The Register® — Biting the hand that feeds IT

Feeds

Oracle preps summer patch cluster

45 updates equal overtime for sysadmins

Customer Success Testimonial: Recovery is Everything

Oracle is preparing to release 45 security patches on Tuesday 15 July as part of its quarterly update cycle.

The updates cover unspecified security bugs across multiple Oracle products including its Oracle Database, Application Server, E-Business Suite and PeopleSoft business applications. Some of the updates address vulnerabilities in multiple products.

Eleven of the planned security updates include patches for versions of Oracle's database. Fortunately none of the flaws lend themselves to remote exploitation without requiring login credentials.

The same can't be said for the nine new security fixes for Oracle Application Server. All nine are capable of being exploited by hackers without login credentials, Oracle warns. Three of the seven updates for Oracle WebLogic Server carry the same risk.

Oracle rates the most severe of this quarter's patch batch (involving the flaws in Application Servers and WebLogic Server) at 6.8 out of 10 - pretty critical - according to the Common Vulnerability Scoring System (CVSS), a cross-industry initiative designed to standardise vulnerability ratings. More details can be found in Oracle's pre-release announcement here. ®

Agentless Backup is Not a Myth

Latest Comments

Still so many more patches to go

Why anyone purchases Oracle products is beyond me. As a contracted pen tester, it is a product which causes nightmares for me. Working ways to mitigate the holes without taking a bite out of a budget is a big challenge. Hurry up Oracle.... I'd like to take a vacation!

0
0

Postgres

Forget it.

0
0

Overtime?

What overtime? Companies like mine clamping down on overtime, these patches will be put in by us first thing in the morning or "time in lieu", I'm afraid!

0
0

More from The Register

Bjarne Again: Hallelujah for C++
Plus: Now officially OK to admit you never used STL algorithms
Interwebs taunt Sir Jony over Apple eye candy makeover
Hey Ive, Ive... add more unicorns, willya?
SCO vs. IBM battle resumes over ownership of Unix
Zombie lawsuit back and wants to suck the brains out of Linux
Apple: iOS7 dayglo Barbie makeover is UNFINISHED - report
Plus: You don't like the icons? Blame marketing
Red Hat to ditch MySQL for MariaDB in RHEL 7
So long, Oracle! Don't let the door hit you on the way out
Shy? Socially inadequate? Fiddling with your phone could help
App 'tells the brutal truth' about social inadequates' chatup lines
Java EE 7 melds HTML5 with enterprise apps
New release arrives with GlassFish, NetBeans support
 breaking news
'Office Facebook' firm Tibbr wants you to PAY for mobe-meetings app
Great idea. Punters won't cough for it though
 breaking news
The only Waze is Google: Ad giant tipped to gobble map app 'for $1.3bn'
Pac-Man-satnav-ish upstart in bidding war with Apple, Facebook
 breaking news
PM Cameron calls for modern, programmable computers! (We think)
IT education musings to G8 chiefs to mystify IT industry