see http://www.oracle.com/newsletters/information-indepth/database-insider/nov-09/ioug.html?msgid=8308418&eid=3914466482&lid=1 <quote> "But there is good news, too. Moving to an automated environment addresses burgeoning security and compliance requirements while containing costs. Those companies that have employed automated security tools and approaches—which demand little or no time from administrators or other IT personnel—have been able to maintain and expand robust security practices (particularly in situations where critical data is susceptible to exposure) and achieve regulatory compliance." </quote> so this is a plee for patch automation. I still don't understand why oracle lets you pay for automating patching of THEIR own security bugs, i.e. because you would have to buy their Oracle Enterprise Manager Provisioning and Patch Automation Pack (http://www.oracle.com/technology/products/oem/pdf/provpack_db_ds.pdf<http://www.oracle.com/technology/products/oem/pdf/provpack_db_ds.pdf>) . Think about the impact of the last Oracle Critical Patch Update Advisory - October 2009 on http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2009.html#AppendixDBwhich had 3 times Base Score *10* for the database, the most severe classification I have seen sofar. Imagine an enterprise with hunderds or thousends of databases and only a couple of tens of human dba's. My point is: oracle should provide mass patching tools for free, they owe us ! Regards, Andre
