-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

AusCERT Update AU-2009.0004 - [Win][UNIX/Linux]
Updated - Oracle Critical Patch Update Pre-Release Notification
14 January 2009        

        AusCERT Update Summary
        ----------------------

Product:              Oracle Database 11g
                      Oracle Database 10g
                      Oracle Database 9i
                      Oracle Secure Backup
                      Oracle TimesTen In-Memory Database
                      Oracle Application Server
                      Oracle Collaboration Suite 10g
                      Oracle E-Business Suite
                      Oracle Enterprise Manager Grid Control 10g
                      PeopleSoft Enterprise HRMS
                      JD Edwards Tools
                      Oracle WebLogic Server
                      Oracle WebLogic Portal
Operating System:     UNIX variants (UNIX, Linux, OSX)
                      Windows
Access:               Remote/Unauthenticated
CVE Names:            CVE-2008-2623 CVE-2008-3973 CVE-2008-3974
                      CVE-2008-3978 CVE-2008-3979 CVE-2008-3981
                      CVE-2008-3997 CVE-2008-3999 CVE-2008-4006
                      CVE-2008-4007 CVE-2008-4014 CVE-2008-4015
                      CVE-2008-4016 CVE-2008-4017 CVE-2008-5436
                      CVE-2008-5437 CVE-2008-5438 CVE-2008-5439
                      CVE-2008-5440 CVE-2008-5441 CVE-2008-5442
                      CVE-2008-5443 CVE-2008-5444 CVE-2008-5445
                      CVE-2008-5446 CVE-2008-5447 CVE-2008-5448
                      CVE-2008-5449 CVE-2008-5450 CVE-2008-5451
                      CVE-2008-5452 CVE-2008-5454 CVE-2008-5455
                      CVE-2008-5456 CVE-2008-5457 CVE-2008-5458
                      CVE-2008-5459 CVE-2008-5460 CVE-2008-5461
                      CVE-2008-5462 CVE-2008-5463
Member content until: Wednesday, January 14 2009

Ref:                  AL-2009.0001

Oracle have released the Oracle Critical Patch Update for January as per
yesterday's pre-release announcement (AUSCERT AL-2009.0001), the complete
information regarding this patch update is available from the Oracle web 
site:

http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpujan2009.html

AusCERT has made every effort to ensure that the information contained
in this document is accurate.  However, the decision to use the information
described is the responsibility of each user or organisation. The decision to
follow or act on information or advice contained in this security bulletin is
the responsibility of each user or organisation, and should be considered in
accordance with your organisation's site policies and procedures. AusCERT
takes no responsibility for consequences which may arise from following or
acting on information or advice contained in this security bulletin.

If you believe that your computer system has been compromised or attacked in 
any way, we encourage you to let us know by completing the secure National IT 
Incident Reporting Form at:

        http://www.auscert.org.au/render.html?it=3192

===========================================================================
Australian Computer Emergency Response Team
The University of Queensland
Brisbane
Qld 4072

Internet Email: auscert@auscert.org.au
Facsimile:      (07) 3365 7031
Telephone:      (07) 3365 4417 (International: +61 7 3365 4417)
                AusCERT personnel answer during Queensland business hours
                which are GMT+10:00 (AEST).
                On call after hours for member emergencies only.
===========================================================================

-----BEGIN PGP SIGNATURE-----
Comment: http://www.auscert.org.au/render.html?it=1967

iQCVAwUBSW0ynyh9+71yA2DNAQKwXAQAi+2hqCu0swshlveBWPw2wXQYKWzPHrZg
OmbSlDyCN/HOWCLwMepfW5TlfKWcwK3eCCniUhP3LiZqBGSuloZJx3CHN9ym9wgE
YFSyzpSH0vAxZWxurTjSYgbb/JBfj6bjvkqBc2fV2O5mF7HrfzP72Su3VhyUrmMV
wWu5yP3FW6I=
=0Er6
-----END PGP SIGNATURE-----