From looking at the tech support article:
And bug listing:
It looks like all versions of Server were affected. But, there are only patches available for 10.2.1 and upward, unfortunately.
I believe SDE software is bundled with ArcGIS Server. As such, does this mean that this patch would need to be applied to SDE databases as well as ArcGIS Server servers?
I downloaded the msp file and it is only 44 KB whereas the Oracle Critical patch msp file was 10,120 KB. Is this security patch really only 44 KB (I'm just wondering if the download did not run completely)?
I do not think that this patch requires an Enterprise Geodatabase upgrade and from the description of the issue it is a server based issue, not geodatabase.
Update: I think that if there is a EGDB upgrade required that there will be a patch for the Desktop client also. Just my thought.
I downloaded the 10.6 version of the patch and it was 108kb.
I get the following warning when I perform the download
So I'm wondering if my antivirus software or group policy exceptions list is preventing the full patch download. Is anyone else seeing this warning and getting a very small file size for the downloaded patch?
The patch is about 44 kb. It is small. If at any point you want to make sure you have the real and complete files, you can download a tool called md5sum. You can run this tool at the command line, for example,
This will then provide a value and you can compare it to the md5 value posted on the patch page. For instance for the Windows 10.6 version of this patch, the checksum is 8B246B657A6015CC19D66382D6720BEE. This way you can be sure you have the patch we posted.
Hi Elizabeth - Unfortunately ArcGIS 10.1 has been retired, as of January 1, 2018, and is no longer supported. This would be a main reason that a patch might not be available.
Update: To be clear, I am not sure if the issue also impacts previous versions of the ArcGIS Server (pre-10.2.1) for which their are patches available. Regardless anything pre-10.2.x is now retired.
Retired: Esri Support 10.1
What does Retired Status mean? http://downloads2.esri.com/support/TechArticles/Product-Life-Cycle.pdf
Hope this help. I would recommend you look into upgrading to a newer release in the near future in case you have a need to get support.
It'd be ironic if there was an issue with the certificates for a site dedicated to security related problems, but it seems to work for me:
Perhaps your browser doesn't have the DigiCert certificates trusted? If you hit f12 on your keyboard, what's the reason it says it's untrusted?