lists.openwall.net   lists  /  announce  owl-users  owl-dev  john-users  john-dev  passwdqc-users  yescrypt  popa3d-users  /  oss-security  kernel-hardening  musl  sabotage  tlsify  passwords  /  crypt-dev  xvendor  /  Bugtraq  Full-Disclosure  linux-kernel  linux-netdev  linux-ext4  linux-hardening  linux-cve-announce  PHC 
Open Source and information security mailing list archives
 
Hash Suite: Windows password security audit tool. GUI, reports in PDF.
[<prev] [next>] [thread-next>] [day] [month] [year] [list]
Message-ID: <075601c6f282$6a25f2e0$4300a8c0@ngssoftware.com>
Date: Wed, 18 Oct 2006 07:55:35 +0100
From: "David Litchfield" <davidl@...software.com>
To: <full-disclosure@...ts.grok.org.uk>, <bugtraq@...urityfocus.com>,
	<dbsec@...elists.org>, <ntbugtraq@...tserv.ntbugtraq.com>
Subject: Analysis of the Oracle October 2006 Critical
	Patch Update

Hey all,
I've just posted an analysis of the 22 Oracle RDBMS flaws patched by the 
October 2006 Critical Patch Update that was released yesterday: 
http://www.oracle.com/technology/deploy/security/critical-patch-updates/cpuoct2006.html. 
Further, it's a shame to see that, after a promising July 2006 CPU where 
Oracle had all the patches ready *on time*, they have slipped back into 
their old, bad habits - patches are not ready for a number of platforms. I 
thought they'd solved those issues - but clearly not. You can get a copy of 
the analysis from 
http://www.databasesecurity.com/oracle/OracleOct2006-CPU-Analysis.pdf,
Cheers,
David Litchfield
NGSSoftware Ltd
http://www.ngssoftware.com/
+44(0) 208 401 0070




_______________________________________________
Full-Disclosure - We believe in it.
Charter: http://lists.grok.org.uk/full-disclosure-charter.html
Hosted and sponsored by Secunia - http://secunia.com/

Powered by blists - more mailing lists

Powered by Openwall GNU/*/Linux Powered by OpenVZ