Oracle Database 21c Proactive Patch Information
(Doc ID 2796590.1)
Last updated on OCTOBER 17, 2023
Applies to:
Gen 1 Exadata Cloud at Customer (Oracle Exadata Database Cloud Machine) - Version N/A and laterOracle Database - Enterprise Edition - Version 19.0.0.0 and later
Oracle Database Cloud Service - Version N/A and later
Oracle Database Exadata Express Cloud Service - Version N/A and later
Oracle Cloud Infrastructure - Database Service - Version N/A and later
Information in this document applies to any platform.
This document lists the most recent and all historical R21c Database Release Update patches
Details
Oracle Database 21c Proactive Patch Information (Doc ID 2796590.1)
Introduction
This My Oracle Support document lists all the Release Update patches released for Database 21. Oracle recommends that the latest Update is deployed to all Database systems.
This document will be updated every time a new Update patch is released, which is generally once a quarter. Patches over one year old will need a password to download, as explained in Section 1.4 of <Note 888.1>.
Please note that the historical listings below do not include current patch availability. For current patch availability, please see the latest Patch Availability Document (PAD) here.
The CVEs addressed in each quarter are cumulative. Therefore only the new, or additional CVEs are listed each quarter.
Oracle Database 21c Release Update
Each bundle patch includes the Database component fixes packaged as a singleton patch.
The same Database Update patch is included in Grid Infrastructure Release Update patches as the Database Component patch.
Please carefully review the README file supplied with the patch.
The table below shows the Database Release Update patches available for 21.
The Database fixes included in the various Updates are listed in <Note 2814015.1>, Database 21 Release Updates and Revisions Bugs Fixed Lists
| Release Date | Version | Download Link | Included in Windows Bundle | Additional CVEs Addressed |
|---|---|---|---|---|
| 17-Oct-2023 | Database Release Update 21.12.0 | <Patch 35740258> | <Patch 35681617> | CVE-2023-38039, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2022-44729 CVE-2022-23491, CVE-2022-40896, CVE-2022-40897, CVE-2023-38325, CVE-2023-22071, CVE-2023-22077, CVE-2023-22096, CVE-2023-22073, CVE-2023-35116, CVE-2023-22075, CVE-2023-22074, CVE-2021-24031, CVE-2023-35887, CVE-2022-42004, CVE-2022-46908, and CVE-2023-2976 |
| 18-Jul-2023 | Database Release Update 21.11.0 | <Patch 35428978> | <Patch 35347974> | CVE-2022-21189, CVE-2022-43680, CVE-2023-23931, CVE-2023-22034, CVE-2023-21949, CVE-2023-22052, CVE-2021-3520, CVE-2023-34981, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709, and CVE-2023-30533 |
| 18-Apr-2023 | Database Release Update 21.10.0 | <Patch 35134934> | <Patch 35046488> | CVE-2023-21918, CVE-2023-24998, CVE-2022-45061, CVE-2022-37454, CVE-2022-42919, CVE-2023-21934, CVE-2022-45143 |
| 17-Jan-2023 | Database Release Update 21.9.0 | <Patch 34839741> | <Patch 34750812> | CVE-2021-3737, CVE-2022-42003, CVE-2023-21829, CVE-2022-39429, CVE-2020-10735, CVE-2018-25032, CVE-2023-21827, CVE-2021-37750, CVE-2022-45047, CVE-2022-42889, CVE-2020-10878, CVE-2022-1122, CVE-2021-29338, CVE-2022-3171, CVE-2022-42004, & CVE-2022-21597 |
| 18-Oct-2022 | Database Release Update 21.8.0 | <Patch 34527084> | <Patch 34468137> | CVE-2022-21603, CVE-2020-36518, CVE-2022-1586, CVE-2022-39419, CVE-2021-41495, CVE-2021-41496, CVE-2022-34169, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-25647, CVE-2020-13956, CVE-2022-34305, CVE-2021-25122, CVE-2021-25329, CVE-2021-4048, CVE-2021-3737, CVE-2021-30129, CVE-2022-2048, CVE-2022-2047 |
| 19-Jul-2022 | Database Release Update 21.7.0 | <Patch 34160444> | <Patch 34110698> | CVE-2021-45943, CVE-2022-21432, CVE-2020-26185, CVE-2020-26184, CVE-2022-21565, CVE-2020-35169 |
| 19-Apr-2022 | Database Release Update 21.6.0 | <Patch 33843745> | <Patch 33829143> | CVE-2021-22569, CVE-2021-2464, CVE-2021-30129, CVE-2019-12402, CVE-2021-42340 |
| 18-Jan-2022 | Database Release Update 21.5.0 | <Patch 33516412> | N/A | CVE-2021-45105, CVE-2022-21393 |
| 19-Oct-2021 | Database Release Update 21.4.0 | <Patch 33239276> | N/A | CVE-2021-35599, CVE-2021-35619, CVE-2021-2332, CVE-2021-35551, CVE-2021-35557, CVE-2021-35558, CVE-2021-29425, CVE-2021-29921, CVE-2020-28928, CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-2432 |
R21c Grid Infrastructure Release Update (Update)
Each GI Release Update (Update) patch includes the Database and Clusterware component patches.
