Late last week Oracle published the Oracle Critical Patch Update Pre-Release Announcement – April 2011. The official Oracle Critical Patch Update for April 2011 will be released somewhen on the 19th of april.
This CPU includes up to 73 security fixes for all kind of Oracle products. 6 out of them are just forfor the Oracle Database Server. 2 of these vulnerabilities may also be remotely exploitable without authentication. Due to the fact that the highest CVSS score for the database security fixes is just 6.5 this CPU does not look as critical as others. But to make a clear statement we have to wait for the official release of the patch’s. As soon as they are available I’ll make some tests.
More information on the CPU and Oracle Security:
- Critical Patch Updates and Security Alerts)
- On this blog as soon as I could have a closer look into the CPU