Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Oracle ships patches seeded with message digest data"] [Next entry: " has a news item about CPU 2"] talks about the Oracle CPU April 12 patch release

I was contacted by Shawna McAlearney yesterday for some comments on the latest Oracle scheduled patch release. Shawna is the news editor for SearchSecurity.comand she yesterday released a news item about Oracle latest scheduled security patch release. This news item is titled "Oracle releases patches, but not for many known flaws". Shawna details the range of fixes and quotes an Oracle spokesperson. She also then talks about the fact that Alex and Esteban have lists on their sites of over 100 unfixed Oracle security bugs, some of which were reported over 1.5 years ago. She also discusses Alex’s paper detailing an Oracle Forms SQL Injection issue.