RE: new Patch Set Updates released
- From: "Herring Dave - dherri" <Dave.Herring@xxxxxxxxxx>
- To: <kjped1313@xxxxxxxxx>, "Martin Bach" <development@xxxxxxxxxxxxxxxxx>, "ORACLE-L" <oracle-l@xxxxxxxxxxxxx>, <Brandon.Allen@xxxxxxxxxxx>
- Date: Fri, 15 Jan 2010 07:45:40 -0600
It sounds like those drug commercials. You take drug "A" to resolve heart
problems, but now you get spontaneous eye bleeding and have to take drug "B".
But drug "B" causes ... :-)
Maybe Oracle should be forced to list all potential side-effects like the drug
companies do. "Users of this patch may experience application performance
discharge or runny xplans. Do not apply patch for software that operates heavy
equipment."
Must be a Friday!
Dave Herring | DBA, Acxiom Database Services
630-944-4762 office | 630-430-5988 cell | 630-944-4989 fax
1501 Opus Pl | Downers Grove, IL, 60515 | U.S.A. | www.acxiom.com
Service Desk: 888-243-4566
________________________________________
From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On
Behalf Of Kellyn Pedersen
Sent: Thursday, January 14, 2010 2:12 PM
To: Martin Bach; ORACLE-L; Brandon.Allen@xxxxxxxxxxx
Subject: RE: new Patch Set Updates released
Honestly? This is the first PSU I've ever released and I've never released a
CSU patch set. I've worked for companies where I had less influence and/or
experience where they had you implement every quarterly patch as part of SOX
compliance, etc. but it was before they even referred to them as PSU/CSU's and
it's been literally years since I've applied anything outside of a one-off
patch for a bug that I couldn't find a work around for.
I simply find that the cure is worse than the disease for most of my patching.
I patch for a bug then I have a new bug to contend with from the newly applied
patch. Not my idea of a fun way to work, (yes, I'm now putting in the work
around for bug 6367692 that resulted from me patching the PSU this last week..
and no, I don't know who's bright idea it was to alter sessions in packages and
go back to a manual workarea_size_policy for hashing and sorting because they
can't tune their SQL! :))
Kellyn Pedersen
Multi-Platform DBA
I-Behavior Inc.
http://www.linkedin.com/in/kellynpedersen
www.dbakevlar.blogspot.com
"Go away before I replace you with a very small and efficient shell script..."
--- On Thu, 1/14/10, Allen, Brandon <Brandon.Allen@xxxxxxxxxxx> wrote:
From: Allen, Brandon <Brandon.Allen@xxxxxxxxxxx>
Subject: RE: new Patch Set Updates released
To: "Martin Bach" <development@xxxxxxxxxxxxxxxxx>, "ORACLE-L"
<oracle-l@xxxxxxxxxxxxx>
Date: Thursday, January 14, 2010, 11:12 AM
Thanks Martin. I've had the same position as you on patching for years,
especially since all our databases are on secured networks, we've never had a
(known) security breach, and we're running ERP systems where testing requires a
major coordinated effort. But, I'm starting to worry that my luck must be
wearing thin and most malicious attacks are internal, plus I've seen a few
articles about worms and hacker programs for Oracle in the past few years so I
figured I should try changing my ways and get a bit more proactive before it's
too late. I figure as long as I'm applying security updates (CPUs), I might as
well take the full plunge and apply the "low risk, high value" bug fixes in the
PSU too, but I'm just as skeptical as anyone about that "low risk" claim. So
far, I haven't heard too many horror stories to scare me away, other than some
problems getting the one-off overlay patches if required, but my databases
don't have a lot of one-off patches so I'm hoping I won't have trouble there.
I'm just waiting for the green light from my developers to take some downtime
and patch their database, and then I'll post my results - hopefully in a couple
days.
From: Martin Bach [mailto:development@xxxxxxxxxxxxxxxxx]
For what it's worth I'd never install any Oracle patch regardless . . .
________________________________________
Privileged/Confidential Information may be contained in this message or
attachments hereto. Please advise immediately if you or your employer do not
consent to Internet email for messages of this kind. Opinions, conclusions and
other information in this message that do not relate to the official business
of this company shall be understood as neither given nor endorsed by it.
***************************************************************************
The information contained in this communication is confidential, is
intended only for the use of the recipient named above, and may be legally
privileged.
If the reader of this message is not the intended recipient, you are
hereby notified that any dissemination, distribution or copying of this
communication is strictly prohibited.
If you have received this communication in error, please resend this
communication to the sender and delete the original message or any copy
of it from your computer system.
Thank You.
****************************************************************************
--
//www.freelists.org/webpage/oracle-l
Other related posts:
