| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
 |
 | |||
| Oracle FAQ | Your Portal to the Oracle Knowledge Grid | |
|
| |||
Home -> Community -> Usenet -> c.d.o.server -> Re: Downloading Critical Patch Updates without a Metalink account
sybrandb wrote:
> On Jan 8, 2:28 pm, "raesene" <raes..._at_gmail.com> wrote:
> > Hi,
> >
> > I wonder if anyone could point me in the right direction of where I can
> > download Security Patches for Oracle database software (9i and 10g)
> > without having a Metalink account.
> >
> > I've downloaded the free versions of the sofware fromhttp://www.oracle.com/technology/software/products/database/xe/htdocs...
> > andhttp://www.oracle.com/technology/software/products/oracle9i/htdocs/wi...
> > but I can't find a location to download the security patches for either
> > product.
> >
> > Thanks
> >
> > Rory McCune
> > r..._at_mccune.org.uk
>
>
> For any patch, whether an upgrade or a security patch, a Metalink
> account is required.
> The developers license explicitly excludes the entitlement to upgrades,
> so how do you expect Oracle is going to provide security patches for
> free.
> Actually it is strange you are asking this question, because the answer
> is in your license agreement.
>
Hi,
Thanks for the response. this did seem to be the case but I wanted to check.
As to why Oracle should provide patches for free, well if people have downloaded and installed the Oracle database software, it would seem to be in Oracle's interest to want them to be using it in a secure fashion.
Without that developers using the software who don't have access to a Metalink account may be vulnerable to attack through the Oracle instance.
One other thing I did notice from reading the license agreement.
"We grant you a nonexclusive, nontransferable limited license to use the programs for: (a) purposes of developing, prototyping and running your applications for your own internal data processing operations;"
there's the implication there if I'm reading it correctly that it can be used to run programs for a companies Internal data processing (although IANAL so I may be misreading that). So there's a risk there that if a organisation are doing that then they will be running vulnerable versions of the database.
Anyway thanks for confirming my initial impressions on this one.
Regards
Rory McCune
rorym_at_mccune.org.uk
> --
> Sybrand Bakker
> Senior Oracle DBA
Received on Mon Jan 08 2007 - 08:42:01 CST
 |
 |