Will Execution Of Dbms_java_dev.disable Patch(OJVM PSU) Impact Demantra In Any Way?
(Doc ID 1948325.1)
Last updated on MAY 14, 2021
Applies to:Oracle Demantra Advanced Forecasting and Demand Modeling - Version 7.3.1 and later
Information in this document applies to any platform.
Customer mentions that Oracle just released a mitigation patch that is considered one of the most critical and risky for Oracle databases with JVM installed. This is a script (dbms_java_dev.disable) that introduces new controls to prevent new Java classes from being deployed or new calls from being made to existing Java classes, while preserving the ability of the database to execute the existing Java stored procedures that customers may rely on. Specifically this script will be applied on the Demantra database we have. What we are hearing about it will:
• Revokes public access to DBMS_JAVA, DBMS_JAVA_TEST, DBMS_JAVA_MISC, SQLJUTL, SQLJUTL2 and JVMRJBCINV.
• Creates a new role "ORACLE_JAVA_DEV" which can be used to grant back the privilege to individual users as needed.
• Grants the role ORACLE_JAVA_DEV to users that have objects with static dependencies to one of the above packages.
• As a result of the privilege changes applications that use database Java call-ins may fail with errors, and so may need explicit grants to give access to the relevant package.
The questions we would like to get answer are:
Will execution of dbms_java_dev.disable patch impact Demantra as an application in any way?
If yes, can we proactive and go around the possible issues?
See Doc ID 1929745.1 about the patch. It is for Oracle 11g and higher. We run Demantra on Oracle 10g. For 10g do not have full blown patch but they have a solution. They suggest to run exec dbms_java_dev.disable which does things described above. The questions we have is about Demantra - whether this patch (or solution) applied to our Demantra Oracle 10g database can or cannot have impact on the Demantra as an application. In other words, does Demantra makes calls to the existing JAVA packages in the database? If yes, potentially, applying the patch could cause some errors in Demantra later on.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document