Search
Homepage Rankings and Research Companies Channelcast Marketing Matters CRNtv Events WOTC Jobs Cisco Partner Summit Digital 2020 Lenovo Tech World Newsroom Dell Technologies World Digital Experience 2020 HPE Zone Masergy Zenith Partner Program Newsroom Intel Partner Connect Digital Newsroom Dell Technologies Newsroom Fortinet Secure Network Hub IBM Newsroom Juniper Newsroom The IoT Integrator Lenovo Channel-First NetApp Data Fabric Intel Tech Provider Zone

Oracle To Serve Up 41 Patches Next Tuesday

Oracle will release on Tuesday a critical patch update for April that contains 41 patch fixes.

file patch

The fixes are part of the company's regularly scheduled Critical Patch Updates (CPU). Seventeen of the fixes are for the Oracle Database, including two for Oracle Application Express. On Oracle's Website, it notes, "Two of these vulnerabilities may be remotely exploited without authentication, i.e. may be exploited over a network without the need for a username and password. None of these fixes are applicable to Oracle Database client-only installations, i.e. installations that do not have the Oracle Database installed."

Eleven of the security patches are for the Oracle E-Business Suite, with seven of the vulnerabilities potentially able to be remotely exploited without authentication. Oracle's Application Server has three vulnerabilities addressed by the upcoming CPU: all of them may be remotely exploited over a network without the need for a username and password.

Oracle E-Business Suite products use Oracle Database and Oracle Application Server products which have vulnerabilities fixed in this CPU.

The Critical Patch Update affects the following products:

  • Oracle Database 11g, version 11.1.0.6
  • Oracle Database 10g Release 2, versions 10.2.0.2, 10.2.0.3
  • Oracle Database 10g, version 10.1.0.5
  • Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV
  • Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.1.0, 10.1.3.3.0
  • Oracle Application Server 10g Release 2 (10.1.2), versions 10.1.2.0.2, 10.1.2.1.0, 10.1.2.2.0
  • Oracle Application Server 10g (9.0.4), version 9.0.4.3
  • Oracle Collaboration Suite 10g, version 10.1.2
  • Oracle E-Business Suite Release 12, versions 12.0.0 - 12.0.4
  • Oracle E-Business Suite Release 11i, versions 11.5.9 - 11.5.10 CU2
  • Oracle PeopleSoft Enterprise PeopleTools versions 8.22.19, 8.48.16, 8.49.09
  • Oracle PeopleSoft Enterprise HCM versions 8.8 SP1, 8.9, 9.0
  • Oracle Siebel SimBuilder versions 7.8.2, 7.8.5

    In other security related news, the company outlined its vision for service-oriented security this week. Oracle said that decoupling hard-coded security features from enterprise applications will create reusable, standards-based security services and protocols which any application can use. In addition, through SOA, Oracle aims to help organizations simplify and centralize several critical security processes including authentication, authorization, user administration, role management, identity virtualization and governance, and entitlement management, as well as audit and control.

Back to Top

related stories

Video

 

trending stories

sponsored resources