Jump to content


Photo

Java SE, VirtualBox - Critical updates Oct 17, 2017


  • Please log in to reply
2 replies to this topic

#1 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 36,035 posts

Posted 16 October 2017 - 08:11 PM

 
This Critical Patch Update Pre-Release Announcement provides advance information about the Oracle Critical Patch Update for October 2017, which will be released on Tuesday, October 17, 2017. While this Pre-Release Announcement is as accurate as possible at the time of publication, the information it contains may change before publication of the Critical Patch Update Advisory.
 
Particularly affected consumer products:
Oracle Java SE, versions 6u161, 7u151, 8u144, 9
This Critical Patch Update contains 22 new security fixes for Oracle Java SE. 20 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

Oracle VM VirtualBox, versions prior to 5.1.28
This Critical Patch Update contains 6 new security fixes for Oracle Virtualization. 2 of these vulnerabilities may be remotely exploitable without authentication, i.e., may be exploited over a network without requiring user credentials.

When available, updates may be found at:
Java - Consumer site: »java.com/en/download/manual.jsp
Java - Oracle Developer Network: »www.oracle.com/technetwo ··· 363.html

VirtualBox - »www.virtualbox.org/
and »www.oracle.com/technetwo ··· dex.html


#2 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 36,035 posts

Posted 16 October 2017 - 08:13 PM

VirtualBox 5.2 released

 

VirtualBox 5.1.30 released



#3 Chachazz

Chachazz

    Is GSF inventory

  • General Admin
  • 36,035 posts

Posted 17 October 2017 - 09:01 PM

Java SE 9.0.1 and Java SE 8u151 / 8u152

Oracle Network - https://www.java.com...load/manual.jsp

 

Java 8 Update 151 (for consumers)

Java.com - https://www.java.com...load/manual.jsp

 

This Critical Patch Update contains 252 new security fixes across the product families listed below. Please note that a MOS note summarizing the content of this Critical Patch Update and other Oracle Software Security Assurance activities is located at October 2017 Critical Patch Update: Executive Summary and Analysis.

 

Please note that on September 22, 2017, Oracle released Security Alert for CVE-2017-9805. Customers of affected Oracle product(s) are strongly advised to apply the fixes that were announced in this Security Alert as well as those contained in this Critical Patch update

 

This Critical Patch Update advisory is also available in an XML format that conforms to the Common Vulnerability Reporting Format (CVRF) version 1.1. More information about Oracle's use of CVRF is available here.

 

http://www.oracle.co...17-3236626.html