Patches

Oracle Critical Patch Update Oct. 2014

Yesterday Oracle released their quarterly Critical Patch Update.  Browsing through the various readme files, I found that no Hyperion or EPM products were directly listed this quarter.  OBIEE didn’t have any new patches to its software this quarter, either.

As you browse the information provided, you can see that WebLogic 10.3.6.0 does have some low risk vulnerabilities addressed by this CPU.  Oracle’s recommendation is to apply the 10.3.6.0.9 WebLogic Server Patch Set Update (Patch 19182814) to address some of the concerns with the WebLogic application server that is installed with and supports EPM and OBIEE.

In critical environments, it would also be advised to monitor and update the supporting Java SE version installed or used with Fusion Middleware products such as EPM and OBIEE.  See Oracle Support note 1492080.1 on updating the installed Java version for Fusion Middleware products.

In reality, most EPM/BI implementations are going to be safely behind a corporate firewall and won’t worry about these too much.  If you are hosting healthcare.gov, for instance, I would hope that you would already be aware of these and patched by now.

Essbase & EAS 11.1.2.3.503 Patches available

Last Thursday, Oracle issued a slew of patches for Essbase and its peripheral components (EAS, client, Run Time Client).  Typically Oracle has kept Essbase Studio and APS aligned with the same patch level, but .503 patches have not appeared for those products yet. These patches address bugs at the .500 patch level so I highly recommend applying this latest round of patches if you are on Essbase 11.1.2.3.500+.

Patch Numbers:

Essbase Defects Fixed:

Defect Number Defect Fixed
19485568, 19190554 Using linked partitions and making changes to the outline, followed by running outline sync, may cause the application to terminate abnormally.
19358183 The Essbase Server can terminate abnormally when running concurrent requests to calculate the database as well as run queries.
19339625 When updating a partition definition, validating and updating the outline at the same moment can abnormally terminate the application.
19288595 In some cases, UDAs are not updated when trying to synchronize the outline of a replicated partition.
19178010 When a query is too large, an aggregate storage database can terminate abnormally.  With 11.1.2.3.503, it returns an error:
ERROR – 1200613 – Internal error: Query is too large and cannot be executed. The product of member counts across all dimensions in the query exceeds 2^64.
19150857 Using Smart View with Essbase Release 11.1.2.3 with SSOPTIMIZEDGRIDPROCESSING set to TRUE in essbase.cfg, data can be submitted by users to intersections that are secured as “read-only”.
19150857 The .db file can become corrupted under concurrent calculation requests.
19021424 Empty rows are inserted while performing a zoom-in on a member in Smart View Client.
18977312 On an aggregate storage database, an MDX formula can return inconsistent results.
18148156 A trigger can fail when ORACLEHARDWAREACCELERATION is set to TRUE in essbase.cfg.

EAS Defects Fixed:

Defect Number Defect Fixed
18684575 A data load rules file created in Administration Services console 11.1.2.3.500 cannot be used by MAXL.

EPM 11.1.2.2.500 – IE10, Windows 8, Office 2013 compatibility

On Wednesday, July 16, Oracle released EPM version 11.1.2.2.500. It appears as if this patch is very much the same as Oracle did with the 11.1.2.3.500 patch, where multiple products are patched in one large EPM bundle patch.

This PSU may be applied to all 11.1.2.2.x releases where .x is less than .500.

 

Products included in this patch:

  • Oracle Hyperion Planning
  • Oracle Hyperion Financial Data Quality Management ERP Integration Adapter for Oracle Applications
  • Oracle Hyperion EPM Architect
  • Oracle Hyperion Enterprise Performance Management Workspace
  • Oracle Hyperion Financial Reporting
  • Oracle Hyperion Reporting and Analysis Framework
  • Oracle Crystal Ball
  • Oracle Hyperion Strategic Finance
  • Oracle Hyperion Profitability and Cost Management
  • Oracle Hyperion Web Analysis
  • Oracle Hyperion Interactive Reporting
  • Oracle Hyperion Financial Management
  • Oracle Hyperion Shared Services
  • Oracle Hyperion Calculation Manager
  • Oracle Hyperion Financial Close Management

DRM, Performance Scorecard, Disclosure Management, and Smart View are not patched in this version.

 

New Features in this release:

Windows 8 support

Office 2013 support

Internet Explorer 10 compatibility

Firefox 24.x ESR compatibility

HPCM – This patch introduces a new Web Service to support multi-POV calculations for Standard Profitability applications.

Shared Services – You can now select and delete all taskflows listed on the Taskflows screen.

