Tag: CPU
-
Oracle’s July 2013 CPU Oracle Database Server Risk Matrix
Oracle’s July 2013 CPU Oracle Database Server Risk Matrix is one of the worst in recent history. Go patching!
-
CPU, PSU, SPU – Oracle Critical Patch Update Terminology Update
It’s never too late to change important terminology and confuse customers, that’s what Oracle must’ve been thinking…
Security Patch Update (SPU) terminology is introduced in the October 2012 Critical Patch Update as the term for the quarterly security patch. … Continued
-
April 2011 Critical Patch Update Released
Already 3 months gone by? April 2011 Critical Patch Update Released (direct link to Database vulnerabilities). Mostly obscure components that aren’t in widespread use in the DB world, but who knows…
-
January 2011 Oracle Critical Patch Update Released
It’s that time of the year again: January 2011 Oracle Critical Patch Update Released. People using OEM Grid Control on 11g versions and people using RAC on 10g and newer are vulnerable to remote vulnerabilities not requiring authentication, so again quite a serious CPU.… Continued
-
What are the criteria used by Oracle to decide whether a vulnerability warrants a fix in the CPU?
Oracle answer one of the most asked questions around CPUs: What are the criteria used by Oracle to decide whether a vulnerability warrants a fix in the CPU?
-
Oracle Critical Patch Update October 2010
The Oracle Critical Patch Update October 2010 is out, see the Oracle Security Blog for commentary. Of the 9 Database related vulnerabilities, 7 do not apply if you are on the latest patchset on 10gR2 or 11gR2, a much higher than usual number, and hopefully a good sign for what’s to come.… Continued
-
Oracle CPU July 2010
Oracle’s Critical Patch Update July 2010 is out, with two easy to exploit DoS vulnerabilities in the Database network stack (although one on Windows only), and one critical vulnerability in the OLAP component – let’s just hope that this one opens the DB for attack if OLAP is actually linked in… because I guess most people’s Oracle will not have OLAP built in.… Continued
-
Oracle CPU July 2010 Pre-Release
Oracle’s Critical Patch Update Pre-Release Announcement – July 2010 arrived online, and the nice folks at Integrigy already published their standard CPU pre-release analysis.
I’m a bit worried about the number of highly critical Database alerts, four out of six vulnerabilities are remotely exploitable without authentication.… Continued
-
Oracle CPUJul2008 Advisory