Re: installing multiple patches(Release 2, 9.2.0.4)

bdbafh_at_gmail.com (Paul Drake) wrote in message news:<910046b4.0409070905.1a5b29f7_at_posting.google.com>...
> pagesflames_at_usa.net (Dusan Bolek) wrote in message news:<1e8276d6.0409070128.48d2c0dc_at_posting.google.com>...
> > johnbhurley_at_sbcglobal.net (John Hurley) wrote in message news:<d4d6f278.0409060937.73efdae4_at_posting.google.com>...
> > > Then test test test and consider carefully the pros and cons of
> > > whether the fix that is being supplied is likely to improve (or not)
> > > any production environments before thinking/planning a rollout.
> >
> > This advice is easy to say, but is hard to do it, especially if we're
> > talking about recent security alerts. There are no supplied
> > information with them, only: "Severity 1, must apply". We do not know
> > what it is patching, why, is it really serious for all configurations,
> > is it fixing remote exploit or only local one etc. So applying of
> > these patches is more or less the matter of trust (in Oracle) and not
> > a considering of pros/cons.
>
> Dusan,
>
> "Severity 1" is what occurs after you apply the patches in production,
> and something goes horribly wrong. :)
>
> "Critical" is what the Alert #68 patches are categorized as.
>
> btw - applied 8.1.7.4.16, 9.2.0.5 patchset4 and 10.1.0.3 on win32
> without incident, waiting for latent issues to arise in testing.
>
> -bdbafh

whoops - that was still a 10.1.0.2 on win32. the version of perl that was shipped by oracle with its apache distro will not work with the 10.1.0.2 patchset, but the recent 5.6.x version of perl from activestate works quite well.

reasons why to bother with applying this:

code red
sql slammer
nimda

nuff said.

-bdbafh Received on Thu Sep 09 2004 - 10:04:48 CDT