oracle Patch Assurance - Data Guard Standby-First Patch Apply for details on how to remove risk and reduce downtime when applying this patch.
This patch contains a security fix due to which a SELECT query's plan MAY change under the following conditions:
The SELECT queries a table protected with a Fined Grained Auditing policy
And the policy condition is NULL
Table 1 describes installation types and security content. For each installation type, it indicates the most recent PSU patch to include new security fixes that are pertinent to that installation type. If there are no security fixes to be applied to an installation type, then "None" is indicated. If a specific PSU is listed, then apply that or any later PSU patch to be current with security fixes.
Table 1 Installation Types and Security Content
| Installation Type | Latest PSU with Security Fixes |
|---|---|
|
Server homes |
PSU 11.2.0.4.170814 |
|
Client-Only Installations |
PSU 11.2.0.4.170418 |
|
Instant Client Installations |
PSU 11.2.0.4.170418 (The Instant Client installation is not the same as the client-only Installation. For additional information about Instant Client installations, see Oracle Call Interface Programmer's Guide.) |
This section includes the following section:
You must use the OPatch utility version 11.2.0.3.6 or later to apply this patch. Oracle recommends that you use the latest released OPatch version for 11.2, which is available for download from My Oracle Support patch 6880880 by selecting the 11.2.0.0.0 release.
For information about OPatch documentation, including any known issues, see My Oracle Support Document 293369.1 OPatch documentation list.
These instructions are for all Oracle Database installations.
Before you install PSU 11.2.0.4.170814, perform the following actions to check the environment and to detect and resolve any one-off patch conflicts.
From October 2014 onwards, the Oracle JavaVM Component 11.2.0.4.x Database PSU patch is also available as a separate patch. This patch is not Oracle RAC Rolling Installable. For customers wanting to install both patches together during a single downtime window, follow the various Patching Options listed in the My Oracle Support Document 1929745.1 - Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU and RU" (OJVM PSU and OJVM RU) Patches.
If you are installing the PSU to an environment that has a Grid Infrastructure (GI) home, note the following:
Grid Infrastructure PSU 11.2.0.4.170814 Patch 26610246 should be applied to the Grid Infrastructure home and Database home using the readme instructions provided with the patch.
Ensure that the $PATH definition has the following executables: make, ar, ld, and nm.
The location of these executables depends on your operating system. On many operating systems, they are located in /usr/ccs/bin, in which case you can set your PATH definition as follows:
export PATH=$PATH:/usr/ccs/bin
For an introduction to the PSU one-off patch concepts, see "Patch Set Updates Patch Conflict Resolution" in My Oracle Support Document 854428.1 Patch Set Updates for Oracle Products.
The fastest and easiest way to determine whether you have one-off patches in the Oracle home that conflict with the PSU, and to get the necessary conflict resolution patches, is to use the Patch Recommendations and Patch Plans features on the Patches & Updates tab in My Oracle Support. These features work in conjunction with the My Oracle Support Configuration Manager. Recorded training sessions on these features can be found in Document 603505.1.
However, if you are not using My Oracle Support Patch Plans, the My Oracle Support Conflict Checker tool enables you to upload an OPatch inventory and check the patches that you want to apply to your environment for conflicts.
If no conflicts are found, you can download the patches. If conflicts are found, the tool finds an existing resolution to download. If no resolution is found, it will automatically request a resolution, which you can monitor in the Plans and Patch Requests region of the Patches & Updates tab.
For more information, see Knowledge Document 1091294.1, How to use the My Oracle Support Conflict Checker Tool.
Or, use the following steps to manually discover conflicts and resolutions:
Determine whether any currently installed one-off patches conflict with the PSU patch as follows:
unzip p26609445_112040_<platform>.zip cd 26609445 opatch prereq CheckConflictAgainstOHWithDetail -ph ./
The report will indicate the patches that conflict with PSU 26609445 and the patches for which PSU 26609445 is a superset.
