Oracle to issue 59 critical patches

Twenty-one are for Solaris products

Oracle will release on Tuesday 59 patches to fix security weaknesses affecting hundreds of products, according to a notice on its website.

Twenty-one of the vulnerabilities affect products related to Solaris, the Unix operating system Oracle acquired through its purchase of Sun Microsystems. Seven of them can be exploited remotely over a network without requiring a password or username, Oracle said.

[ Discover what's new in business applications with InfoWorld's Technology: Applications newsletter and Killer Apps blog. ]

Among the Solaris products in question are OpenSSO, Solaris Studio, Sun Convergence and Glassfish Enterprise Server.

The update also includes 13 patches for Oracle's database product line. Seven are for remotely exploitable vulnerabilities in the TimesTen in-memory database component and the Secure Backup product. Those weaknesses received CVSS (Common Vulnerability Scoring System) scores of 10.0, the most severe on the scale.

Seven other fixes target Fusion Middleware products. Another 16 are for E-Business Suite, PeopleSoft, JD Edwards, and other applications. One patch is included for an issue with Enterprise Manager.

Oracle recommends that users apply the patches as soon as possible, the site states.

Chris Kanaracus covers enterprise software and general technology breaking news for The IDG News Service. Chris's email address is Chris_Kanaracus@idg.com

Mobile Security Insider: iOS vs. Android vs. BlackBerry vs. Windows Phone
Join the discussion
Be the first to comment on this article. Our Commenting Policies