Feed aggregator

SYS_CONTEXT('userenv','module') behaviour in Database Vault

Tom Kyte - 2 hours 55 min ago
Hello Tom, I have implemented DB Vault on a 12.2.0.1.0 Oracle database. I created a Vault policy to block adhoc access to application schema using DB tools like Toad etc. The policy should allow only application connection to DB from application s...
Categories: DBA Blogs

A Quick Look At What's New In Oracle JET v5.1.0

OTN TechBlog - Wed, 2018-07-18 12:11

On June 18th, the v5.1.0 release of Oracle JET was made available. It was the 25th consecutive on-schedule release for Oracle JET. Details on the release schedule are provided here in the FAQ.

As indicated by the release number, v5.1.0 is a minor release, aimed at tweaking and consolidating features throughout the toolkit. As in other recent releases, new features have been added to support development of composite components, following the Composite Component Architecture (CCA). For details, see the entry on the new Template Slots in Duncan Mills's blog. Also, take note of the new design time metadata, as described in the release notes

Aside from the work done in the CCA area, the key new features and enhancements to be aware of in the release are listed below, sorted alphabetically:

Component Enhancement Description oj-chart New "data" attribute. Introduces new attributes, slots, and custom elements. oj-film-strip New "looping" attribute. Specifies filmstrip navigation behavior, bounded ("off) or looping ("page"). oj-form-layout Enhanced content flexibility. Removes restrictions on the types of children allowed in the "oj-form-layout" component. oj-gantt New "dnd" attribute and "ojMove" event.  Provides new support for moving tasks via drag and drop. oj-label-value New component. Provides enhanced layout flexibility for the "oj-form-layout" component. oj-list-view Enhanced "itemTemplate" slot. Supports including the <LI> element in the template. oj-swipe-actions New component. Provides a declarative way to add swipe-to-reveal functionality to items in the "oj-list-view" component.

For all the details on the items above, see the release notes.

Note: Be aware that in Oracle JET 7.0.0, support for Yeoman and Grunt will be removed from generator-oraclejet and ojet-cli. As a consequence, the ojet-cli will be the only way to use the Oracle JET tooling, e.g., to create new Oracle JET projects from that point on. Therefore, if you haven't transferred from using Yeoman and Grunt to ojet-cli yet, e.g., to command line calls such as "ojet create", take some time to move in that direction before the 7.0.0 release.

As always, your comments and constructive feedback are welcome. If you have questions, or comments, please engage with the Oracle JET Community in the Discussion Forums and also follow @OracleJET on Twitter.

For organizations using Oracle JET in production, you're invited to be highlighted on the Oracle JET site, with the latest addition being a brand new Customer Success Story by Cagemini.

On behalf of the entire Oracle JET development team: "Happy coding!"

Critical Patch Update for July 2018 Now Available

Steven Chan - Wed, 2018-07-18 10:09

The Critical Patch Update (CPU) for July 2018 was released on July 17, 2018. Oracle strongly recommends applying the patches as soon as possible.

The Critical Patch Update Advisory is the starting point for relevant information. It includes a list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities, and links to other important documents. 

Supported products that are not listed in the "Supported Products and Components Affected" Section of the advisory do not require new patches to be applied.

The Critical Patch Update Advisory is available at the following location:

It is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches.

The next four Critical Patch Update release dates are:

  • October 16, 2018
  • January 15, 2019
  • April 16, 2019
  • July 16, 2019
References Related Articles
Categories: APPS Blogs

Oracle Expands Challenger Series with Chicago Event at XS Tennis Village

Oracle Press Releases - Wed, 2018-07-18 10:00
Press Release
Oracle Expands Challenger Series with Chicago Event at XS Tennis Village Free event reaffirms Oracle’s commitment to providing unparalleled opportunities for American players

Redwood Shores, Calif.—Jul 18, 2018

Continuing its strong support for American tennis, Oracle announced today it is adding a Chicago event to the Oracle Challenger Series, to be held at XS Tennis Village September 2-9, 2018 in conjunction with the Association of Tennis Professionals (ATP) and the Women’s Tennis Association (WTA).

The Oracle Challenger Series launched earlier this year with events in Newport Beach and Indian Wells, California, with the mission of providing unparalleled opportunities for up-and-coming American tennis players to secure both ranking points and prize money.

As part of Oracle’s commitment to growing the game of tennis nationally, the Oracle Challenger Series will look to make a positive impact on the communities where its events are held by donating $5,000 to the local Chicago chapter of the National Junior Tennis and Learning (NJTL) network. The NJTL provides free or low-cost tennis and education programming to more than 225,000 under-resourced youth in the United States.

“We’re adding Challenger tournaments because American tennis players need more chances to compete at home and make a career out of the sport,’’ said Oracle CEO Mark Hurd. “Oracle also wants to improve the quality of tennis. We’re deeply committed to the sport and as part of the new event in Chicago, we’re providing assistance to create better access for Americans to play tennis.’’ 

“We are thrilled to welcome the Oracle Challenger Series to Chicago this September,” said Kamau Murray, President and CEO of XS Tennis Village and Executive Director of XS Tennis and Education Foundation. “We’re proud to work with Oracle on this great event and support the incredible work that they do to promote American tennis at all levels of the game. Their commitment to the sport goes hand-in-hand with our mission at XS to provide a positive pathway to future success through tennis.”

The Chicago tournament will be a joint ATP Challenger Tour/WTA 125K Series event and pay equal prize money ($150,000 per Tour) for a total of $300,000. Both the women’s and men’s draws will consist of 32 singles players, 16 qualifying players and 16 doubles teams. The event will be free and open to the public.

