Wednesday May 13, 2015

PeopleTools CPU analysis and supported versions of PeopleTools (update for April 2015 CPU)

Questions often arise on the PeopleTools versions for which Critical Patch Updates have been published, or if a particular PeopleTools version is supported. 

The attached page shows the patch number for PeopleTools versions associated with a particular CPU publication. This information will help you decide which CPU to apply and when to consider upgrading to a more current release.

The link in "CPU Date" goes to the landing page for CPU advisories, the link in the individual date, e.g. Apr-10, goes to the advisory for that date.

The page also shows the CVE's addressed in the CPU, a synopsis of the issue and the Common Vulnerability Scoring System (CVSS) value.

To find more details on any CVE, simply replace the CVE number in the sample URL below.

http://www.cvedetails.com/cve/CVE-2010-2377

Common Vulnerability Scoring System Version 2 Calculator

http://nvd.nist.gov/cvss.cfm?calculator&adv&version=2

This page shows the components of the CVSS score

Example CVSS response policy http://www.first.org/_assets/cvss/cvss-based-patch-policy.pdf

All the details in this page are available on My Oracle Support and public sites.

The RED column indicates the last patch for a PeopleTools version and effectively the last support date for that version.

Applications Unlimited support does NOT apply to PeopleTools versions.

Sunday Jul 03, 2011

Oracle Critical Patch Update and Security Alerts

This is opportune, since the next Critical Patch Update will be released on July 19. You need to ensure that you, and other members of your team involved with systems maintenance and security receive these alerts. If you don't already, you can subscribe to the alerts on Oracle technology network, OTN.

Go to http://otn.oracle.com

Login with your My Oracle Support credentials.
Scroll to the bottom of the page, and click on "Subscribe"
Subscribe to security alerts.

By the way, anyone on your team should have an OTN account, it doesn't cost anything and doesn't get you on a spam mailing list, and they don’t need to have a personal My Oracle Support account. There’s a wealth of information on OTN.

Critical Patch Updates and Security Alerts
http://www.oracle.com/technetwork/topics/security/alerts-086861.html

A great resource!
RSS Feed: http://www.oracle.com/ocom/groups/public/@otn/documents/webcontent/rss-otn-sec.xml
(This is really useful, just add it to your favorite feed reader)

From CPU alert page you can navigate to a particular advisory, including historical information.

For additional reference see the following  blogs:
http://blogs.oracle.com/peopletools (where you're probably reading this!)

There are some PeopleTools security related posts here, but check the reader feeds as well under bookmarks on this page:
Bookmarks
o Google Reader feed for PeopleSoft 
o Google Reader feed for Security

See also: http://blogs.oracle.com/security
This is the Oracle security blog with great postings by people deeply involved in all aspects of security and the standards organizations.

 

 

About

This blog provides information to the PeopleSoft community, about PeopleSoft Technology, otherwise PeopleTools.

For information about PeopleSoft see the PeopleSoft Strategy Blog.

For information about PeopleTools 8.53 and 8.54 see the PeopleTools Patch Updates.

Search

Archives
« May 2015
SunMonTueWedThuFriSat
     
1
2
3
4
6
7
8
9
10
11
12
14
15
16
17
18
19
20
22
23
24
25
26
27
28
29
30
31
      
Today