| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: oracle security patch
"Paul Drake" <bdbafh_at_gmail.com> wrote in message
news:910046b4.0409080843.7f3c3b63_at_posting.google.com...
> yls177_at_hotmail.com (yls177) wrote in message
news:<c06e4d68.0409071824.88dfa22_at_posting.google.com>...
> > bdbafh_at_gmail.com (Paul Drake) wrote in message
news:<910046b4.0409070825.4138263d_at_posting.google.com>...
> > > yls177_at_hotmail.com (yls177) wrote in message
news:<c06e4d68.0409070030.ebc3f7d_at_posting.google.com>...
> > > > hi, our security guy requests me for this
> > > > http://www.oracle.com/technology/deploy/security/pdf/2004alert68.pdf
> > > > i took a look and find that my oracle product is not in the list of
> > > > supported products affected. My current version is oracle 8i 8.1.7.2
> > > > and the nearest it could affect is 8.1.7.4
> > > >
> > > > any comments?
> > >
> > > 0. include the relevant operating system info.
> > >
> > > 1. thoroughly test your backup/restore/recovery configuration.
> > > 2. roll up your sleeves and test the 8.1.7.4.16 patchset (win32)
> > > (after applying 8.1.7.4.1) in your test environment.
> > > 3. apply to production during a scheduled maintenance window.
> > > 4. seriously consider moving to 9.2.0.5 (with the patches issued for
> > > alert #68 applied) soon.
> > >
> > > -bdbafh
> >
> >
> >
> > okay, my operating system is hpux 11.0 and my oracle version is posted
as above.
>
Does anyone willing to share about the Oracle security patch for
vulnerabilities?
Well, it's about what's so called vulnerable in Oracle, how it was under
attacked ?
And, usually for applying the security patch, backup/restore/recovery and even most of the time, thorough testing in dev/test environment before apply to production. This also includes the application overall functioning testings to make sure patch fixes security issues and second thing is, it doesn't break the system(applications) as well.
So, here comes another question, anyone tested on the security portion after the patch being applied? How is the testing basically being conducted?
I am not sure if I have missed the previous questions and answers relevant to this, please help to clarify this if you have ideas about it or have been long time working on it (easy answers for you then) !
thank you. Received on Mon Sep 27 2004 - 10:58:25 CDT
 |
 |