Oracle's critical patch update advisory for October 2010
Posted on 12 October 2010.
Oracle just released a new Critical Patch Update, a collection of patches for multiple security vulnerabilities. The update also includes non-security fixes that are required by those security patches.

Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 85 new security fixes across all product families listed below.

Affected Products and Components

Security vulnerabilities addressed by this Critical Patch Update affect the following products:
Oracle Database 11g Release 2, version
Oracle Database 11g Release 1, version
Oracle Database 10g Release 2, versions,
Oracle Database 10g, Release 1, version
Oracle Fusion Middleware, 11gR1, versions,
Oracle Application Server, 10gR3, version
Oracle Application Server, 10gR2, version
Oracle BI Publisher, versions,,
Oracle Identity Management 10g, versions,,
Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 and 12.1.2
Oracle E-Business Suite Release 11i, versions 11.5.10,
Agile PLM, version
Oracle Transportation Management, versions 5.5, 6.0, and 6.1
PeopleSoft Enterprise CRM, FMS, HCM and SCM (Supply Chain), versions 8.9, 9.0 and 9.1
PeopleSoft Enterprise EPM, Campus Solutions, versions 8.9, 9.0 and 9.1
PeopleSoft Enterprise PeopleTools, versions 8.49 and 8.50
Siebel Core, versions 7.7, 7.8, 8.0 and 8.1
Primavera P6 Enterprise Project Portfolio Management, Versions:,
Oracle Sun Product Suite
Oracle VM, version 2.2.1
For more information do visit Oracle's page dedicated to these patches.

At the same time, Oracle released Java SE and Java for Business Critical Patch Update Advisory for October 2010. You can see the risk matrix and read about the patches over here.

To learn more about patching challenges and techniques read our interview with Qualys CTO Wolfgang Kandek who offers his extensive knowledge on the subject.


What's the real cost of a security breach?

The majority of business decision makers admit that their organisation will suffer an information security breach and that the cost of recovery could start from around $1 million.

Weekly newsletter

Reading our newsletter every Monday will keep you up-to-date with security news.

Daily digest

Receive a daily digest of the latest security news.

Thu, Feb 11th