Re: FW: [VulnWatch] Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i

  • From: Pete Finnigan <oracle_list@xxxxxxxxxxxxxxxxxxxxxxxxx>
  • To: oracle-l@xxxxxxxxxxxxx
  • Date: Tue, 18 Jan 2005 21:25:08 +0000

Hi,

The Oracle advisory is out and its a big improvement on the last one and
previous ones. There is a risk matrix and information about each bug
that is fixed. Even some de supported versions are patched as well. The
advisory is here http://www.oracle.com/technology/deploy/security/pdf/cp
u-jan-2005_advisory.pdf and also if anyone is interested, i have just
talked about it in my Oracle security weblog which you can find at
http://www.petefinnigan.com/weblog//entries/index.html

kind regards

Pete

In article <c493WfAD6W7BBxOA@xxxxxxxxxxxxxxxxxxxxxxxxx>, Pete Finnigan
<oracle_list@xxxxxxxxxxxxxxxxxxxxxxxxx> writes
>Hi Ruth,
>
>This is related to the first quarterly patch set release. NGS are
>probably one of many researchers who have found security bugs that are
>to be fixed in this patch. I have not checked for 30 minutes or so, but
>there was no news of the patch release or advisory from Oracle yet. NGS
>posted this at 3:30PM UK time probably in anticipation of the well
>announced Jan 18 patch release.
>
>Kind regards
>
>Pete

-- 
Pete Finnigan (email:pete@xxxxxxxxxxxxxxxx)
Web site: http://www.petefinnigan.com - Oracle security audit specialists
Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html
Book:Oracle security step-by-step Guide - see http://store.sans.org for details.

--
//www.freelists.org/webpage/oracle-l

Other related posts: