| 오라클, CPU 통해 취약점 254개 보안 패치 발표 | 2018.04.30 |
오라클, CPU 통해 자사 제품의 보안 취약점 254개 패치 발표
[보안뉴스 김경애 기자] 오라클 사가 CPU(Critical Patch Update)를 통해 자사 제품의 보안 취약점 254개에 대한 패치를 발표했다. 따라서 이용자는 취약점 패치가 적용된 최신 버전으로 보안 업데이트를 하는 것이 바람직하다.  [이미지=오라클 웹사이트] 영향을 받는 시스템은 다음과 같다. △Enterprise Manager Base Platform, versions 12.1.0.5, 13.2.0.0 △Enterprise Manager for MySQL Database, version 12.1.0.4 △Enterprise Manager for Virtualization, version 13.2 △Enterprise Manager Ops Center, versions 12.2.2, 12.3.3 △Hardware Management Pack, versions prior to 2.4.3 △Instantis EnterpriseTrack, versions 17.1, 17.2 △Integrated Lights Out Manager (ILOM), versions 3.x, 4.x △JD Edwards EnterpriseOne Tools, version 9.2.2 △JD Edwards World Security, versions A9.2, A9.3, A9.4 △Management Pack for Oracle GoldenGate, version 11.2.1.0.13 △MICROS Handheld Terminal, versions Prior to Fusion 2.03.0.0.021R △MICROS Lucas, version 2.9.5 △MySQL Cluster, versions 7.2.27 and prior, 7.3.16 and prior, 7.4.14 and prior, 7.5.5 and prior △MySQL Enterprise Monitor, versions 3.3.7.3306 and prior, 3.4.5.4248 and prior, 4.0.2.5168 and prior △MySQL Server, versions 5.5.59 and prior, 5.6.39 and prior, 5.7.21 and prior △Oracle Access Manager, versions 10.1.4.3.0, 11.1.2.3.0, 12.2.1.3.0 △Oracle Adaptive Access Manager, version 11.1.2.3.0 △Oracle Agile Engineering Data Management, versions 6.1.3, 6.2.0, 6.2.1 △Oracle Agile PLM Framework, version 9.3.6 △Oracle Agile Product Lifecycle Management for Process, versions 6.1.1.6, 6.2.0.0, 6.2.1.0 △Oracle Application Testing Suite, versions 12.5.0.3, 13.1.0.1, 13.2.0.1 △Oracle Banking Corporate Lending, versions 12.3.0, 12.4.0, 12.5.0, 14.0.0 △Oracle Banking Enterprise Collections, version 2.6 △Oracle Banking Enterprise Originations, version 2.6 △Oracle Banking Enterprise Product Manufacturing, version 2.6 △Oracle Banking Payments, versions 12.3.0, 12.4.0, 12.5.0, 14.0.0 △Oracle Banking Platform, versions 2.4, 2.5, 2.6 △Oracle Big Data Discovery, version 1.6.0 △Oracle Business Intelligence Data Warehouse Administration Console, version 11.1.1.6.4 △Oracle Business Intelligence Enterprise Edition, versions 11.1.1.7.0, 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0 △Oracle Communications Calendar Server, version 8.x △Oracle Communications Contacts Server, version 8.x △Oracle Communications EAGLE LNP Application Processor, versions 10.1.0.0.0 and prior △Oracle Communications Messaging Server, version 8.x △Oracle Communications MetaSolv Solution, version 6.3.0 △Oracle Communications Network Charging and Control, versions 4.4.1.5.0, 5.0.0.1.0, 5.0.0.2.0, 5.0.1.0.0, 5.0.2.0.0 △Oracle Communications Network Intelligence, version 7.3.x △Oracle Communications Order and Service Management, versions 7.2.4.3.0, 7.3.0.1.x, 