They posted the quarterly patches, check out the alerts page at: http://www.oracle.com/technology/deploy/security/alerts.htm Patrice. -----Original Message----- From: Pete Finnigan [mailto:oracle_list@xxxxxxxxxxxxxxxxxxxxxxxxx] Sent: January 18, 2005 4:16 PM To: oracle-l@xxxxxxxxxxxxx Subject: Re: FW: [VulnWatch] Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i Hi Ruth, This is related to the first quarterly patch set release. NGS are probably one of many researchers who have found security bugs that are to be fixed in this patch. I have not checked for 30 minutes or so, but there was no news of the patch release or advisory from Oracle yet. NGS posted this at 3:30PM UK time probably in anticipation of the well announced Jan 18 patch release. Kind regards Pete -- Pete Finnigan (email:pete@xxxxxxxxxxxxxxxx) Web site: http://www.petefinnigan.com - Oracle security audit specialists Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html Book:Oracle security step-by-step Guide - see http://store.sans.org for details. -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l