The 2018-2019 Oracle Challenger Series will begin in Chicago, with additional events to be added at a later date. The Series will culminate at the 2019 BNP Paribas Open, the largest ATP World Tour and WTA combined two-week event in the world, held annually at the Indian Wells Tennis Garden, where the two American women and men who accumulate the most points over the course of the Series will receive wildcards into their respective singles main draws.

The Oracle Challenger Series builds on Oracle’s commitment to help support U.S. tennis at both the professional and collegiate level. Oracle sponsors the Oracle US Tennis Awards, two $100,000 grants awarded annually to assist young players as they transition from college into the professional ranks. In addition to sponsoring the Intercollegiate Tennis Association rankings, Oracle also hosts the Oracle ITA Masters tournament in Malibu, California and the Oracle ITA National Fall Championships which will be held at the Surprise Tennis Center in Surprise, Arizona in 2018.

For more information about the Oracle Challenger Series, visit www.oraclechallengerseries.com.

Contact Info
Deborah Hellinger
Oracle Corporate Communications
+1.212.508.7935
deborah.hellinger@oracle.com
About Oracle

The Oracle Cloud offers complete SaaS application suites for ERP, HCM and CX, plus best-in-class database Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) from data centers throughout the Americas, Europe and Asia. For more information about Oracle (NYSE:ORCL), please visit us at www.oracle.com.

Trademarks

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Talk to a Press Contact

Deborah Hellinger

  • +1.212.508.7935

Triggers on materialized views

Tom Kyte - Wed, 2018-07-18 07:26
Are triggers on materialized views supported by oracle? If so, is a good practice to use them?
Categories: DBA Blogs

IN & EXISTS

Tom Kyte - Wed, 2018-07-18 07:26
Tom: can you give me some example at which situation IN is better than exist, and vice versa.
Categories: DBA Blogs

Initializing Contexts after getting a connection from a ConnectionPool

Tom Kyte - Wed, 2018-07-18 07:26
I understand best practice is to initialize a connection from a connection pool by clearing the Application Context. However,there are multiple namespaces. Should every namespace be cleared? How does one find the name of every namespace?
Categories: DBA Blogs

DDL for objects

Tom Kyte - Wed, 2018-07-18 07:26
Hi, I wanted to get the DDL for all objects in a database schema. I'm aware of DBMS_METADATA.GET_DDL to get the DDL from a PL/SQL block but was facing the bellow issue: The return type is HUGECLOB and I need it in a directly viewable form simil...
Categories: DBA Blogs

Oracle Database Performance tuning using Application Developer ( Application user)

Tom Kyte - Wed, 2018-07-18 07:26
This question is from the context when App-server and Oracle Database is hosted on a vendor cloud. They are in a separate container and application will be in a separate container. Example, App-server and DB on Oracle cloud and GUI on customer's ...
Categories: DBA Blogs

V5 Systems Makes Cities Safer with Oracle Cloud

Oracle Press Releases - Wed, 2018-07-18 07:00
Press Release
V5 Systems Makes Cities Safer with Oracle Cloud Outdoor Industrial IoT platform company uses Oracle Cloud Infrastructure to quickly scale up security while dramatically reducing costs

Redwood Shores, Calif.—Jul 18, 2018

To help make cities safer quickly, V5 Systems has implemented Oracle Cloud Infrastructure as part of its security solution. As the pioneer of the world’s first self-powered outdoor security and computing platform, V5 Systems helps cities around the world address critical security issues.

Nestled in Silicon Valley, the City of Hayward was experiencing theft and drug crime around City Hall due to open areas and its close proximity to the main rail transportation for the Bay Area. They wanted to add in video surveillance as an added security layer but to do so needed access to power and communications. There was no fixed power or communications infrastructure where crime was happening and City Hall had just been renovated so trenching was not an option. The City of Hayward was able to implement V5 Systems’ portable video surveillance in less than 30 minutes per unit. Hayward avoided nearly $1 million in trenching fees and 911 calls dropped 60 percent within the first three months of deployment.

V5 Systems needed a cloud provider that met its needs of delivering real-time security to its customers. After reviewing a number of major cloud providers, V5 Systems discovered that although costs of most providers initially appeared low, the data retrieval and transmission costs critical to a video monitoring solution were high. With the enterprise-grade performance of Oracle Cloud Infrastructure, V5 Systems can scale-up any individual deployment if the processing and storage requirements of a security unit or customer increase, as well as scale-out capacity to serve additional customers as their needs grow. The company can better control its costs, and in turn, offer more affordable solutions to its end-customers.

“Our customers need consistent access to our service, and regularly monitor video, so outbound data performance and cost is important,” said Steve Yung, CEO, V5 Systems. “Traditionally video and sensor information has to run through multiple channels before first responders are notified. At a critical time, this delay could make a huge impact on the outcome of the security situation. The performance Oracle delivers has a significant impact on the outbound data so response time for our customers can be faster.”

V5 Systems rapidly enables and supports outdoor Industrial IoT applications. Its customers rely on V5 Systems’ mobile alerts to warn of threats and potential issues in real-time through 24/7 video analytics, AI-driven acoustic gunshot sensors and chemical detection. Several of its customers are using its application built on Oracle and V5 is in the process of transitioning other customers. Leveraging the flexibility and agility of the cloud, V5 Systems is also actively building tools that will spin up customized portals for new customers in minutes, significantly cutting down the traditionally lengthy process of configuring security.

“You can’t put a price on safety. V5 Systems has engineered a revolutionary power system that allows the ability to deploy sophisticated systems and computing systems wirelessly, in any outdoor environment,” said Kash Iftikhar, vice president of product and strategy, Oracle Cloud Infrastructure. “By leveraging Oracle Cloud Infrastructure, V5 Systems is able to deliver the reliability its customers need by conducting analytics and monitoring at the edge in record time so its customers can feel safer; all while achieving significant cost savings for its business.”

