{"id":291,"date":"2011-01-23T13:59:00","date_gmt":"2011-01-23T13:59:00","guid":{"rendered":"http:\/\/www.oradba.ch\/?p=291"},"modified":"2013-10-16T09:12:09","modified_gmt":"2013-10-16T07:12:09","slug":"oracle-critical-patch-update-january-2011","status":"publish","type":"post","link":"https:\/\/www.oradba.ch\/wordpress\/2011\/01\/oracle-critical-patch-update-january-2011\/","title":{"rendered":"Oracle Critical Patch Update January 2011"},"content":{"rendered":"<p>It&#8217;s not the latest news, but still in the same week \ud83d\ude09 &#8230;<\/p>\n<p>On January 19th Oracle released the first Critical Patch Update (CPU) for 2011. This CPU includes up to 66 security fixes across all product families. The number looks quite high, but thats just because SUN Products like Open Office and the SUN Product Suite covered as well by this CPU. For database server issues there are only 7 security fixes, where 5 fixes are for the Oracle Database Server, 1 is for Oracle Secure Backup and 1 for Oracle Audit Vault. The one for Oracle Audit Vault may be remote exploit without any authentication and has a CVSS score of 10. The highest CVSS score of the 5 security fixes for the Oracle Database Server is 7.5 which is still fairly high. I would therefor highly recommended to apply this security fix on Audit Vault installation and recommend to install it as well on Oracle Database Server as soon as possible.<\/p>\n<p>In the next day&#8217;s I will install the CPU&#8217;s on some databases to test if there are any issues. <\/p>\n<p>More information on the CPU and Oracle Security:<\/p>\n<ul>\n<li><a href=\"http:\/\/www.oracle.com\/technetwork\/topics\/security\/alerts-086861.html\" target=\"_blank\">Critical Patch Updates and Security Alerts<\/a>)<\/li>\n<li><a href=\"http:\/\/www.oracle.com\/technetwork\/topics\/security\/cpujan2011-194091.html\" target=\"_blank\">Oracle Critical Patch Update Advisory &#8211; January 2011<\/a><\/li>\n<li>Patch Set Update and Critical Patch Update January 2011 Availability Document <a href=\"https:\/\/support.oracle.com\/CSP\/main\/article?cmd=show&#038;type=NOT&#038;id=1263374.1\" target=\"_blank\"> [1263374.1]<\/a><\/li>\n<li>CERT <a href=\"http:\/\/www.us-cert.gov\/cas\/techalerts\/TA06-109A.html\" target=\"_blank\">Technical Cyber Security Alert TA06-109A<\/a><\/li>\n<\/ul>\n<p><a href=\"<?php the_permalink(); ?>&amp;article2pdf=1&#8243;>PDF Version<\/a><\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oracle released the January Critical Patch Update. Over all it includes 66 fixes, 7 out of them are just for Oracle Database Server (Database Server, Secure Backup, Audit Vault). <\/p>\n","protected":false},"author":1,"featured_media":0,"comment_status":"open","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_exactmetrics_skip_tracking":false,"_exactmetrics_sitenote_active":false,"_exactmetrics_sitenote_note":"","_exactmetrics_sitenote_category":0,"jetpack_post_was_ever_published":false,"_jetpack_newsletter_access":"","_jetpack_dont_email_post_to_subs":false,"_jetpack_newsletter_tier_id":0,"_jetpack_memberships_contains_paywalled_content":false,"_jetpack_memberships_contains_paid_content":false,"footnotes":"","jetpack_publicize_message":"","jetpack_publicize_feature_enabled":true,"jetpack_social_post_already_shared":false,"jetpack_social_options":{"image_generator_settings":{"template":"highway","default_image_id":0,"font":"","enabled":false},"version":2}},"categories":[46,5,114,11,116],"tags":[18],"class_list":["post-291","post","type-post","status-publish","format-standard","hentry","category-cpu","category-oracle-database","category-psu-2","category-security","category-spu","tag-trivadiscontent"],"jetpack_publicize_connections":[],"jetpack_featured_media_url":"","jetpack_shortlink":"https:\/\/wp.me\/p1aErb-4H","jetpack_sharing_enabled":true,"jetpack-related-posts":[{"id":683,"url":"https:\/\/www.oradba.ch\/wordpress\/2011\/10\/oracle-cpu-psu-pre-release-announcement-october-2011\/","url_meta":{"origin":291,"position":0},"title":"Oracle CPU \/ PSU Pre-Release Announcement October 2011","author":"Stefan","date":"14. October 2011","format":false,"excerpt":"Oracle has recently published the Pre-Release Announcement for the CPU Patch. This Critical Patch Update contains 56 new security vulnerability fixes for several Oracle products. 