Oracle plans to release 37 security patches next week as part of its quarterly update cycle.

The fixes cover as-yet-unspecified flaws in products including Oracle Database, Application Server, and E-Business Suite, among others. Some of the patches due to be released on Tuesday, 17 April cover flaws in multiple products.

In October, Oracle began rating the severity of bugs in its applications according to the Common Vulnerability Scoring System (CVSS), an industry-wide initiative designed to standardise vulnerability ratings. Oracle rates this quarter's patch batch at 7.0 in a scale from zero to 10, where 10 indicates impending internet meltdown (or some such calamity). That's the same threat level given to Oracle's last patch release, published in January. However this time around database and system adminstrators have to deal with fewer patches, 37 compared to the 51 Oracle issued at the start of the year. ®

Related stories

• RSA Old people can sabotage software too (10 April 2008)
• Oracle preps July patch blitz (13 July 2007)
• Oracle UK systems accused in 'SSH hacking spree' (13 July 2007)
• Oracle aims for g spot with Database 11 (11 July 2007)
• SSL bug stars in MS June patch batch (13 June 2007)
• Seven flaws lanced in MS patch batch (9 May 2007)
• Five critical reasons to update Windows today (11 April 2007)
• MS cursor patch fix pushes into Patch Tuesday litter (10 April 2007)
• Oracle blocks 51 security holes (17 January 2007)
• Oracle's mega-patch shuts 101 doors (18 October 2006)
• Oracle to provide clearer vulnerability ratings (13 October 2006)
• Oracle in war of words with security researcher (26 January 2006)
• Oracle taken to task for time to fix vulnerabilities (20 July 2005)