A Critical Patch Update is a collection of patches for multiple security vulnerabilities. Critical Patch Update patches are usually cumulative but each advisory describes only the security fixes added since the previous Critical Patch Update advisory. Thus, prior Critical Patch Update advisories should be reviewed for information regarding earlier published security fixes. Please refer to:
Critical Patch Updates and Security Alerts for information about Oracle Security Advisories.
Due to the threat posed by a successful attack, Oracle strongly recommends that customers apply CPU fixes as soon as possible. This Critical Patch Update contains 57 new security fixes across all product families listed below.
Starting with the October 2011 Critical Patch Update, security vulnerability fixes for Oracle JRockit will be announced with the [Oracle Java SE Critical Patch Updates](<http://www.oracle.com/technetwork/topics/security/javacpuoct2011-443431.html >). Java SE Critical Patch Updates are released on a different schedule but coincides with October’s Oracle Critical Patch Update. Refer to Critical Patch Updates and Security Alerts for Java SE Critical Patch Update schedule.
Also, starting with the October 2011 Critical Patch Update, security vulnerability fixes for proprietary components of Oracle Linux will be announced in Oracle Critical Patch Updates. All other Oracle Linux fixes will continue to be announced at the El-errata Archives. For the details of the fixes in Oracle Linux in this Critical Patch Update, please see the Oracle Linux Risk Matrix.