Oracle Communications ASAP Critical Patch Update Document July 2016
(Doc ID 2156007.1)
Last updated on SEPTEMBER 17, 2021
Applies to:Oracle Communications ASAP - Version 7.0.2 to 126.96.36.199.0 [Release 7.0.0 to 7.3.0]
Information in this document applies to any platform.
This CPU addresses CVE-2015-7501: APACHE COMMONS COLLECTIONS
Oracle Communications ASAP has addressed the issue by upgrading the Apache Commons collections to 3.2.2 . In 3.2.2, by default, serialization support for unsafe classes in the function package is disabled and will result in an exception when either trying to serialize or de-serialize an instance of these classes.
These issues are only affecting the SRT. If you do not use the SRT, it does not apply.
To view full details, sign in with your My Oracle Support account.
Don't have a My Oracle Support account? Click to get started!
In this Document