RE: security alert - management up in arms
- From: <Paula_Stankus@xxxxxxxxxxxxxxx>
- To: <oracle-l@xxxxxxxxxxxxx>
- Date: Thu, 2 Sep 2004 13:27:56 -0400
Guys,
I had 3 managers ask me about this today. I am planning to put in dev =
then prod but they want me to open emergency tickets and start doing =
now!!!! All of our oracle databases are internal (inside of a =
firewall). =20
My concern is having recently been burnt on 9.2.0.5 Solaris 64-bit - =
that this not be another exercise in Oracle regression testing.
I know that a security patch is much more focused and likely doesn't =
have the same changes/impact as a patchset. However, what does everyone =
do in terms of due diligence to ensure these security patches are not =
going to "break" Oracle functionality. It seems like it should be =
reasonable to put in dev/test - run for a little while then promote. =
However, with 9.2.0.5 we didn't come up with problems until we used =
export/import and sql*loader.
Any thoughts on this?
"This e-mail is a critical technical alert which is being sent as a =
service to all MetaLink users!
The following Security Alert has been published on MetaLink by the =
Oracle Security Compliance team:
August 31, 2004
Severity: 1=20
Alert #68: Oracle Security Update"
---
To unsubscribe - mailto:oracle-l-request@xxxxxxxxxxxxx&subject=unsubscribe
To read recent messages - //freelists.org/archives/oracle-l/09-2004
Other related posts:
