Destaques

O CERT.PT associa-se à Secunia na sensibilização dos utilizadores Internet para a necessidade de removerem as vulnerabilidades dos seus computadores.

Secunia PSI Download do software Personal Software Inspector

Actualizações Oracle para Múltiplas Vulnerabilidades PDF Versão para impressão
Quarta, 15 Abril 2009 10:38

I. Descrição

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required (because of interdependencies) by those security patches. Critical Patch Updates are cumulative, except as noted below, but each advisory describes only the security fixes added since the previous Critical Patch Update. Thus, prior Critical Patch Update Advisories should be reviewed for information regarding earlier accumulated security fixes. Please refer to

Critical Patch Updates and Security Alerts for information about Oracle Security Advisories.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply fixes as soon as possible. This Critical Patch Update contains 43 new security fixes across all products.

Supported Products and Components Affected

Security vulnerabilities addressed by this Critical Patch Update affect the products listed in the categories below. The product area of the patches for the listed versions is shown in [square brackets] following the product versions. Please click on the link in [square brackets] or in the Patch Availability Table to access the documentation for those patches.

Product releases and versions that are in Premier Support or Extended Support, under the Oracle Lifetime Support Policy:

• Oracle Database 11g, version 11.1.0.6, 11.1.0.7     [ Database ]
• Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4     [ Database ]
• Oracle Database 10g, version 10.1.0.5     [ Database ]
• Oracle Database 9i Release 2, versions 9.2.0.8, 9.2.0.8DV     [ Database ]
• Oracle Application Server 10g Release 2 (10.1.2), version 10.1.2.3.0     [ Application Server ]
• Oracle Outside In SDK HTML Export 8.2.2, 8.3.0     [ Application Server ]
• Oracle XML Publisher 5.6.2, 10.1.3.2, 10.1.3.2.1     [ Application Server ]
• Oracle BI Publisher 10.1.3.3.0 10.1.3.3.1, 10.1.3.3.2, 10.1.3.3.3, 10.1.3.4     [ Application Server ]
• Oracle E-Business Suite Release 12, version 12.0.6     [ E-Business Suite ]
• Oracle E-Business Suite Release 11i, version 11.5.10.2     [ E-Business Suite ]
• PeopleSoft Enterprise PeopleTools versions: 8.49     [ PeopleSoft/JDE ]
• PeopleSoft Enterprise HRMS versions: 8.9 and 9.0     [ PeopleSoft/JDE ]
• Oracle WebLogic Server 10.3     [ BEA ]
• Oracle WebLogic Server 9.0 GA, 9.1 GA, 9.2 through 9.2 MP3     [ BEA ]
• Oracle WebLogic Server 8.1 through 8.1 SP6     [ BEA ]
• Oracle WebLogic Server 7.0 through 7.0 SP7     [ BEA ]
• -Oracle WebLogic Portal 8.1 through 8.1 SP6     [ BEA ]
• Oracle Data Service Integrator 10.3.0 and Oracle AquaLogic Data Services Platform (formerly BEA ALDSP) 3.2, 3.0.1, 3.0     [ BEA ]
• Oracle JRockit (formerly BEA JRockit) R27.6.2 and earlier (JDK/JRE 6, 5, 1.4.2)     [ BEA ]

II. Solução

Aplicar uptades e workarounds descritos no Oracle Critical Patch Update Advisory - April 2009.


III. Referências

Oracle Critical Patch Update Advisory - April 2009:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuapr2009.html



Tags: Oracle
 

Missão

O CERT.PT tem como missão contribuir para o esforço de cibersegurança nacional nomeadamente no tratamento e coordenação da resposta a incidentes, na produção de alertas e recomendações de segurança e na promoção de uma cultura de segurança em Portugal.

PT EN
Participe Incidente

Contactos

Av. do Brasil 101 
1700-066 Lisboa 
Portugal

Tel: +351 218440177 (9h30-12h30, 14h00-17h30; GMT)  
Fax: +351 218472167

email:

pgp: 342A 17BA DF71 E193 6871 0357 8BDE A247 C523 AAE7

Filiação internacional

Acreditação Internacional

Canais

Feeds RSS

Alertas
Recomendações
Notícias