The Critical Patch Update for April 2015 was released on April 14th, 2015.
Oracle strongly recommends applying the patches as soon as possible.
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
What is the reaction of SAP concerning this security issue ?