Akamai Diversity

The Akamai Blog

Oracle Releases Massive Security Update

Note: Akamai CSIRT member Larry Cashdollar contributed to Oracle's latest CPU. He appears in the advisory credits. We always knew he'd be famous!

Oracle has released a monster Critical Patch Update (CPU) -- 113 security fixes in all affecting a vast portion of the company's product line.

In a blog post outlining the fixes, Oracle's Eric Maurice wrote:

This Critical Patch Update provides 113 new security fixes across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Hyperion, Oracle Enterprise Manager Grid Control, Oracle E-Business Suite, Oracle PeopleSoft Enterprise, Oracle Siebel CRM, Oracle Industry Applications, Oracle Java SE, Oracle Linux and Virtualization, Oracle MySQL, and Oracle and Sun Systems Products Suite.

Here's the full list of products affected:

Affected Products and VersionsPatch Availability
Oracle Database 11g Release 1, version
Oracle Database 11g Release 2, versions,
Oracle Database 12c Release 1, version
Oracle Fusion Middleware 11g Release 1, version Middleware
Oracle Fusion Middleware 12c Release 1, version Middleware
Oracle Fusion Applications, versions 11.1.2 through 11.1.8Fusion Applications
Oracle Glassfish Server, versions 2.1.1, 3.0.1, 3.1.2Fusion Middleware
Oracle Traffic Director, version Middleware
Oracle iPlanet Web Proxy Server, version 4.0.24Fusion Middleware
Oracle iPlanet Web Server, versions 6.1, 7.0Fusion Middleware
Oracle WebCenter Portal, versions, Middleware
Oracle WebLogic Server, versions,,, Middleware
Oracle JDeveloper, versions,, Middleware
Oracle BI Publisher, version Middleware
Oracle Glassfish Communications Server, version 2.0Fusion Middleware
Oracle HTTP Server, versions, Middleware
Oracle Hyperion Essbase, versions, Middleware
Oracle Hyperion BI+, versions, Middleware
Oracle Hyperion Enterprise Performance Management Architect, versions, Middleware
Oracle Hyperion Common Admin, versions, Middleware
Oracle Hyperion Analytic Provider Services, versions, Middleware
Oracle E-Business Suite Release 11i, version Suite
Oracle E-Business Suite Release 12i, versions 12.0.6, 12.1.3, 12.2.2, 12.2.3E-Business Suite
Oracle Transportation Management, versions 6.1, 6.2, 6.3, 6.3.1, 6.3.2, 6.3.3, 6.3.4Oracle Supply Chain
Oracle Agile Product Collaboration, version 9.3.3Oracle Supply Chain
Oracle PeopleSoft Enterprise ELS Enterprise Learning Management, versions 9.1, 9.2PeopleSoft
Oracle PeopleSoft Enterprise PT PeopleTools, versions 8.52, 8.53PeopleSoft
Oracle PeopleSoft Enterprise FIN Install, versions 9.1, 9.2PeopleSoft
Oracle PeopleSoft Enterprise SCM Purchasing, versions 9.1, 9.2PeopleSoft
Oracle Siebel Travel & Transportation, versions 8.1.1, 8.2.2Siebel
Oracle Siebel UI Framework, versions 8.1.1, 8.2.2Siebel
Oracle Siebel Core - Server OM Frwks, versions 8.1.1, 8.2.2Siebel
Oracle Siebel Core - EAI, versions 8.1.1, 8.2.2Siebel
Oracle Communications Messaging Server, version Communications Applications
Oracle Retail Back Office, versions 8.0, 12.0, 12.0.9IN, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0Retail
Oracle Retail Central Office, versions 8.0, 12.0, 12.0.9IN, 13.0, 13.1, 13.2, 13.3, 13.4, 14.0Retail
Oracle Retail Returns Management, versions 2.0, 13.1, 13.2, 13.3, 13.4, 14.0Retail
Oracle Java SE, versions 5.0u65, 6u75, 7u60, 8u5Oracle Java SE
Oracle JRockit, versions R27.8.2, R28.3.2Oracle Java SE
Oracle Solaris, versions 8, 9, 10, 11.1Oracle and Sun Systems Products Suite
Oracle Secure Global Desktop, versions 4.63, 4.71, 5.0, 5.1Oracle Linux and Virtualization
Oracle VM VirtualBox, versions prior to 3.2.24, 4.0.26, 4.1.34, 4.2.26, 4.3.14Oracle Linux and Virtualization
Oracle Virtual Desktop Infrastructure (VDI), versions prior to 3.5.1Oracle Linux and Virtualization
Sun Ray Software, versions prior to 5.4.3Oracle Linux and Virtualization
Oracle MySQL Server, versions 5.5, 5.6Oracle MySQL Product Suite