7.3.1.0.7, 7.3.5.0.x △Oracle Communications Unified Inventory Management, version 7.x △Oracle Data Visualization Desktop, version 12.2.4.1.1 △Oracle Database Server, versions 11.2.0.4, 12.1.0.2, 12.2.0.1, 18.1.0.0 △Oracle E-Business Suite, versions 12.1.1, 12.1.2, 12.1.3, 12.2.3, 12.2.4, 12.2.5, 12.2.6, 12.2.7 △Oracle Endeca Information Discovery Integrator, versions 3.1, 3.2 △Oracle Endeca Information Discovery Studio, versions 7.6.1.0.0, 7.7.0.0.0 △Oracle Endeca Server, version 7.7 △Oracle Enterprise Repository, versions 11.1.1.7.0, 12.1.3.0.0 △Oracle Financial Services Analytical Applications Infrastructure, versions 7.3.x, 8.0.x △Oracle Financial Services Basel Regulatory Capital Basic, version 8.0.x △Oracle Financial Services Basel Regulatory Capital Internal Ratings Based Approach, version 8.0.x △Oracle Financial Services Hedge Management and IFRS Valuations, versions 8.0.4, 8.0.5 △Oracle Financial Services Market Risk Measurement and Management, version 8.0.5 △Oracle FLEXCUBE Core Banking, versions 11.5.0, 11.6.0, 11.7.0 △Oracle FLEXCUBE Enterprise Limits and Collateral Management, versions 12.3.0, 14.0.0 △Oracle FLEXCUBE Investor Servicing, versions 12.0.4, 12.1.0, 12.3.0, 12.4.0 △Oracle FLEXCUBE Private Banking, versions 12.0.0, 12.1.0 △Oracle FLEXCUBE Universal Banking, versions 11.3.0, 11.4.0, 12.0.1, 12.0.2, 12.0.3, 12.1.0, 12.2.0, 12.3.0, 12.4.0, 14.0.0 △Oracle Fusion Applications , versions 11.1.2 through 11.1.9 △Oracle Fusion Middleware, versions 11.1.1.7, 11.1.1.9, 11.1.2.3, 12.1.3.0, 12.2.1.2, 12.2.1.3 △Oracle Fusion Middleware MapViewer, versions 11.1.1.7.0, 11.1.1.9.0 △Oracle GoldenGate, version 12.2.0.1 △Oracle GoldenGate Veridata, versions 11.2.0.1.2, 12.1.3.0.0 △Oracle Hospitality Cruise Fleet Management System, version 9.x △Oracle Hospitality Guest Access, versions 4.2.0, 4.2.1 △Oracle Hospitality Reporting and Analytics, version 9.0 △Oracle Hospitality Simphony, versions 2.7, 2.8, 2.9, 2.10 △Oracle Hospitality Simphony First Edition, versions 1.6, 1.7 △Oracle Hospitality Suite8, version 8.x △Oracle HTTP Server, versions 12.1.3, 12.2.1.2 △Oracle Java SE, versions 6u181, 7u161, 7u171, 8u152, 8u162, 10 △Oracle Java SE Embedded, versions 8u152, 8u161 △Oracle JRockit, version R28.3.17 △Oracle Managed File Transfer, versions 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 △Oracle Mobile Security Suite, version 3.0.1 △Oracle Outside In Technology, version 8.5.3 △Oracle Retail Advanced Inventory Planning, versions 13.2, 13.4, 14.1, 15.0 △Oracle Retail Back Office, versions 13.4.9, 14.0.4, 14.1.3 △Oracle Retail Central Office, versions 13.4.9, 14.0.4, 14.1.3 △Oracle Retail Customer Engagement, version 16.0 △Oracle Retail EFTLink, versions 1.1.124, 15.0.1, 16.0.2 △Oracle Retail