Note that Oracle proactively provides PSU 11.2.0.4.170814 one-off patches for common conflicts.
Use My Oracle Support Document 1321267.1 Database Patch conflict resolution to determine, for each conflicting patch, whether a conflict resolution patch is already available, and if you need to request a new conflict resolution patch or if the conflict may be ignored.
When all the one-off patches that you have requested are available at My Oracle Support, proceed with Section 3.2, "Patch Installation Instructions".
Conflicting patches should be rolled back before applying the patch, otherwise opatch apply will report conflicts again.
Follow these steps:
If you are using a Data Guard Physical Standby database, you must install this patch on both the primary database and the physical standby database, as described by My Oracle Support Document 278641.1.
If this is an Oracle RAC environment, install the PSU patch using the OPatch rolling (no downtime) installation method as the PSU patch is rolling Oracle RAC installable. Refer to My Oracle Support Document 244241.1 Rolling Patch - OPatch Support for RAC.
If this is not a Oracle RAC environment, shut down all instances and listeners associated with the Oracle home that you are updating. For more information, see Oracle Database Administrator's Guide.
Rollback any patches found during the One-off Patch Conflict Detection.
Set your current directory to the directory where the patch is located and then run the OPatch utility by entering the following commands:
unzip p26609445_112040_<platform>.zip
cd 26609445
opatch apply
Install all resolutions to conflicts found during the One-off Patch Conflict Detection.
If there are errors, refer to Section 5, "Known Issues".
After installing the patch, perform the following actions:
Apply conflict resolution patches as explained in Section 3.3.1.
Load modified SQL files into the database, as explained in Section 3.3.2.
Apply the patch conflict resolution one-off patches that were determined to be needed when you performed the steps in Section 3.1.4, "One-off Patch Conflict Detection and Resolution".
The following steps load modified SQL files into the database. For an Oracle RAC environment, perform these steps on only one node.
For each database instance running on the Oracle home being patched, connect to the database using SQL*Plus. Connect as SYSDBA and run the catbundle.sql script as follows:
cd $ORACLE_HOME/rdbms/admin sqlplus /nolog SQL> CONNECT / AS SYSDBA SQL> STARTUP SQL> @catbundle.sql psu apply SQL> QUIT
The catbundle.sql execution is reflected in the dba_registry_history view by a row associated with bundle series PSU.
For information about the catbundle.sql script, see My Oracle Support Document 605795.1 Introduction to Oracle Database catbundle.sql.
If the OJVM PSU was applied for a previous PSU patch, you may see invalid Java classes after execution of the catbundle.sql script in the previous step. If this is the case, run utlrp.sql to re-validate these Java classes.
cd $ORACLE_HOME/rdbms/admin sqlplus /nolog SQL> CONNECT / AS SYSDBA SQL> @utlrp.sql
Check the following log files in $ORACLE_HOME/cfgtoollogs/catbundle or $ORACLE_BASE/cfgtoollogs/catbundle for any errors:
catbundle_PSU_<database SID>_APPLY_<TIMESTAMP>.log catbundle_PSU_<database SID>_GENERATE_<TIMESTAMP>.log
where TIMESTAMP is of the form YYYYMMMDD_HH_MM_SS. If there are errors, refer to Section 5, "Known Issues".
This patch now includes the OJVM Mitigation patch (Patch:19721304). If an OJVM PSU is installed or planned to be installed, no further actions are necessary. Otherwise, the workaround of using the OJVM Mitigation patch can be activated. As SYSDBA do the following from the admin directory:
SQL > @dbmsjdev.sql SQL > exec dbms_java_dev.disable
For more information on the OJVM mitigation patch, see Document 1929745.1 Oracle Recommended Patches -- "Oracle JavaVM Component Database PSU" (OJVM PSU) Patches.
