Oracle FAQ Your Portal to the Oracle Knowledge Grid
HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US
 

Home -> Community -> Mailing Lists -> Oracle-L -> Re: Windows client

Re: Windows client

From: Paul Drake <bdbafh_at_gmail.com>
Date: Thu, 4 Nov 2004 16:12:09 -0500
Message-ID: <910046b404110413126942367c@mail.gmail.com>


LeRoy,

consult the updated document covering this on Metalink. They have revised their position, but I haven't checked it in a few days. check Note:282108.1
check "21. Is the Database Client install equally vulnerable?"

I'm glad that I checked this, as I had installed 10.1.0.2 in development and applied 10.1.0.3 to it and thought that the binaries were covered for Alert #68.
they're not.

the same holds true for 9.2.0.6.
check " 40. Will the Security fixes included in Alert 68 be available in 9.2.0.6 or 10.1.0.3 patchset?"

which means, I'll still have to deal with OPatch when attempting to skip by 9.2.0.5 and going straight from 9.2.0.1.0 base install and applying the 9.2.0.6.0 patchset.

Wouldn't it be great if Oracle would re-release the base release as 9.2.0.6.0 as a base install, like how they did that for 9i Release 2 for lin32 (9.2.0.4)?

guess its still job security stuff.

"PatchMaster" Paul

On Thu, 04 Nov 2004 13:52:55 -0600, LeRoy Kemnitz <lkemnitz_at_uwsa.edu> wrote:
> I have read many articles and forums on the Security Alert #68. I have
> applied my patches to the server, 9.2.0.5 on aix 5.1. My last concern
> is about the clients - Oracle recommends we patch the clients as well.
> There is no way to mass update all the clients at once. We would need
> to visit each machine - we are talking 100's of machines. My questions
> is - Do we need to? If the server is patched, what vulnerabilites
> would there be from the client? How are the rest of you handling this?
> I am leaning towards not updating the clients.
>
> LeRoy
>
> --
> http://www.freelists.org/webpage/oracle-l
>

--
http://www.freelists.org/webpage/oracle-l
Received on Thu Nov 04 2004 - 16:19:39 CST

Original text of this message

HOME | ASK QUESTION | ADD INFO | SEARCH | E-MAIL US