Oracle released its quarterly CPU (Critical Patch Update), addressing a whopping 276 vulnerabilities across 84 products, an all-time high for Oracle. The vast majority of the fixes are in Oracle’s Fusion Middleware and other applications. Oracle Database, ostensibly the company’s flagship product, continues to get less and less attention from the security team.
The CPU fixed 39 vulnerabilities in Fusion Middleware; 34 in the Sun Systems suite, which includes Solaris and SPARC Enterprise; and 27 in Supply Chain. MySQL, which Oracle acquired as part of its Sun deal, received 22 fixes, while only nine fixes were released Oracle Database Server. Java, which continues to be a favorite target for web-based attacks, received 13 fixes. The CPU addressed only four security flaws in Oracle Linux and virtualization products.
To read this article in full or to leave a comment, please click here