Oracle to set to address MySQL flaws

Oracle is set to release 78 security fixes for vulnerabilities in its database, middleware and applications, according to a preview announcement posted to the company’s web site.

Tuesday 17 January will see a full 27 of those are targeted for the MySQL database. One of the vulnerabilities can be exploited over a network without login credentials. The highest CVSS (Common Vulnerability Scoring System) Base Score among the MySQL bugs is 5.5, which falls into the system’s "medium" risk range.

Two other fixes are for Oracle’s database, and Oracle is also planning to ship 11 patches for Fusion Middleware. Five of the bugs in the latter can be remotely exploited with no user authentication required.

On the application front, the company’s E-Business Suite is getting three patches, its supply chain application suite will receive one, PeopleSoft will get six, and JD Edwards will have eight.

Some 17 patches will be released for Sun products, including six that can be remotely exploited with no credentials. Affected products include GlassFish Enterprise Server and the Solaris OS.

Another three patches are for Oracle’s virtualisation technology, including VirtualBox.

IDG News Service

Read More: database Oracle