My Oracle Support Banner

WS: Instructions to Address JD Edwards World Security Vulnerabilities (Doc ID 2318897.1)

Last updated on DECEMBER 14, 2020

Applies to:

JD Edwards World GUI - Version A9.1 to A9.4 [Release A9.1 to A9.4]
JD Edwards World Technical Foundation
Information in this document applies to any platform.

Purpose

To address known Security Vulnerabilities in JD Edwards World Software.  Any JD Edwards Security Vulnerabilities are addressed/contained within the latest updates.  Upgrading to the latest version will ensure you are current with all the delivered JD Edwards security updates.

Scope

In accordance with our vulnerability information policies, Oracle will not provide additional information about the specifics of vulnerabilities beyond what is provided in the Critical Patch Update (or Security Alert) advisory and pre-release note, the pre-installation notes, the readme files, and FAQs. Furthermore, Oracle provides all customers with the same information in order to protect all customers equally.

Details

To view full details, sign in with your My Oracle Support account.

Don't have a My Oracle Support account? Click to get started!


In this Document
Purpose
Scope
Details
 Oracle Oct. 16 2018 Critical Patch Update (CPU) Involving SSL as it specifically relates to JD Edwards World Web Enablement and OpenSSL.
Oracle Jan. 15 2019 Critical Patch Update (CPU) Involving SSL as it specifically relates to JD Edwards World Web Enablement and OpenSSL.
Oracle Apr. 15 2019 Critical Patch Update (CPU) Involving SSL as it specifically relates to JD Edwards World Web Enablement and OpenSSL
.
 Oracle Apr. 18 Critical Patch Update (CPU) Involving Apache LOG4J Security Vulnerabilities:
 Update A94WEB with latest LOG4J
 Update A94 Service Enablement with latest LOG4J
 Address World CPU CVE-2019-2565 Apr. 2019
References

My Oracle Support provides customers with access to over a million knowledge articles and a vibrant support community of peers and Oracle experts.