News Stay informed about the latest enterprise technology news and product updates.

Oracle plans 27 security updates Tuesday

Oracle released an advance bulletin for the Critical Patch Update (CPU) it has planned for Tuesday. If all goes to plan, DBAs are looking at 27 fixes across the database giant’s product line.

Security vulnerabilities addressed by this Critical Patch Update affect the following products:

  • Oracle Database 11g, version 11.1.0.6
  • Oracle Database 10g Release 2, versions 10.2.0.2, 10.2.0.3
  • Oracle Database 10g, version 10.1.0.5
  • Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV
  • Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.0.0, 10.1.3.1.0, 10.1.3.2.0, 10.1.3.3.0
  • Oracle Application Server 10g Release 2 (10.1.2), versions 10.1.2.0.1 – 10.1.2.0.2, 10.1.2.1.0, 10.1.2.2.0
  • Oracle Application Server 10g (9.0.4), version 9.0.4.3
  • Oracle Collaboration Suite 10g, version 10.1.2
  • Oracle E-Business Suite Release 12, versions 12.0.0 – 12.0.3
  • Oracle E-Business Suite Release 11i, versions 11.5.9 – 11.5.10 CU2
  • Oracle Enterprise Manager Grid Control 10g Release 1, versions 10.1.0.5, 10.1.0.6
  • Oracle PeopleSoft Enterprise PeopleTools versions 8.22, 8.47, 8.48, 8.49
  • Oracle PeopleSoft Enterprise Human Capital Management versions 8.9, 9.0 (Absence Management Module)

Here’s some more detail from the bulletin:

— Eight new security fixes are planned for the Oracle Database. None of these vulnerabilities may be remotely exploited without authentication, i.e. may be exploited over a network without the need for a user name and password.

Six new security fixes are for Oracle Application Server. Five of these vulnerabilities may be remotely exploited without authentication, i.e. may be exploited over a network without the need for a user name and password.

One new security fix is for Oracle Collaboration Suite. This vulnerability may not be remotely exploited without authentication.

Seven new security fixes are for the Oracle E-Business Suite. Three of these vulnerabilities may be remotely exploited without authentication.

One new security fix for the Oracle Enterprise Manager. This vulnerability may be remotely exploited without authentication.

Four new security fixes are for Oracle PeopleSoft Enterprise products. One of the security vulnerabilities affecting Oracle PeopleSoft Enterprise products may be remotely exploited without authentication.

Start the conversation

Send me notifications when other members comment.

Please create a username to comment.

-ADS BY GOOGLE

SearchCloudSecurity

SearchNetworking

SearchCIO

SearchEnterpriseDesktop

SearchCloudComputing

ComputerWeekly.com

Close