Contact Info
Danielle Tarp
Oracle
+1.650.506.2904
danielle.tarp@oracle.com
Quentin Nolibois
Burson-Marsteller PR for Oracle
+1.415.591.4097
quentin.nolibois@bm.com
About V5 Systems

V5 Systems is a ​California-based ​technology company that provides ​leading-edge ​portable, wireless, self-powered outdoor computing and security solutions for Industrial IoT applications. They deliver turnkey video surveillance and gunshot detection solutions that can be deployed in under 30 minutes per unit, while the computing platform itself can act as a host for 3rd party hardware and software integration. These solutions utilize a proprietary power management system which eliminates the need for fixed power and hard-wired communications. V5 Systems develops and optimizes all software and AI analytics to run at the edge, which is instrumental to delivering real-time information to its users. Working with state, local government, education and private enterprises V5 Systems delivers the next generation of Industrial IoT security and computing solutions to the outdoors.

About Oracle Cloud Infrastructure

Oracle Cloud Infrastructure combines the benefits of public cloud (on-demand, self-service, scalability, pay-for-use) with those benefits associated with on-premises environments (governance, predictability, control) into a single offering. Oracle Cloud Infrastructure takes advantage of a high-scale, high-bandwidth network that connects cloud servers to high-performance local, block, and object storage to deliver a cloud platform that yields the highest performance for traditional and distributed applications, as well as highly available databases.

With the acquisitions of Dyn and Zenedge, Oracle Cloud Infrastructure extended its offering to include Dyn’s best-in-class DNS and email delivery solutions and Zenedge’s next-generation Web Application Firewall (WAF) and Distributed Denial of Service (DDoS) capabilities.

About Oracle

The Oracle Cloud offers complete SaaS application suites for ERP, HCM and CX, plus best-in-class database Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) from data centers throughout the Americas, Europe and Asia. For more information about Oracle (NYSE:ORCL), please visit us at www.oracle.com.

Trademarks

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Talk to a Press Contact

Danielle Tarp

  • +1.650.506.2904

Quentin Nolibois

  • +1.415.591.4097

Announcement: Venue Confirmed For Upcoming Brussels “Oracle Indexing Internals and Best Practices” Seminar

Richard Foote - Wed, 2018-07-18 02:55
I can finally confirm the venue for my upcoming “Oracle Indexing Internals and Best Practices” seminar in beautiful Brussels, Belgium running on 27-28 September 2018. The venue will be the Regus Brussels City Centre Training Rooms Facility, Avenue Louise / Louizalaan 65, Stephanie Square, 1050, Brussels. Note: This will be the last public seminar I’ll run […]
Categories: DBA Blogs

Control File issues on duplicating with non patched Oracle version.

Yann Neuhaus - Wed, 2018-07-18 02:34

Introduction :

RMAN has the ability to duplicate, or clone, a database from a backup or from an active database.
It is possible to create a duplicate database on a remote server with the same file structure,
or on a remote server with a different file structure or on the local server with a different file structure.
For some old and  non patched Oracle versions such as that earlier than 11.2.0.4 , the duplicate (from active or backup) can be a real
challenge even for those DBAs with years of experience,  due to different bugs encountered.

The scenario specified  below will focus on control file issues revealed by duplication from active database an Oracle 11.2.0.2 version EE.

<INFO>Make sure to use nohup command line-utility which allows to run command/process or shell script.

Demonstration :

Step1: Prepare your script:

vi script_duplicate.ksh

#!/bin/ksh
export ORACLE_HOME=$ORACLE_HOME
export PATH=$PATH1:$ORACLE_HOME/bin
rman target sys/pwd@TNS_NAME_TARGET auxiliary sys/pwd@TNS_NAME_AUXILIARY log=duplicate.log cmdfile=/home/oracle/rman_bkup.cmd

vi rman_bkup.cmd
run
{
allocate channel ch1 device type disk;
allocate channel ch2 device type disk;
allocate channel ch3 device type disk;
allocate auxiliary channel dh1 device type disk;
allocate auxiliary channel dh2 device type disk;
allocate auxiliary channel dh3 device type disk;
duplicate target database to <AUXILIARY_NAME> from active database nofilenamecheck;
release channel ch3;
release channel ch2;
release channel ch1;
}

and launch like that : nohup ./script_duplicate.ksh &

Step2: Check instance parameters.
Depending on the PSU level of your instance, even before starting the duplicate, can fail with this error.

RMAN-00571: ===================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS
RMAN-00571: ===================================================
RMAN-03002: failure of Duplicate Db command at 11/02/2011 06:05:48
RMAN-04014: startup failed: ORA-00600: internal error code, arguments: [kck_rls_check must use (11,0,0,0,0) or lower], [kdt.c], [9576], [11.2.0.2.0], [], [], [], [], [], [], [], []
RMAN-04017: startup error description: ORA-32004: obsolete or deprecated parameter(s) specified for RDBMS instance
RMAN-03015: error occurred in stored script Memory Script
RMAN-04014: startup failed: ORA-00600: internal error code, arguments: [kck_rls_check must use (11,0,0,0,0) or lower], [kdt.c], [9576], [11.2.0.2.0], [], [], [], [], [], [], [], []
RMAN-04017: startup error description: ORA-32004: obsolete or deprecated parameter(s) specified for RDBMS instance

According with Oracle Support note : 1064264.1

1. Edit the pfile, add parameter:
_compression_compatibility= "11.2.0"

2. Restart the instance using the pfile
SQL> startup pfile='<fullpath name of pfile>'

3. Create the SPFILE again
SQL> create spfile from pfile;

4. Restart the instance with the SPFILE
SQLl> shutdown immediate;
SQL> startup

and relaunch the previous command (Step 1).

