구매안내 온라인 문의

2018년 7월 Oracle Critical Patch Update 권고

2018-07-19

 

▷ 개요

l   Cisco社는 오라클社 CPU에서 자사 제품의 보안 취약점 334개에 대한 패치를 발표 [1]

CPU(Critical Patch Update) : 오라클 중요 보안 업데이트

l   영향 받는 버전의 사용자는 악성코드 감염 등에 취약할 수 있으므로, 아래 해결방안에 따라 최신버전으로 업데이트 권고

 

▷ 영향 받는 제품 및 버전

l    Agile Recipe Management for Pharmaceuticals, version 9.3.4

l    Enterprise Manager Base Platform, versions 12.1.0.5, 13.2.x

l    Enterprise Manager for Fusion Middleware, versions 12.1.0.5, 13.2.x

l    Enterprise Manager for MySQL Database, versions 13.2.2.0.0 and prior

l    Enterprise Manager for Oracle Database, versions 12.1.0.8, 13.2.2

l    Enterprise Manager for Peoplesoft, versions 13.1.1.1, 13.2.1.1

l    Enterprise Manager for Virtualization, versions 13.2.2, 13.2.3

l    Enterprise Manager Ops Center, versions 12.2.2, 12.3.3

l    FMW Platform, versions 12.2.1.2.0, 12.2.1.3.0

l    Hardware Management Pack, version 11.3

l    Hyperion Data Relationship Management, version 11.1.2.4.330

l    Hyperion Financial Reporting, version 11.1.2

l    JD Edwards EnterpriseOne Tools, version 9.2

l    JD Edwards World Security, versions A9.3, A9.3.1, A9.4

l    MICROS 700 Series Tablet, versions Prior tBIOS 0.00.13ORC, Prior tBIOS 0.01.25ORC

l    MICROS Handheld Terminal, versions 2018, Android 4.4.4 Security Patch Bulletin prior tFebruary 1

l    MICROS Kitchen Display Controller, versions Prior tBIOS 0.00.16ORC

l    MICROS Lucas, versions 2.9.5.3, 2.9.5.4, 2.9.5.5, 2.9.5.6

l    MICROS Relate CRM Software, versions 10.8.x, 11.4.x

l    MICROS Retail-J, versions 10.2.x, 11.0.x, 12.0.x, 12.1.x, 12.1.1.x, 12.1.2.x, 13.1.x

l    MICROS Workstation 6, versions prior tBIOS 1.3.1.0, prior tBIOS 1.5.2.0, prior tBIOS 2.3.1.0

l    MICROS XBR, versions 7.0.2, 7.0.4

l    MySQL Client, versions 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior, 8.0.11 and prior

l    MySQL Connectors, versions 5.3.10 and prior, 8.0.11 and prior

l    MySQL Enterprise Monitor, versions 3.4.7.4297 and prior, 4.0.4.5235 and prior, 8.0.0.8131 and prior

l    MySQL Server, versions 5.5.60 and prior, 5.6.40 and prior, 5.7.22 and prior, 8.0.11 and prior

l    MySQL Workbench, versions 6.3.10 and prior, 8.0.11 and prior

l    Oracle Agile Engineering Data Management, versions 6.1.3, 6.2.0, 6.2.1

l    Oracle Agile PLM, versions 9.3.3, 9.3.4, 9.3.5, 9.3.6

l    Oracle Agile PLM MCAD Connector, versions 3.3, 3.4, 3.5, 3.6

l    Oracle Agile Product Lifecycle Management for Process, version 6.2.0.0

l    Oracle API Gateway, version 11.1.2.4.0

l    Oracle Application Testing Suite, version 10.1

l    Oracle AutoVue VueLink Integration, versions 21.0.0, 21.0.1

l    Oracle Banking Corporate Lending, versions 12.3.0, 12.4.0, 12.5.0, 14.0.0, 14.1.0

