{"id":5207,"date":"2017-04-19T10:54:25","date_gmt":"2017-04-19T09:54:25","guid":{"rendered":"http:\/\/www.onomi.co.uk\/?p=5207"},"modified":"2018-08-21T11:19:13","modified_gmt":"2018-08-21T10:19:13","slug":"oracle-patch-update-april-17","status":"publish","type":"post","link":"http:\/\/content.n4stack.io\/2017\/04\/19\/oracle-patch-update-april-17\/","title":{"rendered":"Oracle Patch Update April 17"},"content":{"rendered":"<p>[et_pb_section bb_built=&#8221;1&#8243; admin_label=&#8221;section&#8221;][et_pb_row admin_label=&#8221;row&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; background_size=&#8221;initial&#8221;][et_pb_column type=&#8221;4_4&#8243;][et_pb_text background_layout=&#8221;light&#8221; text_orientation=&#8221;left&#8221; use_border_color=&#8221;off&#8221; border_color=&#8221;#ffffff&#8221; border_style=&#8221;solid&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; background_size=&#8221;initial&#8221;]<\/p>\n<h1><strong>Oracle Patch Update April\u00a02017 (Database Server)<\/strong><\/h1>\n<p>Oracle have released their latest critical patch update for Database Server yesterday evening\u00a0(18\/4).<strong>\u00a0<\/strong>This Oracle Critical Patch Update includes 2 new security fixes for Oracle\u00a0Database and fix for a high scoring vulnerability for Oracle Secure Back up. These updates are available for the below supported versions:<\/p>\n<ul>\n<li>Oracle Database Server 11.2.0.4<\/li>\n<li>Oracle Database Server 12.1.0.2<\/li>\n<\/ul>\n<p>&nbsp;<\/p>\n<p>[\/et_pb_text][et_pb_image src=&#8221;http:\/\/content.n4stack.io\/wp-content\/uploads\/2017\/04\/Oracle-Patch01.jpg&#8221; show_in_lightbox=&#8221;off&#8221; url_new_window=&#8221;off&#8221; use_overlay=&#8221;off&#8221; animation=&#8221;off&#8221; sticky=&#8221;off&#8221; align=&#8221;left&#8221; force_fullwidth=&#8221;off&#8221; always_center_on_mobile=&#8221;on&#8221; use_border_color=&#8221;off&#8221; border_color=&#8221;#ffffff&#8221; border_style=&#8221;solid&#8221; animation_style=&#8221;none&#8221; animation_duration=&#8221;1000ms&#8221; animation_intensity_slide=&#8221;50%&#8221; show_bottom_space=&#8221;on&#8221; _builder_version=&#8221;3.6&#8243; \/][et_pb_image src=&#8221;http:\/\/content.n4stack.io\/wp-content\/uploads\/2017\/04\/Oracle-Patch02.jpg&#8221; show_in_lightbox=&#8221;off&#8221; url_new_window=&#8221;off&#8221; use_overlay=&#8221;off&#8221; animation=&#8221;off&#8221; sticky=&#8221;off&#8221; align=&#8221;left&#8221; force_fullwidth=&#8221;off&#8221; always_center_on_mobile=&#8221;on&#8221; use_border_color=&#8221;off&#8221; border_color=&#8221;#ffffff&#8221; border_style=&#8221;solid&#8221; animation_style=&#8221;none&#8221; animation_duration=&#8221;1000ms&#8221; animation_intensity_slide=&#8221;50%&#8221; show_bottom_space=&#8221;on&#8221; \/][et_pb_text background_layout=&#8221;light&#8221; text_orientation=&#8221;left&#8221; use_border_color=&#8221;off&#8221; border_color=&#8221;#ffffff&#8221; border_style=&#8221;solid&#8221; background_position=&#8221;top_left&#8221; background_repeat=&#8221;repeat&#8221; background_size=&#8221;initial&#8221;]<\/p>\n<p>The Oracle Secure Backup\/ PHP nasty is exploitable remotely, without the need for authentication. ext\/session\/session.c in certain versions of PHP does not properly maintain a certain hash data structure, which allows remote attackers to cause a denial of service (use-after-free) or possibly have unspecified other impact via vectors related to session deserialization.<\/p>\n<p>For more information please see the full Oracle update at\u00a0<a href=\"http:\/\/www.oracle.com\/technetwork\/security-advisory\/cpuapr2017-3236618.html#AppendixDB\">http:\/\/www.oracle.com\/technetwork\/security-advisory\/cpuapr2017-3236618.html#AppendixDB<\/a><\/p>\n<p>[\/et_pb_text][\/et_pb_column][\/et_pb_row][\/et_pb_section]<\/p>\n","protected":false},"excerpt":{"rendered":"<p>Oracle Patch Update April\u00a02017 (Database Server) Oracle have released their latest critical patch update for Database Server yesterday evening\u00a0(18\/4).\u00a0This Oracle Critical Patch Update includes 2 new security fixes for Oracle\u00a0Database and fix for a high scoring vulnerability for Oracle Secure Back up. These updates are available for the below supported versions: Oracle Database Server 11.2.0.4 [&hellip;]<\/p>\n","protected":false},"author":1,"featured_media":5209,"comment_status":"closed","ping_status":"closed","sticky":false,"template":"","format":"standard","meta":{"_et_pb_use_builder":"on","_et_pb_old_content":"","_et_gb_content_width":""},"categories":[343,328,329],"tags":[],"yst_prominent_words":[215,402,393,159,503,405,504,502,1579,406,394,1581,1478,409,407,1580],"_links":{"self":[{"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/posts\/5207"}],"collection":[{"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/posts"}],"about":[{"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/types\/post"}],"author":[{"embeddable":true,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/users\/1"}],"replies":[{"embeddable":true,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/comments?post=5207"}],"version-history":[{"count":2,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/posts\/5207\/revisions"}],"predecessor-version":[{"id":52948,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/posts\/5207\/revisions\/52948"}],"wp:featuredmedia":[{"embeddable":true,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/media\/5209"}],"wp:attachment":[{"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/media?parent=5207"}],"wp:term":[{"taxonomy":"category","embeddable":true,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/categories?post=5207"},{"taxonomy":"post_tag","embeddable":true,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/tags?post=5207"},{"taxonomy":"yst_prominent_words","embeddable":true,"href":"http:\/\/content.n4stack.io\/wp-json\/wp\/v2\/yst_prominent_words?post=5207"}],"curies":[{"name":"wp","href":"https:\/\/api.w.org\/{rel}","templated":true}]}}