Step3 : Control file issue, trying to open the database.
After transferring the datafiles , your duplicate will crash with these errors , trying to open the database.

RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of Duplicate Db command at 15/07/2018 17:39:30
RMAN-05501: aborting duplication of target database
RMAN-03015: error occurred in stored script Memory Script



SQL> alter database open resetlogs;
alter database open resetlogs
*
ERROR at line 1:
ORA-19838: Cannot use this control file to open database

Basically is because of a known bug (Bug 11063122 in 11gr2).
Controlfile created during the duplicate in 11gr2 will store redolog file locations as of primary.
We need to recreate control file changing the locations of redo logfiles and datafiles and open database with resetlogs.
In the controlfile recreation script the database name is the source <db_name> and the directory names for redo logs are still pointing to the source database .

The workaround is :

1. Backup as trace your control file (cloned DB)

sql> alter database backup controlfile to trace ;

2. Open the file  , and extract the section RESETLOGS, to modify like that :

CREATE CONTROLFILE REUSE DATABASE "<src_db_name>" RESETLOGS  ARCHIVELOG
    MAXLOGFILES 16
    MAXLOGMEMBERS 3
    MAXDATAFILES 100
    MAXINSTANCES 8
    MAXLOGHISTORY 11680
LOGFILE
  GROUP 9  '<path_of_the_cloned_DB>redo09.log'  SIZE 150M BLOCKSIZE 512,
  GROUP 10 '<path_of_the_cloned_DB>/redo10.log'  SIZE 150M BLOCKSIZE 512,
  GROUP 11 '<path_of_the_cloned_DB>/redo11.log'  SIZE 150M BLOCKSIZE 512,

DATAFILE
  '<path_of_the_cloned_DB>/system01.dbf',
  '<path_of_the_cloned_DB>/undotbs01.dbf',
  '<path_of_the_cloned_DB>/sysaux01.dbf',
  '<path_of_the_cloned_DB>/users01.dbf',
-------------more datafiles
CHARACTER SET EE8ISO8859P2;

Save as trace_control.ctl

3. SQL> alter system set db_name=<new db_name> scope=spfile;
4. SQL> startup nomount
5. SQL>@trace_control.ctl
      --control file created and multiplexed in all the destinations mentioned on your spfile 
6. SQL> alter database open resetlogs

<INFO>If your source db had activity during the duplicate process you should apply manually some required archivelogs.

RMAN-00571: ===========================================================
RMAN-00569: =============== ERROR MESSAGE STACK FOLLOWS ===============
RMAN-00571: ===========================================================
RMAN-03002: failure of alter db command at 15/07/2018 19:21:30
ORA-01152: file 1 was not restored from a sufficiently old backup
ORA-01110: data file 1: '/u01/oradata/DBName/system01.dbf'

Search on source database , for those  archivelogs with sequence# greater or equal to 399747 and apply them manually on the target DB.

If somehow those are not available you need to take an incremental backup to roll forward your cloned database.

7. SQL> recover database using backup controlfile;

ORA-00279: change 47260162325 generated at  15/07/2018 19:27:40 needed for thread 1
ORA-00289: suggestion : <path>o1_mf_1_399747_%u_.arc
ORA-00280: change 47260162325 for thread 1 is in sequence #399747

Once the required archivelogs files have been applied , try again to open your database:

RMAN> alter database open resetlogs;

database opened

RMAN> exit

Conclusion :
If you’re the kind of Oracle administrator who has the power to approve or deny, you must know how dangerous it is to run your applications with  non patched Oracle databases.
Your data within your organization is better protected if your are taking advantage of patches issued by Oracle and running your production data against supported Oracle versions only.

 

Cet article Control File issues on duplicating with non patched Oracle version. est apparu en premier sur Blog dbi services.

Vibrant and Growing: The Current State of API Management

OTN TechBlog - Tue, 2018-07-17 23:00

"Vibrant and growing all the time!" That's how Andrew Bell, Oracle PaaS API Management Architect at Capgemini, describes the current state of API management. "APIs are the doors to organizations, the means by which organizations connect to one another, connect their processes to one another, and streamline those processes to meet customer needs. The API environment is growing rapidly as we speak," Bell says.

"API management today is quite crucial," says Bell's Capgemini colleague Sander Rensen, an Oracle PaaS lead and architect, "especially for clients who want to go on a journey of a digital transformation. For our clients, the ability to quickly find APIs and subscribe to them is a very crucial part of digital transformation.

"It's not just the public-facing view of APIs," observes Oracle ACE Phil Wilkins, a senior Capgemini consultant specializing in iPaaS. "People are realizing that APIs are an easier, simpler way to do internal decoupling. If I expose my back-end system in a particular way to another part of the organization — the same organization — I can then mask from you how I'm doing transformation or innovation or just trying to keep alive a legacy system while we try and improve our situation," Wilkins explains. "I think that was one of the original aspirations of WSDL and technologies like that, but we ended up getting too fine-grained and tying WSDLs to end products. Then the moment the product changed that WSDL changed and you broke the downstream connections."

Luis Weir, CTO of Capgemini's Oracle delivery unit and an Oracle Developer Champion and ACE Director, is just as enthusiastic about the state of API management, but see's a somewhat rocky road ahead for some organizations. "APIs are one thing, but the management of those APIs is something entirely different," Weir explains

"API management is something that we're doing quite heavily, but I don't think all organizations have actually realized the importance of the full lifecycle management of the APIs. Sometimes people think of API management as just an API gateway. That’s an important capability, but there is far more to it,"

Weir wonders if organizations understand what it means to manage an API throughout its entire lifecycle.

