Thanks to visit codestin.com
Credit goes to www.scribd.com

Scribd
Upload
212 views3 pages

Oracle

This Critical Patch Update advisory from Oracle describes 104 security fixes across many of Oracle's products, including Oracle Database, Fusion Middleware, E-Business Suite, PeopleSoft, Siebel, Java SE, and others. The advisory provides details on the affected products and versions and links to documentation on available patches.

Uploaded by

Muhammad Qasim
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
212 views3 pages

Oracle

This Critical Patch Update advisory from Oracle describes 104 security fixes across many of Oracle's products, including Oracle Database, Fusion Middleware, E-Business Suite, PeopleSoft, Siebel, Java SE, and others. The advisory provides details on the affected products and versions and links to documentation on available patches.

Uploaded by

Muhammad Qasim
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as DOCX, PDF, TXT or read online on Scribd
You are on page 1/ 3

Oracle Critical Patch Update Advisory - April 2014

Description
A Critical Patch Update (CPU) is a collection of patches for multiple security vulnerabilities. Critical Patch Update
patches are usually cumulative, but each advisory describes only the security fixes added since the previous Critical
Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding
earlier published security fixes. Please refer to:
Critical Patch Updates and Security Alerts for information about Oracle Security Advisories.
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes
as soon as possible. This Critical Patch Update contains 104 new security fixes across the product families listed
below.
Please note that a blog entry summarizing the content of this Critical Patch Update and other Oracle Software
Security Assurance activities is located at https://blogs.oracle.com/security.
This Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability
Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available
at:http://www.oracle.com/technetwork/topics/security/cpufaq-098434.html#CVRF.

Affected Products and Components


Security vulnerabilities addressed by this Critical Patch Update affect the products listed in the categories below. The
product area of the patches for the listed versions is shown in the Patch Availability column corresponding to the
specified Products and Versions column. Please click on the link in the Patch Availability column below or in
the Patch Availability Table to access the documentation for those patches.
The list of affected product releases and versions that are in Premier Support or Extended Support, under the Oracle
Lifetime Support Policy is as follows:
Affected Products and Versions

Patch Availability

Oracle Database 11g Release 1, version 11.1.0.7

Database

Oracle Database 11g Release 2, versions 11.2.0.3, 11.2.0.4

Database

Oracle Database 12c Release 1, version 12.1.0.1

Database

Oracle Fusion Middleware 11g Release 1, versions 11.1.1.7, 11.1.1.8

Fusion Middleware

Oracle Fusion Middleware 12c Release 1, versions 12.1.1.0, 12.1.2.0

Fusion Middleware

Oracle Fusion Applications, versions 11.1.2 through 11.1.8

Fusion Applications

Oracle Access Manager, versions 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0,


11.1.2.0.0, 11.1.2.1.0, 11.1.2.2.0

Fusion Middleware

Oracle Containers for J2EE, version 10.1.3.5

Fusion Middleware

Oracle Data Integrator, version 11.1.1.3.0

Fusion Middleware

Oracle Endeca Server, version 2.2.2

Fusion Middleware

Oracle Event Processing, version 11.1.1.7.0

Fusion Middleware

Oracle Identity Analytics, version 11.1.1.5, Sun Role Manager, version 5.0

Fusion Middleware

Oracle OpenSSO, version 8.0 Update 2 Patch 5

Fusion Middleware

Oracle OpenSSO Policy Agent, version 3.0-03

Fusion Middleware

Oracle WebCenter Portal, versions 11.1.1.7, 11.1.1.8

Fusion Middleware

Oracle WebLogic Server, versions 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0

Fusion Middleware

Oracle Hyperion Common Admin, versions 11.1.2.2, 11.1.2.3

Fusion Middleware

Oracle E-Business Suite Release 11i, 12i

E-Business Suite

Affected Products and Versions

Patch Availability

Oracle Agile PLM Framework, versions 9.3.1.1, 9.3.3.0

Oracle Supply Chain

Oracle Agile Product Lifecycle Management for Process, versions 6.0.0.7, 6.1.1.3 Oracle Supply Chain
Oracle Transportation Management, versions 6.3, 6.3.4

