The Oracle Database patch will fix four CVE-listed security holes, including vulnerabilities in Java VM and XML Database. Its Java SE updates fix 14 CVE-listed bugs and the Fusion Middleware update will fix 17 CVE flaws, both of which contained flaws that were dangerously exploitable remotely and without authentication. Google, meanwhile, just disabled Java plugins by default in its Chrome browsers.
Other Oracle products that will require patches include Enterprise Manager, Hyperion, JD Edwards/PeopleSoft, Retail Industry Suite, and Health Sciences Applications Suite.
Oracle has posted a full list of the updated products to its support site.