Bell, Rensen, Wilkins, and Weir are the authors of Implementing Oracle API Platform Cloud Service, now available from Packt Publishing, and as you'll hear in this podcast, they bring considerable insight and expertise to this discussion of what's happening in API management. The conversation goes beyond the current state of API management to delve into architectural implications, API design, and how working in SOA may have left you with some bad habits. Listen!

This program was recorded on June 27, 2018.

The Panelists Andrew Bell Andrew Bell
Oracle PaaS API Management Architect, Capgemini
Twitter  LinkedIn  Sander Rensen Sander Rensen
Oracle PaaS Lead and Architect, Capgemini
Twitter  LinkedIn  Luis Weir Luis Weir
CTO, Oracle DU, Capgemini
Oracle Developer Champion
Oracle ACE Director
Twitter LinkedIn Phil Wilkins
Senior Consultant specializing in iPaaS
Oracle ACE
Twitter LinkedIn  Additional Resources Coming Soon

How has your role as a developer, DBA, or Sysadmin changed? Our next program will focus on the evolution of IT roles and the trends and technologies that are driving the changes.

Oracle Critical Patch Update July 2018 Oracle PeopleSoft Analysis and Impact

As with almost all previous Oracle E-Business Suite Critical Patch Updates (CPU), the July 2018 quarterly patch is significant and high-risk for PeopleSoft applications.  Despite the publicity, marketing, or naming of specific vulnerabilities, this quarter is no different than previous quarters in terms of risk and prioritization within your organization.

For this quarter, there are 15 security vulnerabilities patches in PeopleSoft applications and PeopleTools --

10 - PeopleTools

2 - PeopleSoft Financials

2 - PeopleSoft HCM

1 - PeopleSoft Campus Solutions

11 of the 15 security vulnerabilities are remotely exploitable without authentication, therefore, an attacker can exploit the PeopleSoft without any credentials.  For this quarter, there are 7 cross-site scripting vulnerabilities, 3 vulnerabilities in third-party libraries used in PeopleSoft, and 5 other types of vulnerabilities.

10 cross-site scripting (XSS) vulnerabilities and 4 other types of vulnerabilities fixed.  Most important is that 13 of the 14 vulnerabilities are remotely exploitable without authentication.

For PeopleTools, only 8.55 and 8.56 are supported.  Previous versions of PeopleTools must be upgraded in order to apply the security patches.

Tuxedo

Another vulnerability for Tuxedo JOLT (CVE-2018-3007) is fixed in this CPU, therefore, Tuxedo must also be patched.  Configuration changes must be made to the Tuxedo server in order to limit connections to both JSH and WSH in order to reduce the risk of security vulnerabilities.

WebLogic

A number of vulnerabilities in WebLogic are fixed in this CPU including a vulnerability accessible via the T3 protocol.  In addition to applying the appropriate WebLogic security patch, the WebLogic should be configured to only allow access to the HTTPS protocol.

Oracle Database

For the July 2018 CPU, only 11.2.0.4 and 12.1.0.2 are supported for security patches.  For the database, there is a OJVM security patch, so either the combo patch must be applied or a separate OJVM patch must be applied to correct the vulnerability in the Java Virtual Machine (JVM) in the database which is used by PeopleSoft.

July 2018 Recommendations

As with almost all Critical Patch Updates, the security vulnerabilities fixes are significant and high-risk.  Corrective action should be taken immediately for all PeopleSoft environments. The most at risk implementations are Internet facing environments and Integrigy rates this CPU as high risk due to the large number of cross-site scripting (XSS) vulnerabilities that can be remotely exploited without authentication.   These implementations should apply the CPU as soon as possible or use a virtual patching solution such as AppDefend.

Most PeopleSoft environments do not apply the CPU security patch in a timely manner and are vulnerable to full compromise of the application through exploitation of multiple vulnerabilities. If the CPU cannot be applied quickly, the only effective alternative is the use of Integrigy's AppDefend, an application firewall for the Oracle PeopleSoft.  AppDefend provides virtual patching and can effectively replace patching of PeopleSoft web security vulnerabilities.

CVEs referenced: CVE-2017-5645, CVE-2018-1275, CVE-2018-2990, CVE-2018-2977, CVE-2018-0739, CVE-2018-2951, CVE-2018-3068, CVE-2018-2929, CVE-2018-2919, CVE-2018-2985, CVE-2018-2986, CVE-2018-3016, CVE-2018-3072, CVE-2018-2970, CVE-2018-3076

Oracle PeopleSoft, Oracle Critical Patch Updates
Categories: APPS Blogs, Security Blogs

Oracle Critical Patch Update July 2018 Oracle E-Business Suite Analysis and Impact

As with almost all previous Oracle E-Business Suite Critical Patch Updates (CPU), the July 2018 quarterly patch is significant and high-risk. 51 of the past 55 quarterly patches are significant and high-risk as they fix one or more SQL injection vulnerabilities or other damaging security vulnerabilities in the web application of Oracle E-Business Suite. Despite the publicity, marketing, or naming of specific vulnerabilities, this quarter is no different than previous quarters in terms of risk and prioritization within your organization.

For this quarter, there are 10 cross-site scripting (XSS) vulnerabilities and 4 other types of vulnerabilities fixed.  Most important is that 13 of the 14 vulnerabilities are remotely exploitable without authentication.

Externally facing Oracle E-Business Suite environments (DMZ) running iStore should take immediate action to mitigate the three vulnerabilities impacting iStore.  These web pages are allowed by the URL Firewall if the iStore module is enabled.  Two of the three are cross-site scripting (XSS) vulnerabilities, which requires interaction with the end-user such as clicking a link but allows for the attacker to hijack the end-users session.

