□ 개요
o 오라클社 CPU에서 자사 제품의 보안 취약점 219개에 대한 패치를 발표 [1]
※ CPU(Critical Patch Update) : 오라클 중요 보안 업데이트
o 영향 받는 버전의 사용자는 악성코드 감염 등에 취약할 수 있으므로, 아래 해결방안에 따라 최신버전으로 업데이트 권고
□ 영향받는 제품 및 버전
|
AgileRecipeManagementforPharmaceuticals,versions9.3.3,9.3.4
|
|
DiagnosticAssistant,version2.12.36
|
|
EnterpriseManagerBasePlatform,versions13.2,13.3
|
|
EnterpriseManagerforExadata,versions12.1.0.5.0,13.2.2.0.0,13.3.1.0.0,13.3.2.0.0
|
|
EnterpriseManagerOpsCenter,versions12.3.3,12.4.0
|
|
FujitsuM10-1,M10-4,M10-4S,M12-1,M12-2,M12-2SServers,versionspriortoXCP2361,priortoXCP3071
|
|
HyperionDataRelationshipManagement,version11.1.2.4
|
|
HyperionEnterprisePerformanceManagementArchitect,version11.1.2.4
|
|
HyperionFinancialReporting,version11.1.2.4
|
|
InstantisEnterpriseTrack,versions17.1,17.2,17.3
|
|
JDEdwardsEnterpriseOneTools,version4.0.1.0
|
|
MICROSRelateCRMSoftware,versions7.1.0,11.4,15.0.0,16.0.0,17.0.0,18.0.0
|
|
MICROSRetailXBRiLossPrevention,version10.8.3
|
|
MySQLConnectors,versions5.3.13andprior,8.0.17andprior
|
|
MySQLEnterpriseMonitor,versions8.0.17andprior
|
|
MySQLServer,versions5.6.45andprior,5.7.27andprior,8.17andprior
|
|
MySQLWorkbench,versions8.0.17andprior
|
|
OracleAgilePLM,versions9.3.3-9.3.6
|
|
OracleAgileProductLifecycleManagementforProcess,versions6.2.0.0,6.2.1.0,6.2.2.0,6.2.3.0
|
|
OracleAPIGateway,version11.1.2.4.0
|
|
OracleApplicationTestingSuite,versions13.2,13.3
|
|
OracleBankingDigitalExperience,versions18.1,18.2,18.3,19.1
|
|
OracleBankingPlatform,versions2.4.0,2.4.1,2.5.0,2.6.0,2.6.1,2.7.0,2.7.1
|
|
OracleBIPublisher,versions11.1.1.9.0,12.2.1.3.0,12.2.1.4.0
|
|
OracleBusinessIntelligenceEnterpriseEdition,versions11.1.1.9.0,12.2.1.3.0,12.2.1.4.0
|
|
OracleClusterware,version19.0.0.0.0
|
|
OracleDataIntegrator,version12.2.1.3.0
|
|
OracleDatabaseServer,versions11.2.0.4,12.1.0.2,12.2.0.1,18c,19c
|
|
OracleE-BusinessSuite,versions12.1.1-12.1.3,12.2.3-12.2.9
|
|
OracleEnterpriseRepository,version12.1.3.0.0
|
|
OracleFinancialServicesAnalyticalApplicationsInfrastructure,versions8.0.2-8.0.8
|
|
OracleFinancialServicesEnterpriseFinancialPerformanceAnalytics,versions8.0.6,8.0.7
|
|
OracleFinancialServicesRetailPerformanceAnalytics,versions8.0.6,8.0.7
|
|
OracleFLEXCUBEDirectBanking,versions12.0.2,12.0.3
|
|
OracleForms,version12.2.1.3.0
|
|
OracleGoldenGateApplicationAdapters,version12.3.2.1.0
|
|
OracleGraalVMEnterpriseEdition,version19.2.0
|
|
OracleHealthcareFoundation,versions7.1.1,7.2.2
|
|
OracleHealthcareTranslationalResearch,versions3.1.0,3.2.1,3.3.1
|
|
OracleHospitalityCruiseDiningRoomManagement,version8.0.80
|
|
OracleHospitalityGuestAccess,versions4.2.0,4.2.1
|
|
OracleHospitalityMaterialsControl,version18.1
|
|
OracleHospitalityReportingandAnalytics,version9.1.0
|
|
OracleHospitalityRES3700,version5.7
|
|
OracleJavaSE,versions7u231,8u221,11.0.4,13
|
|
OracleJavaSEEmbedded,version8u221
|
|
OracleJDeveloperandADF,versions11.1.1.9.0,11.1.2.4.0,12.1.3.0.0,12.2.1.3.0
|
|
OracleNoSQLDatabase,versionspriorto19.3.12
|
|
OracleOutsideInTechnology,version8.5.4
|
|
OraclePolicyAutomation,versions10.4.7,12.1.0,12.1.1,12.2.0-12.2.15
|
|
OraclePolicyAutomationConnectorforSiebel,version10.4.6
|
|
OraclePolicyAutomationforMobileDevices,versions12.2.0-12.2.15
|
|
OracleRetailCustomerInsights,versions15.0,16.0
|
|
OracleRetailCustomerManagementandSegmentationFoundation,version17.0
|
|
OracleRetailIntegrationBus,versions15.0,16.0
|
|
OracleRetailXstoreOffice,version7.1
|
|
OracleRetailXstorePointofService,versions7.1,15.0,16.0,17.0,17.0.3,18.0,18.0.1,19.0.0
|
|
OracleServiceBus,versions11.1.1.9.0,12.1.3.0.0,12.2.1.3.0
|
|
OracleSOASuite,version12.2.1.3.0
|
|
OracleSolaris,versions10,11
|
|
OracleVirtualDirectory,version11.1.1.9.0
|
|
OracleVMVirtualBox,versionspriorto5.2.34,priorto6.0.14
|
|
OracleWebServices,version12.2.1.3.0
|
|
OracleWebCenterPortal,version12.2.1.3.0
|
|
OracleWebLogicServer,versions10.3.6.0.0,12.1.3.0.0,12.2.1.3.0
|
|
PeopleSoftEnterpriseHCMHumanResources,version9.2
|
|
PeopleSoftEnterprisePeopleTools,versions8.56,8.57
|
|
PeopleSoftEnterpriseSCMeProcurement,version9.2
|
|
PrimaveraGateway,versions15.2,16.2,17.12,18.8
|
|
PrimaveraP6EnterpriseProjectPortfolioManagement,versions15.1.0-15.2.18,16.1.0-16.2.18,17.1.0-17.12.14,18.1.0-18.8.13
|
|
PrimaveraUnifier,versions16.1,16.2,17.7-17.12,18.8
|
|
SiebelApplications,versions19.8andprior
|
|
Oracle Hospitality Gift and Loyalty, versions 9.0.0, 9.1.0
|
□ 해결 방안
o "Oracle Critical Patch Update Advisory – October 2019“ 문서 및 패치사항을 검토하고 벤더사 및 유지보수 업체와 협의/검토 후 패치 적용 [1]
o JAVA SE 사용자는 설치된 제품의 최신 업데이트를 다운로드[2] 받아 설치하거나, Java 업데이트 자동 알림 설정을 권고 [3]
□ 기타 문의사항
o 한국인터넷진흥원 인터넷침해대응센터: 국번없이 118
[참고사이트]
[1] https://www.oracle.com/technetwork/security-advisory/cpuoct2019-5072832.html
[2] http://www.oracle.com/technetwork/java/javase/downloads/index.html
[3] https://www.java.com/ko/download/help/java_update.xml