2018년 10월 Oracle Critical Patch Update 권고

보안공지

2018년 10월 Oracle Critical Patch Update 권고

□ 개요
 o 오라클社 CPU에서 자사 제품의 보안 취약점 301개에 대한 패치를 발표 [1]
  ※ CPU(Critical Patch Update) : 오라클 중요 보안 업데이트
 o 영향 받는 버전의 사용자는 악성코드 감염 등에 취약할 수 있으므로, 아래 해결방안에 따라 최신버전으로 업데이트 권고
 

□ 영향을 받는 제품 및 버전
Application Management Pack for Oracle E-Business Suite, versions 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7
Enterprise Manager Base Platform, versions 12.1.0.5, 13.2
Enterprise Manager for MySQL Database, version 13.2
Enterprise Manager Ops Center, versions 12.2.2, 12.3.3
Fujitsu M10-1, M10-4, M10-4S, M12-1, M12-2, M12-2S Servers, versions Prior to XCP2352 and Prior to XCP3050
Hyperion BI+, version 11.1.2.4
Hyperion Common Events, version 11.1.2.4
Hyperion Data Relationship Management, version 11.1.2.4.345
Hyperion Essbase Administration Services, version 11.1.2.4
Instantis EnterpriseTrack, versions 17.1, 17.2, 17.3
JD Edwards EnterpriseOne Orchestrator, version 9.2
JD Edwards EnterpriseOne Tools, version 9.2
MICROS Lucas, version 2.9.5
MICROS PC Workstation 2015, versions Prior to BIOS 01.3.0.2i
MICROS Relate CRM Software, versions 10.8, 11.4
MICROS Retail-J, versions 12.1.2, 13.0.0
MICROS XBRi, versions 10.5.0, 10.6.0, 10.7.0, 10.8.1, 10.8.2, 10.8.3
MySQL Connectors, versions 8.0.12 and prior
MySQL Enterprise Monitor, versions 3.4.9.4237 and prior, 4.0.6.5281 and prior, 8.0.2.8191 and prior
MySQL Server, versions 5.5.61 and prior, 5.6.41 and prior, 5.7.23 and prior, 8.0.12 and prior
Oracle Adaptive Access Manager, versions 11.1.1.7.0, 11.1.2.3.0
Oracle Agile Engineering Data Management, versions 6.1.3, 6.2.0, 6.2.1
Oracle Agile PLM, versions 9.3.3, 9.3.4, 9.3.5, 9.3.6
Oracle Agile Product Lifecycle Management for Process, version 6.2.0.0
Oracle API Gateway, version 11.1.2.4.0
Oracle Banking Platform, versions 2.5.0, 2.6.0, 2.6.1, 2.6.2
Oracle BI Publisher, versions 11.1.1.7.0, 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0
Oracle Big Data Discovery, version 1.6.0
Oracle Business Intelligence Enterprise Edition, versions 11.1.1.7.0, 11.1.1.9.0, 12.2.1.3.0, 12.2.1.4.0
Oracle Communications Application Session Controller, versions Prior to 3.7.1M0
Oracle Communications Instant Messaging Server, versions prior to 10.0.1
Oracle Communications Messaging Server, versions prior to 8.0.2
Oracle Communications MetaSolv Solution, version 6.3.0
Oracle Communications Performance Intelligence Center (PIC) Software, versions prior to 10.2.1
Oracle Communications User Data Repository, versions prior to 12.2.0
Oracle Configuration Manager, versions 12.1.2.0.2, 12.1.2.0.5
Oracle Database Server, versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18c
Oracle Demantra Demand Management, versions 7.3.5, 12.2
Oracle Directory Server Enterprise Edition, version 11.1.1.7
Oracle E-Business Suite, versions 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7
Oracle Endeca Information Discovery Integrator, versions 3.1.0, 3.2.0
Oracle Endeca Information Discovery Studio, versions 3.1.0, 3.2.0
Oracle Endeca Server, versions 7.6.1, 7.7.0
Oracle Enterprise Repository, versions 11.1.1.7.0, 12.1.3.0.0
Oracle Fusion Middleware MapViewer, versions 12.1.3.0, 12.2.1.3
Oracle GlassFish Server, version 3.1.2
Oracle GoldenGate, versions 12.1.2.1.0, 12.2.0.2.0, 12.3.0.1.0
Oracle GoldenGate for Big Data, versions 12.2.0.1, 12.3.1.1, 12.3.2.1
Oracle Healthcare Translational Research, version 3.1.0