July 2018 Recommendations

As with almost all Critical Patch Updates, the security vulnerabilities fixes are significant and high-risk.  Corrective action should be taken immediately for all Oracle E-Business Suite environments. The most at risk implementations are those running Internet facing self-service modules (iStore for this CPU) and Integrigy rates this CPU as high risk due to the large number of cross-site scripting (XSS) vulnerabilities that can be remotely exploited without authentication.   These implementations should (1) apply the CPU as soon as possible or use a virtual patching solution such as AppDefend and (2) ensure the DMZ is properly configured according to the EBS specific instructions and the EBS URL Firewall is enabled and optimized.

Most Oracle E-Business Suite environments do not apply the CPU security patch in a timely manner and are vulnerable to full compromise of the application through exploitation of multiple vulnerabilities. If the CPU cannot be applied quickly, the only effective alternative is the use of Integrigy's AppDefend, an application firewall for the Oracle E-Business Suite.  AppDefend provides virtual patching and can effectively replace patching of EBS web security vulnerabilities.

Oracle E-Business Suite 12.1 and 12.2 Patching

For 12.2, there are no significant changes from previous CPUs and 12.2.3 along with R12.AD.C.DELTA.10 and R12.TXK.C.DELTA.10 roll-up patches is the minimum baseline.  In addition to the cumulative EBS security patch, the July 2018 WebLogic 10.3.6 PSU must be applied (PSU 10.3.6.0.180717 - Patch 27919965).

For 12.1, there are no significant changes from the previous CPUs and the major requirement is the Oracle Application Server must be upgraded to 10.1.3.5.  No security patches are required for the Oracle Application Server.

Only 12.1.0.2 and 11.2.0.4 versions of the Oracle Database are supported and the database must be upgraded in order to apply this quarter's database security patch if it has not already been upgraded.  For the database there is a OJVM security patch, so either the combo patch must be applied or a separate OJVM patch must be applied to correct the vulnerability in the Java Virtual Machine (JVM) in the database which is used by Oracle E-Business Suite.

Oracle E-Business Suite 12.0

CPU support for Oracle E-Business Suite 12.0 ended January 2015 and there are no security fixes for this release.  Integrigy’s initial analysis of the CPU shows all 14 vulnerabilities are exploitable in 12.0. In order to protect your application environment, the Integrigy AppDefend application firewall for Oracle E-Business Suite provides virtual patching for all these exploitable web security vulnerabilities.

Oracle E-Business Suite 11i

As of April 2016, the 11i CPU patches are only available for Oracle customers with Tier 1 Support. Integrigy’s analysis of the July 2018 CPU shows at least 6 of the 14 vulnerabilities are also exploitable in 11i.  11i environments without Tier 1 Support should implement a web application firewall and virtual patching for Oracle E-Business Suite in order to remediate the large number of unpatched security vulnerabilities.  As of July 2018, an unsupported Oracle E-Business Suite 11i environment will have approximately 200 unpatched vulnerabilities – a number of which are high-risk SQL injection security bugs.

11i Tier 1 Support has been extended through December 2018, thus October 2018 will be the final CPU for Oracle E-Business Suite 11i.  At this time it is unclear if Oracle will again extend support for another year, therefore, organizations should plan that support will not be extended and being to take corrective action to ensure their environments are properly secured.

CVEs Referenced: CVE-2018-2993, CVE-2018-3017, CVE-2018-2995, CVE-2018-3018, CVE-2018-3008, CVE-2018-2953, CVE-2018-2997, CVE-2018-2991, CVE-2018-3012, CVE-2018-2996, CVE-2018-2954, CVE-2018-2988, CVE-2018-2934, CVE-2018-2994

Oracle E-Business Suite, Oracle Critical Patch Updates
Categories: APPS Blogs, Security Blogs

July 2018 Critical Patch Update Released

Oracle Security Team - Tue, 2018-07-17 15:01

Oracle today released the July 2018 Critical Patch Update.

This Critical Patch Update provided security updates for a wide range of product families, including: Oracle Database Server, , Oracle Global Lifecycle Management, Oracle Fusion Middleware, Oracle E-Business Suite, Oracle PeopleSoft, Oracle Siebel CRM, Oracle Industry Applications (Construction, Communications, Financial Services, Hospitality, Insurance, Retail, Utilities), Oracle Java SE, Oracle Virtualization, Oracle MySQL, and Oracle Sun Systems Products Suite.

37% of the vulnerabilities fixed with this Critical Patch Update are for third-party components included in Oracle product distributions.  The CVSS v3 Standard considers vulnerabilities with a CVSS Base Score between 9.0 and 10.0 to have a qualitative rating of “Critical.”  Vulnerabilities with a CVSS Base Score between 7.0 and 8.9, have a qualitative rating of “High.”

While Oracle cautions against performing quantitative analysis against the content of each Critical Patch Update release because such analysis is excessively complex (e.g., the same CVE may be listed multiple times, because certain components are widely used across different products), it is fair to note that bugs in third-party components make up a disproportionate amount of severe vulnerabilities in this Critical Patch Update.  90% of the critical vulnerabilities addressed in this Critical Patch Update are for non-Oracle CVEs.  Non-Oracle CVEs also make up 56% of the Critical and High vulnerabilities addressed in this Critical Patch Update.

Finally, note that many industry experts anticipate that a number of new variants of exploits leveraging known flaws in modern processor designs (currently referred as “Spectre” variants) will continue to be discovered.  Oracle is actively engaged with Intel and other industry partners to come up with technical mitigations against these processor vulnerabilities as they are being reported. 

