Oracle Analytics Cloud and Server

Home Oracle Analytics Oracle Analytics Forums Oracle Analytics Cloud and Server Oracle Analytics Cloud and Server

Categories

Welcome to the Oracle Analytics Community: Please complete your User Profile and upload your Profile Picture

WLS 10.3.6 Patches for OBIEE

Received Response
16
Views
6
Comments
User_MSQS7
User_MSQS7 Rank 6 - Analytics Lead
edited Aug 13, 2024 5:25PM in Oracle Analytics Cloud and Server

Dear Experts,

Could you please give me suggestion for below patches, is it required to apply for OBIEE 11g.

pastedImage_1.png

Answers

  • Joel
    Joel Rank 8 - Analytics Strategist

    Do you have either of those versions of WebLogic? If you do, then you need the security patch.You didn't mention the specific version of OBIEE 11g that you are running.

  • Gianni Ceresa
    Gianni Ceresa Mod

    In addition to what Joel said, this patch isn't directly linked to OBIEE. It's a weblogic patch, OBIEE is deployed on top of Weblogic, but this patch isn't related to OBIEE itself. Therefore the answer is, as Joel said, strictly linked to the version of weblogic you have.

  • User_MSQS7
    User_MSQS7 Rank 6 - Analytics Lead

    Thanks for your reply Joel

    1) still we are in OBIEE 11.1.1.7.x  we will upgrade to 12C  shortly.

    2) weblogic version is 10.3.6.0, so if I wants to apply this patch first I will apply the patch 10.3.6.0.190416, second if we apply the patch Patch 29694149 is that enough?

    3) even If I dont apply the patch is also fine?

  • Gianni Ceresa
    Gianni Ceresa Mod

    These are security patches, so technically speaking you don't need them, the tool will keep working as it does now.

    You will just have potential, and not potential but real, security issues in your weblogic (all the details of what issues the patches fixes are written there inside).

  • Joel
    Joel Rank 8 - Analytics Strategist

    As @Gianni Ceresa mentioned, your WLS will work as normal with or without this patch but you leave yourself open to security vulnerabilities. You'd need to apply the latest PSU (Patch Set Update) as you rightly pointed out - Patch 29204678 (10.3.6.0.190416).before you apply the security patch.

  • Charles M
    Charles M Rank 6 - Analytics Lead

    I think the others have clarified this as it relates to OBIEE and WebLogic itself.

    Your concern is likely stemming from CVE-2019-2729, recently announced by Oracle. You should apply the patches suggested for it.

    Other helpful notes for the WebLogic patching are:

    Understanding Overlay Patch Release Versions to be Applied on Top of a WLS Patch Set Update (Doc ID 2541027.1)

    Weblogic Server 10.3.6 with PSU Applied Results in "IllegalStateException: HttpSession is Invalid" (Doc ID 2022372.1)