Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 85 new security fixes across all product families listed below.
Affected Products and Components
Security vulnerabilities addressed by this Critical Patch Update affect the following products:
For more information do visit Oracle's page dedicated to these patches.Oracle Database 11g Release 2, version 220.127.116.11
Oracle Database 11g Release 1, version 18.104.22.168
Oracle Database 10g Release 2, versions 10.2.0.3, 10.2.0.4
Oracle Database 10g, Release 1, version 10.1.0.5
Oracle Fusion Middleware, 11gR1, versions 22.214.171.124.0, 126.96.36.199.0
Oracle Application Server, 10gR3, version 10.1.3.5.0
Oracle Application Server, 10gR2, version 10.1.2.3.0
Oracle BI Publisher, versions 10.1.3.3.2, 10.1.3.4.0, 10.1.3.4.1
Oracle Identity Management 10g, versions, 10.1.4.0.1, 10.1.4.3
Oracle E-Business Suite Release 12, versions 12.0.4, 12.0.5, 12.0.6, 12.1.1 and 12.1.2
Oracle E-Business Suite Release 11i, versions 11.5.10, 188.8.131.52
Agile PLM, version 184.108.40.206
Oracle Transportation Management, versions 5.5, 6.0, and 6.1
PeopleSoft Enterprise CRM, FMS, HCM and SCM (Supply Chain), versions 8.9, 9.0 and 9.1
PeopleSoft Enterprise EPM, Campus Solutions, versions 8.9, 9.0 and 9.1
PeopleSoft Enterprise PeopleTools, versions 8.49 and 8.50
Siebel Core, versions 7.7, 7.8, 8.0 and 8.1
Primavera P6 Enterprise Project Portfolio Management, Versions: 220.127.116.11, 18.104.22.168
Oracle Sun Product Suite
Oracle VM, version 2.2.1
At the same time, Oracle released Java SE and Java for Business Critical Patch Update Advisory for October 2010. You can see the risk matrix and read about the patches over here.
To learn more about patching challenges and techniques read our interview with Qualys CTO Wolfgang Kandek who offers his extensive knowledge on the subject.
Reading our newsletter every Monday will keep you up-to-date with security news.
Receive a daily digest of the latest security news.