Articles in this section

See more

Oracle Critical Patch Update for July 2016

Avatar
Maris Jansons
Updated
Follow

Oracle | Hyperion Products

Oracle Critical Patch Update Advisory – July 2016

Link to Update: http://www.oracle.com/technetwork/security-advisory/cpujul2016-2881720.html

 

Essential Oracle | Hyperion Products Affected:

  • Oracle Database Server, version(s) 11.2.0.4, 12.1.0.1, 12.1.0.2
  • Oracle BI Publisher, version(s) 11.1.1.7.0, 11.1.1.9.0, 12.2.1.0.0
  • Oracle Business Intelligence Enterprise Edition, version(s) 11.1.1.7.0, 11.1.1.9.0, 12.2.1.0.0
  • Oracle Fusion Middleware, version(s) 11.1.1.7, 11.1.1.8, 11.1.1.9, 11.1.2.2, 11.1.2.3, 11.1.3.0, 11.2.1.0
  • Oracle WebLogic Server, version(s) 10.3.6, 12.1.3, 12.2.1
  • Hyperion Financial Reporting, version(s) 11.1.2.4
  • Oracle Java SE, version(s) 6u115, 7u101, 8u92
  • Oracle Java SE Embedded, version(s) 8u91
  • Oracle JRockit, version(s) R28.3.10
  • MySQL Server, version(s) 5.5.49 and prior, 5.6.30 and prior, 5.7.12 and prior

Essential Oracle | Hyperion Related Products Affected:

  • Enterprise Manager Base Platform, version(s) 12.1.0.5, 13.1.0.0
  • Enterprise Manager for Fusion Middleware, version(s) 11.1.1.7, 11.1.1.9
  • Oracle E-Business Suite, version(s) 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5
  • Oracle Fusion Applications, version(s) 11.1.2 through 1.1.10

 

Patch Availability Document: https://support.oracle.com/epmos/faces/DocumentDisplay?_afrLoop=476915658130011&id=2128717.1&_afrWindowMode=0&_adf.ctrl-state=11esvkpx2v_200  Please note that Oracle Account sign in is required to view the Oracle support documents including installation documentation.

 

Assessment:

This Critical Patch Update (CPU) fixes thirteen Java SE security vulnerabilities. Of the thirteen, nine of them can be exploited remotely.

 

There are a total of 31 database related issues fixed. MySQL had 22 and Oracle database server with 9. If your MySQL databases are accessible through the internet, we suggest that a DBA from your team review the alert.

 

With regards to web servers, 39 Fusion Middleware vulnerabilities have been addressed. 35 of these can be compromised remotely.

 

Oracle strongly recommends applying the patches as soon as possible. Should you have any questions on this matter, please do not hesitate to email us at support@goalgetters.com. Oracle’s next Critical Patch Update is scheduled for October 18th.

Comments

0 comments

Please sign in to leave a comment.