April 12, IDG News Service – (International) Oracle to issue 88 security patches on Tuesday. Oracle plans to release 88 patches April 17, covering vulnerabilities affecting a wide array of products, according to a pre-release announcement posted to its Web site April 12. The upcoming patch batch includes six fixes for Oracle’s database, three of which can be exploited remotely without a username and password. The highest Common Vulnerability Scoring System (CVSS) base score for the database bugs is 9 on the system’s 10-point scale. Another 11 patches cover Oracle Fusion Middleware, with 9 being remotely exploitable without authentication. Within this group, the highest CVSS base score is 10 for Oracle JRockit. Other affected products include BI Publisher and JDeveloper. The patch release also includes 6 bug-fixes for Oracle Enterprise Manager Grid Control; 4 for the E-Business Suite enterprise resource planning application; 5 for Oracle’s Supply Chain Suite; 15 for various PeopleSoft Enterprise applications; 17 for Oracle Financial Services software; 2 for Oracle Industry Applications; and 1 for Oracle Primavera. Another 15 cover Oracle Sun products, including the GlassFish application server and the Solaris OS. Oracle is also set to ship six patches for the MySQL database.
Ali Loney, on April 12, 2012