Yesterday (October 18), Oracle released a critical security patch update addressing 23 serious security vulnerabilities in its database applications, server software, and enterprise solutions. This update is part of Oracle’s quarterly patch cycle.
Oracle regards this update as a “collection of patches” for a wide range of security flaws, which also includes fixes for non-security-related software bugs.
Out of the 23 patches, 7 are specifically aimed at Oracle’s renowned database applications, including Oracle 10g. This includes patches for the main server, Grid Control, Application Server, Collaboration Suite, and Database Control. In addition to fixing issues for Oracle 10g, the company has also addressed vulnerabilities in the Oracle 9i and Oracle 8i database applications.
The remaining patches are for applications such as PeopleSoft Enterprise Tools, PeopleSoft CRM, JD Edwards EnterpriseOne/OneWorld XE, Oracle Database Server, Enterprise Manager, Oracle Application Server, and Oracle Collaboration Suite.
However, Oracle has not disclosed any specific details regarding the security vulnerabilities that have been patched this time. This is part of the manufacturer’s policy.
Oracle’s security patch updates are typically released on a quarterly basis—specifically in January, April, July, and October—and they usually occur on the Tuesday closest to the 15th of each month.
