Now, I read the security patch and it says "You must have NO OTHER = PATCHES installed on your Oracle server since the last patch set". NOW = WHAT!@#@!#!@!#!@#!@ -----Original Message----- From: Stankus, Paula G=20 Sent: Thursday, September 02, 2004 1:28 PM To: 'oracle-l@xxxxxxxxxxxxx' Subject: RE: security alert - management up in arms Guys, I had 3 managers ask me about this today. I am planning to put in dev = then prod but they want me to open emergency tickets and start doing = now!!!! All of our oracle databases are internal (inside of a = firewall). =20 My concern is having recently been burnt on 9.2.0.5 Solaris 64-bit - = that this not be another exercise in Oracle regression testing. I know that a security patch is much more focused and likely doesn't = have the same changes/impact as a patchset. However, what does everyone = do in terms of due diligence to ensure these security patches are not = going to "break" Oracle functionality. It seems like it should be = reasonable to put in dev/test - run for a little while then promote. = However, with 9.2.0.5 we didn't come up with problems until we used = export/import and sql*loader. Any thoughts on this? "This e-mail is a critical technical alert which is being sent as a = service to all MetaLink users! The following Security Alert has been published on MetaLink by the = Oracle Security Compliance team: August 31, 2004 Severity: 1=20 Alert #68: Oracle Security Update" --- To unsubscribe - mailto:oracle-l-request@xxxxxxxxxxxxx&subject=unsubscribe To read recent messages - //freelists.org/archives/oracle-l/09-2004