There are no actions required for databases that have been upgraded or created after installation of PSU 11.2.0.4.170814.
These instructions apply if you need to deinstall the patch.
Section 4.1, "Patch Deinstallation Instructions for a Non Oracle RAC Environment"
Section 4.2, "Patch Post-Deinstallation Instructions for a Non Oracle RAC Environment"
Section 4.3, "Patch Deinstallation Instructions for an Oracle RAC Environment"
Section 4.4, "Patch Post-Deinstallation Instructions for an Oracle RAC Environment"
Follow these steps:
Verify that an $ORACLE_HOME/rdbms/admin/catbundle_PSU_<database SID>_ROLLBACK.sql file exists for each database associated with this ORACLE_HOME. If this is not the case, you must execute the steps in Section 3.3.2, "Loading Modified SQL Files into the Database" against the database before deinstalling the PSU.
Shut down all instances and listeners associated with the Oracle home that you are updating. For more information, see Oracle Database Administrator's Guide.
Run the OPatch utility specifying the rollback argument as follows.
opatch rollback -id 26609445
If there are errors, refer to Section 5, "Known Issues".
Follow these steps:
Start all database instances running from the Oracle home. (For more information, see Oracle Database Administrator's Guide.)
For each database instance running out of the ORACLE_HOME, connect to the database using SQL*Plus as SYSDBA and run the rollback script as follows:
cd $ORACLE_HOME/rdbms/admin
sqlplus /nolog
SQL> CONNECT / AS SYSDBA
SQL> STARTUP
SQL> @catbundle_PSU_<database SID>_ROLLBACK.sql
SQL> QUIT
In an Oracle RAC environment, the name of the rollback script will have the format catbundle_PSU_<database SID PREFIX>_ROLLBACK.sql.
If the OJVM PSU was applied for a previous PSU patch, you may see invalid Java classes after execution of the catbundle.sql script in the previous step. If this is the case, run utlrp.sql to re-validate these Java classes.
cd $ORACLE_HOME/rdbms/admin sqlplus /nolog SQL> CONNECT / AS SYSDBA SQL> @utlrp.sql
Check the log file for any errors. The log file is found in $ORACLE_BASE/cfgtoollogs/catbundle and is named catbundle_PSU_<database SID>_ROLLBACK_<TIMESTAMP>.log where TIMESTAMP is of the form YYYYMMMDD_HH_MM_SS. If there are errors, refer to Section 5, "Known Issues".
Follow these steps for each node in the cluster, one node at a time:
Shut down the instance on the node.
Run the OPatch utility specifying the rollback argument as follows.
opatch rollback -id 26609445
If there are errors, refer to Section 5, "Known Issues".
Start the instance on the node as follows:
srvctl start instance –d <db-unique-name> -n <nodename>
Follow the instructions listed in Section Section 4.2, "Patch Post-Deinstallation Instructions for a Non Oracle RAC Environment" only on the node for which the steps in Section 3.3.2, "Loading Modified SQL Files into the Database" were executed during the patch application.
All other instances can be started and accessed as usual while you are executing the deinstallation steps.
For information about OPatch issues, see My Oracle Support Document 293369.1 OPatch documentation list.
For issues documented after the release of this PSU, see My Oracle Support Document 2264627.1 Oracle Database Patch Set Update 11.2.0.4.170718 Known Issues.
Other known issues are as follows.
