Patch Reviews - DB (MOSC)

MOSC Banner

How to patch CVE-2018-3110 for Windows

edited Aug 15, 2018 4:24PM in Patch Reviews - DB (MOSC) 2 commentsAnswered ✓

What patch(es) do we download to address CVE-2018-3110 on Windows DBs?

The “Oracle Security Alert Advisory - CVE-2018-3110” (http://www.oracle.com/technetwork/security-advisory/alert-cve-2018-3110-5032149.html), initially released on 8/10, says “patches for those versions and platforms were included in the July 2018 CPU”, which, if I am reading correctly, refers to Oracle Database 11.2.0.4 and 12.2.0.1 on Linux and Unix…leaving Windows not patched in the originally released CPUJul2018.

From the Advisory, we are linked to “Critical Patch Update (CPU) Program July 2018 Patch Availability Document (PAD) (Doc ID 2394520.1)”, which was updated on 8/10 with a single unhelpful sentence in new section “2.5 Database OJVM Security fix CVE-2018-3110 now updated for Database versions” (among other updates to the PAD).

Tagged:

Howdy, Stranger!

Log In

To view full details, sign in to My Oracle Support Community.

Register

Don't have a My Oracle Support Community account? Click here to get started.

Category Leaderboard

Top contributors this month

Instructions for posting

×

1. Select a discussion category from the picklist.


2. Enter a title that clearly identifies the subject of your question.


3. In the body, insert detailed information, including Oracle product and version.


Please abide by the Oracle Community guidelines and refrain from posting any customer or personally identifiable information (PI/CI).


Cloud / Fusion customers - Our Cloud community has moved! Please go to Cloud Customer Connect .


New to My Oracle Support Community? Visit our Welcome Center

MOSC Help Center