The below is a guest post from Amol Sarwate, Director of Vulnerability Labs for Qualys
Oracle has pre-released information on the patches expected in its quarterly Critical Patch Update (CPU) on October 16. This Critical Patch Update contains 109 new security vulnerability fixes across hundreds of Oracle products including Oracle Database, WebLogic server, PeopleSoft, Siebel, MySQL and VM Virtual Box. All affected components have one or more vulnerabilities that can be exploited remotely without authentication.
Oracle Fusion Middleware has 26 new security fixes which are more than any other component being fixed in this release. The CPU contains five new security fixes for the Oracle Database Server, nine new security fixes for Oracle E-Business Suite, Oracle Supply Chain and PeopleSoft. It also has two security fixes for Siebel and 13 for Oracle Financials.
There are 18 security updates for the former Sun products like GlassFish, Solaris and SPARC. MySQL gets 14 security updates.
Overall, this is a big release that will keep system administrators busy on all fronts.