The following ignorable errors may be encountered while running the catbundle.sql script or its rollback script:
ORA-00942: table or view does not exist ORA-00955: name is already used by an existing object ORA-01430: column being added already exists in table ORA-01432: public synonym to be dropped does not exist ORA-01434: private synonym to be dropped does not exist ORA-01435: user does not exist ORA-01917: user or role 'XDB' does not exist ORA-01920: user name '<user-name>' conflicts with another user or role name ORA-01921: role name '<role name>' conflicts with another user or role name ORA-01927: cannot REVOKE privileges you did not grant ORA-01952: system privileges not granted to 'WKSYS' ORA-02303: cannot drop or replace a type with type or table dependents ORA-02443: Cannot drop constraint - nonexistent constraint ORA-04043: object <object-name> does not exist ORA-06512: at line <line number>. (That is, if ORA-06512 follows any of preceding errors, it can be safely ignored.) ORA-14452: attempt to create, alter or drop an index on temporary table already in use ORA-29809: cannot drop an operator with dependent objects ORA-29830: operator does not exist ORA-29832: cannot drop or replace an indextype with dependent indexes ORA-29844: duplicate operator name specified ORA-29931: specified association does not exist
Warnings may be returned during the re-link phase of 26609445. These warnings may be ignored.
warning: overriding commands for target `nmosudo' warning: ignoring old commands for target `nmosudo'
See the following document for additional information.
Document 1562458.1 Relinking the DB Control 11.2.0.3 Agent Displays a Warning Message "overriding commands for target 'nmosudo'"
On HP-UX systems, the following ignorable warnings may be encountered during the relinking of the oracle binary:
WARNING:OUI-67215: OPatch found the word "failed" in the stderr of the make command.Please look at this stderr. You can re-run this make command. cc: warning 487: Possibly incorrect message catalog. total_lntt_bytes is 0, assuming size of .debug_lntt Failed to mmap lntt temp file.
On AIX systems, the following ignorable warnings may be encountered during the relinking of the oracle binary:
WARNING:OUI-67215: OPatch found the word "failed" in the stderr of the make command.Please look at this stderr. You can re-run this make command. ld: 0711-224 WARNING: Duplicate symbol: <symbol> ld: 0711-345 WARNING: Duplicate symbol: <symbol> ld: 0711-773 WARNING: Duplicate symbol: <symbol> ld: 0711-783 WARNING: Duplicate symbol: <symbol> ld: 0711-301 WARNING: Duplicate symbol: <symbol> ld: 0711-415 WARNING: Duplicate symbol: <symbol> ld: 0711-319 WARNING: Duplicate symbol: <symbol>
On IBM: Linux on System Z, the following ignorable warnings may be encountered during relinking of e2eme binary:
OUI-67215: OPatch found the word "warning" in the stderr of the make command. Please look at this stderr. You can re-run this make command. Stderr output: ins_emagent.mk:113: warning: overriding commands for target `nmosudo' ins_emagent.mk:52: warning: ignoring old commands for target `nmosudo'
If Oracle Database Vault is enabled, the following error can occur during the execution of the Post Installation or Deinstallation steps:
initjvmaux.drop_sros(); EXECUTE IMMEDIATE 'create or replace java system'; ... ORA-01031: insufficient privileges ORA-06512: at "SYS.INITJVMAUX", line 535 ORA-06512: at line 3
To recover from this issue, see the following My Oracle Support Document 1935120.1 ORA-01031 during Post Install / De-install for Database PSU or OJVM PSU
When trying to install the Oracle Database Patch Set Update 11.2.0.4.160719, OPatch reports:
/refresh/home/app/oracle/product/11.2.0/client_1/rdbms/admin/orasdkbase_shrept.lst: No such file or directory /usr/bin/ld: cannot open linker script file /refresh/home/app/oracle/product/11.2.0/client_1/rdbms/admin/liborasdkbase.def: No such file or directory collect2: ld returned 1 exit status /refresh/home/app/oracle/product/11.2.0/client_1/bin/genorasdksh: Failed to link liborasdkbase.so.11.1 make: *** [liborasdkbase] Error 1
Cause: BUG 24331924 - MISSING LIBORASDKBASE FROM 11.2.0.4 RUNTIME CLIENT
Solution: Follow these steps:
Apply patch 24331924.
Re-apply the PSU.
Problem: The permission of the library file $ORACLE_HOME/lib/libsqlplus.so may change from 644 to 640, after applying this PSU patch.
