STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017: STIGQter: STIG Summary: Oracle Database 11g Installation STIG Version: 8 Release: 20 Benchmark Date: 28 Jul 2017:SV-24339r2_rule
V-5658
The Database version is unsupported.
DG0001-ORACLE11
CAT I
10
Upgrade to a supported Oracle version. Purchase an Oracle Extended Support Contract where required.
See http://www.oracle.com/technology/support/patches.htm for a definitive list of version patch sets for Oracle DBMS software.
See http://www.oracle.com/support/library/brochure/lifetime-support-technology.pdf for Oracle support policies and timelines.
From SQL*Plus:
select banner from v$version where banner like 'Oracle%';
The currently supported Oracle 11g version as of 07/2015 is:
11.2 - Premier Support for 11.2 ended 31 Jan 2015; Extended Support is free for one year thereafter.
Extended Support for 11.2 ends 31 Jan 2018.
Sustaining Support for 11.2 available after 31 Jan 2018.
If the Oracle 11 (or earlier) version is not in the list above or is not supported with a purchased extended support contract, this is a finding.
Note: Sustaining Support does not include security updates. Any product in Sustaining Support is a finding.
A patchset is an 'amended code set', consisting of a number of bug fixes, which is subjected to a rigorous QA and certification process.
Oracle patch sets update the Oracle version number (e.g. 10.2.0.3 to 10.2.0.4) and are usually bundled together to support a product family (for example, Oracle DBMS includes Enterprise, Standard, Personal and Client Editions).
The only supported patched version as of 08/28/2015 is 11.2.0.4.
If the Oracle patchset level is less than 11.2.0.4, this is a finding.
Note: a separate STIG exists for Oracle Database 11.2g.
V-5658
True
DG0001-ORACLE11
From SQL*Plus:
select banner from v$version where banner like 'Oracle%';
The currently supported Oracle 11g version as of 07/2015 is:
11.2 - Premier Support for 11.2 ended 31 Jan 2015; Extended Support is free for one year thereafter.
Extended Support for 11.2 ends 31 Jan 2018.
Sustaining Support for 11.2 available after 31 Jan 2018.
If the Oracle 11 (or earlier) version is not in the list above or is not supported with a purchased extended support contract, this is a finding.
Note: Sustaining Support does not include security updates. Any product in Sustaining Support is a finding.
A patchset is an 'amended code set', consisting of a number of bug fixes, which is subjected to a rigorous QA and certification process.
Oracle patch sets update the Oracle version number (e.g. 10.2.0.3 to 10.2.0.4) and are usually bundled together to support a product family (for example, Oracle DBMS includes Enterprise, Standard, Personal and Client Editions).
The only supported patched version as of 08/28/2015 is 11.2.0.4.
If the Oracle patchset level is less than 11.2.0.4, this is a finding.
Note: a separate STIG exists for Oracle Database 11.2g.
M
Information Assurance Officer
1368