{"id":2549,"date":"2018-04-18T06:21:33","date_gmt":"2018-04-18T04:21:33","guid":{"rendered":"http:\/\/www.oradba.ch\/?p=2549"},"modified":"2018-04-18T06:21:33","modified_gmt":"2018-04-18T04:21:33","slug":"oracle-cpu-psu-april-2018","status":"publish","type":"post","link":"https:\/\/www.oradba.ch\/wordpress\/2018\/04\/oracle-cpu-psu-april-2018\/","title":{"rendered":"Oracle CPU \/ PSU April 2018"},"content":{"rendered":"<p>Oracle recently released the spring Critical Patch Advisory. It is the first critical patch update, which also includes fixes for Oracle 18c. Over all it includes 254 new security fixes across the product families. Overall a rather large update, although only a security vulnerability is patched for the Oracle databases. This vulnerability is not remotely exploitable without authentication and is not applicable to client-only installations. The CVSS Rating is 8.5 for Oracle Database 11.2.0.4, 12.1.0.2, 12.2.0.1 and 18.1.0.0 on any operating system. According to Oracle the following component is affected:<\/p>\n<ul>\n<li>Java VM<\/li>\n<\/ul>\n<p>Oracle Java VM is not installed by default. It is therefore recommended that you check your database environment to see if it is necessary to apply this critical patch update. <\/p>\n<p>For Oracle Fusion Middleware the situation looks somehow different. The Critical Patch Update includes not less than 30 fixes for vulnerabilities. Several of the vulnerabilities may be remotely exploitable without authentication and are rated with the highest CVSS rating of 9.8.<\/p>\n<p>More details about the patch will follow soon on the Oracle Security Pages.<\/p>\n<ul>\n<li><a href=\"http:\/\/www.oracle.com\/technetwork\/topics\/security\/alerts-086861.html\">Critical Patch Updates and Security Alerts<\/a><\/li>\n<li><a href=\"www.oracle.com\/technetwork\/security-advisory\/cpuapr2018-3678067.html\">Oracle Critical Patch Update Advisory &#8211; April 2018<\/a><\/li>\n<li><a href=\"https:\/\/www.trivadis.com\/en\/tvd-criticalpatchreporttm\">TVD-Critical Patch Report<\/a><\/li>\n<li>Or posted here \ud83d\ude42<\/li>\n<\/ul>\n<p>By the way, Oracle <em>improved<\/em> the table which lists the affected products and components in there <a href=\"http:\/\/www.oracle.com\/technetwork\/security-advisory\/cpuoct2017-3236626.html\">advisory<\/a>. Oracle Database is not a the top of the table any more.<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oracle recently released the spring Critical Patch Advisory. It is the first critical patch update, which also includes fixes for Oracle 18c. Over all it includes 254 new security fixes across the product families. Overall a rather large update, although only a security vulnerability is patched for the Oracle databases. This vulnerability is not remotely [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"#Oracle Critical Patch Update April 2018","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":true,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[8,83,158,117,46,114,11,116],"tags":[130,18,111],"class_list":["post-2549","post","type-post","status-publish","format-standard","hentry","category-11gr2","category-12cr1","category-12cr2","category-bp","category-cpu","category-psu-2","category-security","category-spu","tag-trivadis","tag-trivadiscontent","tag-tvdsecexpert"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1aErb-F7","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":2397,"url":"https:\/\/www.oradba.ch\/wordpress\/2017\/10\/oracle-cpu-psu-announcement-october-2017\/","url_meta":{"origin":2549,"position":0},"title":"Oracle CPU \/ PSU Announcement October 2017","author":"Stefan","date":"18. October 2017","format":false,"excerpt":"The Oracle open world 2017 is over, the dust just settled down. A perfect time for Oracle to release the October critical patch advisory. With not less than 270 new security vulnerability fixes across the Oracle products it seems to be a rather huge update. From the DB perspective it\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":3140,"url":"https:\/\/www.oradba.ch\/wordpress\/2019\/07\/oracle-cpu-psu-advisory-july-2019\/","url_meta":{"origin":2549,"position":1},"title":"Oracle CPU \/ PSU Advisory July 2019","author":"Stefan","date":"17. July 2019","format":false,"excerpt":"Recently, just in the middle of the summer holidays, Oracle has released the third Critical Patch Advisory for its products. It seems there's a lot of work going on in Redwood Shore. Oracle has fixed about 319 security vulnerabilities across their products. The Oracle database is relatively prominently represented with\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2008,"url":"https:\/\/www.oradba.ch\/wordpress\/2015\/07\/oracle-cpu-psu-pre-release-announcement-july-2015\/","url_meta":{"origin":2549,"position":2},"title":"Oracle CPU \/ PSU Pre-Release Announcement July 2015","author":"Stefan","date":"10. July 2015","format":false,"excerpt":"Oracle has published the Pre-Release Announcement for the July Critical Patch Update. This Critical Patch Update contains 193 new security vulnerability fixes across all Oracle products. It looks like that this CPU does contain a bunch of critical security fixes for Oracle databases. Actually there are 10 fixes for security\u2026","rel":"","context":"In &quot;12cR1&quot;","block_context":{"text":"12cR1","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/12cr1\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2815,"url":"https:\/\/www.oradba.ch\/wordpress\/2018\/10\/oracle-cpu-psu-advisory-october-2018\/","url_meta":{"origin":2549,"position":3},"title":"Oracle CPU \/ PSU Advisory October 2018","author":"Stefan","date":"22. October 2018","format":false,"excerpt":"Oracle has recently published the Critical Patch Update Advisory for the October 2018. It's once more quite a heavy update with not less than 301 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal CVSS rating of 9.8.\u2026","rel":"","context":"In &quot;12R2&quot;","block_context":{"text":"12R2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/12r2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2686,"url":"https:\/\/www.oradba.ch\/wordpress\/2018\/07\/oracle-cpu-psu-pre-release-announcement-july-2018\/","url_meta":{"origin":2549,"position":4},"title":"Oracle CPU \/ PSU Pre-Release Announcement July 2018","author":"Stefan","date":"13. July 2018","format":false,"excerpt":"Today Oracle has published the Pre-Release Announcement for the July 2018 Critical Patch Update. It's quite a heavy update with not less than 334 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal CVSS rating of 9.8. Of\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":1924,"url":"https:\/\/www.oradba.ch\/wordpress\/2015\/01\/oracle-cpu-psu-pre-release-announcement-january-2015\/","url_meta":{"origin":2549,"position":5},"title":"Oracle CPU \/ PSU Pre-Release Announcement January 2015","author":"Stefan","date":"20. January 2015","format":false,"excerpt":"Oracle has published the Pre-Release Announcement for the first Critical Patch Update in 2015. This Critical Patch Update contains 167 new security vulnerability fixes across all Oracle products. It looks like that this CPU does contain a bunch of critical security fixes for Oracle databases. Actually there are 7 fixes\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/2549","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/comments?post=2549"}],"version-history":[{"count":1,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/2549\/revisions"}],"predecessor-version":[{"id":2550,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/2549\/revisions\/2550"}],"wp:attachment":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/media?parent=2549"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/categories?post=2549"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/tags?post=2549"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}