l    Oracle Banking Payments, versions 12.2.0, 12.3.0, 12.4.0, 12.5.0, 14.1.0

l    Oracle Banking Platform, versions 2.6.0, 2.6.1, 2.6.2

l    Oracle BI Publisher, versions 11.1.1.7.0, 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0

l    Oracle Business Process Management Suite, versions 11.1.1.7.0,11.1.1.9.0,12.1.3.0.0,12.2.1.2.0,12.2.1.3.0

l    Oracle Communications Diameter Signaling Router (DSR), versions 7.x, 8.x

l    Oracle Communications EAGLE LNP Application Processor, version 10.x

l    Oracle Communications Interactive Session Recorder, versions 5.x, 6.x

l    Oracle Communications Messaging Server, version 3.x

l    Oracle Communications Network Charging and Control, versions 4.4.1.5.0, 5.0.0.1.0, 5.0.0.2.0, 5.0.1.0.0, 5.0.2.0.0

l    Oracle Communications Policy Management, version 12.x

l    Oracle Communications Session Border Controller, versions ECz7.x, ECz8.x

l    Oracle Communications User Data Repository, versions 10.x, 12.x

l    Oracle Database Server, versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18.1, 18.2

l    Oracle E-Business Suite, versions 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7

l    Oracle Endeca Information Discovery Studio, versions 3.1, 3.2

l    Oracle Enterprise Data Quality, version 12.2.1.3.0

l    Oracle Enterprise Repository, versions 11.1.1.7.0, 12.1.3.0.0

l    Oracle Financial Services Analytical Applications Infrastructure, versions 7.3.3.x, 8.0.x

l    Oracle Financial Services Behavior Detection Platform, version 8.0.x

l    Oracle Financial Services Funds Transfer Pricing, versions 6.1.1, 8.0.x

l    Oracle Financial Services Hedge Management and IFRS Valuations, versions 8.0.4, 8.0.5

l    Oracle Financial Services Loan Loss Forecasting and Provisioning, versions 8.0.4, 8.0.5

l    Oracle Financial Services Profitability Management, versions 6.1.1, 8.0.x

l    Oracle Financial Services Revenue Management and Billing, versions 2.3.0.2.0, 2.4.0.0.0, 2.4.0.1.0, 2.5.0.1.0, 2.5.0.2.0, 2.5.0.3.0

l    Oracle FLEXCUBE Enterprise Limits and Collateral Management, versions 12.3.0, 14.0.0, 14.1.0

l    Oracle FLEXCUBE Investor Servicing, versions 12.0.4, 12.1.0, 12.3.0, 12.4.0

l    Oracle FLEXCUBE Universal Banking, versions 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0, 14.1.0

l    Oracle Fusion Middleware, versions 12.2.1.2, 12.2.1.3

l    Oracle Fusion Middleware MapViewer, versions 12.2.1.2, 12.2.1.3

l    Oracle Global Lifecycle Management OPatchAuto, version All

l    Oracle Hospitality Cruise Fleet Management System, version 9.x

l    Oracle Hospitality Cruise Shipboard Property Management System, version 8.x

l    Oracle Hospitality Gift and Loyalty, version 9.0.0

l    Oracle Hospitality OPERA 5 Property Services, version 5.5.x

l    Oracle Hospitality Reporting and Analytics, version 9.0.0

l    Oracle Hospitality Simphony, versions 2.8, 2.9, 2.10

l    Oracle Insurance Policy Administration, versions 10.0, 10.1, 10.2, 11.0

l    Oracle Internet Directory, version 11.1.1.9.0

l    Oracle Java SE, versions 6u191, 7u181, 8u172, 10.0.1

l    Oracle Java SE Embedded, version 8u171

l    Oracle JDeveloper, versions 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0

l    Oracle JRockit, version R28.3.18

l    Oracle Outside In Technology, version 8.5.3

l    Oracle Policy Automation, versions 10.4.7, 12.1.0, 12.1.1, 12.2.0, 12.2.1, 12.2.2, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.2.8, 12.2.9, 12.2.10

