Re: security patches in any views?

From: Jim Smith <usenet01_at_ponder-stibbons.com>
Date: Mon, 24 Mar 2008 11:47:18 +0000
Message-ID: <ixY2F3CGT55HFwZW@jimsmith.demon.co.uk>

In message
<ce0bef1b-b381-4840-94b0-be0d55bafd1f_at_u72g2000hsf.googlegroups.com>, bdbafh <bdbafh_at_gmail.com> writes
>On Mar 22, 5:07 am, Jim Smith <usene..._at_ponder-stibbons.com> wrote:
>> In message
>> <06bfdbde-2dca-49cf-be1f-69e9eeed4..._at_d62g2000hsf.googlegroups.com>,
>> bdbafh <bdb..._at_gmail.com> writes
>>
>>
>>
>> >On Mar 18, 1:31 pm, NetComrade <netcomradeNS..._at_bookexchange.net>
>> >wrote:
>> >> Is there are a way to query all the security patches applied on a db?,
>> >> or is that a function of opatch only?
>>
>> >> Need for '3rd party' auditing purposes.
>>
>> >> thanks
>> >> .......
>> >> We run Oracle 9iR2,10gR2, 10g2RAC on RH4/RH5 and Solaris 10 (Sparc)
>> >> remove NSPAM to email
>>
>> >This is a RH 4 box (U5) running 32 bit Oracle, 32 bit Linux.
>> >Its current and hasn't had the 10.2.0.4 patchset applied yet (but its
>> >sister test box has).
>>
>> >$ sqlplus / as sysdba
>>
>> >SQL*Plus: Release 10.2.0.3.0 - Production on Tue Mar 18 14:17:35 2008
>>
>> >Copyright (c) 1982, 2006, Oracle. All Rights Reserved.
>>
>> >Connected to:
>> >Oracle Database 10g Release 10.2.0.3.0 - Production
>>
>> >SQL> select * from registry$history;
>>
>> >ACTION_TIME
>> >---------------------------------------------------------------------------
>> >ACTION NAMESPACE
>> >------------------------------ ------------------------------
>> >VERSION ID
>> >------------------------------ ----------
>> >COMMENTS
>> >------------------------------------------------------------------------
>> >--------
>>
>> >17-FEB-08 09.23.10.145133 AM
>> >CPU SERVER
>> >10.2.0.3.0 6646853
>> >CPUJan2008
>>
>> >17-FEB-08 09.39.24.356214 AM
>> >CPU
>> > 6452863
>> >view recompilation
>>
>> >hth.
>>
>> >-bdbafh
>>
>> v$registry_history is incomplete. I haven't had to time to go into it
>> properly, but it looks as if a database created with binaries which have
>> had a CPU installed doesn't show up has having the CPU installed in the
>> database.
>>
>> So you need a combination of when the CPU was applied to the binaries
>> and when the database was created from those binaries.
>> --
>> Jim Smith
>
> Are you saying that if multiple critical patch updates have
>been applied to the ORACLE_HOME, that only the most recently applied
>one is listed in registry$history? That would correspond to what I
>have observed as well.

I have seen that, but what I referring to was the following scenario.

1       Install Oracle Software
2       Apply CPU to ORACLE_HOME
3       Create database.

In this situation, catcpu is never executed so there is nothing in registry$history. I don't have ready access to the system where I saw that at the moment to confirm my memory.

I've also seen the situation where a 10.2.0.2 database had a CPU applied; was then upgraded to 10.2.0.3 using binaries to which a later CPU had been applied. registry$history still had the reference to the first CPU.

-- 
Jim Smith

Received on Mon Mar 24 2008 - 06:47:18 CDT

This message: [ Message body ]
Next message: shriyaesex_at_gmail.com: "gay bars in galway medellin gay bars gay neighborhoods charleston sc"
Previous message: T: "Re: Oracle 10.2.0.3.0 install on a desktop"
In reply to: bdbafh: "Re: security patches in any views?"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message