78 Oracle Patches Coming

Here come some more patches for January.  Oracle will release 78 security fixes for vulnerabilities in its database, middleware and applications, next Tuesday.

  • The highest CVSS Base Score among the MySQL bugs is 5.5, which falls into the “medium” range.
  • 27 of those are intended for the MySQL database product.
  • 1 of the vulnerabilities can be exploited over a network without log-in credentials.
  • 2 fixes are for Oracle’s database application.
  • 11 patches are for Fusion Middleware.
  • 5 Fusion Middleware bugs can be remotely exploited with no user authentication required.

On the application front:

  • E-Business Suite is getting 3 patches
  • Supply chain app suite will receive 1
  • PeopleSoft will get 6
  • JD Edwards will have 8.

17 patches will be released for Sun products, including 6 that can be remotely exploited with no credentials. Affected products include GlassFish Enterprise Server and the Solaris OS.  Another 3 patches are for Oracle’s virtualization technology, including VirtualBox.

Sharpen up your deployment tools…