Oracle released 128 patches on Tuesday, covering security weaknesses that affect “hundreds” of its products.
Four of the patches concern components of Oracle’s flagship database server, and all of them can be exploited by a remote attacker without a username and password, according to the announcement.
Another 29 fixes target a range of Oracle Fusion Middleware components, with 22 of them remotely exploitable without user authentication, Oracle said. Affected middleware products include GoldenGate Veridata, JRockit, Webcenter and WebLogic.
On the applications front, E-Business Suite is getting six patches while Supply Chain Products Suite will receive three. Another 11 are for PeopleSoft and eight target Siebel CRM. Oracle’s Financial Services software will have 18 patches in the set released Tuesday.
Another 25 patches focus on the MySQL database, although only one can be remotely exploited without a username or password, according to Oracle. The company is also planning to ship a number of fixes for the GlassFish application server and Solaris OS.
The patch release is significantly larger than one Oracle released in January, which contained 86 fixes.
Oracle is also releasing an update to Java SE on Tuesday that contains 42 security fixes.
