Call: +44 (0)1904 557620 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Great paper on Oracle Applications 11i password weaknesses and decryption"] [Next entry: "Oracle To Patch 55 Database, App Server Bugs Next Week"]

Oracle have announced a CPU pre-release feature

I saw today that Oracle has released its first "Critical Patch Update pre-release announcement" which is a new service that will give advanced news of the forth coming CPU's. The next CPU is due on january 16th. next Tuesday. This first advanced release details CVSS ratings and details of the components that are affected and also the versions affected. There are 52 fixes in the january CPU and ten of them can be remotely exploited without authentication.

This is another good improvement from Oracle and well done to them for this, releasing advanced news of the patch can help customers plan and decide what to do about applying it. Good for Oracle.