- Date: April 21, 2021
Well folks, it’s that time of year again. No, I’m not talking about the snow outside at the end of April. I’m talking about the Oracle Critical Patch Update for the first quarter of 2021.
As always, full details of the patch can be found right here.
For this particular release, there are a couple of items for EPM and the general updates to both Java and WebLogic for security purposes. For EPM, the focus is on Analytic Provider Services (APS) and Financial Management (HFM).
Analytic Provider Services has a high-rated vulnerability:
HFM has one of lesser concern:
Oracle Fusion Middleware (which includes OHS and WebLogic) contains a number of vulnerabilities:
Patch Availability for any of the issues defined is tracked here.
Analytic Provider Services 220.127.116.11.043 PSU resolves the security concern and the HFM issues is addressed in the new 11.2.x code-line and is not being addressed in EPM 18.104.22.168 (as it’s end-of-premeir support in December 2021). If the HFM issue is a concern, we recommend upgrading and would be happy to assist in any conversations around that process.
Lastly, Oracle has released the standard Java updates. Depending on your version, these can be applied to EPM systems, but the 22.214.171.124 and earlier code-lines do not suppore Java 8 or higher.