Oracle Critical Patch Update January 2014 - Availability and Relevance

Oracle constantly reviews its products to harden against security threatening. Regularly an "Oracle Critical Patch Update Advisory" is published to inform about new patches and other actions to take. Oracle users are highly recommended to carefully review and to consider these advices.

With the January 2014 advisory, Oracle Forms and Oracle Reports for releases 11gR1 and 11gR2 are not effected by a new patch directly. Nevertheless, there are two items to take into account:

  • Corresponding Oracle Fusion Middleware components like database client, JDK, HTTP Server, ... may need patching. Find the details in Master Note on Fusion Middleware Proactive Patching - Patch Set Updates (PSUs) and Bundle Patches (BPs) MOS authentication neededDoc ID 1494151.1)
  • The January 2014 Risk Matrices - Oracle Fusion Middleware lists one item for Oracle Reports: CVE-2013-5785 dedicated to versions 11.1.1.6, 11.1.1.7 & 11.1.2.1 and gives best practices how to use the existing feature "Enable File System Access Control". Check out "Enable File System Access Control" - Fine Grained File System Access Control for the Reports Server MOS authentication neededDoc ID 1608683.1 for more details.

Security Alert Tickler Tip:
Keep updated on latest security announcements from Critical Patch Updates, Security Alerts and Third Party Bulletin and activate the Security Alert Tickler (RSS Feed)!

 





Comments:

Post a Comment:
  • HTML Syntax: NOT allowed
About


This is the official blog of the Proactive Support Team for Developer Tools: Oracle Forms, Oracle Reports, Apex, SQLDeveloper, ... . Find information about our activities, publications, product related information and more.

 

Follow @psdDevTools on Twitter

Search

Archives
« April 2014
SunMonTueWedThuFriSat
  
2
3
4
5
6
7
8
10
11
12
13
14
15
16
17
18
19
20
21
22
23
25
26
27
28
29
30
   
       
Today