Information Technology News.


Oracle pushes its quarterly Critical Patch Update Advisory

Share on Twitter.

Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

January 18, 2017

Earlier today, Oracle pushed its first quarterly Critical Patch Update Advisory for 2017, which now offers users no less than 270 bug and security patches to apply. It's one of the company's largest so far.

The software company says that “due to the security threat posed by a successful attack from the outside, Oracle strongly recommends that enterprise customers apply the security patches as soon as possible.”

These security bugs impact Oracle's Primavera project management suite, which is susceptible to the security bulletin CVE-2017-3324, a remote code execution and/or denial of service security flaw present in Internet Explorer 9 and 11.

The are three severity 9.8 bugs in Oracle Enterprise Manager Grid Control; a pair in the Fusion Middleware; and one each in Supply Chain Suite, PeopleSoft, Big Data Graph, JD Edwards and Oracle Communications Applications.

Several of them also refer to the same flaw (CVE-2016-6303) that NIST says is an “Integer overflow in the MDC2_Update function in crypto/mdc2/mdc2dgst.c in OpenSSL before 1.1.0 allows remote attackers to cause a denial of service or possibly have unspecified other impact via unknown vectors.”

Java has no less than sixteen bugs, rated from 9.6 to 3.1. That's half the 32 issues deserving of repair in Oracle's E-Business Suite and Fusion Middleware.

Not far behind, with 27 patches apiece, you'll find MySQL's and Oracle's Flexcube banking code.

Plenty of the bugs aren't Oracle's fault, however. Like most sensible software firms, the company uses open source code and security bugs in those projects account for quite a few of the 270 recommended security patches. Yes, there's no question: it's a big update.

Source: Oracle.


Sponsered ad: Get a Linux Enterprise server with 92 Gigs of RAM, 16 CPUs and 8 TB of storage at our liquidation sale. Only one left in stock.

Sponsered ad: Order the best SMTP service for your business. Guaranteed or your money back.

Share on Twitter.

IT News Archives | Site Search | Advertise on IT Direction | Contact | Home

All logos, trade marks or service marks on this site are the property of their respective owners.

Sponsored by Sure Mail™, Avantex and
by Montreal Server Colocation.

       © IT Direction. All rights reserved.