You may first notice this issue from the following error encountered from SQL*Plus through non-oracle user:
ld.so.1: sqlplus: fatal: …../lib/libsqlplus.so: Permission denied
This issue is discussed further in My Oracle Support Document 2201729.1. This issue is fixed in a future release Oracle Database 12c release 2 (12.2).
Workaround: For earlier versions, do the following:
Change the permission of the library file $ORACLE_HOME/lib/libsqlplus.so back to 644 to allow the non-oracle users and application users to connect.
Otherwise, apply the patch 22730454 on top of this PSU release.
The following documents are references for this patch.
Document 293369.1 OPatch documentation list
Document 360870.1 Impact of Java Security Vulnerabilities on Oracle Products
Document 1321267.1 Database Patch conflict resolution
Document 26609445.8 Database 11.2.0.4.170814 Patch Set Update (PSU)
Document 1611785.1 11.2.0.4 Patch Set Updates - List of Fixes in each PSU
Document 1561792.2 Patching Assistant: Oracle Database/Client - Select PSU/SPU (aka CPU)
This patch includes the following bug fixes.
CPU molecules in PSU 11.2.0.4.170718:
PSU 11.2.0.4.170718 contains the following PSU 11.2.0.4.170718 molecules.
| 26030218 - DB-11.2.0.4-MOLECULE-055-CPUJUL2017 |
See My Oracle Support Document 1611785.1 that documents all the non-security bugs fixed in each 11.2.0.4 Patch Set Update (PSU).
Bugs Fixed for PSU 11.2.0.4.170718
PSU 11.2.0.4.170718 contains the following fixes:
Advance Queuing
17365043 - "STREAMS AQ: ENQUEUE BLOCKED ON LOW MEMORY" WHEN REDUCING STREAMS_POOL_SIZE
Automatic Storage Management
25957038 - M7: ASM START FAILS W/ ORA-00600:[KFODAAPPLIANCEINIT0],[3],[3] DURING GI INSTALL
Buffer Cache Management
13871092 - CDB_RAC : ORA-00600:[KCLPIS_1] - ABNORMAL INSTANCE TERMINATION BY LMS0 19207117 - ORA-600 [KCBGTCR_13] ON ACTIVE DATAGUARD EVEN AFTER APPLYING 18899974 22168163 - HIGH SCN GROWTH DUE TO BUFFER CACHE CLONE AND SWITCH-CURRENT
Generic
19461270 - ORA-4031 EXECUTING TRUNCATE PARTITION ON INTERVAL PARTITIONED TABLES 19469538 - LOADING OF DATA IN ECOL$ TABLE IS NON-OPTIMAL FOR QUERIES 19578350 - ORA-7445 [KGLBRK()+47] [SIGSEGV] [ADDR:0X30] [PC:0XD5CCF7F] 19689979 - ORA-8103 RUNNING SELECT ON PARTITION TABLE ON RAC NODE 20387265 - STBH: ORA-600 [CURSOR NOT TYPECHECKED] WAS COMPLETELY FLOOD CONTROLLED (0X6) 20879889 - INSERT INTO MV LOG LEAVING TOO MANY OPEN CURSORS AFTER UPGR TO 11.2.0.4 25423453 - Fix for bug 25423453 25427662 - Fix for bug 25427662
High Availability
16685417 - LMS HANG AND DATABASE INSTANCE TERMINATION BY LMHB 16832076 - LNX64-11204-RAC: DB HIT ORA-600 [KJSMESM:SVRMODE] AND ORA-600 [KJATSU2:KJSMTSM] 18043064 - RMAN DUPLICATE FROM ACTIVE ATTEMPTING FLASHBACK OF ACTIVE PRIMARY 18899974 - ORA-600 [KCBGTCR_13] ON ACTIVE DATAGUARD 19777862 - ADD CURRENT SCN HEADROOM AND REJECTION THRESHOLD DETAILS IN ALERT.LOG 19888853 - TIMESTAMP USED IN REASONABLE SCN LIMIT CALCULATIONS SHOULD USE UTC 20509482 - ORA-00752: RECOVERY DETECTED A LOST WRITE OF A DATA BLOCK 25600421 - Fix for bug 25600421
Oracle Space Management
14521849 - PHSB: CDB MRP CRASH ORA-00600: [KCBR_APPLY_CHANGE_11] 18259031 - ORA-600 [OME ADDRESSES WILL APPEAR IN HEX:OBJD ] [4], [81827], [4]
Oracle Virtual Operating System Services
25655390 - Fix for bug 25655390 25823754 - Fix for bug 25823754
Bugs Fixed for PSU 11.2.0.4.170814
PSU 11.2.0.4.170814 contains the following new fixes:
26544823 - Fix for bug 26544823 26575788 - Fix for bug 26575788
For information about Oracle's commitment to accessibility, visit the Oracle Accessibility Program website at http://www.oracle.com/us/corporate/accessibility/index.html.
