Patching Services
Keep your patches current to fix bugs, performance improvements, added functionalityOracle releases various product patches that contain bug fixes, performance enhancements and occasionally minor new functionality. Some companies may be unaware that these patches exist, and others may think there is nothing wrong with their system so they don’t install the new patches. Your Oracle software will continue to run without keeping up with the latest patches, but if your EPM system has been installed for a little while now, you may benefit by installing the latest patches.
BOOM Patching Services provides:
- Patching services for Oracle EPM, OBIEE and related Oracle software
- Monthly email notifications for when new patches have been released.
- Scheduling of patching services 24×7
- Patch Readme documents for all EPM and OBI versions
- Experience with over a thousand successful patch installations
- Use of Oracle best practices
- Flexibility of onsite or remote
- Technical project management
- Full documentation
- Knowledge transfer and mentoring
- Daily status reports
- Risk alert or project timeline notifications to reduce risk of going over budget
- Post patching support
Contact us for more information.
Keep up-to-date with the latest Patch Set Update (PSU) patches for Oracle | Hyperion Enterprise Performance Management System (EPM) and Oracle Critical Patch Updates. Expand the Patch categories below (Patch info last updated on August 3, 2018):
The table below is a filtered list of the Oracle Fusion Middleware Risk Matrix from the Oracle Critical Patch Update Advisory from July 2018. The table below was filtered to focus on the patches for Oracle Hyperion EPM products and their related Oracle components. In addition, BOOM has added information to the table to highlight the specific patches required and notes for the patching process. You may click the links in the table for more information about the patches.
Oracle
Critical Patch Update Advisory - July 2018 (Oracle Hyperion EPM products and related Oracle components) |
Patch Details Added by BOOM Global Services | |||||
CVE# | Product | Remote Exploit without Auth.? |
Supported Versions Affected | EPM/Hyperion Versions Affected | Patch # | Notes |
CVE-2018-2894 CVE-2018-2935 CVE-2018-7489 CVE-2018-2987 CVE-2018-2998 CVE-2018-2893 |
Oracle
WebLogic Server (WLS) |
Yes | 10.3.6.0.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 | 11.1.2.4 11.1.2.3 (WLS 10.3.6.0) |
27919965 (for WLS 10.3.6.0.0) |
SSL Authentication Problem |
The table below is a filtered list of the Oracle Fusion Middleware Risk Matrix from the Oracle Critical Patch Update Advisory from April 2018. The table below was filtered to focus on the patches for Oracle Hyperion EPM products and their related Oracle components. In addition, BOOM has added information to the table to highlight the specific patches required and notes for the patching process. You may click the links in the table for more information about the patches.
Oracle Critical Patch Update Advisory - April 2018 (Oracle Hyperion EPM products and related Oracle components) | Patch Details Added by BOOM Global Services | |||||
CVE# | Product | Remote Exploit without Auth.? |
Supported Versions Affected | EPM/Hyperion Versions Affected | Patch # | Notes |
CVE-2018-2628 | Oracle
WebLogic Server (WLS) |
Yes | 10.3.6.0.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 | 11.1.2.4 11.1.2.3 (WLS 10.3.6.0) |
27395085 (for WLS 10.3.6.0.0) |
Before applying this patch, please consider that there have been reports that there are flaws with this patch where a WebLogic vulnerability can still be exploited. (05/02/2018) |
CVE-2017-7525 | Oracle
WebLogic Server (WLS) |
Yes | 10.3.6.0.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 | 11.1.2.4 11.1.2.3 (WLS 10.3.6.0) |
27453773 (for WLS 10.3.6.0.0) |
To check if Samples are installed, see "Sample Verification" section of Doc ID 2255054.1 Oracle WebLogic Server Requirements for Apache Struts 2 Vulnerabilities". On the 10.3.6 version you can manually remove the Samples as the document states. If you would like to keep them, apply the patch. Note they are not always installed. So do not be surprised if they do not exist. |
The table below is a filtered list of the Oracle Fusion Middleware Risk Matrix from the Oracle Critical Patch Update Advisory from January 2018. The table below was filtered to focus on the patches for Oracle Hyperion EPM products and their related Oracle components. In addition, BOOM has added information to the table to highlight the specific patches required and notes for the patching process. You may click the links in the table for more information about the patches.
