I see that the January 2014 Critical Patch Update (CPU) has been released:
Oracle Critical Patch Update - January 2014
My employer is requiring that all Oracle instances be updated immediately. However, I have an Oracle XE instance on my Windows development machine, and there does not seem to be any way I can find to apply the patch:
- XE is a free product, yet access to the patches from the CPU page requires a Support Identifier. Access to the OPatch tool also requires a Support Identifier.
- Even *with* a Support Identifier, there is no listing of a patch for 11.2.0.2 (the version of the latest XE release); it's either 11.1.0.7 or 11.2.0.3.
- Even if there *were* a patch for this version, OPatch seems to require the presence within ORACLE_HOME of Java and of certain Perl tools, both of which are missing from the XE installation.
Any thoughts on how to proceed? If I cannot patch my XE instance, I will have to uninstall it. I write a lot of ETL scripts that use SQL Loader, but this is not available as a stand-alone install the way SQL Plus is, so I'm sort of in a bind. Any help much appreciated. Ideally, I would love to find a step-by-step walk-through of how to apply the patch. It is hard for me to believe that Oracle would simply require every XE instance worldwide to run in a state with known security flaws.