Oracle publishes January 2022 Critical Patch update – What you need to know for EPM

Patching
Written By Mike Turner

Oracle released their January 2022 Critical Patch Update (CPU) alert yesterday, Jan 18th, and after parsing through the various linked documents this is what you need to know as an EPM Customer.

First, I am going to focus on version 11.2.7, primarily because if you are on any version of 11.2, then this applies to your version and for all EPM software related vulnerabilities, Oracle says upgrade to 11.2.7. If you are on 11.1.2.4, your platform has moved out of Premier Support, and you should seriously be looking to upgrade.

The EPM related components referenced in this CPU apply to:

  • Fusion Middleware 12.2.1.4

  • Essbase 11.1.2.4.040 or earlier ( this is the Essbase version shipped with EPM 11.2.7)

For Fusion Middleware it calls out these patches:

  • Patch ID 33751264 WebLogic 11.2.1.4.220112

    • This patch is a SPB or Service Pack Bundle which patches WebLogic and its related components. This patch will get you to these recommended versions:

      • WebLogic 12.2.1.4.220105

      • Opatch 13.9.4.2.8

      • Coherence 12.2.1.4.11

      • MW PLATFORM 12.2.1.4.0 SPU FOR APRCPU2021

      • ADR for WebLogic Sever 12.2.1.4.0

      • JDBC 19.3.0.0

      • RDAOFM 20.4.0.7.01.22

  • Patch ID 33619347 Oracle HTTP Server 12.2.1.4.211130

For Essbase, the CPU recommends patching to Essbase Family version 11.1.2.4.047:

  • Patch ID 33485383 Essbase Server 11.1.2.4.047

  • Patch ID 33485386 Essbase Runtime Client 11.1.2.4.047

  • Patch ID 33485376 Essbase Client 11.1.2.4.047

  • Patch ID 33485370 Essbase Administration Services Server 11.1.2.4.047

  • Patch ID 33485372 Essbase Administration Services Server (Client) 11.1.2.4.047

  • Patch ID 33485386 Analytic Provider Services 11.1.2.4.047

If you are on version EPM 11.2.7 applying these patches will cover the vulnerabilities in the Advisory. If you are on a previous version of EPM 11.2.7, I recommend upgrading to 11.2.7 to make sure you have the latest product features and support. For patching or Upgrades of EPM systems iArch can help get your companies systems in compliance and up to date. Contact us for any of your EPM or OCI needs.

Mike Turner
Previous

Directory Link Changes in Windows 2019 Breaks FDMEE/FDM Integration
Next

Oracle Security Alert for CVE-2021-44228: Part Four