l    Oracle Policy Automation Connector for Siebel, version 10.4.6

l    Oracle Policy Automation for Mobile Devices, versions 10.4.7, 12.1.0, 12.1.1, 12.2.0, 12.2.1, 12.2.2, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7, 12.2.8, 12.2.9, 12.2.10

l    Oracle Retail Back Office, versions 14.0, 14.1

l    Oracle Retail Bulk Data Integration, version 16.0

l    Oracle Retail Central Office, versions 14.0, 14.1

l    Oracle Retail Clearance Optimization Engine, version 14.0.5

l    Oracle Retail Convenience and Fuel POS Software, version 2.1.132

l    Oracle Retail Customer Management and Segmentation Foundation, versions 16.x, 17.x

l    Oracle Retail Financial Integration, versions 13.2.x, 14.0.x, 14.1.x, 15.0.x, 16.0.x

l    Oracle Retail Integration Bus, versions 12.0.x, 13.0.x, 13.1.x, 13.2.x, 14.0.0 14.1.0, 14.0.x, 14.1.x, 15.0, 15.0.x, 16.0, 16.0.x

l    Oracle Retail Order Broker, versions 5.2, 15.0, 16.0

l    Oracle Retail Point-of-Sale, versions 14.0, 14.1

l    Oracle Retail Point-of-Service, versions 14.0, 14.1

l    Oracle Retail Predictive Application Server, version 15.0.3

l    Oracle Retail Returns Management, versions 14.0, 14.1

l    Oracle Retail Service Backbone, versions 14.0.x, 14.1.x, 15.0.x, 16.0.x

l    Oracle Retail Service Layer, versions 12.0.x, 13.0.x, 13.1.x, 13.2.x, 14.0.x

l    Oracle Secure Global Desktop, versions 5.3, 5.4

l    Oracle SOA Suite, versions 11.1.1.7.0, 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0

l    Oracle SuperCluster Specific Software, versions prior t2.5.0

l    Oracle Transportation Management, versions 6.2, 6.3.7, 6.4.1

l    Oracle Tuxedo, versions 12.1.1, 12.1.3, 12.2.2

l    Oracle Utilities Framework, version 4.3.x

l    Oracle Utilities Network Management System, versions 1.12.x, 2.3.x

l    Oracle Utilities Work and Asset Management, version 1.9.1.2.12

l    Oracle VM VirtualBox, versions prior t5.2.16

l    Oracle WebCenter Portal, versions 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0

l    Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, 12.2.1.2, 12.2.1.3

l    OSS Support Tools, versions prior t18.3

l    PeopleSoft Enterprise CS Financial Aid, versions 9.0, 9.2

l    PeopleSoft Enterprise FIN Install, version 9.2

l    PeopleSoft Enterprise HCM Human Resources, version 9.2

l    PeopleSoft Enterprise PeopleTools, versions 8.55, 8.56

l    PeopleSoft HRMS, version 9.2

l    Primavera P6 Enterprise Project PortfoliManagement, versions 8.4, 15.x, 16.x, 17.x

l    Primavera Unifier, versions 16.x, 17.x, 18.x

l    Siebel Applications, version 18.0

l    Solaris, versions 10, 11.2, 11.3

l    Solaris Cluster, versions 3.3, 4.3

l    Sun ZFS Storage Appliance Kit (AK), versions prior t8.7.20

l    Tape Library ACSLS, versions Prior tACSLS 8.4.0-3

 

▷ 해결 방안

l   "Oracle Critical Patch Update Advisory April 2018“ 문서 및 패치사항을 검토하고 벤더사 및 유지보수 업체와 협의/검토 후 패치 적용 [1]

l   JAVA SE 사용자는 최신 업데이트를 다운로드[2] 받아 설치하거나, Java 업데이트 자동 설정 권고 [3]

 

▷ 참고 자료

- [1] http://www.oracle.com/technetwork/security-advisory/cpujul2018-4258247.html

- [2] http://www.oracle.com/technetwork/java/javase/downloads/index.html

- [3] https://www.java.com/ko/download/help/java_update.xml

 

  • 목록