4 of these fixes are just for the Oracle Database Server.","rel":"","context":"In &quot;10gR2&quot;","block_context":{"text":"10gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/10gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":724,"url":"https:\/\/www.oradba.ch\/wordpress\/2012\/01\/oracle-cpu-psu-pre-release-announcement-januar-2012\/","url_meta":{"origin":291,"position":1},"title":"Oracle CPU \/ PSU Pre-Release Announcement Januar 2012","author":"Stefan","date":"13. January 2012","format":false,"excerpt":"Oracle has recently published the Pre-Release Announcement for the CPU Patch. This Critical Patch Update contains 78 new security vulnerability fixes for several Oracle products. 2 of these fixes are just for the Oracle Database Server.","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":757,"url":"https:\/\/www.oradba.ch\/wordpress\/2012\/01\/update-oracle-released-cpu-psu-january-2012\/","url_meta":{"origin":291,"position":2},"title":"Update: Oracle released CPU \/ PSU January 2012","author":"Stefan","date":"24. January 2012","format":false,"excerpt":"Oracle has officially released the CPU \/ PSU Patches for january 2012. The Critical Patch Updates contains 78 security fixes across all products. But only two out of this 78 fixes are for Oracle databases.","rel":"","context":"In &quot;11gR1&quot;","block_context":{"text":"11gR1","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr1\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":983,"url":"https:\/\/www.oradba.ch\/wordpress\/2013\/01\/oracle-released-cpu-psu-january-2013\/","url_meta":{"origin":291,"position":3},"title":"Oracle released CPU \/ PSU January 2013","author":"Stefan","date":"16. January 2013","format":false,"excerpt":"As announced in my post about Oracle's pre-release announcement of last week, Oracle has now released the first Critical Patch Updates for 2013. Overall this CPU contains 86 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For products like Oracle\u2026","rel":"","context":"In &quot;Critical Patch Update&quot;","block_context":{"text":"Critical Patch Update","link":"https:\/\/www.oradba.ch\/wordpress\/category\/patches\/cpu\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2168,"url":"https:\/\/www.oradba.ch\/wordpress\/2016\/07\/oracle-cpu-psu-pre-release-announcement-july-2016\/","url_meta":{"origin":291,"position":4},"title":"Oracle CPU \/ PSU Pre-Release Announcement July 2016","author":"Stefan","date":"15. July 2016","format":false,"excerpt":"Oracle has published the Pre-Release Announcement for the July 2016 Critical Patch Update. It's quite a huge update with not less than 276 security vulnerability fixes across the Oracle products. For the Oracle Database itself are 9 security fixes available. Dies ist wiederum eines der gr\u00f6\u00dferen Critical Patch Update for\u2026","rel":"","context":"In &quot;11gR2&quot;","block_context":{"text":"11gR2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/11gr2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]},{"id":2815,"url":"https:\/\/www.oradba.ch\/wordpress\/2018\/10\/oracle-cpu-psu-advisory-october-2018\/","url_meta":{"origin":291,"position":5},"title":"Oracle CPU \/ PSU Advisory October 2018","author":"Stefan","date":"22. October 2018","format":false,"excerpt":"Oracle has recently published the Critical Patch Update Advisory for the October 2018. It's once more quite a heavy update with not less than 301 security vulnerability fixes across the Oracle products. The Oracle database is relatively prominently represented with 3 security vulnerabilities and a maximal CVSS rating of 9.8.\u2026","rel":"","context":"In &quot;12R2&quot;","block_context":{"text":"12R2","link":"https:\/\/www.oradba.ch\/wordpress\/category\/oracle-database\/12r2\/"},"img":{"alt_text":"","src":"","width":0,"height":0},"classes":[]}],"_links":{"self":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/291","targetHints":{"allow":["GET"]}}],"collection":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/comments?post=291"}],"version-history":[{"count":11,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/291\/revisions"}],"predecessor-version":[{"id":1517,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/posts\/291\/revisions\/1517"}],"wp:attachment":[{"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/media?parent=291"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/categories?post=291"},{"taxonomy":"post_tag","embeddable":true,"href":"https:\/\/www.oradba.ch\/wordpress\/wp-json\/wp\/v2\/tags?post=291"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}