Oracle October Security Update Multiple Vulnerabilities

Solution:
Oracle has released a Critical Patch Update (Critical Patch Update - October 2005) to address these issues. Information regarding obtaining and applying appropriate patches can be found in the referenced Oracle Critical Patch Update.

Pre-installation notes for Oracle Database Server can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=333956.1

Pre-installation notes for Oracle Application Server can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=333959.1

Pre-installation notes for Oracle Collaboration Suite can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=333961.1

Pre-installation notes for Oracle E-Business Suite and Applications can be found at the following location:
http://metalink.oracle.com/metalink/plsql/ml2_documents.showDocument?p_database_id=NOT&p_id=333963.1

Pre-installation notes for Oracle PeopleSoft Enterprise and JD Edwards EnterpriseOne can be found at the following location:
http://www.peoplesoft.com/corp/en/support/security_index.jsp

A message from "David Litchfield" <davidl@ngssoftware.com> is available that states that some of the vulnerabilities in Oracle Critical Patch Update - October 2005 may not have been successfully fixed by Oracle. Users of affected packages should refer to the referenced message, and contact their vendor for further information on the status of fixes.

HP has released advisory HPSBMA01235 (SSRT051055 rev.0 - HP Oracle for OpenView (OfO) Critical Patch Update October 2005) to identify vulnerable HP packages and fixes. HP advises users of Oracle for Openview who have support contracts with Oracle to obtain Critical Patch Update - October 2005 from Oracle. Users of Oracle for Openview who have support contracts with HP can contact HP for fixes. Please see the referenced advisory for more information.

A message from "NGSSoftware Insight Security Research" <nisr@nextgenss.com> (Oracle October 2005 CPU Problems) states that there is a flaw in the fix for the CTXSYS component of Oracle 8.1.7.4 on all platforms. Please see the referenced message for further details on this issue.



 

Privacy Statement
Copyright 2010, SecurityFocus