Please carefully review the README file supplied with the patch.
The table below shows the Grid Infrastructure Update patches available for 21.
The Database fixes included in the various GI Updates are listed in <Note 2814016.1>, Database 21 Release Updates and Revisions Bugs Fixed Lists
The Grid Infrastructure fixes (Clusterware and ACFS) included in the various GI Updates are listed in <Note 2523221.1>, Grid Infrastructure 21 Release Updates and Revisions Bugs Fixed Lists
| Release Date | Version | Download Link | Additional CVEs Addressed |
|---|---|---|---|
| 17-Oct-2023 | GI Release Update 21.12.0 | <Patch 35738010> | CVE-2023-38039, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2022-44729, CVE-2022-23491, CVE-2022-40896, CVE-2022-40897, CVE-2023-38325, CVE-2023-22071, CVE-2023-22077, CVE-2023-22096, CVE-2023-22073, CVE-2023-35116, CVE-2023-22075, CVE-2023-22074, CVE-2021-24031, CVE-2023-35887, CVE-2022-42004, CVE-2022-46908, and CVE-2023-2976 |
| 18-Jul-2023 | GI Release Update 21.11.0 | <Patch 35427907> | CVE-2022-21189, CVE-2022-43680, CVE-2023-23931, CVE-2023-22034, CVE-2023-21949, CVE-2023-22052, CVE-2021-3520, CVE-2023-34981, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709, and CVE-2023-30533 |
| 18-Apr-2023 | GI Release Update 21.10.0 | <Patch 35132566> | CVE-2023-21918, CVE-2023-24998, CVE-2022-45061, CVE-2022-37454, CVE-2022-42919, CVE-2023-21934, CVE-2022-45143 |
| 17-Jan-2023 | GI Release Update 21.9.0 | <Patch 34838415> | CVE-2021-3737, CVE-2022-42003, CVE-2023-21829, CVE-2022-39429, CVE-2020-10735, CVE-2018-25032, CVE-2023-21827, CVE-2021-37750, CVE-2022-45047, CVE-2022-42889, CVE-2020-10878, CVE-2022-1122, CVE-2021-29338, CVE-2022-3171, CVE-2022-42004, & CVE-2022-21597 |
| 18-Oct-2022 | GI Release Update 21.8.0 | <Patch 34526142> | CVE-2022-21603, CVE-2020-36518, CVE-2022-1586, CVE-2022-39419, CVE-2021-41495, CVE-2021-41496, CVE-2022-34169, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-25647, CVE-2020-13956, CVE-2022-34305, CVE-2021-25122, CVE-2021-25329, CVE-2021-4048, CVE-2021-3737, CVE-2021-30129, CVE-2022-2048, CVE-2022-2047 |
| 19-Jul-2022 | GI Release Update 21.7.0 | <Patch 34155589> | CVE-2021-45943, CVE-2022-21432, CVE-2020-26185, CVE-2020-26184, CVE-2022-21565, CVE-2020-35169 |
| 19-Apr-2022 | GI Release Update 21.6.0 | <Patch 33859395> | CVE-2021-22569, CVE-2021-2464, CVE-2021-30129, CVE-2019-12402, CVE-2021-42340 |
| 18-Jan-2022 | GI Release Update 21.5.0 | <Patch 33531909> | CVE-2021-45105, CVE-2022-21393 |
| 19-Oct-2021 | GI Release Update 21.4.0 | <Patch 33250101> | CVE-2021-35599, CVE-2021-35619, CVE-2021-2332, CVE-2021-35551, CVE-2021-35557, CVE-2021-35558, CVE-2021-29425, CVE-2021-29921, CVE-2020-28928, CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-2432, CVE-2021-25122 |
Oracle Database 21c Windows Bundle Patch (Win BP)
Each bundle patch includes the Database component fixes packaged as a singleton patch.
