Posts Tagged ‘Critical Patch Update’


Critical Patch Update for October is Being Delayed

September 9th, 2009 by Robert McMillen • No Comments »

On a quarterly basis Oracle releases a series of Critical Patches in a bundle which is often referred to as the “CPU” or “CPC” (Collection).

Normally we will see these CPU’s arriving in January, July, April and October but there will be a delay on the October patch.  Given that the last quarter is an important business quarter because of the holiday business and payroll changes that have to be applied, this October patch is always important.

Here’s the text with an update on the October CPU.

Dear Oracle Customer,

There is a change in the previously announced release date of the October 2009 Critical patch Update.

Since many Oracle customers with responsibility for deploying the Critical Patch Update within their respective organizations will be attending Oracle OpenWorld October 11-15, 2009, the October 2009 Critical Patch Update originally scheduled to be published on Tuesday, October 13th 2009, will be released on October 20th 2009.

Please note: this date change only impacts the October 2009 Critical Patch Update. As usual, Oracle will issue a pre-release announcement on the Thursday before the publication of the Critical Patch Update (Thursday, October 15th). All other aspects of the Critical Patch Update (where to find the documentation, how to download the patches, etc.) remain the same.

The next four Critical Patch Update release dates are:

October 20, 2009,   January 12, 2010,  April 13, 2010, and  July 13, 2010

You will be notified via email once the Critical Patch Update for October 2009 has been released.

Tags: ·

No Comments »

 

Oracle Critical Patch Updates for this Quarter

October 15th, 2008 by Robert McMillen • No Comments »

A Critical Patch Update is a collection of patches for multiple security vulnerabilities. It also includes non-security fixes that are required (because of inter-dependencies) by those security patches. Critical Patch Updates are cumulative (with some exceptions) but each advisory describes only the security fixes added since the previous Critical Patch Update.

The Critical Patch Update for October 2008 was released yesterday (October 14, 2008).  This Critical Patch Update contains 36 new security fixes across all products.  As always, Oracle strongly recommends applying the patches as soon as possible.

Here are some highlights:

  • This CPU is the Terminal Critical Patch Update for Oracle Application Server 9.0.4.3, Oracle Enterprise Manager Grid Control 10.2.0.3, Oracle Application Server 10.1.2.2, Oracle Database 10.2.0.3, Oracle Application Server 10.1.3.3, and, Database 11.1.0.6.
  • It contains 15 new security fixes for the Database Suite.  1 of these vulnerabilities may be remotely exploitable without authentication.
  • It contains 6 new security fixes for the Application Server Suite.  2 of these vulnerabilities may be remotely exploitable without authentication.  3 of these fixes are applicable to client-only installations, i.e. installations that do not have Oracle Application Server installed.
  • It contains 4 new security fixes for the Applications Suite.  2 of these vulnerabilities may be remotely exploitable without authentication.

The Critical Patch Update Advisory is the starting point for relevant information. It includes the list of products affected, pointers to obtain the patches, a summary of the security vulnerabilities for each product suite, and links to other important documents. Supported products that are not listed in the “Supported Products and Components Affected” section of the advisory do not require new patches to be applied.

Also, it is essential to review the Critical Patch Update supporting documentation referenced in the Advisory before applying patches, as this is where you can find important pertinent information.

You can read more about this CPU at: http://www.oracle.com/technology/deploy/security/alerts.htm

The next four Critical Patch Update release dates will be:

  • January 13, 2009
  • April 14, 2009
  • July 14, 2009
  • Oct 13, 2009

Happy Patching!

Tags: · · ·

No Comments »