Oracle FAQ | Your Portal to the Oracle Knowledge Grid |
![]() |
![]() |
Home -> Community -> Mailing Lists -> Oracle-L -> Re: FW: [VulnWatch] Multiple high risk vulnerabilities in Oracle RDBMS 10g/9i
Hi,
The Oracle advisory is out and its a big improvement on the last one and previous ones. There is a risk matrix and information about each bug that is fixed. Even some de supported versions are patched as well. The advisory is here http://www.oracle.com/technology/deploy/security/pdf/cp u-jan-2005_advisory.pdf and also if anyone is interested, i have just talked about it in my Oracle security weblog which you can find at http://www.petefinnigan.com/weblog//entries/index.html
kind regards
Pete
In article <c493WfAD6W7BBxOA_at_peterfinnigan.demon.co.uk>, Pete Finnigan
<oracle_list_at_peterfinnigan.demon.co.uk> writes
>Hi Ruth,
>
>This is related to the first quarterly patch set release. NGS are
>probably one of many researchers who have found security bugs that are
>to be fixed in this patch. I have not checked for 30 minutes or so, but
>there was no news of the patch release or advisory from Oracle yet. NGS
>posted this at 3:30PM UK time probably in anticipation of the well
>announced Jan 18 patch release.
>
>Kind regards
>
>Pete
-- Pete Finnigan (email:pete_at_petefinnigan.com) Web site: http://www.petefinnigan.com - Oracle security audit specialists Oracle security blog: http://www.petefinnigan.com/weblog/entries/index.html Book:Oracle security step-by-step Guide - see http://store.sans.org for details. -- http://www.freelists.org/webpage/oracle-lReceived on Wed Jan 19 2005 - 00:20:11 CST
![]() |
![]() |