I'm running EM12cR2+PSU2 on Linux x86-64 and I'd like to take the advice of the security patch recommendations OEM provides and apply patch 14681306 to the WebLogic server targets it recommends (EMGC_ADMINSERVER, EMGC_OMS1, BIP). I'm usually reasonably capable of following instructions but the readme on this patch leaves many questions in my mind. I don't have any other WebLogic in use that I could compare to, only that which supports EM12c.
Briefly, the updated drivers in this patch are to be manually installed to one's WLS environment by overwriting the ojdbc*.jar files you already have in place. When extracted, the patch zipfile includes several ojdbc*.jar files to use to overwrite those files. So far so good. But under my $MW_HOME, I have 12 copies of ojdbc6.jar, and at least 8 different versions of it, based on their filesizes and the versions reported from running "java -jar ojdbc6.jar" against them. For ojdbc5.jar I have 11 copies of 8 different versions.
My question is: Which of the ojdbc*.jar files under $MW_HOME should be replaced by the versions released in this patch? Every single one? Only those under $MW_HOME/wlserver_10.3/server/lib/? Include or skip the ones under $MW_HOME/Oracle_WT/ and $MW_HOME/oracle_common/ and $MW_HOME/oms/?
Any advice available from someone that has applied this fix without breaking their OEM installation?
Thank you for your response. I have opened a sev 4 SR for this patch, the SR number is 3-7495699961.
To answer your question, yes I can confirm that this patch is listed in the patch advisories available from Enterprise Summary, All Recommendations, to be applied to the three Oracle WebLogic Server targets "/EMGC_GCDomain/GCDomain/BIP", "/EMGC_GCDomain/GCDomain/EMGC_ADMINSERVER" and "/EMGC_GCDomain/GCDomain/EMGC_OMS1".
I have also seen MOS note 1565890.1 which states that once this patch is manually applied, EM12c will continue to display the patch recommendation since it is unable to identify that the patch has been applied. That is acceptable behavior for me as long as I can get the patch installed first.
Thank you again!
To close the loop on this one, with a summary of what I received from support:
Use the updated ojdbc*.jar files from the patch to overwrite the copies found in $MW_HOME/wlserver_10.3/. These patches are NOT meant for the various other ojdbc*.jar files found under the other directories inside $MW_HOME.