Please carefully review the README file supplied with the patch.
The table below shows the Database Release Update patches available for 21.
| Release Date | Version | Download Link | Additional CVEs Addressed |
|---|---|---|---|
| 17-Oct-2023 | Database Win BP 21.12.0 | <Patch 35681617> | CVE-2023-38039, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2022-44729, CVE-2022-23491, CVE-2022-40896, CVE-2022-40897, CVE-2023-38325, CVE-2023-22071, CVE-2023-22077, CVE-2023-22096, CVE-2023-22073, CVE-2023-35116, CVE-2023-22075, CVE-2023-22074, CVE-2021-24031, CVE-2023-35887, CVE-2022-42004, CVE-2022-46908, and CVE-2023-2976 |
| 18-Jul-2023 | Database Win BP 21.11.0 | <Patch 35347974> | CVE-2022-21189, CVE-2022-43680, CVE-2023-23931, CVE-2023-22034, CVE-2023-21949, CVE-2023-22052, CVE-2021-3520, CVE-2023-34981, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709, and CVE-2023-30533 |
| 18-Apr-2023 | Database Win BP 21.10.0 | <Patch 35046488> | CVE-2023-21918, CVE-2023-24998, CVE-2022-45061, CVE-2022-37454, CVE-2022-42919, CVE-2023-21934, CVE-2022-45143 |
| 17-Jan-2023 | Database Win BP 21.9.0 | <Patch 34750812> | CVE-2021-3737, CVE-2022-42003, CVE-2023-21829, CVE-2022-39429, CVE-2020-10735, CVE-2018-25032, CVE-2023-21827, CVE-2021-37750, CVE-2022-45047, CVE-2022-42889, CVE-2020-10878, CVE-2022-1122, CVE-2021-29338, CVE-2022-3171, CVE-2022-42004, CVE-2022-21597, & CVE-2023-21893 |
| 18-Oct-2022 | Database Win BP 21.8.0 | <Patch 34468137> | CVE-2022-21603, CVE-2020-36518, CVE-2022-1586, CVE-2022-39419, CVE-2021-41495, CVE-2021-41496, CVE-2022-34169, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-25647, CVE-2020-13956, CVE-2022-34305, CVE-2021-25122, CVE-2021-25329, CVE-2021-4048, CVE-2021-3737, CVE-2021-30129, CVE-2022-2048, CVE-2022-2047, CVE-2022-1587, & CVE-2022-21606 |
| 19-Jul-2022 | Database Win BP 21.7.0 | <Patch 34110698> | CVE-2021-45943, CVE-2022-21432, CVE-2020-26185, CVE-2020-26184, CVE-2022-21565, CVE-2020-35169 |
| 19-Apr-2022 | Database Win BP 21.6.0 | <Patch 33829143> | CVE-2021-22569, CVE-2021-2464, CVE-2021-30129, CVE-2019-12402, CVE-2021-42340 |
| 18-Jan-2022 | Database Win BP 21.5.0 | 21.5.0.0.220118 WIN BP (Patch 33589769) will be skipped. Instead, use BP 21.6.0.0.220419 <Patch 33829143>. | |
| 19-Oct-2022 | Database Win BP 21.4.0 | <Patch 33322894> | CVE-2021-35599, CVE-2021-35619, CVE-2021-2332, CVE-2021-35551, CVE-2021-35557, CVE-2021-35558, CVE-2021-29425, CVE-2021-29921, CVE-2020-28928, CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-2432, CVE-2021-25122 |
R21c JDK Bundle Patch
Each bundle patch includes the Database Client JDK Bundle Patch packaged as a singleton RAC rolling patch.
