Oracle publikuje kwartalny biuletyn zabezpieczeń – 01/2023

cert.pse-online.pl 1 rok temu

W dniu 17 stycznia 2023 r. firma Oracle opublikowała poradnik dotyczący bezpieczeństwa dotyczący luk w zabezpieczeniach wielu produktów. Ta aktualizacja Critical Patch Update zawiera 327 nowych poprawek zabezpieczeń dla rodzin produktów wymienionych poniżej.

Produkt /wersjaOpis dokumentu
Big Data Spatial and Graph, versions prior to 21.4.3, prior to 23.1.0Database
Enterprise Manager Base Platform, versions 13.4.0.0, 13.5.0.0Enterprise Manager
Enterprise Manager Ops Center, version 12.4.0.0Enterprise Manager
Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers, versions prior to XCP2411, prior to XCP3111, prior to XCP4011Systems
GoldenGate Stream Analytics, versions prior to 19.1.0.0.8Database
GoldenGate Veridata, versions prior to 12.2.1.4.220831Database
JD Edwards EnterpriseOne Orchestrator, versions prior to 9.2.7.2JD Edwards
JD Edwards EnterpriseOne Tools, versions prior to 9.2.7.2JD Edwards
Management Cloud Engine, version 22.1.0.0.0Oracle Management Cloud Engine
Management Pack for Oracle GoldenGate, versions prior to 12.2.1.2.221115Database
Middleware Common Libraries and Tools, versions 12.2.1.4.0, 14.1.1.0.0Fusion Middleware
MySQL Cluster, versions 7.4.38 and prior, 7.5.28 and prior, 7.6.24 and prior, 8.0.31 and priorMySQL
MySQL Connectors, versions 8.0.31 and priorMySQL
MySQL Enterprise Monitor, versions 8.0.32 and priorMySQL
MySQL Server, versions 5.7.40 and prior, 8.0.31 and priorMySQL
MySQL Shell, versions 8.0.31 and priorMySQL
MySQL Workbench, versions 8.0.31 and priorMySQL
Oracle Access Manager, version 12.2.1.4.0Fusion Middleware
Oracle Agile PLM, version 9.3.6Oracle Supply Chain Products
Oracle AutoVue, versions prior to 21.0.2.6Oracle Supply Chain Products
Oracle Banking Enterprise Default Management, versions 2.6.2, 2.7.0, 2.7.1, 2.12.0Oracle Banking Platform
Oracle Banking Loans Servicing, versions 2.8.0, 2.12.0Oracle Banking Platform
Oracle Banking Party Management, version 2.7.0Oracle Banking Platform
Oracle Banking Platform, versions 2.6.2, 2.7.1, 2.9.0, 2.12.0Oracle Banking Platform
Oracle BI Publisher, versions 5.9.0.0.0, 6.4.0.0.0, 12.2.1.4.0Oracle Analytics
Oracle Business Intelligence Enterprise Edition, versions 5.9.0.0.0, 6.4.0.0.0Oracle Analytics
Oracle Coherence, versions 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0Fusion Middleware
Oracle Commerce Guided Search, version 11.3.2Oracle Commerce
Oracle Communications Billing and Revenue Management, versions 12.0.0.4.0-12.0.0.7.0Oracle Communications Billing and Revenue Management
Oracle Communications BRM – Elastic Charging Engine, versions 12.0.0.3.0-12.0.0.7.0Oracle Communications BRM – Elastic Charging Engine
Oracle Communications Calendar Server, version 8.0.0.6.0Oracle Communications Calendar Server
Oracle Communications Cloud Native Core Automated Test Suite, versions 22.2.2, 22.3.1, 22.4.0Oracle Communications Cloud Native Core Automated Test Suite
Oracle Communications Cloud Native Core Binding Support Function, versions 22.1.0, 22.1.1, 22.2.0, 22.2.1, 22.2.2, 22.2.4, 22.3.0-22.4.0Oracle Communications Cloud Native Core Binding Support Function
Oracle Communications Cloud Native Core Console, versions 22.3.0, 22.4.0Oracle Communications Cloud Native Core Console