Oracle Critical Patch Update Advisory - January 2018 (Oracle Hyperion EPM products and related Oracle components) | Patch Details Added by BOOM Global Services | |||||
CVE# | Product | Remote Exploit without Auth.? |
Supported Versions Affected | EPM/Hyperion Versions Affected | Patch # | Notes |
CVE-2017-5645 | Oracle
WebLogic Server (WLS) |
Yes | 10.3.6.0.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 | 11.1.2.4 11.1.2.3 (WLS 10.3.6.0) |
27188721 (for WLS 10.3.6.0.0) |
To check if Samples are installed, see "Sample Verification" section of Doc ID 2255054.1 Oracle WebLogic Server Requirements for Apache Struts 2 Vulnerabilities". On the 10.3.6 version you can manually remove the Samples as the document states. If you would like to keep them, apply the patch. Note they are not always installed. So do not be surprised if they do not exist. |
CVE-2017-9798 CVE-2018-2561 |
Oracle
HTTP Server (OHS) |
Yes | 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 | 11.1.2.4 11.1.2.3 (OHS 11.1.1.7.0) |
27197885 (for OHS 11.1.1.7.0) |
See
Note 2350321.1 before applying this patch See Note 1984662.1 before applying this patch Oracle HTTP Server 11.1.1.7 Patch for Oracle_WT OH |
CVE-2018-2625 | Oracle
WebLogic Server (WLS) |
Yes | 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 | 11.1.2.4 11.1.2.3 (WLS 10.3.6.0) |
26519424 (for WLS 10.3.6.0) | The latest WLS PSU is Patch 26519424, which is from October 2017. There wasn't a WLS PSU released in January 2018. Patch 26519424 should be applied before Patch 27188721 (the WLS patch listed above). |
CVE-2018-2733 | Oracle Hyperion Planning | No | 11.1.2.4 | 11.1.2.4 | 27027776 | Planning 11.1.2.4.007 (27027776) is the PSU patch that should be applied |
CVE-2018-2610 | Hyperion Data Relationship Management | Yes | 11.1.2.4.330 | 11.1.2.4 | 27200129 | DRM 11.1.2.4.345 (27200129) should be applied since it is the latest PSU patch |
CVE-2018-2594 | Hyperion BI+ | No | 11.1.2.4 | 11.1.2.4 | 26865623 | BI+ 11.1.2.4.007 (26865623) is the PSU patch that should be applied |
CVE-2018-2595 | Hyperion BI+ | No | 11.1.2.4 | 11.1.2.4 | 26865623 | BI+ 11.1.2.4.007 (26865623) is the PSU patch that should be applied |
HYPERION
EPM 11.1.2.4 |
LATEST PATCH SET UPDATE | |
VERSION | PATCH # | |
Calculation Manager | 11.1.2.4.013 | 27780138 |
Disclosure Management | 11.1.2.4.257 | 27111243 |
DRM | 11.1.2.4.345 | 27200129 |
DRM Analytics | 11.1.2.4.341 | 23750023 |
EAS Console | 11.1.2.4.025 | 28285134 |
EAS Server | 11.1.2.4.025 | 28285151 |
EPMA | 11.1.2.4.000 | N/A |
Essbase Client (Windows) | 11.1.2.4.025 | 27797117 |
Essbase Client (Unix) | 11.1.2.4.025 | 27797126 |
Essbase RTC | 11.1.2.4.025 | 27797123 |
Essbase Server | 11.1.2.4.025 | 27797131 |
Essbase Studio Console | 11.1.2.4.016 | 25225885 |
Essbase Studio Server | 11.1.2.4.016 | 25225889 |
FCM | 11.1.2.4.251 | 27479194 |
FCM Smart View Extension | 11.1.2.4.250 | 27223794 |
FDMEE | 11.1.2.4.220 | 25312033 |
Financial Reporting | 11.1.2.4.709 | 27290291 |
HFM | 11.1.2.4.207 | 27523845 |
HPCM | 11.1.2.4.127 | 27732412 |
Planning | 11.1.2.4.008 | 28103100 |
Provider Services | 11.1.2.4.025 | 27797138 |
Reporting and Analysis | 11.1.2.4.008 | 28314774 |
Shared Services | 11.1.2.4.007 | 26751072 |
Strategic Finance | 11.1.2.4.002 | 20868598 |
Tax Governance | 11.1.2.4.251 | 27479194 |
Tax Governance SV Extension | 11.1.2.4.250 | 27360317 |
