Jul 15
It is time once again to eliminate bugs and increase the security posture of our Oracle databases. The Advisories and Risk Matrices can be found on Oracle Technology Network. The full availability information is found at Oracle Metalink under DocID# 579278.1
Points of Interest:
- This CPU contains 11 security fixes for the Oracle Enterprise Database Server
- None of the security holes for the Enterprise DBMS are remotely exploitable without authentication
- Oracle Application Express requires no security fixes (This product continues to impress me)
- ALL Windows platforms running Oracle Enterprise DB Server v10.2.0.3 will have to wait until 22-July-2008 for their CPU
- Support for Solaris 32-bit and Oracle Enterprise DB Server v10.2.0.2 seems to have been pulled! There’s no CPU for these, and none planned for the October 2008 Critical Product Update as per Oracle Metalink DocID# 579278.1.
Don’t forget to read the patch notes, test thoroughly, and check to make sure you’re using the proper version of OPatch!
Next CPU: 14-October2008
Brian Fedorko