Planning – Response time has improved for Hyperion Planning 11.1.2.2.500 functionality in a browser. The Hyperion Planning response time for functionality within a browser is faster in the 11.1.2.2.500 release. For example, the 11.1.2.2.500 end-to-end response times through the browser averaged 41% faster than 11.1.2.2.300, with up to 200 users on the system. Some actions, such as scrolling forms, completed 70% faster in 11.1.2.2.500.

 

Patches required:

EPM Bundle Patch (search under Shared Services) – 18659116

11.1.2.2.500 Client Installers – 18856417

 

To see the full updated EPM Platform compatibility matrix, click here.

 

July 2014 Oracle Quarterly Critical Patch Availability

Today Oracle released a list of vulnerabilities to the EPM and related BI software along with a host of other products.  See the full announcement here: http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html

This one was interesting as my beloved Hyperion products were mentioned.  Seven vulnerabilities were identified with Hyperion products.  It was interesting that most of the patches for these vulnerabilities have been out for a little while, so hopefully you have already mitigated some of these.  Here is list of defects for Hyperion:

7-15-2014 5-25-14 PM

If you clicked the link from the announcement to My Oracle Support note number 1666884.1, the Patch Set Update and Critical Patch Update July 2014 Availability Document, will give you the patches to fix each vulnerability.

Patch Availability for Oracle Hyperion Analytic Provider Services

Product Home Patch Advisory Number Comments
11.1.2.3 SPU Patch 17767293 CVE-2014-4246  11.1.2.3.500 PSU
11.1.2.2 SPU Patch 18148649 CVE-2014-4246  11.1.2.2.106 PSU

Patch Availability for Oracle Hyperion BI+

Product Home Patch Advisory Number Comments
11.1.2.3 SPU Patch 17529887 and SPU Patch 18383790 CVE-2014-0436  11.1.2.3.500 PSU (included in 17767293) and 11.1.2.3.500 Client Installers PSE
11.1.2.2 SPU Patch 18659116 and SPU Patch 18856417 CVE-2014-0436 I could not find these patches. The links do not show the patch.

 

Patch Availability for Oracle Hyperion Common Admin

Product Home Patch Advisory Number Comments
11.1.2.3 CPU Patch 18672071 CVE-2014-4269, CVE-2014-4270 11.1.2.3.501 PSU for Shared Services
11.1.2.2 CPU Patch 18659116 CVE-2014-4269, CVE-2014-4270 I could not find this patch either.

 

Patch Availability for Oracle Hyperion EAS

Product Home Patch Advisory Number Comments
11.1.2.3 Admin Server Patch 17417347Admin Console Patch 17417344 Released January 2014  11.1.2.3.002 PSU, should also be included in 11.1.2.3.501 PSU
11.1.2.2 Admin Server Patch 17277761Admin Console Patch 17277764 Released January 2014  11.1.2.2.104 PSU
11.1.2.1 Admin Server Patch 17545122Admin Console Patch 17545124 Released January 2014  11.1.2.1.107 PSU

 

Patch Availability for Oracle Hyperion Enterprise Performance Management Architect

Product Home Patch Advisory Number Comments
11.1.2.3 SPU Patch 17529887 and SPU Patch 18383790 CVE-2014-4203, CVE-2014-4206  11.1.2.3.500 PSU and 11.1.2.3.500 Client Installers PSE
11.1.2.2 SPU Patch 18659116 and SPU Patch 18856417 CVE-2014-4203, CVE-2014-4206  I could not find this patch either.

 

Patch Availability for Oracle Hyperion Essbase

Product Home Patch Advisory Number Comments
11.1.2.3 SPU Patch 18505489 CVE-2014-4271  11.1.2.3.501 PSU
11.1.2.2 SPU Patch 18520684 CVE-2014-4271  11.1.2.2.000 Patch Set Update Exception (PSE): 11.1.2.2.106 (18520684)

 

Patch Availability for Oracle Hyperion Strategic Finance

Product Home Patch Advisory Number Comments
11.1.2.2 CPU Patch 14593946 Released April 2014 11.1.2.2.301 PSU
11.1.2.1 CPU Patch 17636270 Released April 2014 11.1.2.1.103 PSU

 

In addition to the application patches, we also find that WebLogic Server 10.3.6.0 is listed.  This is important because it is part of our installation of EPM 11.1.2.x and most of us take it for granted.