For more information about this Critical Patch Update, customers should refer to the Critical Patch Update Advisory and the executive summary published on My Oracle Support (Doc ID 2420273.1).  

Force logging

Tom Kyte - Tue, 2018-07-17 13:06
Hi Tom, As I have my dc and dr database are working fine and both are in sync. Today I got the force logging mode is no logging So we have planned to make it force logging enable. For that 1.how can we do on primary 2. It is required any downt...
Categories: DBA Blogs

Restarting a failed transportable tablespace metadata import

Yann Neuhaus - Tue, 2018-07-17 09:39

I’m currently working in a project to migrate a Datawarehouse-database from Solaris to Linux Intel (Endian-change). We do use the cross platform incremental backups method as described in My Oracle Support Note 1389592.1 for that.
I.e. incremental backups are applied to database files and during the migration the recovered datafiles are attached to the target database via the transportable tablespace method. When testing the transportable tablespace metadata import I got an error for a table:


Processing object type TRANSPORTABLE_EXPORT/TABLE
ORA-39083: Object type TABLE:"DWHT"."TDWHTAB" failed to create with error:
ORA-01843: not a valid month
Failing sql is:
CREATE TABLE "DWHT"."TDWHTAB" (...,"PROCESSING_TM" DATE DEFAULT '01-01-0001' NOT NULL ENABLE,...

I.e. metadata of all tables in the tablespace were successfully imported except one. The reason for the error was a default-defintion of column “PROCESSING_TM” without a TO_DATE-casting. I.e. it relied on the NLS_DATE_FORMAT-setting. E.g.


SQL> create table t1 ("PROCESSING_TM" DATE DEFAULT '01-01-0001' NOT NULL ENABLE);
create table t1 ("PROCESSING_TM" DATE DEFAULT '01-01-0001' NOT NULL ENABLE)
  *
ERROR at line 1:
ORA-01843: not a valid month
 
SQL> alter session set nls_date_format='dd-mm-yyyy';
 
Session altered.
 
SQL> create table t1 ("PROCESSING_TM" DATE DEFAULT '01-01-0001' NOT NULL ENABLE);
 
Table created.

There are different possibilities on why a metadata import fails for specific tables (see e.g. My Oracle Support Note 1082116.1 for another reason). The question was: How to restart the import without going through the whole process of copying datafiles from the source-database again? As we imported the metadata through a network-link the tablespace on the source database and the tablespace on the target database were still set to “READ ONLY”.

So first of all I fixed the error in the table definition on the source database:


alter table "DWHT"."TDWHTAB" modify ("PROCESSING_TM" DATE DEFAULT TO_DATE('01-01-0001', 'DD-MM-YYYY'));

That was possible even having the associated tablespace of the table on READ ONLY as it is just a metadata update and does not touch the tablespace.

On the target database I cleaned up the tablespace of the failed table metadata import:


drop tablespace DWH_DATA including contents;

It’s of course important to NOT specify “AND DATAFILES” when dropping the tablespace to avoid having to copy all files again.

In my case I actually transported 146 tablespaces and modified the impdp-parameterfile xttplugin.par to contain only the single tablespace, which contained failing tables. Of course you have to drop and include all tablespaces, which have tables with dependencies between each other. In my case that was not an issue as my tables had no dependencies to tables in other tablespaces.

Afterwards I could just restart my metadata-import with the single tablespace:


$ cat xttplugin2.par
directory=DATA_PUMP_DIR
logfile=tts_imp2.log
network_link=ttslink
transport_full_check=no
transport_tablespaces=DWH_DATA
transport_datafiles='/u01/DWH/oradata/DWH_DATA_001.dbf','/u01/DWH/oradata/DWH_DATA_002.dbf'
$ imdp parfile=./xttplugin2.par
Password: / as sysdba

So to restart a failed transportable tablespace metadata import, just fix the root cause, drop the associated tablespace on the target database without dropping the datafiles and restart the import again. That becomes handy especially in cross platform incremental backup migration scenarios.

 

Cet article Restarting a failed transportable tablespace metadata import est apparu en premier sur Blog dbi services.

Oracle Helps Businesses Launch Mobile Marketing Faster and Easier

Oracle Press Releases - Tue, 2018-07-17 07:00
Press Release
Oracle Helps Businesses Launch Mobile Marketing Faster and Easier Industry’s first SMS Public Aggregator Network takes complexity out of setting up mobile marketing

Redwood City, Calif.—Jul 17, 2018

To help marketers quickly and easily source the best operator for maximizing the ROI of their mobile campaigns, Oracle Responsys introduced the SMS Public Aggregator Network (SPAN). Oracle’s SPAN is a powerful new self-service application within Oracle Marketing Cloud that makes it easier for customers to find, order, and manage SMS services directly from the aggregator of their choice.

Mobile consumer engagement has become a central tool in today’s “mobile first” economy, with messaging now a preferred channel for reaching consumers. In fact, Gartner research states “various sources report SMS open and response rates as high as 98 percent and 45 percent, respectively—in contrast to corresponding figures of 20 percent and six percent for email.[i] Integrating SMS into marketing campaigns requires finding an aggregator network that aligns with broader campaign goals. This can often be a laborious, time-consuming and complex process. But SPAN for Oracle Responsys removes this complexity by providing an easy-to-use, self-service application that enables customers to quickly and easily identify aggregator networks, based on region, price or route type.  

“Marketers want to take advantage of mobile channels, but there are often too many barriers in the way. For SMS, one of those challenges is establishing aggregator relationships, which can be a time consuming and tedious task often made worse by limited choice and flexibility,” said Tony Castiglioni, VP of Product Management, Oracle Responsys. “Our new SPAN application eases this process and gives marketers the freedom to choose and use the aggregator best aligned with their marketing needs—whether it be by price, geography, or performance.” 

