RE: new Patch Set Updates released
Date: Fri, 15 Jan 2010 07:49:43 -0600
I have a TON more reservations about applying just the CPU, when one time a CPU changed the PQ Distribution method of a particular parallel query, for the worse. I don't know what was worse - finding the problem and proving it was the CPU or explaining it to the client and how we didn't catch that in testing.
Dave Herring | DBA, Acxiom Database Services
630-944-4762 office | 630-430-5988 cell | 630-944-4989 fax 1501 Opus Pl | Downers Grove, IL, 60515 | U.S.A. | www.acxiom.com Service Desk: 888-243-4566
From: oracle-l-bounce_at_freelists.org [mailto:oracle-l-bounce_at_freelists.org] On Behalf Of Allen, Brandon Sent: Thursday, January 14, 2010 12:13 PM To: Martin Bach; ORACLE-L
Subject: RE: new Patch Set Updates released
Thanks Martin. I've had the same position as you on patching for years, especially since all our databases are on secured networks, we've never had a (known) security breach, and we're running ERP systems where testing requires a major coordinated effort. But, I'm starting to worry that my luck must be wearing thin and most malicious attacks are internal, plus I've seen a few articles about worms and hacker programs for Oracle in the past few years so I figured I should try changing my ways and get a bit more proactive before it's too late. I figure as long as I'm applying security updates (CPUs), I might as well take the full plunge and apply the "low risk, high value" bug fixes in the PSU too, but I'm just as skeptical as anyone about that "low risk" claim. So far, I haven't heard too many horror stories to scare me away, other than some problems getting the one-off overlay patches if required, but my databases don't have a lot of one-off patches so I'm hoping I won't h ave trouble there. I'm just waiting for the green light from my developers to take some downtime and patch their database, and then I'll post my results - hopefully in a couple days.
From: Martin Bach [mailto:development_at_the-playground.de] For what it's worth I'd never install any Oracle patch regardless . . .
Privileged/Confidential Information may be contained in this message or attachments hereto. Please advise immediately if you or your employer do not consent to Internet email for messages of this kind. Opinions, conclusions and other information in this message that do not relate to the official business of this company shall be understood as neither given nor endorsed by it.
The information contained in this communication is confidential, is intended only for the use of the recipient named above, and may be legally privileged.
If the reader of this message is not the intended recipient, you are hereby notified that any dissemination, distribution or copying of this communication is strictly prohibited.
If you have received this communication in error, please resend this communication to the sender and delete the original message or any copy of it from your computer system.
Received on Fri Jan 15 2010 - 07:49:43 CST