Will Oracle Security Alert for CVE-2012-1675 non-RAC fixes work with CMAN, etc?
From: dnrg <dananrg_at_yahoo.com>
Date: Mon, 7 May 2012 08:00:29 -0700 (PDT)
Message-ID: <1336402829.75772.YahooMailNeo_at_web113520.mail.gq1.yahoo.com>
We don't use RAC but we do use CMAN for most connections (with Oracle instances ranging from 10.2.0.3 to 11.2.0.3. CMAN's not a product I understand very well.
Q1) Will the fixes mentioned in MOS ID 1453883.1 (both TCP and IPC), as well as the DYNAMIC_REGISTRATION_LISTENER=OFF fix, work when CMAN is involved? Please excuse my ignorance here but should that make a difference?
Q2) Sounds like DYNAMIC_REGISTRATION_LISTENER=OFF is the quickest way to fix this issue. Another poster asked if Oracle would support this. Does anyone
Q3) Oracle's IPC fix shows the example name REGISTER. If we don't already have an IPC entry in various listener.ora files, does it matter what name we choose for this?
Q4) Of the two official fixes, the 02-May-2012 version of MOS ID 1453883.1 states that "Either method works equally well but the TCP method is easier to implement." The 05-May-2012 version now states "Either method accomplishes the same goal but it is your choice which of them to implement." Are there any "gotchas" or things to be mindful of regarding the IPC method? With a large volume of listeners to remediate I'd prefer not to patch as a first approach. The IPC method doesn't look so bad and doesn't require patching. Am I missing anything important here in my decision about which method to use?
Thanks very much.
Dana
Date: Mon, 7 May 2012 08:00:29 -0700 (PDT)
Message-ID: <1336402829.75772.YahooMailNeo_at_web113520.mail.gq1.yahoo.com>
We don't use RAC but we do use CMAN for most connections (with Oracle instances ranging from 10.2.0.3 to 11.2.0.3. CMAN's not a product I understand very well.
Q1) Will the fixes mentioned in MOS ID 1453883.1 (both TCP and IPC), as well as the DYNAMIC_REGISTRATION_LISTENER=OFF fix, work when CMAN is involved? Please excuse my ignorance here but should that make a difference?
Q2) Sounds like DYNAMIC_REGISTRATION_LISTENER=OFF is the quickest way to fix this issue. Another poster asked if Oracle would support this. Does anyone
Q3) Oracle's IPC fix shows the example name REGISTER. If we don't already have an IPC entry in various listener.ora files, does it matter what name we choose for this?
Q4) Of the two official fixes, the 02-May-2012 version of MOS ID 1453883.1 states that "Either method works equally well but the TCP method is easier to implement." The 05-May-2012 version now states "Either method accomplishes the same goal but it is your choice which of them to implement." Are there any "gotchas" or things to be mindful of regarding the IPC method? With a large volume of listeners to remediate I'd prefer not to patch as a first approach. The IPC method doesn't look so bad and doesn't require patching. Am I missing anything important here in my decision about which method to use?
Thanks very much.
Dana
-- http://www.freelists.org/webpage/oracle-lReceived on Mon May 07 2012 - 10:00:29 CDT