RE: Security Alert #68 - Have to upgrade versions prior to 9.2.0. 4
- From: "Mercadante, Thomas F" <thomas.mercadante@xxxxxxxxxxxxxxxxx>
- To: "'dwagoner@xxxxxxxxxxxxxxxxxx'" <dwagoner@xxxxxxxxxxxxxxxxxx>, "ORACLE-L (E-mail)" <oracle-l@xxxxxxxxxxxxx>
- Date: Fri, 15 Oct 2004 11:31:55 -0400
David,
Be aware that, even though there is not a Security patch 68 for 9.2.0.3,
that Oracle recommends that you move up to a supported version and apply the
security patch. Apparently their position is that just because there is no
security patch does not mean that the version is safe from the vulnerablity.
All it means is that they are not back-porting the patch to that version.
Good Luck.
Tom Mercadante
Oracle Certified Professional
-----Original Message-----
From: David Wagoner [mailto:dwagoner@xxxxxxxxxxxxxxxxxx]
Sent: Friday, October 15, 2004 11:21 AM
To: ORACLE-L (E-mail)
Subject: RE: Security Alert #68 - Have to upgrade versions prior to 9.2.0. 4
Okay, after reading all of the Security Alert #68 notes I could find on
MetaLink, I believe that the most stable release of Oracle 9iR2 is version
9203. I say this because it is supposedly not affected by Security Alert
#68 (the alert says that the only 9iR2 versions affected are 9204 and 9205)
and it has the fewest number of serious bugs (see Note:189908.1 to compare
bugs by version). (BTW, check out this serious index corruption bug in 9205
related to LMTs and ASSM- Bug# 3785200. Recommendation is to NOT use ASSM!)
So, I plan to upgrade affected versions to 9203 to avoid the security
patches and other serious bugs. I'm referring to Sun Solaris 8.
Will someone please provide a sanity-check and let me know if I'm reading
this stuff correctly?
David B. Wagoner
Database Administrator
--
//www.freelists.org/webpage/oracle-l
--
//www.freelists.org/webpage/oracle-l
Other related posts:
