Oracle splats 300 vulns in MySQL, Database, Fusion, etc, pours fresh brew of Java SE terms

www.theregister.co.uk | 4/16/2019 | Staff
Click For Photo: https://regmedia.co.uk/2016/09/15/java_photo_via_shutterstock.jpg

Oracle today issued its quarterly security updates, patching a total of 296 vulnerabilities across its massive line of enterprise software.

The April 2019 update includes fixes for Big Red's flagship Database, Fusion Middleware, and MySQL lines, as well as the introduction of new licensing terms for Java SE.

Java - SE - Total - Vulnerabilities - Code

For Java SE, a total of five vulnerabilities are addressed, each exploitable remotely to execute malicious code without user interaction. While Oracle did not say exactly what each flaw would allow, the maximum CVSS is 9.0, generally a score reserved for remote code execution without any user interaction.

This release also marks the introduction of new licensing requirements for Java SE.

Users - Java - SE - Terms - Oracle

For most users, the new Java SE terms will mean very little. Oracle says the consumer and developer builds of Java SE will remain free, and business customers who use Java SE as part of another Oracle product will be covered by those licenses.

Those who aren't covered, however, may find themselves needing to obtain a new license in order to get the updates, not something you want to be dealing with when it comes to potentially critical security fixes. When pressed for more information on who will and won't get the Java SE patches, Oracle referred to its JavaSE roadmap.

Organization - Oracle - Java - SE - Binaries

"If you are an organization used to getting Oracle Java SE binaries at no cost, you can simply continue doing so with Oracle's OpenJDK...
(Excerpt) Read more at: www.theregister.co.uk
Wake Up To Breaking News!
Sign In or Register to comment.

Welcome to Long Room!

Where The World Finds Its News!