Re: CPU - January 2017

From: Niall Litchfield <niall.litchfield_at_gmail.com>
Date: Wed, 25 Jan 2017 20:27:18 +0000
Message-ID: <CABe10saFaSUoXT8biX1DuKFNpAT3K_f7kYpbW0hMhKr4Wcr9Cw_at_mail.gmail.com>

Hi David

Some time ago (ancient history to many I guess ) Oracle implemented an *in database* jvm it's this that the OJVM patches er patch. As you might imagine implementing an in DB execution environment also implements a new attack method.

On 25 Jan 2017 15:07, "David Ramírez Reyes" <dramirezr_at_gmail.com> wrote:

> Hello everyone,
>
> As you may know, the CPU of January was released with a some items related
> to the DB; my question is, what about the OJVM component that comes as
> the first asset of the list?; I mean, I know the Virtual Machine is used by
> the DB, but is this the same as the one installed on the server (we're
> running on RHEL)?, is it a risk if our DB server is on an internal network
> segment that is not exposed to the web?
>
> Basically, not sure what's the difference between the JVM of the DB and
> the OS, or of it's the same or how it works, any help will be appreciated.
>
> Regards
>
>
> David Ramírez Reyes
> Profesión: Padre de Familia y DBA en mis ratos libres
> Profession: Parent and DBA in my spare time
>
>

--
http://www.freelists.org/webpage/oracle-l

Received on Wed Jan 25 2017 - 21:27:18 CET

This message: [ Message body ]
Next message: David Ramírez Reyes: "Re: CPU - January 2017"
Previous message: RDS: "Re: Quest SPOTLIGHT vs Diag pack"
In reply to David Ramírez Reyes: "CPU - January 2017"
Next in thread: David Ramírez Reyes: "Re: CPU - January 2017"
Reply: David Ramírez Reyes: "Re: CPU - January 2017"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message