Please carefully review the README file supplied with the patch.
The table below shows the JDK Bundle Patches available for 21.
| Release Date | Version | Download Link (all platforms) | Additional CVEs Addressed |
|---|---|---|---|
| 17-Oct-2023 | JDK BP 21.12.0 | <Patch 35638302> | CVE-2023-22025, CVE-2023-22067, and CVE-2023-22081 |
| 18-Jul-2023 | JDK BP 21.11.0 | <Patch 35336148> | CVE-2023-22043, CVE-2023-22041, CVE-2023-22044, CVE-2023-22045, and CVE-2023-22049 |
| 18-Apr-2023 | JDK BP 21.10.0 | <Patch 35004964> | CVE-2023-21937, CVE-2023-21968, CVE-2023-21938, CVE-2023-21939, CVE-2023-21954, CVE-2023-21967, CVE-2023-21930 |
| 17-Jan-2023 | JDK BP 21.9.0 | <Patch 34777399> | CVE-2023-21830, CVE-2023-21843 |
| 18-Oct-2022 | JDK BP 21.8.0 | <Patch 34422622> | CVE-2022-21628, CVE-2022-21626, CVE-2022-21624, CVE-2022-21619 |
| 19-Jul-2022 | JDK BP 21.7.0 | <Patch 34113643> | CVE-2022-34169, CVE-2022-21541, CVE-2022-21540 |
| 19-Apr-2022 | JDK BP 21.6.0 | <Patch 33810177> | CVE-2022-21476, CVE-2022-21426, CVE-2022-21496, CVE-2022-21434, CVE-2022-21443 |
| 18-Jan-2022 | JDK BP 21.5.0 | <Patch 33497132> | CVE-2022-21349, CVE-2022-21291, CVE-2022-21305, CVE-2022-21360, CVE-2022-21365, CVE-2022-21282, CVE-2022-21296, CVE-2022-21299, CVE-2022-21271, CVE-2022-21283, CVE-2022-21293, CVE-2022-21294, CVE-2022-21340, CVE-2022-21341, CVE-2022-21248 |
| 19-Oct-2021 | JDK BP 21.4.0 | <Patch 33197565> | CVE-2021-3517, CVE-2021-35560, CVE-2021-35567, CVE-2021-35550, CVE-2021-3522, CVE-2021-35586, CVE-2021-35564, CVE-2021-35556, CVE-2021-35559, CVE-2021-35561, CVE-2021-35565, CVE-2021-35603, CVE-2021-35588, CVE-2021-35578 |
R21c Quarterly Full Stack Download Patch (QFSDP) for Exadata
Each QFSDP includes all recommedend patches for the complete Exadata Stack.
Please carefully review the README file supplied with the patch.
The table below shows the QFSDPs available for 21.
| Release Date | Version | Download Link | Additional CVEs Addressed |
|---|---|---|---|
| 17-Oct-2023 | QFSDP Release Update 21.12.0 | <Patch 35744850> | CVE-2023-38039, CVE-2023-28320, CVE-2023-28321, CVE-2023-28322, CVE-2022-44729, CVE-2022-23491, CVE-2022-40896, CVE-2022-40897, CVE-2023-38325, CVE-2023-22071, CVE-2023-22077, CVE-2023-22096, CVE-2023-22073, CVE-2023-35116, CVE-2023-22075, CVE-2023-22074, CVE-2021-24031, CVE-2023-35887, CVE-2022-42004, CVE-2022-46908, and CVE-2023-2976 |
| 18-Jul-2023 | QFSDP Release Update 21.11.0 | <Patch 35370051> | CVE-2022-21189, CVE-2022-43680, CVE-2023-23931, CVE-2023-22034, CVE-2023-21949, CVE-2023-22052, CVE-2021-3520, CVE-2023-34981, CVE-2022-45143, CVE-2023-24998, CVE-2023-28708, CVE-2023-28709, and CVE-2023-30533 |
| 18-Apr-2023 | QFSDP Release Update 21.10.0 | <Patch 35077537> | CVE-2023-21918, CVE-2023-24998, CVE-2022-45061,CVE-2022-37454, CVE-2022-42919, CVE-2023-21934, CVE-2022-45143 |