Oracle Hospitality Cruise Fleet Management, version 9.0
Oracle Hospitality Cruise Shipboard Property Management System, version 8.0
Oracle Hospitality Gift and Loyalty, version 9.0
Oracle Hospitality Guest Access, versions 4.2.0, 4.2.1
Oracle Hospitality Materials Control, version 18.1
Oracle Hospitality Reporting and Analytics, version 9.0
Oracle HTTP Server, version 12.2.1.3
Oracle Identity Analytics, version 11.1.1.5.8
Oracle Identity Management Suite, versions 11.1.2.3.0, 12.2.1.3.0
Oracle Identity Manager, versions 11.1.2.3.0, 12.2.1.3.0
Oracle iLearning, versions 6.1, 6.2
Oracle Insurance Calculation Engine, versions 10.1.1, 10.2.1
Oracle Insurance Rules Palette, versions 10.0, 10.1, 10.2, 11.0, 11.1
Oracle Java SE, versions 6u201, 7u191, 8u182, 11
Oracle Java SE Embedded, versions 8u18, 8u181
Oracle JRockit, version R28.3.19
Oracle Outside In Technology, version 8.5.3
Oracle Real-Time Decision Server, version 3.2.1
Oracle Retail Allocation, versions 15.0, 16.0
Oracle Retail Assortment Planning, versions 14.1, 15.0, 16.0
Oracle Retail Back Office, versions 13.3, 13.4, 14, 14.1
Oracle Retail Central Office, version 14.1
Oracle Retail Customer Management and Segmentation Foundation, versions 16.0, 17.0
Oracle Retail Extract Transform and Load, versions 13.0, 13.1, 13.2
Oracle Retail Financial Integration, versions 13.2, 14.0, 14.1, 15.0, 16.0
Oracle Retail Integration Bus, version 14.1.2
Oracle Retail Invoice Matching, versions 15.0, 16.0
Oracle Retail Open Commerce Platform, versions 5.3, 6.0, 6.0.1
Oracle Retail Order Broker, versions 5.0, 5.1, 5.2, 15.0, 16.0
Oracle Retail Point-of-Service, versions 13.4, 14.0, 14.1
Oracle Retail Predictive Application Server, versions 14.0, 14.1, 15.0, 16.0
Oracle Retail Returns Management, version 14.1
Oracle Retail Sales Audit, versions 15.0, 16.0
Oracle Retail Xstore Point of Service, versions 6.5.12, 7.0.7, 7.1.7, 15.0.2, 16.0.4, 17.0.2
Oracle Service Bus, versions 12.1.3.0.0, 12.2.1.3.0
Oracle Transportation Management, version 6.3.7
Oracle Tuxedo, version 12.1.1.0
Oracle Virtual Directory, versions 11.1.1.7.0, 11.1.1.9.0
Oracle VM VirtualBox, versions prior to 5.2.20
Oracle WebCenter Portal, versions 11.1.1.9.0, 12.2.1.3.0
Oracle WebCenter Sites, versions 11.1.1.8.0, 12.2.1.3.0
Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, 12.2.1.3, prior to Docker 12.2.1.3.20180913
OSS Support Tools, versions prior to 18.4
PeopleSoft Enterprise Interaction Hub, version 9.1.0.0
PeopleSoft Enterprise PeopleTools, versions 8.55, 8.56, 8.57
Primavera Gateway, versions 15.2, 16.2, 17.12
Primavera P6 Enterprise Project Portfolio Management, versions 8.4, 15.1, 15.2, 16.1, 16.2, 18.8, 17.7 - 17.12
Primavera Unifier, versions 15.1, 15.2, 16.1, 16.2, 17.1-17.12, 18.1-18.8
Siebel Applications, versions 18.7, 18.8, 18.9
Solaris, versions 10, 11.3, 11.4
SPARC Enterprise M3000, M4000, M5000, M8000, M9000 Servers, versions prior to XCP 1123
Spatial, versions 2.0, 2.1, 2.2
 
  
□ 해결 방안
 o "Oracle Critical Patch Update Advisory – Oct 2018“ 문서 및 패치사항을 검토하고 벤더사 및 유지보수 업체와 협의/검토 후 패치 적용 [1]
 o JAVA SE 사용자는 설치된 제품의 최신 업데이트를 다운로드[2] 받아 설치하거나, Java 업데이트 자동 알림 설정을 권고 [3]
 
□ 기타 문의사항
 o 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118
 
[참고사이트]
[1] https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
[2] http://www.oracle.com/technetwork/java/javase/downloads/index.html
[3] https://www.java.com/ko/download/help/java_update.xml
0 변경된 사항
관리자만 변경된 사항 등록이 가능합니다.
게시판&메뉴얼
공지사항
보안공지
FAQ
1:1 문의