Tax Provision | 11.1.2.4.202 | 25316913 |
HYPERION EPM 11.1.2.3 |
LATEST PATCH SET UPDATE | |
VERSION | PATCH # | |
Calculation Manager | 11.1.2.3.700 | 21292109 |
Disclosure Management | 11.1.2.3.820 | 23099997 |
DRM | 11.1.2.3.700 | 21107706 |
EAS Console | 11.1.2.3.508 | 20183719 |
EAS Server | 11.1.2.3.508 | 20183747 |
EPMA | 11.1.2.3.700 | 20929659 |
Essbase Client (Windows) | 11.1.2.3.508 | 21248751 |
Essbase Client (Unix) | 11.1.2.3.508 | 21248744 |
Essbase RTC | 11.1.2.3.508 | 21248750 |
Essbase Server | 11.1.2.3.508 | 21248746 |
Essbase Studio Console | 11.1.2.3.507 | 20183684 |
Essbase Studio Server | 11.1.2.3.507 | 20183692 |
FCM | 11.1.2.3.700 | 20768349 |
FDM | 11.1.2.3.500 | 17529887 |
FDMEE | 11.1.2.3.700 | 20779592 |
Financial Reporting | 11.1.2.3.700 | 20838970 |
HFM | 11.1.2.3.702 | 22323578 |
HPCM | 11.1.2.3.701 | 21473370 |
Planning | 11.1.2.3.701 | 21512189 |
Provider Services | 11.1.2.3.507 | 20183647 |
RA Framework | 11.1.2.3.700 | 20768325 |
Shared Services | 11.1.2.3.702 | 22288101 |
Strategic Finance | 11.1.2.3.507 | 21213553 |
Tax Provision | 11.1.2.3.702 | 23748724 |
Web Analysis | 11.1.2.3.700 | 20880421 |
Workspace | 11.1.2.3.700 | 20612400 |
HYPERION EPM 11.1.2.2 |
LATEST PATCH SET UPDATE | |
VERSION | PATCH # | |
Calculation Manager | 11.1.2.2.306 | 18240460 |
Disclosure Management | 11.1.2.2.300 | 14153925 |
DRM | 11.1.2.2.311 | 20140150 |
EAS Console | 11.1.2.2.106 | 17595805 |
EAS Server | 11.1.2.2.106 | 17595825 |
EPMA | 11.1.2.2.301 | 16692973 |
Essbase Client (Windows) | 11.1.2.2.106 | 18148661 |
Essbase Client (Unix) | 11.1.2.2.106 | 18148677 |
Essbase RTC | 11.1.2.2.106 | 18148673 |
Essbase Server | 11.1.2.2.106 | 18148668 |
Essbase Studio Console | 11.1.2.2.106 | 17595842 |
Essbase Studio Server | 11.1.2.2.106 | 17595836 |
FCM | 11.1.2.2.501 | 20194825 |
FDM | 11.1.2.2.500 | 18659116 |
Financial Reporting | 11.1.2.2.505 | 20639760 |
HFM | 11.1.2.2.500 | 18659116 |
HPCM | 11.1.2.2.353 | 17974124 |
Planning | 11.1.2.2.502 | 20728678 |
Provider Services | 11.1.2.2.106 | 18148649 |
RA Framework | 11.1.2.2.401 | 17027109 |
Shared Services | 11.1.2.2.501 | 19591417 |
Strategic Finance | 11.1.2.2.305 | 18355715 |
Web Analysis | 11.1.2.2.500 | 18659116 |
Workspace | 11.1.2.2.500 | 18659116 |
HYPERION
EPM 11.1.2.1 |
LATEST PATCH SET UPDATE | |
VERSION | PATCH # | |
Calculation Manager | 11.1.2.1.104 | 14265667 |
Disclosure Management | 11.1.2.1.113 | 14410193 |
DRM | 11.1.2.1.110 | 14700807 |
EAS Console | 11.1.2.1.107 | 17545124 |
EAS Server | 11.1.2.1.107 | 17545122 |
EPMA | 11.1.2.1.601 | 15883303 |
Essbase RTC | 11.1.2.1.107 | 17545113 |
Essbase Server | 11.1.2.1.107 | 17545111 |
Essbase Studio Console | 11.1.2.1.107 | 17545096 |
Essbase Studio Server | 11.1.2.1.107 | 17545104 |
FCM | 11.1.2.1.103 | 13603945 |
FDM | 11.1.2.1.503 | 16582335 |
Financial Reporting | 11.1.2.1.141 | 20929321 |
HFM | 11.1.2.1.602 | 18252538 |
HPCM | 11.1.2.1.606 | 16823586 |
Planning | 11.1.2.1.601 | 16906210 |
Provider Services | 11.1.2.1.107 | 17545091 |
Reporting and Analysis | 11.1.2.1.136 | 17320505 |
Shared Services | 11.1.2.1.601 | 17734704 |
Strategic Finance | 11.1.2.1.106 | 20521598 |
Web Analysis | 11.1.2.1.135 | 16847890 |
Workspace | 11.1.2.1.600 | 14119724 |
HYPERION
EPM 11.1.2.5 |
LATEST PATCH SET UPDATE | |
VERSION | PATCH # | |
Smart View (SV) (SV 11.1.2.5.x is backward compatible) |
11.1.2.5.800 | 28120145 |