Oracle Update Plugs Security Holes

Oracle issued 45 security fixes for its customers Tuesday as part of its quarterly Critical Patch Update. The 45 patches plug security holes in Oracle Database, Oracle Application Server, Oracle Collaboration Suite, Oracle E-Business Suite and Applications, and Oracle PeopleSoft Enterprise products. The most serious of the flaws are two vulnerabilities affecting Oracle PeopleSoft Enterprise PeopleTools and received a Common Vulnerability Scoring System rating of 4.8 out of 10. The flaw can be exploited remotely by attacker but requires user authentication.

The company initially planned 46 patches for this week's release. An Oracle spokesperson said an issue came out in the late stages of the company's testing process that the development team could not resolve before the release of the update. "We will attempt to include the fix in the October 2007 CPU," the spokesperson said.

View: The full story
News source: eWeek

Report a problem with article
Previous Story

Miro Public Preview 1 (0.9.8)

Next Story

EU backs standard for mobile TV

1 Comments

Commenting is disabled on this article.

> "We will attempt to include the fix in the October 2007

Sounds like a half-assed effort to me. And people criticize Microsoft for withholding patches for the sake of sticking with a monthly schedule...

It's one thing for me to have to wait for security fixes for my home machine, but it's another one entirely for a top-tier database vendor that, say, my bank may be using for its backend...

Good show, Oracle.