Patch Set Update Availability for Oracle WebLogic Server

Product Home Patch Advisory Number Comments
Oracle Java SE home JDK/JRE 6 Update 81:

 See Note 1492980.1How to Maintain the Java SE Installed or Used with FMW 11g Products
Oracle JRockit 28.x home R28.3.3- Patch 18763693
WebLogic Server 10.3.6.0.0 home PSU 10.3.6.0.8 Patch 18040640 CVE-2014-2480, CVE-2014-2481, CVE-2014-4256, CVE-2014-4242, CVE-2014-4253, CVE-2014-4267, CVE-2014-4255, CVE-2014-4254, CVE-2014-2479, CVE-2014-4210, CVE-2014-4241, CVE-2014-4217, CVE-2014-4201, CVE-2014-4202 See Note 1306505.1Announcing Oracle WebLogic Server PSUs (Patch Set Updates)For CVE-2014-4256, see Note 1903763.1, Download Request for Security Configuration

 

Also note in the announcement that there is a patch for OBIEE’s Mobile App Designer.

Patch Availability for Oracle Business Intelligence App Mobile Designer

Product Home Patch Advisory Number Comments
11.1.1.7.0 SPU Patch 18794832 CVE-2014-4249 Must delete existing MAD deployment and install this one.  Check the readme.

 

This appears to be a replacement for the entire MAD install.  Going forward, I will use the Oracle BI Mobile App Designer patch 18794832 instead of the older 17220994 patch.  This patch came out on 6/3, so they aren’t very good about announcing these patches.  I guess that’s why we should be reading these quarterly announcements to find out what has been fixed.

 

EPM 11.1.2.3.500 revisited

As I previously posted (http://wp.me/p2jaSq-2k), the Essbase 11.1.2.3.500 patches include many new features, but that was not all.  Oracle had another patch hit just a couple of days later as John Goodwin reported (http://john-goodwin.blogspot.com/2014/03/epm-patch-11123500-has-landed.html).

So, I had a new install at a client and wanted to see how all of this actually works.  I installed EPM 11.1.2.3 as normal.  At this client, that included Essbase, EAS, APS, FR, and OBIEE.  I started by applying the new Hyperion HUB patch 17529887.

The “superpatch” as Goodwin called it did appear to patch many products.  My Foundation Services, Provider Services, Financial Reporting, and Reporting and Analysis Framework all seemed to have been patched.  That’s fantastic; however, APS was not patched to 11.1.2.3.500 as expected, it was a lower version, 11.1.2.3.000.4380.  EAS and Essbase were not touched by the superpatch.

Workspace Help>About screen with version information.

Workspace Help>About screen with version information.

Therefore, the reason behind my post today is to inform the public that in order to patch the entire system, you will need the superpatch as well as the other patches that I previously mentioned.  The whole stack, as far as I am aware, requires the following patches:

  • Hyperion HUB (17529887)
  • Hyperion Client Patches (18383790)
    • Crystal Ball
    • EPMA clients
    • HSF Client (32 & 64-bit)
    • Planning Smart View Extension
    • Predictive Planning (32 & 64-bit)
  • Essbase Client (17767307)
  • Essbase Runtime Client (17767299)
  • EAS (17767309)
  • EAS Console (17767316)
  • APS (17767293)
  • Essbase Studio (17767295)
  • Essbase Studio Console (17767296)
  • Essbase Server (17767302)

 

Announcing Essbase 11.1.2.3.500

A new patch was just released for Essbase Server, patch number 17767302, Essbase 11.1.2.3.500.

Released along with this patch are patches for:

  • Essbase Client (17767307)
  • Essbase Runtime Client (17767299)
  • EAS (17767309)
  • EAS Console (17767316)
  • APS (17767293)
  • Essbase Studio (17767295)
  • Essbase Studio Console (17767296)

This is an exciting patch for many reasons.  Not only are there several bug fixes included in the patch, it also contains some new features.  Bug fixes range from Essbase performance to MDX performance issues to Smart View errors.  In all, there are 81 different bugs fixed with this release.

This release of Essbase includes some major new features although it is just a PSU (Patch Set Update):

