Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "10gR2 adds a "wrap" package procedure, TDE and makes DBMS_OUTPUT output unlimited"] [Next entry: "Pete Finnigan is now a member of the Oaktable network"]

An issue with DBA_REGISTRY

I made a note about Doug's blog post a week or so ago titled - (broken link) dba_registry where he discussed the fact that a select from the view DBA_REGISTRY didn't show the correct version after an upgrade had taken place. Doug went on to test this at home on 10g and he proved the version displayed in this view did not match the binaries. A couple of commenters (I cannot post a link to Doug's comments as they are accessed via Javascript - I think?) mention that fact that patching the software only doesn’t patch the database and that catpatch.sql needs to be run to update the views output. Doug seems embarrassed a little by this but this is common mistake. I believe this is partly because Oracles patch update mechanisms need to be simplified (which is now happening with recent patches) so that applying patches is more transparent and most importantly so that is is much easier to find out the exact patch level the software and database are at. This has not been consistent in the past. Ed Stangler talked many times a few months ago in his blog about catpatch.sql - My first post was on his series was Edward Stangler talks about running catpatch. I talked about this subject - prompted by Ed many times. See my archives page for details of these posts.