Oracle Supply Chain

Oracle PeopleSoft Enterprise CS Campus Self Service, version 9.0

PeopleSoft

Oracle PeopleSoft Enterprise HRMS Talent Acquisition Manager, versions 8.52,


8.53

PeopleSoft

Oracle PeopleSoft Enterprise PT Tools, versions 8.52, 8.53

PeopleSoft

Oracle Siebel UI Framework, versions 8.1.1, 8.2.2

Siebel

Oracle iLearning, versions 6.0, 6.1

iLearning

Oracle JavaFX, version 2.2.51

Oracle Java SE

Oracle Java SE, versions 5.0u61, 6u71, 7u51, 8

Oracle Java SE

Oracle Java SE Embedded, version 7u51

Oracle Java SE

Oracle JRockit, versions R27.8.1, R28.3.1

Oracle Java SE

Oracle Solaris, versions 9, 10, 11.1

Oracle and Sun Systems


Products Suite

Oracle Secure Global Desktop, versions 4.63, 4.71, 5.0, 5.1

Oracle Linux and Virtualization

Oracle VM VirtualBox, versions prior to 3.2.22, 4.0.24, 4.1.32, 4.2.24, 4.3.10

Oracle Linux and Virtualization

Oracle MySQL Server, versions 5.5, 5.6

Oracle MySQL Product Suite

Patch Availability Table and Risk Matrices


Products with Cumulative Patches

The Oracle Database, Oracle Fusion Middleware, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite
Applications, JD Edwards EnterpriseOne, JD Edwards OneWorld Tools, PeopleSoft Enterprise Portal Applications,
PeopleSoft Enterprise PeopleTools, Siebel Enterprise, Industry Applications, Primavera and Oracle VM patches in
the Critical Patch Updates are cumulative. In other words, patches for any of these products included in a Critical
Patch Update will include all fixes for that product from the previous Critical Patch Updates. For more information
about cumulative and non-cumulative patches, check the patch availability documents in the table below for the
respective product groups.

Patch Availability Table

For each administered Oracle product, consult the documentation for patch availability information and installation
instructions referenced from the following table. For an overview of the Oracle product documentation related to this
Critical Patch Update, please refer to the Oracle Critical Patch Update April 2014 Documentation Map, My Oracle
Support Note 1637289.1.

Product Group
Oracle Database

Risk Matrix
Oracle Database Risk Matrix

Patch Availability and Installation


Information
Patch Set Update and Critical Patch Update
April 2014 Availability Document, My Oracle
Support Note 1618213.1

Product Group

Patch Availability and Installation


Information

Risk Matrix

Oracle Fusion Middleware

Oracle Fusion Middleware Risk


Matrix

Patch Set Update and Critical Patch Update


April 2014 Availability Document, My Oracle
Support Note 1618213.1

Oracle Fusion Applications

Oracle Database Risk


Matrix andOracle Fusion
Middleware Risk Matrix

Vulnerabilities affecting Oracle


Database and Oracle Fusion Middleware may
affect Oracle Fusion Applications, so Oracle
customers should refer to Oracle Fusion
Applications Critical Patch Update Knowledge
Document (April 2014) My Oracle Support Note
1644949.1 for information on patches to be
applied to Fusion Application environments.

Oracle Hyperion

Oracle Hyperion Risk Matrix

Patch Set Update and Critical Patch Update


April 2014 Availability Document, My Oracle
Support Note 1618213.1

Oracle Applications - E-Business Oracle Database Risk


Suite
Matrix andOracle Fusion
Middleware Risk Matrix

Vulnerabilities affecting Oracle


Database and Oracle Fusion Middleware may
affect Oracle E-Business Suite products, so
Oracle customers should refer to Oracle EBusiness Suite Releases 11i and 12i Critical
Patch Update Knowledge Document (April
2014), My Oracle Support Note 1614525.1 for
information on patches to be applied to EBS
environments.

Oracle Applications - PeopleSoft


Enterprise, Siebel CRM, Oracle
Supply Chain, and iLearning
Product Suite

Oracle PeopleSoft Enterprise


Risk Matrix
Oracle Siebel CRM Risk Matrix
Oracle Supply Chain Risk Matrix
Oracle iLearning Products Risk
Matrix

Critical Patch Update Knowledge Document for


PeopleSoft Enterprise, Siebel Core, Oracle
Supply Chain and Oracle iLearning
Products, My Oracle Support Note 1638652.1

Oracle Java SE

Oracle SE Risk Matrix

Critical Patch Update April 2014 Patch


Availability Document for Java SE, My Oracle
Support Note 1636775.1
Users running Java SE with a browser can
download the latest release
from http://java.com.Users on the Windows and
Mac OS X platforms can also use automatic
updates to get the latest release.
The latest JavaFX release is included with the
latest update of JDK and JRE 7 and 8.

Oracle and Sun Systems


Products Suite

Oracle and Sun Systems


Products Suite Risk Matrix

Critical Patch Update April 2014 Patch Delivery


Document for Oracle and Sun Systems Product
Suite,My Oracle Support Note 1637067.1

Oracle Linux and Virtualization


Products

Oracle Linux and Virtualization


Products Risk Matrix

Patch Set Update and Critical Patch Update


April 2014 Availability Document, My Oracle
Support Note 1635985.1

Oracle MySQL

Oracle MySQL Risk Matrix

Critical Patch Update April 2014 Patch


Availability Document for Oracle MySQL
Products, My Oracle Support Note 1635913.1

You might also like