| 17-Jan-2023 | QFSDP Release Update 21.9.0 | <Patch 34774529> | CVE-2021-3737, CVE-2022-42003, CVE-2023-21829, CVE-2022-39429, CVE-2020-10735, CVE-2018-25032, CVE-2023-21827, CVE-2021-37750, CVE-2022-45047, CVE-2022-42889, CVE-2020-10878, CVE-2022-1122, CVE-2021-29338, CVE-2022-3171, CVE-2022-42004, & CVE-2022-21597 |
| 18-Oct-2022 | QFSDP Release Update 21.8.0 | <Patch 34538888> | CVE-2022-21603, CVE-2020-36518, CVE-2022-1586, CVE-2022-39419, CVE-2021-41495, CVE-2021-41496, CVE-2022-34169, CVE-2022-21540, CVE-2022-21541, CVE-2022-21549, CVE-2022-25647, CVE-2020-13956, CVE-2022-34305, CVE-2021-25122, CVE-2021-25329, CVE-2021-4048, CVE-2021-3737, CVE-2021-30129, CVE-2022-2048, CVE-2022-2047 |
| 19-Jul-2022 | QFSDP Release Update 21.7.0 | <Patch 34206020> | CVE-2021-45943, CVE-2022-21432, CVE-2020-26185, CVE-2020-26184, CVE-2022-21565, CVE-2020-35169 |
| 19-Apr-2022 | QFSDP Release Update 21.6.0 | <Patch 33881715> | CVE-2021-22569, CVE-2021-2464, CVE-2021-30129, CVE-2019-12402, CVE-2021-42340 |
| 18-Jan-2022 | QFSDP Release Update 21.5.0 | <Patch 33567288> | CVE-2021-45105, CVE-2022-21393 |
| 19-Oct-2021 | QFSDP Release Update 21.4.0 | <Patch 33266144> | CVE-2021-35599, CVE-2021-35619, CVE-2021-2332, CVE-2021-35551, CVE-2021-35557, CVE-2021-35558, CVE-2021-29425, CVE-2021-29921, CVE-2020-28928, CVE-2021-2341, CVE-2021-2369, CVE-2021-2388, CVE-2021-2432, CVE-2021-25122 |
R21c Quarterly Full Stack Download Patch (QFSDP) for SPARC SuperCluster
Each QFSDP includes all recommedend patches for the complete SPARC SuperCluster Stack.
Please carefully review the README file supplied with the patch.
The table below shows the QFSDPs available for DB Release 21.
| Release Date | Version | Download Link | Additional CVEs Addressed |
|---|---|---|---|
| 17-Oct-2023 | QFSDP Release Update (Q4.2023) | <Patch 35746077> | |
| 18-Jul-2023 | QFSDP Release Update (Q3.2023) | <Patch 35370057> | |
| 18-Apr-2023 | QFSDP Release Update (Q2.2023) | <Patch 35077553> | |
| 17-Jan-2023 | QFSDP Release Update (Q1.2023) | <Patch 34774534> | |
| 18-Oct-2022 | QFSDP Release Update (Q4.2022) | <Patch 34538896> | |
| 19-Jul-2022 | QFSDP Release Update (Q3.2022) | <Patch 34206024> | |
| 19-Apr-2022 | QFSDP Release Update (Q2.2022) | <Patch 33881722> | |
| 18-Jan-2022 | QFSDP Release Update (Q1.2022) | <Patch 33567289> | |
| 19-Oct-2021 | QFSDP Release Update (Q4.2021) | <Patch 33248582> |
Actions
Contacts
To view full details, sign in with your My Oracle Support account. |
|
Don't have a My Oracle Support account? Click to get started! |
In this Document
| Details |
| Oracle Database 21c Proactive Patch Information (Doc ID 2796590.1) |
| Introduction |
| Oracle Database 21c Release Update |
| R21c Grid Infrastructure Release Update (Update) |
| Oracle Database 21c Windows Bundle Patch (Win BP) |
| R21c JDK Bundle Patch |
| R21c Quarterly Full Stack Download Patch (QFSDP) for Exadata |
| R21c Quarterly Full Stack Download Patch (QFSDP) for SPARC SuperCluster |
| Actions |
| Contacts |
| References |