Skip Navigation

  • Home
  • Contact us
  • FAQ
  • Glossary
  • Public key
  • Sitemap
  • Cymraeg
  • What's new
CPNI - Centre for the Protection of National Infastructure

Advanced search

  • About CPNI
  • The threats
  • Security planning
  • Methods of attack
  • Protecting your assets
  • Products and services
    • CSIRTUK advisories
      • Advisories archive
    • General protective security publications
    • InfoSec briefings
    • InfoSec technical notes
    • InfoSec vulnerability disclosures
    • Good practice guidelines
    • Viewpoints
    • Information exchanges
    • Risk Management Delivery Group
  • Research
Home > Products and services > CSIRTUK advisories > Advisories archive > January 2006 > Oracle Critical Patch Update - January 2006

January 2006

Oracle Critical Patch Update - January 2006

ID: 00059
Ref: 58/2006
Date: 18 January 2006:11:12:54
Version: 1
Title: Oracle Critical Patch Update - January 2006
Abstract: Oracle has released a security advisory detailing software patches for multiple security vulnerabilities within various products. It also includes non-security fixes that are required because of associated interdependencies.
Vendors affected: Oracle
Applications affected: Oracle
Oracle has released a security advisory detailing software patches for
multiple security vulnerabilities within various products. It also includes
non-security fixes that are required because of associated interdependencies.

Supported Products and Components Affected

The security vulnerabilities addressed by this Critical Patch Update affect the
products listed in Categories I, II, and III below.

Category I

Product releases and versions that are covered by Error Correction Support (ECS) or Extended Maintenance Support (EMS):

Oracle Database 10g Release 2, version 10.2.0.1
Oracle Database 10g Release 1, versions 10.1.0.3, 10.1.0.4, 10.1.0.5
Oracle9i Database Release 2, versions 9.2.0.6, 9.2.0.7
Oracle8i Database Release 3, version 8.1.7.4
Oracle Enterprise Manager 10g Grid Control, versions 10.1.0.3, 10.1.0.4
Oracle Application Server 10g Release 2, versions 10.1.2.0.0, 10.1.2.0.1, 10.1.2.0.2, 10.1.2.1.0
Oracle Application Server 10g Release 1 (9.0.4), versions 9.0.4.1, 9.0.4.2
Oracle Collaboration Suite 10g Release 1, versions 10.1.1, 10.1.2
Oracle9i Collaboration Suite Release 2, version 9.0.4.2
Oracle E-Business Suite Release 11i, versions 11.5.1 through 11.5.10 CU2
Oracle E-Business Suite Release 11.0
PeopleSoft Enterprise Portal, versions 8.4, 8.8, 8.9
JD Edwards EnterpriseOne Tools, OneWorld Tools, versions 8.95.F1, SP23_L1

Category II

Products and components that are bundled with the products listed in Category I:

Oracle Database 10g Release 1, version 10.1.0.4.2
Oracle Developer Suite, versions 6i, 9.0.2.1, 9.0.4.1, 9.0.4.2, 10.1.2.0
Oracle Workflow, versions 11.5.1 through 11.5.9.5

Category III

Products that are de-supported as a standalone installation but are supported
when installed with the products listed in Category I:

Oracle9i Database Release 1, versions 9.0.1.4, 9.0.1.5, 9.0.1.5 FIPS
Oracle8 Database Release 8.0.6, version 8.0.6.3
Oracle9i Application Server Release 1, version 1.0.2.2

Patches for Category III products are only available when these products are
installed as part of Category I products, and are tested solely on supported
configurations and environments. Please refer to the Pre-Installation Note
for each product for specific details concerning the support and availability
of patches.

Full details of the Patch update are obtainable from:

http://www.oracle.com/technology/deploy/security/pdf/cpujan2006.html
  • Accessibility |
  • Terms and conditions |
  • Privacy statement |
  • Data protection act |
  • Freedom of information |