Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "CIS Oracle benchmark has been updated"] [Next entry: "Another CPU April 12 news item from eweek"]

CPU 12 April researchers advisories

I saw NGS Software's advisory tonight for the vulnerabilities that they found and were fixed as part of CPU 12 April. The NGS Software advisory is pretty basic (i.e. it doesn't give much away!). The advisory states just versions affected and that details of the bugs found will be held back for three months. This is pretty much standard from NGS now. Integrigy do not seem to have an advisory for Stephen Kosts bugs yet on their site. I also could not find an advisory for Esteban Martínez Fayó who is also credited in Oracles advisory. If anyone knows about links to these missing advisories please let me know.