Q

Proof of installed security patches

We are being audited by our internal security group and I have to prove that I have installed Oracle security patches from Alert #68. How do I prove that these patches were installed on Unix and Windows servers?

We are being audited by our internal security group and I have to prove that I have installed Oracle security patches from Alert #68. How do I prove that these patches were installed on Unix and Windows servers?
If the Alert #68 patch was installed against a set of Oracle8i binaries, it may be difficult to prove that the patch was, in fact, installed. What I typically like to do is copy the patch into a patches subdirectory under the relevant $ORACLE_HOME. This way, when I need to go back and verify that a patch was applied, I can tell right away.

If a patch's subdirectory was created under the 8i ORACLE_HOME and the patch was installed from there, you should

see a file called undo_pre3821967_8.1.7.4.0.sh which is created by the patch for backout purposes (on UNIX). If, on the other hand, the patch was applied from a central location across all servers, it might be more difficult to prove that the patch was applied.

With Oracle9i, however, the patch would have been installed with the opatch utility. You can use the opatch utility to list the installed patches. Set your environment to a 9i database on the server, navigate to where the opatch utility is installed (or include it in your path) and type:

opatch lsinventory

This will read the inventory and list any patches that were installed. If security alert #68 was installed, you should see lines similar to this in the output (this example is from Solaris):

Installed Patch List:  
=====================  
1) Patch 3811887 applied on Thu Oct 14 12:43:51 MDT 2004      
[ Base Bug(s): 3828166 3811887  ]

Also, with Oracle9i, you can look in $ORACLE_HOME/.patch_storage for log files. If this hidden directory (.patch_storage) was created prior to applying the patch, opatch would have sent all log files to this subdirectory by default.

This was first published in July 2005

Dig deeper on Oracle database installation, upgrades and patches

Pro+

Features

Enjoy the benefits of Pro+ membership, learn more and join.

Have a question for an expert?

Please add a title for your question

Get answers from a TechTarget expert on whatever's puzzling you.

You will be able to add details on the next page.

0 comments

Oldest 

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to:

SearchDataManagement

SearchBusinessAnalytics

SearchSAP

SearchSQLServer

TheServerSide

SearchDataCenter

SearchContentManagement

SearchFinancialApplications

Close