구매안내 온라인 문의

2016년 10월 Oracle Critical Patch Update 권고

2016-10-20

▷ 개요

오라클CPU에서 자사 제품의 보안취약점 253개에 대한 패치를 발표[1]

CPU(Critical Patch Update) : 오라클 중요 보안 업데이트

영향 받는 버전의 사용자는 악성코드 감염에 취약할 수 있으므로, 아래 해결방안에 따라 최신버전으로

업데이트 권고

 

▷ 영향 받는 제품

영향 받는 제품 및 버전

- Application Express, version(s) prior to 5.0.4.0.7

- Oracle Database Server, version(s) 11.2.0.4, 12.1.0.2

- Oracle Secure Backup, version(s) prior to 10.4.0.4.0, prior to 12.1.0.2.0

- Big Data Graph, version(s) prior to 1.2 NetBeans, version(s) 8.1

- Oracle BI Publisher, version(s) 11.1.1.7.0, 11.1.1.9.0, 12.2.1.0.0

- Oracle Big Data Discovery, version(s) 1.1.1, 1.1.3, 1.2.0

- Oracle Business Intelligence Enterprise Edition, version(s) 11.1.1.7.0, 11.1.1.9.0, 12.1.1.0.0,

 12.2.1.1.0

- Oracle Data Integrator, version(s) 11.1.1.7.0, 11.1.1.9.0, 12.1.2.0.0, 12.1.3.0.0, 12.2.1.0.0,

 12.2.1.1.0

- Oracle Discoverer, version(s) 11.1.1.7.0

- Oracle Fusion Middleware, version(s) 11.1.1.7, 11.1.1.9, 11.1.2.3, 11.1.2.4, 12.1.3.0,

 12.2.1.0, 12.2.1.1

- Oracle GlassFish Server, version(s) 2.1.1, 3.0.1, 3.1.2

- Oracle Identity Manager, version(s) -

- Oracle iPlanet Web Proxy Server, version(s) 4.0

- Oracle iPlanet Web Server, version(s) 7.0

- Oracle Outside In Technology, version(s) 8.4.0, 8.5.1, 8.5.2, 8.5.3

- Oracle Platform Security for Java, version(s) 12.1.3.0.0, 12.2.1.0.0, 12.2.1.1.0

- Oracle Web Services, version(s) 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.0.0

- Oracle WebCenter Sites, version(s) 12.2.1.0.0, 12.2.1.1.0, 12.2.1.2.0

- Oracle WebLogic Server, version(s) 10.3.6.0, 12.1.3.0, 12.2.1.0, 12.2.1.1

- Enterprise Manager, version(s) 12.1.4, 12.2.2, 12.3.2

- Enterprise Manager Base Platform, version(s) 12.1.0.5

- Oracle Application Testing Suite, version(s) 12.5.0.1, 12.5.0.2, 12.5.0.3

- Oracle E-Business Suite, version(s) 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6

- Oracle Advanced Supply Chain Planning, version(s) 12.2.3, 12.2.4, 12.2.5

- Oracle Agile Engineering Data Management, version(s) 6.1.3.0, 6.2.0.0

- Oracle Agile PLM, version(s) 9.3.4, 9.3.5

- Oracle Agile Product Lifecycle Management for Process, version(s) 6.1.0.4, 6.1.1.6, 6.2.0.0

- Oracle Transportation Management, version(s) 6.1, 6.2, 6.3.0, 6.3.1, 6.3.2, 6.3.3, 6.3.4,

6.3.5, 6.3.6, 6.3.7

- PeopleSoft Enterprise HCM, version(s) 9.2

- PeopleSoft Enterprise PeopleTools, version(s) 8.54, 8.55

- PeopleSoft Enterprise SCM Services Procurement, version(s) 9.1, 9.2 PeopleSoft

- JD Edwards EnterpriseOne Tools, version(s) 9.1

- JD Edwards World Security, version(s) A9.4

- Siebel Applications, version(s) 7.1, 16.1

- Oracle Commerce Guided Search, version(s) 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2

- Oracle Commerce Guided Search / Oracle Commerce Experience Manager, version(s) 3.1.1,

 3.1.2, 6.2.2, 6.3.0, 6.4.1.2, 6.5.0, 6.5.1, 6.5.2, 11.0, 11.1, 11.2

- Oracle Commerce Platform, version(s) 10.0.3.5, 10.2.0.5, 11.2.0.1

- Oracle Commerce Service Center, version(s) 10.0.3.5, 10.2.0.5

- Oracle Fusion Applications, version(s) 11.1.2 through 11.1.9

- Oracle Communications Policy Management, version(s) 9.7.3, 9.9.1, 10.4.1, 12.1.1 and prior

