Oracle Patch Update July 2015 (Database Server)
Today Oracle have released their latest critical patch update for Database Server. This Oracle Critical Patch Update includes ten new security fixes for Oracle Database impacting the below versions:
- Oracle Database Server 220.127.116.11
- Oracle Database Server 18.104.22.168
- Oracle Database Server 22.214.171.124
- Oracle Database Server 126.96.36.199
- Oracle Database Server 188.8.131.52
Importantly two of these vulnerabilities may be exploitable remotely without authentication, this means that they may be exploited over a network without the need for u/name & password credentials. Specifically CVE-2015-4755 which impacts RDBMS security relating to the 184.108.40.206 release. Other vulernabilities include those related to Oracle OLAP, Core RDBMS, Partioning, & the RDBMS Scheduler.
The official Oracle Patch Update July 2015 can be found here.
Although not related to this critical patch update, please remember that Error Correction Support for Oracle Database 220.127.116.11 will end shortly on August 27,2015.