Access to Oracle Support
Oracle customers have access to electronic support through My Oracle Support. For information, visit http://www.oracle.com/support/contact.html or visit http://www.oracle.com/us/corporate/accessibility/support/index.html if you are hearing impaired.
Patch 26609445 - Database Patch Set Update 11.2.0.4.170814 (Includes CPUJul2017) for UNIX
Copyright © 2006, 2017, Oracle and/or its affiliates. All rights reserved.
This software and related documentation are provided under a license agreement containing restrictions on use and disclosure and are protected by intellectual property laws. Except as expressly permitted in your license agreement or allowed by law, you may not use, copy, reproduce, translate, broadcast, modify, license, transmit, distribute, exhibit, perform, publish, or display any part, in any form, or by any means. Reverse engineering, disassembly, or decompilation of this software, unless required by law for interoperability, is prohibited.
The information contained herein is subject to change without notice and is not warranted to be error-free. If you find any errors, please report them to us in writing.
If this is software or related documentation that is delivered to the U.S. Government or anyone licensing it on behalf of the U.S. Government, the following notice is applicable:
U.S. GOVERNMENT END USERS: Oracle programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, delivered to U.S. Government end users are "commercial computer software" pursuant to the applicable Federal Acquisition Regulation and agency-specific supplemental regulations. As such, use, duplication, disclosure, modification, and adaptation of the programs, including any operating system, integrated software, any programs installed on the hardware, and/or documentation, shall be subject to license terms and license restrictions applicable to the programs. No other rights are granted to the U.S. Government.
This software or hardware is developed for general use in a variety of information management applications. It is not developed or intended for use in any inherently dangerous applications, including applications that may create a risk of personal injury. If you use this software or hardware in dangerous applications, then you shall be responsible to take all appropriate fail-safe, backup, redundancy, and other measures to ensure its safe use. Oracle Corporation and its affiliates disclaim any liability for any damages caused by use of this software or hardware in dangerous applications.
Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.
Intel and Intel Xeon are trademarks or registered trademarks of Intel Corporation. All SPARC trademarks are used under license and are trademarks or registered trademarks of SPARC International, Inc. AMD, Opteron, the AMD logo, and the AMD Opteron logo are trademarks or registered trademarks of Advanced Micro Devices. UNIX is a registered trademark licensed through X/Open Company, Ltd.
This software or hardware and documentation may provide access to or information about content, products, and services from third parties. Oracle Corporation and its affiliates are not responsible for and expressly disclaim all warranties of any kind with respect to third-party content, products, and services unless otherwise set forth in an applicable agreement between you and Oracle. Oracle Corporation and its affiliates will not be responsible for any loss, costs, or damages incurred due to your access to or use of third-party content, products, or services, except as set forth in an applicable agreement between you and Oracle.