TTCSIRT-109.041918: TT-CSIRT Advisory – Oracle Security Updates
Oracle has released its Critical Patch Update for April 2018 to address 254 vulnerabilities across multiple products including
1) Enterprise Manager Base Platform, versions 12.1.0.5, 13.2.0.0
2) Enterprise Manager for MySQL Database, version 12.1.0.4
3) Enterprise Manager for Virtualization, version 13.2
4) Enterprise Manager Ops Center, versions 12.2.2, 12.3.3
5) Hardware Management Pack, versions prior to 2.4.3
6) Instantis EnterpriseTrack, versions 17.1, 17.2
7) Integrated Lights Out Manager (ILOM), versions 3.x, 4.x
8) JD Edwards EnterpriseOne Tools, version 9.2.2
9) JD Edwards World Security, versions A9.2, A9.3, A9.4
10) Management Pack for Oracle GoldenGate, version 11.2.1.0.13
11) MICROS Handheld Terminal, versions Prior to Fusion 2.03.0.0.021R
12) MICROS Lucas, version 2.9.5
13) MySQL Cluster, versions 7.2.27 and prior, 7.3.16 and prior, 7.4.14 and prior, 7.5.5 and prior
14) MySQL Enterprise Monitor, versions 3.3.7.3306 and prior, 3.4.5.4248 and prior, 4.0.2.5168 and prior
15) MySQL Server, versions 5.5.59 and prior, 5.6.39 and prior, 5.7.21 and prior
16) Oracle Access Manager, versions 10.1.4.3.0, 11.1.2.3.0, 12.2.1.3.0
17) Oracle Adaptive Access Manager, version 11.1.2.3.0
18) Oracle Agile Engineering Data Management, versions 6.1.3, 6.2.0, 6.2.1
19) Oracle Agile PLM Framework, version 9.3.6
20) Oracle Agile Product Lifecycle Management for Process, versions 6.1.1.6, 6.2.0.0, 6.2.1.0
21) Oracle Application Testing Suite, versions 12.5.0.3, 13.1.0.1, 13.2.0.1
22) Oracle Banking Corporate Lending, versions 12.3.0, 12.4.0, 12.5.0, 14.0.0
23) Oracle Banking Enterprise Collections, version 2.6
24) Oracle Banking Enterprise Originations, version 2.6
25) Oracle Banking Enterprise Product Manufacturing, version 2.6
26) Oracle Banking Payments, versions 12.3.0, 12.4.0, 12.5.0, 14.0.0
27) Oracle Banking Platform, versions 2.4, 2.5, 2.6
28) Oracle Big Data Discovery, version 1.6.0
29) Oracle Business Intelligence Data Warehouse Administration Console, version 11.1.1.6.4
30) Oracle Business Intelligence Enterprise Edition, versions 11.1.1.7.0, 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0
| Further information on these patches an be found on the Oracle Website at http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html |