[<prev] [next>] [day] [month] [year] [list]
Message-ID: <075601c6f282$6a25f2e0$4300a8c0@ngssoftware.com>
Date: Wed, 18 Oct 2006 07:55:35 +0100
From: "David Litchfield" <davidl@...software.com>
To: <full-disclosure@...ts.grok.org.uk>, <bugtraq@...urityfocus.com>,
<dbsec@...elists.org>, <ntbugtraq@...tserv.ntbugtraq.com>
Subject: Analysis of the Oracle October 2006 Critical Patch Update
Hey all,
I've just posted an analysis of the 22 Oracle RDBMS flaws patched by the
October 2006 Critical Patch Update that was released yesterday:
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html.
Further, it's a shame to see that, after a promising July 2006 CPU where
Oracle had all the patches ready *on time*, they have slipped back into
their old, bad habits - patches are not ready for a number of platforms. I
thought they'd solved those issues - but clearly not. You can get a copy of
the analysis from
http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf,
Cheers,
David Litchfield
NGSSoftware Ltd
http://www.ngssoftware.com/
+44(0) 208 401 0070
Powered by blists - more mailing lists