My Oracle Support Banner

MES v4.1.6 to v4.5/v4.6 update 18c / 19c / 12.2 and 12.1 databases (Doc ID 2746801.1)

Last updated on JANUARY 20, 2022

Applies to:

Oracle Database - Enterprise Edition - Version 12.1.0.2 and later
Information in this document applies to any platform.

Goal

The Oracle Database includes the Dell BSAFE Micro-Edition Suite (MES) to provide cryptographic libraries for various encryption features within the database. MES is regularly updated outside of the normal Database release cycle as described in this MOS note.

The MES updates are delivered as part of the quarterly database patch. The sections for each MES version below details the changes and impacts from the prior version (i.e. MES 4.6 describes changes from MES 4.5 transition to MES 4.6). If you are upgrading more than one MES version, you will need to review each section (i.e. if you are moving from MES 4.1.6 to MES 4.6, you will need to review MES 4.5 and MES 4.6 information)

The BSAFE MES is the underlying encryption libraries used by the Database and associated technologies and products to encrypt data at rest and in transit. Upgrading to MES

Upgrading to MES 4.5 resolves a number of vulnerabilities and provides the latest and most secure encryption ciphers. As a result of the upgrade, an encryption algorithm has been desupported (removed) and several others have been deprecated (announced for future desupport). Other changes noted below have been made. Please review this note carefully prior to the upgrade and take action if required to ensure smooth operation of your database and associated applications.

Solution

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Goal
Solution
 Latest version MES 4.6
 Prior version MES 4.5
 MES 4.6 Changes
 MES 4.5 Changes
 Desupport
 Desupport of Anonymous RC4 Cipher Suite
 Behavior Changes
 Deprecations
 Deprecation of Anonymous Cipher Suites with Outbound TLS Connections
 Deprecation of Unix Crypt (or MD5crypt) Password Verifier
 Deprecation of Older Encryption Algorithms
 Deprecation of SHA-1 use for SQLNET and DBMS_CRYPTO
 Deprecation of TLS 1.0 and 1.1 Transport Layer Security

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.