Categories
- All Categories
- 15 Oracle Analytics Sharing Center
- 14 Oracle Analytics Lounge
- 211 Oracle Analytics News
- 41 Oracle Analytics Videos
- 15.7K Oracle Analytics Forums
- 6.1K Oracle Analytics Idea Labs
- Oracle Analytics User Groups
- 77 Oracle Analytics Trainings
- 14 Oracle Analytics Data Visualizations Challenge
- Find Partners
- For Partners
Are Oracle Analytics desktop client tool updates released quarterly with other SPU's?
On software delivery cloud I see
Oracle Analytics Tools 8.5.0 for Microsoft Windows x64 (64-bit)
V1050201-01 (V1050201-01.zip) Oracle Analytics Client July2025-Win, 1.2 GB
Would this be a quarterly release patch for the Analytics client used by Oracle Analytics Server 2025 (8.2)?
Thanks!
Adam
Best Answers
-
Adam I would recommend checking every CPU under Analytics and check if there is anything applicable to your environment for example july 25
Oracle Analytics Critical Patch Update (CPU) Program July 2025 Patch Availability Document (PAD) (Doc ID 3093264.2)
2 -
Hi Adam,
@Adam vonNieda
For Oracle Analytics Server, the client tools do get updated with critical patch updates.
See the patch advisor note that Melanie provided (the correct answer), in the comments next to the stack patch bundle, you will see a reference to the readme, which contains the patch.Click the "bug" icon to see the OAS bundle patch readme bug fix list, including how to update the Model Administration client tool in section 3.3 via a patched full installer, downloadable via Patch 38146398,+ the readme instruction steps to complete the patching process.
2
Answers
-
Hi Melanie, thanks for the response. That's where server-side patches are, this question is about client software. There are no client side patches there.
0 -
Hi Adam,
The client tools are usually not updated, except if there is a real major issue found.
It is also not something you patch like you do on your server, the client tools is a full install all the time and not some files replaced here and there with a patch.
I believe I remember some time ago the Model Administration tool had an issue not allowing to connect online to the semantic model, and they just replaced the whole file in the download page after a few days of the issue being reported (it was right at the release of a new OAS version).
Many years ago the client tools were provided as part of the server, therefore could benefit from the bundle patches to be updated, but that stopped a while ago. It is now a separate download from the Oracle site only, therefore not updated by the server bundle patches.
0 -
Hi Gianni, thanks for the response,
So the file that I posted in my first post, V1050201-01.zip - Oracle Analytics Client July2025-Win, would that be a full install of the client with updates through July 2025? Reason I started this thread is one of my users is getting hounded by security for vulnerabilities found in the client software. Stuff like log4j, OPatch, curl etc, stuff I've dealt with server-side for a while. We need to be able to mitigate this stuff client-side like I do server-side.
Thanks,
Adam
0 -
Isn't that the OAC client? Where did you find it?
When I follow the link I see only the one published in March…
The client tool for OAS and OAC should not be confused. The OAC one will probably work for most of the things, but it isn't designed that way… (you shouldn't use the OAC client for OAS)
The OAS client tools does install a lot of the server components, you almost have a working OAS on your Windows because there are a tons of dependencies with the same files as on the server in many of the provided tools. Therefore yes, if you blindly do a security scan with one of those software you get lot of "alerts".
For the log4j, Oracle is known for having replaced the content of JAR files but maintaining their names to avoid issues. Therefore some of those security software still flag them as issues even if in reality they are good. Or some files are just not used, they are there because the packaging left them there, but aren't used.
If you have security concerns, your best bet is to raise a SR, providing the issues flagged by your security guys, and wait an official answer from Oracle, hoping your security guys will be happy with it (or Oracle will give you instructions on how to handle the situation).
0 -
OK, yeah it's the OAC client, so I think you've answered my question. There's no update for the OAS client.
Well this is gonna be fun.
Thanks Gianni.
1 -
Ah, well, I missed that, the usual RTFM…
Thanks Steve :)
I just never updated my client tools because never faced an issue with them.
The lack of bugs fixed list and the "readme" saying that not only it has to be fully installed but once done you still need to use OPatch, I will just keep not updating my client tools as long as they work (I don't have strong corporate security rules on what I run on my laptop).
If a full installer is released, why OPatch is still required? Can't the files be patched before to pack them into the exe?
1 -
OK Steve I found it, I'll mark Melanie's answer as correct. That's hidden well enough that I've been working on OBIEE / OAS for more than a decade and never knew about these patches.
Edit: I think one of you will have to mark her answer.
0 -
There is a link in the Patch Availability Document (PAD) — which only lists CVE's, to the Patch Advisor note — which lists the full stack + addition advisement notations.. The advisor note is the note I was referencing.
Critical Patch Update (CPU) Advisor For Oracle Analytics Server and Oracle Business Intelligence - Updated for July 2025 (Doc ID 2832967.2)
PS: You can bookmark the advisor note above, the note number does not change when it gets updated every quarter.@Gianni Ceresa — lol, I hear ya.
The reason it is a full installer + Opatch is due to the way some of the patches (security and feature) are delivered.1
