Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: FW: [VulnWatch] Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i

Re: FW: [VulnWatch] Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i

From: Pete Finnigan <oracle_list_at_peterfinnigan.demon.co.uk>
Date: Tue, 18 Jan 2005 21:25:08 +0000
Message-ID: <RJgkKoA06X7BBxcb@peterfinnigan.demon.co.uk>


Hi,

The Oracle advisory is out and its a big improvement on the last one and previous ones. There is a risk matrix and information about each bug that is fixed. Even some de supported versions are patched as well. The advisory is here http://www.oracle.com/technology/deploy/security/pdf/cp u-jan-2005_advisory.pdf and also if anyone is interested, i have just talked about it in my Oracle security weblog which you can find at http://www.petefinnigan.com/weblog//entries/index.html

kind regards

Pete

In article <c493WfAD6W7BBxOA_at_peterfinnigan.demon.co.uk>, Pete Finnigan <oracle_list_at_peterfinnigan.demon.co.uk> writes
>Hi Ruth,
>
>This is related to the first quarterly patch set release. NGS are
>probably one of many researchers who have found security bugs that are
>to be fixed in this patch. I have not checked for 30 minutes or so, but
>there was no news of the patch release or advisory from Oracle yet. NGS
>posted this at 3:30PM UK time probably in anticipation of the well
>announced Jan 18 patch release.
>
>Kind regards
>
>Pete

-- 
Pete Finnigan (email:pete_at_petefinnigan.com)
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.

--
http://www.freelists.org/webpage/oracle-l
Received on Wed Jan 19 2005 - 00:20:11 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US