Oracle | Hyperion Products
Oracle Critical Patch Update Advisory – July 2016
Essential Oracle | Hyperion Products Affected:
- Oracle Database Server, version(s) 22.214.171.124, 126.96.36.199, 188.8.131.52
- Oracle BI Publisher, version(s) 184.108.40.206.0, 220.127.116.11.0, 18.104.22.168.0
- Oracle Business Intelligence Enterprise Edition, version(s) 22.214.171.124.0, 126.96.36.199.0, 188.8.131.52.0
- Oracle Fusion Middleware, version(s) 184.108.40.206, 220.127.116.11, 18.104.22.168, 22.214.171.124, 126.96.36.199, 188.8.131.52, 184.108.40.206
- Oracle WebLogic Server, version(s) 10.3.6, 12.1.3, 12.2.1
- Hyperion Financial Reporting, version(s) 220.127.116.11
- Oracle Java SE, version(s) 6u115, 7u101, 8u92
- Oracle Java SE Embedded, version(s) 8u91
- Oracle JRockit, version(s) R28.3.10
- MySQL Server, version(s) 5.5.49 and prior, 5.6.30 and prior, 5.7.12 and prior
Essential Oracle | Hyperion Related Products Affected:
- Enterprise Manager Base Platform, version(s) 18.104.22.168, 22.214.171.124
- Enterprise Manager for Fusion Middleware, version(s) 126.96.36.199, 188.8.131.52
- Oracle E-Business Suite, version(s) 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5
- Oracle Fusion Applications, version(s) 11.1.2 through 1.1.10
Patch Availability Document: https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=476915658130011&id=2128717.1&_afrWindowMode=0&_adf.ctrl-state=11esvkpx2v_200 Please note that Oracle Account sign in is required to view the Oracle support documents including installation documentation.
This Critical Patch Update (CPU) fixes thirteen Java SE security vulnerabilities. Of the thirteen, nine of them can be exploited remotely.
There are a total of 31 database related issues fixed. MySQL had 22 and Oracle database server with 9. If your MySQL databases are accessible through the internet, we suggest that a DBA from your team review the alert.
With regards to web servers, 39 Fusion Middleware vulnerabilities have been addressed. 35 of these can be compromised remotely.
Oracle strongly recommends applying the patches as soon as possible. Should you have any questions on this matter, please do not hesitate to email us at firstname.lastname@example.org. Oracle’s next Critical Patch Update is scheduled for October 18th.