Oracle Critical Patch Advisory -- July 15, 2014
By Iareid-Oracle on Jul 18, 2014
This week Oracle released the July 2014 Critical Patch Update. This Critical Patch Update provides 113 new security fixes across a wide range of product families including: Oracle Database, Oracle Fusion Middleware, Oracle Java SE, Oracle Linux, and Oracle and Sun Systems Products Suite.
Affected Products and Components
Security vulnerabilities addressed by this Critical Patch Update affect the products listed in the categories below. The product area of the patches for the listed versions is shown in the Patch Availability column corresponding to the specified Products and Versions column. Please click on the link in the Patch Availability column below or in the Patch Availability Table to access the documentation for those patches.
The full list of affected product releases and versions that are in Premier Support or Extended Support, under the Oracle Lifetime Support Policy is as follows:
|Affected Products and Versions related to Java Development
|Oracle Database 11g Release 1, version 126.96.36.199||Database|
|Oracle Database 11g Release 2, versions 188.8.131.52, 184.108.40.206||Database|
|Oracle Database 12c Release 1, version 220.127.116.11||Database|
|Oracle Fusion Middleware 11g Release 1, version 18.104.22.168||Fusion Middleware|
|Oracle Fusion Middleware 12c Release 1, version 22.214.171.124||Fusion Middleware|
|Oracle Fusion Applications, versions 11.1.2 through 11.1.8||Fusion Applications|
|Oracle Glassfish Server, versions 2.1.1, 3.0.1, 3.1.2||Fusion Middleware|
|Oracle iPlanet Web Proxy Server, version 4.0.24||Fusion Middleware|
|Oracle iPlanet Web Server, versions 6.1, 7.0||Fusion Middleware|
|Oracle WebCenter Portal, versions 126.96.36.199.0, 188.8.131.52.0||Fusion Middleware|
|Oracle WebLogic Server, versions 10.0.2.0, 10.3.6.0, 184.108.40.206, 220.127.116.11||Fusion Middleware|
|Oracle JDeveloper, versions 18.104.22.168.0, 22.214.171.124.0, 126.96.36.199.0||Fusion Middleware|
|Oracle Glassfish Communications Server, version 2.0||Fusion Middleware|
|Oracle HTTP Server, versions 188.8.131.52.0, 184.108.40.206||Fusion Middleware|
|Oracle Communications Messaging Server, version 220.127.116.11.0||Oracle Communications Applications|
|Oracle Java SE, versions 5.0u65, 6u75, 7u60, 8u5||Oracle Java SE|
|Oracle JRockit, versions R27.8.2, R28.3.2||Oracle Java SE|
|Oracle Solaris, versions 8, 9, 10, 11.1||Oracle and Sun Systems Products Suite|
|Sun Ray Software, versions prior to 5.4.3||Oracle Linux and Virtualization|
|...||Click for full product list
As a reminder, Critical Patch Update fixes are intended to address significant security vulnerabilities in Oracle products and also include code fixes that are prerequisites for the security fixes. As a result, Oracle recommends that this Critical Patch Update be applied as soon as possible by customers using the affected products.
For More Information:
The July 2014 Critical Patch Update Advisory is located at http://www.oracle.com/technetwork/topics/security/cpujul2014-1972956.html
The Oracle Software Security Assurance web site is located at http://www.oracle.com/us/support/assurance.
Java home users can detect if they are running obsolete versions of Java SE and install the most recent version of Java by visiting http://java.com/en/download/installed.jsp