-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Reference: CERT-EU Security Advisory 2014-043

Title: Oracle Critical Patch Update Advisory 

Version history:
08.05.2014 Initial publication

Summary
=======
The Oracle Critical Patch Update for April 2014 [1] were released. Oracle strongly recommends applying the patches as soon as possible.


Vulnerable systems
==================
Oracle Database 11g Release 1, version 11.1.0.7
Oracle Database 11g Release 2, versions 11.2.0.3, 11.2.0.4
Oracle Database 12c Release 1, version 12.1.0.1
Oracle Fusion Middleware 11g Release 1, versions 11.1.1.7, 11.1.1.8
Oracle Fusion Middleware 12c Release 1, versions 12.1.1.0, 12.1.2.0
Oracle Fusion Applications, versions 11.1.2 through 11.1.8
Oracle Access Manager, versions 10.1.4.3, 11.1.1.3.0, 11.1.1.5.0, 11.1.1.7.0, 11.1.2.0.0, 11.1.2.1.0, 11.1.2.2.0
Oracle Containers for J2EE, version 10.1.3.5
Oracle Data Integrator, version 11.1.1.3.0
Oracle Endeca Server, version 2.2.2
Oracle Event Processing, version 11.1.1.7.0
Oracle Identity Analytics, version 11.1.1.5, Sun Role Manager, version 5.0
Oracle OpenSSO, version 8.0 Update 2 Patch 5
Oracle OpenSSO Policy Agent, version 3.0-03
Oracle WebCenter Portal, versions 11.1.1.7, 11.1.1.8
Oracle WebLogic Server, versions 10.0.2.0, 10.3.6.0, 12.1.1.0, 12.1.2.0
Oracle Hyperion Common Admin, versions 11.1.2.2, 11.1.2.3
Oracle E-Business Suite Release 11i, 12i
Oracle Agile PLM Framework, versions 9.3.1.1, 9.3.3.0
Oracle Agile Product Lifecycle Management for Process, versions 6.0.0.7, 6.1.1.3
Oracle Transportation Management, versions 6.3, 6.3.4
Oracle PeopleSoft Enterprise CS Campus Self Service, version 9.0
Oracle PeopleSoft Enterprise HRMS Talent Acquisition Manager, versions 8.52, 8.53
Oracle PeopleSoft Enterprise PT Tools, versions 8.52, 8.53
Oracle Siebel UI Framework, versions 8.1.1, 8.2.2
Oracle iLearning, versions 6.0, 6.1
Oracle JavaFX, version 2.2.51
Oracle Java SE, versions 5.0u61, 6u71, 7u51, 8
Oracle Java SE Embedded, version 7u51
Oracle JRockit, versions R27.8.1, R28.3.1
Oracle Solaris, versions 9, 10, 11.1
Oracle Secure Global Desktop, versions 4.63, 4.71, 5.0, 5.1
Oracle VM VirtualBox, versions prior to 3.2.22, 4.0.24, 4.1.32, 4.2.24, 4.3.10
Oracle MySQL Server, versions 5.5, 5.6

What can you do?
================
Patches are available in [1].


What to tell your users?
========================
N/A

More information
================
[1] http://www.oracle.com/technetwork/topics/security/cpuapr2014-1972952.html


Best regards,

CERT-EU Team (http://cert.europa.eu)
Phone: +32.2.2990005 / e-mail: cert-eu@ec.europa.eu
PGP KeyID 0x46AC4383
FP: 9011 6BE9 D642 DD93 8348 DAFA 27A4 06CA 46AC 4383
Privacy Statement:
http://cert.europa.eu/cert/plainedition/en/cert_privacy.html
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)

iQIcBAEBAgAGBQJTa4kSAAoJEPpzpNLI8SVoQR0P/Rmi6TbGlxz3daJNuO2DPMem
4UV9K032zvVnhK5tZLK8u40oHpuTErbz24FXFhZ5pC9zSoyb43Q6olGlfLTahCoa
tReETRb5N+VCuoNQV0z/YcDsgBf96M5bxJKag7mQnJpkxX8qOxo6s2Qj7EvLpJUX
6sQdGesKicJLw33OgcuSusw9SkB7aaPm8PxSlCNakzNyoiR0CSnqctvXIjpoXAwJ
ieP7S8SuDRZzE13XoNvpkkyHLj1hgAu7LnJrmnN6/LLpuZuLmydZKHYHWQh9XcAM
vddQIg0op3N9HF+XgIGlluYmrDFVaccF95JqWQhU6nQ0y1SIaI3hfku6592C11Oj
DUe1TG+CzANiIbI9ibehniTLNlNUoTYS/Q1F4sKkzzHrR9W8u7Jffwt8YFfzyD3R
rT66Uo8Pc3R9FGpxQQLyP4/ABilB22I+rh4Bfs2uZDAF5PbwBtHDzrfZDfdTwzj6
hg/IKBz46o6GXxd0wZTeIkRTEdkvSy1vJChZFd9ag0wyH8O1cjBWzLDuCzJhb3YR
O4+rYcvYcJbqkDj/hgreOuCm6LsZ8p3aP2sMnJEIVaZPkcMi5rjCihy62461+sPS
LMFrAur8NM4Qk32oENdW0rnWk9ph+RcIQjomvq6iuqvAKsw7zbUa9phoH05GVJUZ
IKcGUhwAWRGkMV75MTUg
=nm3H
-----END PGP SIGNATURE-----