Oracle Communications Cloud Native Core Network Data Analytics Function, version 22.0.0.0.0Oracle Communications Cloud Native Core Network Data Analytics Function
Oracle Communications Cloud Native Core Network Exposure Function, versions 22.3.1, 22.4.0Oracle Communications Cloud Native Core Network Exposure Function
Oracle Communications Cloud Native Core Network Function Cloud Native Environment, version 22.3.0Oracle Communications Cloud Native Core Network Function Cloud Native Environment
Oracle Communications Cloud Native Core Network Repository Function, versions 22.3.0, 22.3.2Oracle Communications Cloud Native Core Network Repository Function
Oracle Communications Cloud Native Core Network Slice Selection Function, versions 22.3.1, 22.4.1Oracle Communications Cloud Native Core Network Slice Selection Function
Oracle Communications Cloud Native Core Policy, versions 1.11.0, 22.3.0, 22.4.0Oracle Communications Cloud Native Core Policy
Oracle Communications Cloud Native Core Security Edge Protection Proxy, versions 22.3.1, 22.4.0Oracle Communications Cloud Native Core Security Edge Protection Proxy
Oracle Communications Cloud Native Core Unified Data Repository, versions 22.2.2, 22.2.3, 22.3.3, 22.3.4, 22.4.0Oracle Communications Cloud Native Core Unified Data Repository
Oracle Communications Contacts Server, version 8.0.0.7.0Oracle Communications Contacts Server
Oracle Communications Converged Application Server, versions 7.1.0, 8.0.0Oracle Communications Converged Application Server
Oracle Communications Convergence, version 3.0.3.1.0Oracle Communications Convergence
Oracle Communications Design Studio, version 7.4.2Oracle Communications Design Studio
Oracle Communications Diameter Intelligence Hub, version 8.2.3.0Oracle Communications Diameter Signaling Router
Oracle Communications Diameter Signaling Router, version 8.6.0.0Oracle Communications Diameter Signaling Router
Oracle Communications Elastic Charging Engine, versions 12.0.0.3.0-12.0.0.7.0Oracle Communications BRM – Elastic Charging Engine
Oracle Communications Instant Messaging Server, version 10.0.1.6.0Oracle Communications Instant Messaging Server
Oracle Communications Messaging Server, version 8.1.0.20.0Oracle Communications Messaging Server
Oracle Communications MetaSolv Solution, version 6.3.1Oracle Communications MetaSolv Solution
Oracle Communications Order and Service Management, version 7.4.0Oracle Communications Order and Service Management
Oracle Communications Performance Intelligence Center (PIC) Software, version 10.4.0.4.1Oracle Communications Performance Intelligence Center (PIC) Software
Oracle Communications Pricing Design Center, versions 12.0.0.5.0-12.0.0.7.0Oracle Communications Pricing Design Center
Oracle Communications Unified Assurance, versions 5.5.0-5.5.9, 6.0.0-6.0.1Oracle Communications Unified Assurance
Oracle Communications Unified Inventory Management, versions 7.4.0-7.4.2, 7.5.0Oracle Communications Unified Inventory Management
Oracle Database Server, versions 19c, 21c, [Perl] prior to 5.35Database
Oracle Demantra Demand Management, versions 12.1, 12.2, 12.2.7, 12.2.8, 12.2.9, 12.2.10, 12.2.11, 12.2.12Oracle Supply Chain Products
Oracle Documaker, versions 12.4.0-12.7.0Oracle Insurance Applications
Oracle E-Business Suite, versions 12.2.3-12.2.12Oracle E-Business Suite
Oracle Essbase, version 21.4Database