- Oracle Enterprise Communications Broker, version(s) Pcz2.0.0m4p5 and earlier

- Oracle Enterprise Session Border Controller, version(s) Ecz7.3m2p2 and earlier

- Oracle Banking Digital Experience, version(s) 15.1

- Oracle Financial Services Analytical Applications Infrastructure, version(s) 7.3.0, 7.3.1, 7.3.2,

   7.3.3, 7.3.4, 7.3.5, 8.0.0, 8.0.1, 8.0.2, 8.0.3

- Oracle Financial Services Lending and Leasing, version(s) 14.1.0, 14.2.0

- Oracle FLEXCUBE Core Banking, version(s) 11.5.0.0.0, 11.6.0.0.0

- Oracle FLEXCUBE Enterprise Limits and Collateral Management, version(s) 12.0.0, 12.1.0

- Oracle FLEXCUBE Investor Servicing, version(s) 12.0.1

- Oracle FLEXCUBE Private Banking, version(s) 2.0.0, 2.0.1, 2.2.0, 12.0.0, 12.0.1, 12.0.2,

   12.0.3, 12.1.0

- Oracle FLEXCUBE Universal Banking, version(s) 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3,

 12.1.0, 12.2.0, 12.87.1, 12.87.2

- Oracle Life Sciences Data Hub, version(s) 2.x

- Oracle Hospitality OPERA 5 Property Services, version(s) 5.4.0.0, 5.4.1.0, 5.4.2.0, 5.4.3.0,

 5.5.0.0, 5.5.1.0

- Oracle Insurance IStream, version(s) 4.3.2

- MICROS XBR, version(s) 7.0.2, 7.0.4

- Oracle Retail Back Office, version(s) 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, 14.1

- Oracle Retail Central Office, version(s) 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, 14.1

- Oracle Retail Clearance Optimization Engine, version(s) 13.2, 13.3, 13.4, 14.0

- Oracle Retail Customer Insights, version(s) 15.0

- Oracle Retail Merchandising Insights, version(s) 15.0

- Oracle Retail Returns Management, version(s) 13.0, 13.1, 13.2, 13.3, 13.4, 14.0, 14.1

- Oracle Retail Xstore Payment, version(s) 1.x

- Oracle Retail Xstore Point of Service, version(s) 5.0, 5.5, 6.0, 6.5, 7.0, 7.1

- Primavera P6 Enterprise Project Portfolio Management, version(s) 8.4, 15.x, 16.x

- Primavera P6 Professional Project Management, version(s) 8.3, 8.4, 15.x, 16.x

- Oracle Java SE, version(s) 6u121, 7u111, 8u102

- Oracle Java SE Embedded, version(s) 8u101

- Solaris, version(s) 10, 11.3

- Solaris Cluster, version(s) 3.3, 4.3

- Sun ZFS Storage Appliance Kit (AK), version(s) AK 2013

- Oracle VM VirtualBox, version(s) prior to 5.0.28, prior to 5.1.8

- Secure Global Desktop, version(s) 4.7, 5.2

- Sun Ray Operating Software, version(s) prior to 11.1.7

- Virtual Desktop Infrastructure, version(s) prior to 3.5.3

- MySQL Connector, version(s) 2.0.4 and prior, 2.1.3 and prior

- MySQL Server, version(s) 5.5.52 and prior, 5.6.33 and prior, 5.7.15 and prior  

※ 영향받는 시스템의 상세 정보는 참고사이트[1]를 참조

 


▷ 해결방안

‘Oracle Critical Patch Update Advisory – October 2016’ 문서 및 패치사항을 검토하고 벤더사 및 유지보수 업체와

 협의/검토 후 패치 적용[1]

JAVA SE 사용자는 설치된 제품의 최신 업데이트를 다운로드[2] 받아 설치하거나, Java 업데이트 자동 알림 설정을

 권고[3]

 


▷ 권고 사항

해당 취약점은 중요 취약점으로 필수 보안 업데이트를 권고 드립니다.

 


▷ 참고 자료

-http://www.oracle.com/technetwork/security-advisory/cpuoct2016-2881722.html

- http://www.oracle.com/technetwork/java/javase/downloads/index.html

- http://www.java.com/ko/download/help/java_update.xml

 

  • 목록