Oracle is about to release one of its largest security patch batches in recent memory, with some 147 fixes coming Tuesday for vulnerabilities in Java SE, its flagship database, business applications and assorted other products.
Tuesday’s release will contain 36 fixes for Java SE, according to a pre-release announcement posted on Oracle’s website this week. Thirty-four of the weaknesses being targeted can be exploited by an attacker over a network without the need for authentication, Oracle said.
Some 25 fixes will be released for various products in Oracle’s Fusion Middleware catalogue, including WebCenter and GlassFish Server. Twenty-two of them concern weaknesses that can be remotely exploited without the need for a username and password.
Sixteen patches in Tuesday’s set are aimed at Oracle’s supply chain software, with six of them remotely exploitable without authentication. Another 17 fixes will be issued for PeopleSoft applications, five for Oracle’s database, 11 for the Solaris OS, and nine for Oracle’s virtualisation software.
There will be five patches for Oracle’s database, as well as 18 for MySQL, according to the announcement.
Oracle issued 127 patches in its last release, which came in October. That update included 51 fixes for Java.