Re: Question on Oracle Security Alert for CVE-2012-1675

From: Martin Berger <martin.a.berger_at_gmail.com>
Date: Wed, 2 May 2012 15:48:18 +0200
Message-ID: <CALH8A93b1zJh2VK5pFwAFBNMvDG8kotS+jWbMBPK0ELKWECbhw_at_mail.gmail.com>

Hi Kumar,

even untested,
yes, that is enough.

for local listener
SECURE_REGISTER_LISTENER = (TCP)
is the same in both documents (it's just more widely explained in 1453883.1).

as this is a real new topic and many are interested in it's details, please share all your findings?

Martin

On Wed, May 2, 2012 at 9:24 AM, Kumar Madduri <ksmadduri_at_gmail.com> wrote:
> Hi
> Two notes are given for applying the fix for this alert (one for rac and
> another for non-rac).
> We dont use scan listeners on a 2 node rac. So after reading the note
> 1340831.1, I think the steps listed for scan listeners are not required
> (creating wallet and other steps that follow).
> In this case note 1453883.1 (for non-rac) is applicable for rac as well.
> I am going to re-read the notes again and raise SR if required but thought
> about checking with the list as well.
>
>
> Thank you
> Kumar
>
>
> --
> http://www.freelists.org/webpage/oracle-l

--
http://www.freelists.org/webpage/oracle-l

Received on Wed May 02 2012 - 08:48:18 CDT

This message: [ Message body ]
Next message: Mandal, Ashoke: "Resolved: ORA-01994: GRANT failed: password file missing or disabled"
Previous message: coskan gundogar: "RE: log buffer size and log file syncs"
In reply to: Kumar Madduri: "Question on Oracle Security Alert for CVE-2012-1675"
Next in thread: Radoulov, Dimitre: "Re: Question on Oracle Security Alert for CVE-2012-1675"
Reply: Radoulov, Dimitre: "Re: Question on Oracle Security Alert for CVE-2012-1675"

Contemporary messages sorted: [ by date ] [ by thread ] [ by subject ] [ by author ]

Original text of this message