Hey all,
I've just posted an analysis of the 22 Oracle RDBMS flaws patched by the
October 2006 Critical Patch Update that was released yesterday:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html.
Further, it's a shame to see that, after a promising July 2006 CPU where
Oracle had all the patches ready *on time*, they have slipped back into
their old, bad habits - patches are not ready for a number of platforms. I
thought they'd solved those issues - but clearly not. You can get a copy of
the analysis from
http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf,
Cheers,
David Litchfield
NGSSoftware Ltd
http://www.ngssoftware.com/
+44(0) 208 401 0070