With the launch of SPAN, all Oracle Responsys customers can now take advantage of SMS to reach and engage customers. The new SMS marketing capabilities build on Oracle Marketing Cloud’s commitment to help marketers convert customers across devices with orchestrated mobile marketing. In addition to the new SMS marketing capabilities, Oracle Responsys equips mobile marketers with industry-leading tools like Push, Rich Push, In-App and MMS messaging to connect with audiences across devices to drive customer engagement, retention, and grow mobile revenue.

Oracle Marketing Cloud is part of Oracle Customer Experience (CX) Cloud Suite, which empowers organizations to take a smarter approach to customer experience management and business transformation initiatives. By providing a trusted business platform that connects data, experiences and outcomes, Oracle CX Cloud Suite helps customers reduce IT complexity, deliver innovative customer experiences and achieve predictable and tangible business results.

For more information on the new capabilities in Oracle Marketing Cloud visit www.oracle.com/marketingcloud/index.html or read this blog.

Like this story? Tweet this: @Oracle unveils powerful new SMS marketing capabilities that help Responsys customers quickly and easily launch SMS marketing campaigns https://bit.ly/2NTBL4J

[i] Gartner Research, “Keep SMS in Your Mobile Toolbox,” Charles S. Golvin, April 2018.

Contact Info
Siobhan Lyons
Oracle
1-650-506-3753
siobhan.lyons@oracle.com
About Oracle

The Oracle Cloud offers complete SaaS application suites for ERP, HCM and CX, plus best-in-class database Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) from data centers throughout the Americas, Europe and Asia. For more information about Oracle (NYSE: ORCL), please visit us at oracle.com.

Trademarks

Oracle and Java are registered trademarks of Oracle and/or its affiliates.

Safe Harbor

The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release and timing of any features or functionality described for Oracle's products remains at the sole discretion of Oracle.

Talk to a Press Contact

Siobhan Lyons

  • 1-650-506-3753

Hungary’s MKB Bank Goes Fully Digital with Oracle

Oracle Press Releases - Tue, 2018-07-17 07:00
Press Release
Hungary’s MKB Bank Goes Fully Digital with Oracle First all digital bank in Hungary can now implement new and improved services faster

Redwood Shores, Calif.—Jul 17, 2018

MKB Bank, Hungary’s fourth largest commercial bank has today announced it is the first in the country to take a leap towards digital and open banking after transforming its entire technology system. Its transformation has included a full replacement of its core banking system, the retirement and consolidation of roughly 10 additional systems, and the modernization of its entire IT architecture.

MKB implemented Oracle FLEXCUBE, a core banking solution that has been adopted by more than 600 financial institutions around the world, as part of a broader restructuring project to streamline its internal and customer-facing operations and provide customers with more personalized services across multiple channels. MKB’s aim is to reduce its go-to-market time for new services such as corporate and retail lending, as well as digital only services, and to manage customer requests more quickly and easily. 

“It is not every day that a historically conservative medium-sized player commits its resources to modernizing its systems, changing its culture and taking a leap towards digitalization” said Ádám Balog, Chief Executive Officer, MKB. “It is through the reliability of partners like Oracle and the management of our stakeholders that we were able to make this move in such short a time.”

“Banks still have some catching up to do when it comes to serving customers. It’s time to stop resisting change and develop a model based on the way people want to interact with banking services,” said Mark Hetényi, Chief Digital, Retail and Strategy officer, MKB.This starts with a robust digital offering. We replaced our core banking platform with Oracle FLEXCUBE because it supports fully digital customer experiences.”

MKB was intent on fast-tracking its technology program. Despite having comparatively fewer resources than major global banks operating in Hungary, MKB achieved its digital transformation in just two and a half years. The average deployment for projects of this scope typically takes between four and five years.

“MKB recognized that digital services are a key differentiator. As a bank with its eyes firmly planted on the future of customer service, MKB’s bullish implementation of our flexible Oracle FLEXCUBE technology has put it in a position to pull ahead in a competitive Hungarian market,” said Sonny Singh, senior vice president and general manager, Oracle Financial Services.

Contact Info
Judi Palmer
Oracle Corporation
+ 1 650 784 7901
judi.palmer@oracle.com
Michael Ruppert
CMG
+ 44(0) 207 067 0641
mruppert@cmgrp.com
About MKB Bank

MKB Bank is a leading digital bank in Hungary, which has put open banking as one of the pillars of its strategy and believes in partnering with its customers, corporate and private banking clients, as well as the Fintech world through innovations such as its new core system and IT architecture, an innovative MKB Fintechlab ecosystem it has built, as well as its network. The bank is considering an IPO in 2019. 

For more information about MKB Bank, visit mkb.hu.

About Oracle

The Oracle Cloud offers complete SaaS application suites for ERP, HCM and CX, plus best-in-class database Platform as a Service (PaaS) and Infrastructure as a Service (IaaS) from data centers throughout the Americas, Europe and Asia. For more information about Oracle (NYSE:ORCL), please visit us at www.oracle.com.

Trademarks

Oracle and Java are registered trademarks of Oracle and/or its affiliates. Other names may be trademarks of their respective owners.

Safe Harbor

The preceding is intended to outline our general product direction. It is intended for information purposes only, and may not be incorporated into any contract. It is not a commitment to deliver any material, code, or functionality, and should not be relied upon in making purchasing decisions. The development, release, and timing of any features or functionality described for Oracle’s products remains at the sole discretion of Oracle Corporation. 

Talk to a Press Contact

Judi Palmer

  • + 1 650 784 7901

Michael Ruppert

  • + 44(0) 207 067 0641

Pages

Subscribe to Oracle FAQ aggregator