  • Hybrid Aggregation mode in BSO cubes – like bringing ASO functionality into a BSO cube without MDX conversions.
    • ASODYNAMICAGGINBSO configuration setting
      • Great for BSO applications that use the outline calculation operators to aggregate dimensions
      • Outlines with Dynamic Calc members with greater than 100 children
      • Great for folks that are using ASO cubes through partitions to aggregate portions of data.
    • To take advantage of the dynamic aggregation, mark upper-level members that calculate with outline operators as Dynamic Calc instead of Store.  This will allow the dynamic aggregation to take place.
      • May need to change dimension order and/or Sparse/Dense settings to ensure member formulas are calculated correctly.
    • Time Balance tagged members, attribute calculations, formulas with Cross-dimension operators, transparent partition target members with Dynamic Calc formulas, queries with both two-pass and one-pass dynamic calc members, and XOLAP are all calculated in Block Mode.
  • Faster Queries for MDX Aggregate and Sum Functions – Essbase dynamically improves the performance of these functions.
  • FIXPARALLEL/ENDFIXPARALLEL calculator function – use for parallel functions where CALCPARALLEL doesn’t provide adequate performance.
    • DATAEXPORT, DATACOPY, CLEARBLOCK, @XREF, and @XWRITE functions can all be used with FIXPARALLEL.
    • Can also be used where CALCPARALLEL isn’t efficient (many empty tasks or small number of tasks).
  • THREADVAR variables to be used with FIXPARALLEL block
  • POSTFIXPARALLEL used to copy THREADVARs to VAR variables
  • INPLACEDATAWRITE – for Exalytics – allows data blocks to be rewritten to the same location in the .PAG file if the compressed size hasn’t grown.  This slows the fragmentation rate which reduces the need for frequent restructures.
  • XOLAPENABLEHEURISTICS Configuration setting is no longer recommended by Oracle.
  • VLBREPORT Configuration setting has been deprecated, changing its value has no effect

Changes to how Essbase runs:

  • Restructuring a database on Exalytics with this release causes the Index Cache Size and/or Data File Cache Size to increase – up to double for Exalytics on Linux or Solaris.
  • To get intelligent calculation to run on Exalytics with this release, the index file size must fit inside the Index Cache.  Future growth must also be accounted for in order for intelligent calculation to continue to work.
  • To configure the Essbase JVM Heap Size on Solaris 64-bit different than its 512 GB initial size, a new environment variable must be created called ESS_JVM_OPTION.
    • ESS_JVM_OPTIONn -XX:HeapBaseMinAddress
  • Dynamic Calculator Cache maximum size is now based on whether the application is 32-bit or 64-bit.
    • Essbase 64-bit: 256 GB
    • Essbase 32-bit: 4 GB

To apply these patches, assuming your maintenance contract is current and you have the correct Customer Support Identifier applied to your Oracle account:

  1. Log into Oracle’s Support site (https://support.oracle.com)
  2. Click on the “Patches and Updates” tab
  3. Search for the patches by Product or by number that is provided above
  4. Follow the steps included in the readme files for each patch.

For more information on these patches, check the readme files that come with the patches.

Oracle Knowledge Base article 1488475.1

I have a colleague that has become quite the OBIEE expert over the last few months.  She loves OBIEE sometimes more than others, especially given the amount of patches that have come out.

A couple of months ago I upgraded her OBIEE implementation at a client to 11.1.1.6.7, but I noticed today that a new round of OBIEE patches were available.  So, how do you find out what patches are available?  Log into Oracle Support (https://support.oracle.com) and search the Knowledge Base for article 1488475.1.  This article lists the patches available for various releases of OBIEE 11g.

OBIEE 11.1.1.6.8 consists of the following:

  • Patch 16094198
  • Patch 16094192
  • Patch 16080520
  • Patch 16094205
  • Patch 16094211
  • Patch 16067995
  • Patch 16097082

This patch set was released on February 5, 2013

This is a cumulative bundle patch to go on top of current 11.1.1.6.X releases  (excluding FA 11.1.1.6.3.X).

Patch 16094198 (1 of 7) Oracle Business Intelligence Installer. (generic)

Patch 16094192 (2 of 7) Oracle Real Time Decisions. (generic)

Patch 16080520 (3 of 7) Oracle Business Intelligence Publisher. (generic)

Patch 16094205 (4 of 7) Oracle Business Intelligence ADF Components. (generic)

Patch 16094211 (5 of 7) Enterprise Performance Management Components Installed from BI Installer 11.1.1.6.x. (port-specific)

Patch 16067995 (6 of 7) Oracle Business Intelligence. (port-specific)

Patch 16097082 (7 of 7) Oracle Business Intelligence Platform Client Installers and MapViewer  (generic)

Note:

The Readme files for the above patches describe the bugs fixed in each patch, and any known bugs with the patch.

This patch is cumulative, and therefore contains all of the fixes included in the earlier 11.1.1.6.2, 11.1.1.6.4, 11.1.1.6.5, 11.1.1.6.6 and 11.1.1.6.7 patch sets.

However, lists of fixes from included patch sets need to be looked up in the respective patches’ readme files, and are not included in the above patches’ readme files.

The instructions to apply the above patches are identical, and are contained in the readme file for patch 16094198.

Please bear in mind, that the readme states to apply patch 13952743 for JDeveloper, too.