Security is not in the eyes of the beholder. A vulnerabilities exist or they do not. Certainly sites need to evaluate whether the vulnerability is applicable and whether they have taken other measures to prevent its exploitation, etc. I am not a system administrator nor a security expert, but RedHat has been rather busy lately with kernel releases to fix security issues. -----Original Message----- From: oracle-l-bounce@xxxxxxxxxxxxx [mailto:oracle-l-bounce@xxxxxxxxxxxxx] On Behalf Of Rich Jesse Sent: Wednesday, November 11, 2009 8:27 AM To: Oracle-L Freelists Subject: RE: uptime > Impressive! What do you do about security problems with the OS. Does > not the installation of a new kernel require a reboot Security is in the eye of the keyholder -- not everyone needs every security update right away. Once upon a life, we had a dev box that had a 4-digit uptime. It was decided that there would be a controlled reboot if only to make sure that there were no undocumented "fixes" in startup, since there was some personnel changes in the department. Kind of a bummer... And don't get me started on VMS uptimes. Oh, those were the days... :) Rich -- //www.freelists.org/webpage/oracle-l -- //www.freelists.org/webpage/oracle-l