Insights, versions 14.0, 14.1, 15.0, 16.0 △Oracle Retail Integration Bus, version 13.2 △Oracle Retail Invoice Matching, versions 12.0, 13.0, 13.1, 13.2, 14.0, 14.1, 15.0, 16.0 △Oracle Retail Merchandising System, version 15.0 △Oracle Retail Order Broker, versions 5.0, 5.1, 5.2, 15.0, 16.0 △Oracle Retail Order Management System, versions 4.0, 4.5, 4.7, 5.0 △Oracle Retail Point-of-Service, versions 13.3.8, 13.4.9, 14.0.4, 14.1.3 △Oracle Retail Predictive Application Server, versions 13.4.3, 14.0.3, 14.1.3 △Oracle Retail Price Management, versions 12.0, 13.0, 13.1, 13.2, 14.0, 14.1, 15.0, 16.0 △Oracle Retail Returns Management, versions 2.3.8, 2.4.9, 14.0.4, 14.1.3 △Oracle Retail Store Inventory Management, versions 12.0.12, 13.0.7, 13.1.9, 13.2.9, 14.0.4, 14.1.3, 15.0.2, 16.0.1 △Oracle Retail Xstore Point of Service, versions 6.0.11, 6.5.11, 7.0.6, 7.1.6, 15.0.1, 16.0.2 △Oracle Secure Global Desktop (SGD), version 5.3 △Oracle Security Service, versions 11.1.1.9.0, 12.1.3.0.0, 12.2.1.2.0, 12.2.1.3.0 △Oracle Transportation Management, versions 6.2, 6.4.3 △Oracle Tuxedo, version 12.1.1.0.0 △Oracle Utilities Framework, versions 2.2.0, 4.2.0, 4.3.0 △Oracle VM VirtualBox, versions prior to 5.1.36, prior to 5.2.10 △Oracle WebCenter Content, versions 11.1.1.9.0, 12.2.1.2.0, 12.2.1.3.0 △Oracle WebCenter Portal, versions 12.2.1.2.0, 12.2.1.3.0 △Oracle WebCenter Sites, versions 11.1.1.8.0, 12.2.1.2.0, 12.2.1.3.0 △Oracle WebLogic Portal, version 10.3.6.0.0 △Oracle WebLogic Server, versions 10.3.6.0, 12.1.3.0, 12.2.1.2, 12.2.1.3 △OSS Support Tools, versions prior to 18.2 △PeopleSoft Enterprise HCM, version 9.2 △PeopleSoft Enterprise HCM Shared Components, version 9.2 △PeopleSoft Enterprise PeopleTools, versions 8.54, 8.55, 8.56 △PeopleSoft Enterprise PRTL Interaction Hub, version 9.1 △PeopleSoft Enterprise PT PeopleTools, versions 8.54, 8.55, 8.56 △Primavera P6 Enterprise Project Portfolio Management, versions 16.2, 17.1 – 17.12 △Primavera Unifier, versions 16.x, 17.x △Real-Time Decisions (RTD) Solutions, version 3.2.0.0.0 △Siebel Applications, version 17.0 △Solaris, versions 10, 11.3 △Solaris Cluster, version 4.3 △Sun ZFS Storage Appliance Kit (AK), versions prior to 8.7.17 따라서 이용자는 ‘Oracle Critical Patch Update Advisory – April 2018’ 문서 및 패치사항을 검토하고 벤더사 및 유지보수 업체와 협의 및 검토 후 패치를 적용하는 것이 바람직하다. 또한, JAVA SE 사용자는 설치된 제품의 최신 업데이트를 다운로드 받아 설치하거나 Java 업데이트 자동 알림 설정을 하는 것이 좋다. 좀더 자세한 사항은 한국인터넷진흥원 인터넷침해대응센터(국번없이 118)에 문의하면 된다. [참고사이트] [1]http://www.oracle.com/technetwork/security-advisory/cpuapr2018-3678067.html [2]http://www.oracle.com/technetwork/java/javase/downloads/index.html [3]http://www.java.com/ko/download/help/java_update.xml [김경애 기자(boan3@boannews.com)] <저작권자: 보안뉴스(www.boannews.com) 무단전재-재배포금지> |
|
 |