Oracle Financial Services Crime and Compliance Management Studio, version 8.0.8.3.1Oracle Financial Services Crime and Compliance Management Studio
Oracle Fusion Middleware MapViewer, version 12.2.1.4.0Fusion Middleware
Oracle Global Lifecycle Management NextGen OUI Framework, versions prior to 13.9.4.2.11Fusion Middleware
Oracle Global Lifecycle Management OPatchAuto, versions [DB] prior to 12.2.0.1.35Global Lifecycle Management
Oracle GraalVM Enterprise Edition, versions 20.3.8, 21.3.4, 22.3.0Java SE
Oracle Graph Server and Client, versions prior to 21.4.3, prior to 22.4.0, prior to 23.1.0Database
Oracle Health Sciences Empirica Signal, versions 9.1.0.52, 9.2.0.52Health Sciences
Oracle Healthcare Data Repository, versions 8.1.0.0-8.1.3.1HealthCare Applications
Oracle Healthcare Translational Research, versions 4.1.0.0-4.1.1.1HealthCare Applications
Oracle Hospitality Cruise Shipboard Property Management System, version 20.2.2Oracle Hospitality Cruise Shipboard Property Management System
Oracle Hospitality Gift and Loyalty, version 9.1.0Oracle Hospitality Gift and Loyalty
Oracle Hospitality Labor Management, version 9.1.0Oracle Hospitality Labor Management
Oracle Hospitality Reporting and Analytics, version 9.1.0Oracle Hospitality Reporting and Analytics
Oracle Hospitality Simphony, versions 18.2.11, 19.3.4Oracle Hospitality Simphony
Oracle HTTP Server, version 12.2.1.4.0Fusion Middleware
Oracle Hyperion Infrastructure Technology, version 11.2.10Oracle Enterprise Performance Management
Oracle Java SE, versions 8u351, 8u351-perf, 11.0.17, 17.0.5, 19.0.1Java SE
Oracle Middleware Common Libraries and Tools, version 12.2.1.4.0Fusion Middleware
Oracle Outside In Technology, version 8.5.6Fusion Middleware
Oracle Retail Service Backbone, versions 14.1.3.2, 15.0.3.1, 16.0.3Retail Applications
Oracle SD-WAN Aware, versions 8.2.1.9.0, 9.0.1.4.0Oracle SD-WAN Aware
Oracle Solaris, versions 10, 11Systems
Oracle Spatial Studio, versions prior to 22.3.0Database
Oracle Stream Analytics, versions prior to 19.1.0.0.8Database
Oracle TimesTen In-Memory Database, versions prior to 11.2.2.8.65Database
Oracle Utilities Framework, versions 4.3.0.5.0, 4.3.0.6.0, 4.4.0.0.0, 4.4.0.2.0, 4.4.0.3.0, 4.5.0.0.0Oracle Utilities Applications
Oracle Utilities Network Management System, versions 2.3.0.2, 2.4.0.1, 2.5.0.0-2.5.0.2Oracle Utilities Applications
Oracle VM VirtualBox, versions prior to 6.1.42, prior to 7.0.6Virtualization
Oracle Web Services Manager, version 12.2.1.4.0Fusion Middleware
Oracle WebCenter Content, version 12.2.1.4.0Fusion Middleware
Oracle WebCenter Sites, version 12.2.1.4.0Fusion Middleware
Oracle WebLogic Server, versions 12.2.1.3.0, 12.2.1.4.0, 14.1.1.0.0Fusion Middleware
OSS Support Tools, versions 2.12.43, 22.2.22.4.5, 22.4.22.10.18Oracle Support Tools
PeopleSoft Enterprise CC Common Application Objects, version 9.2PeopleSoft
PeopleSoft Enterprise CS Academic Advisement, version 9.2PeopleSoft
PeopleSoft Enterprise PeopleTools, versions 8.58, 8.59, 8.60PeopleSoft
Primavera Gateway, versions 18.8.0-18.8.15, 19.12.0-19.12.15, 20.12.0-20.12.10, 21.12.0-21.12.8Oracle Construction and Engineering Suite
Primavera Unifier, versions 18.8, 19.12, 20.12, 21.12, 22.12Oracle Construction and Engineering Suite
Siebel Applications, versions 22.10 and priorSiebel

Źródło:

https://www.oracle.com/security-alerts/cpujan2023.html

Idź do oryginalnego materiału