Threat Level: green Handler on Duty: John Bambenek

SANS ISC: InfoSec Handlers Diary Blog - Oracle releases January 2008 Critical Patch Update InfoSec Handlers Diary Blog


Sign Up for Free!   Forgot Password?
Log In or Sign Up for Free!

Oracle releases January 2008 Critical Patch Update

Published: 2008-01-15
Last Updated: 2008-01-15 21:02:59 UTC
by Maarten Van Horenbeeck (Version: 1)
0 comment(s)

The January 2008 Critical Patch Update contains 27 security fixes, of which the highest CVSS score is 6.8 for servers and 9.3 for Application Server clients. The following Oracle versions are affected by vulnerabilities fixed in this patch release:

Oracle Database 11g, version 11.1.0.6
Oracle Database 10g Release 2, versions 10.2.0.2, 10.2.0.3
Oracle Database 10g, version 10.1.0.5
Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV
Oracle Application Server 10g Release 3 (10.1.3), versions 10.1.3.0.0, 10.1.3.1.0, 10.1.3.2.0, 10.1.3.3.0
Oracle Application Server 10g Release 2 (10.1.2), versions 10.1.2.0.1 - 10.1.2.0.2, 10.1.2.1.0, 10.1.2.2.0
Oracle Application Server 10g (9.0.4), version 9.0.4.3
Oracle Collaboration Suite 10g, version 10.1.2
Oracle E-Business Suite Release 12, versions 12.0.0 - 12.0.3
Oracle E-Business Suite Release 11i, versions 11.5.9 - 11.5.10 CU2
Oracle Enterprise Manager Grid Control 10g Release 1, versions 10.1.0.5, 10.1.0.6
Oracle PeopleSoft Enterprise PeopleTools versions 8.22, 8.47, 8.48, 8.49
Oracle PeopleSoft Enterprise Human Capital Management versions 8.9, 9.0 (Absence Management Module)

More information and downloads at Oracle.

Keywords:
0 comment(s)
Diary Archives