Re: Oracle security fixes are released between official cpu releases

• From: "David Litchfield" <david@xxxxxxxxxxxxxxxxxxxx>
• To: <dreveewee@xxxxxxxxx>, <oracle-l@xxxxxxxxxxxxx>
• Date: Wed, 25 Jul 2007 12:13:31 +0100

I tried the bunkerview on a 10203 database which had patch 7 (6038241)

applied which is also labeled as cpu APRIL 2007 and it failed. So looks like

it was already fixed before Cpu July 2007 came out. That makes me believe
that Oracle releases security fixes in between cpu's.

When waiting for Oracle to fix some of the security issues I've informed them about, I've noted that, if a fix is available for a given platform, Oracle may to slip it in to a CPU without announcing it. Only when all platforms have a patch available do Oracle then note it in their risk matrix. This is probably what you're seeing.

HTH,
David

--
//www.freelists.org/webpage/oracle-l

• References:
  • Oracle security fixes are released between official cpu releases
    • From: Andre van Winssen

Other related posts:

• » Oracle security fixes are released between official cpu releases
• » Re: Oracle security fixes are released between official cpu releases

1. Home
2. oracle-l
3. Archive
4. 07-2007

---

• » Previous by Date
• » Next by Date
• » Related Posts
• » View list details
• » Manage your subscription

---