Alert GCSA-18082 - Oracle Critical Patch Update Advisory October 2018
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18082
Data: 18 Ottobre 2018
Titolo: Oracle Critical Patch Update Advisory October 2018
******************************************************************
:: Descrizione del problema
Oracle ha rilasciato la Critical Patch Update October 2018.
L'aggiornamento risolve 301 vulnerabilita'.
Oracle raccomanda di applicare gli aggiornamenti appena possibile.
:: Software interessato
Per una descrizione completa si rimanda alla sezione 'Riferimenti'.
:: Impatto
L'impatto di queste vulnerabilita' varia a seconda del prodotto,
della componente e della configurazione del sistema.
Nel peggiore dei casi un attaccante remoto puo' impossessarsi
completamente di un sistema affetto
:: Soluzioni
Applicare le patch appropriate o procedere all'opportuno
aggiornamento secondo le istruzioni rilasciate da Oracle
(vedere link nei Riferimenti)
:: Riferimenti
Oracle Critical Patch Update Advisory July 2018
https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
Oracle Critical Patch Updates, Security Alerts and Third Party Bulletin
https://www.oracle.com/technetwork/topics/security/alerts-086861.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/10/16/Oracle-Releases-October-2018-Security-Bulletin
SecurityTracker
https://securitytracker.com/id/1041887
https://securitytracker.com/id/1041888
https://securitytracker.com/id/1041889
https://securitytracker.com/id/1041890
https://securitytracker.com/id/1041891
https://securitytracker.com/id/1041895
https://securitytracker.com/id/1041896
https://securitytracker.com/id/1041897
https://securitytracker.com/id/1041898
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0635
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2911
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2912
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3138
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlvIbVEACgkQwZxMk2USYEKogACeNs/tcFOphpTG/SK/61oAx7Xv
R6sAn27Ts49tT1NdAtPu+mqJPlkHsTOD
=T1Is
-----END PGP SIGNATURE-----
Hash: SHA1
******************************************************************
Alert ID: GCSA-18082
Data: 18 Ottobre 2018
Titolo: Oracle Critical Patch Update Advisory October 2018
******************************************************************
:: Descrizione del problema
Oracle ha rilasciato la Critical Patch Update October 2018.
L'aggiornamento risolve 301 vulnerabilita'.
Oracle raccomanda di applicare gli aggiornamenti appena possibile.
:: Software interessato
Per una descrizione completa si rimanda alla sezione 'Riferimenti'.
:: Impatto
L'impatto di queste vulnerabilita' varia a seconda del prodotto,
della componente e della configurazione del sistema.
Nel peggiore dei casi un attaccante remoto puo' impossessarsi
completamente di un sistema affetto
:: Soluzioni
Applicare le patch appropriate o procedere all'opportuno
aggiornamento secondo le istruzioni rilasciate da Oracle
(vedere link nei Riferimenti)
:: Riferimenti
Oracle Critical Patch Update Advisory July 2018
https://www.oracle.com/technetwork/security-advisory/cpuoct2018-4428296.html
Oracle Critical Patch Updates, Security Alerts and Third Party Bulletin
https://www.oracle.com/technetwork/topics/security/alerts-086861.html
US-CERT
https://www.us-cert.gov/ncas/current-activity/2018/10/16/Oracle-Releases-October-2018-Security-Bulletin
SecurityTracker
https://securitytracker.com/id/1041887
https://securitytracker.com/id/1041888
https://securitytracker.com/id/1041889
https://securitytracker.com/id/1041890
https://securitytracker.com/id/1041891
https://securitytracker.com/id/1041895
https://securitytracker.com/id/1041896
https://securitytracker.com/id/1041897
https://securitytracker.com/id/1041898
Mitre CVE
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2014-3490
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-0235
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6937
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-7501
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-9251
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0635
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-0729
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1000031
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-1182
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2107
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-4000
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5019
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5080
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-5244
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-6814
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-7167
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-9843
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-14735
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-15095
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-3736
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5533
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5645
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-5715
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-7805
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2017-9798
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0732
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-0739
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1000300
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11039
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-11776
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-12023
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1258
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1275
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-1305
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-13785
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18223
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-18224
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2887
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2889
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2902
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2909
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2911
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2912
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2913
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2914
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2922
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-2971
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3011
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3059
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3115
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3122
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3126
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3127
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3128
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3129
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3130
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3131
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3132
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3133
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3134
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3135
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3136
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3137
http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-3138
GARR CERT Newsletter subscribe/unsubscribe:
http://www.cert.garr.it/alert/ricevi-gli-alert-di-cert
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.10 (GNU/Linux)
iEYEARECAAYFAlvIbVEACgkQwZxMk2USYEKogACeNs/tcFOphpTG/SK/61oAx7Xv
R6sAn27Ts49tT1NdAtPu+mqJPlkHsTOD
=T1Is
-----END PGP SIGNATURE-----