BOSTON, 10 JULY 2008 – Oracle will release 45 critical security fixes on Tuesday, the company announced Thursday.
Among the affected products are Oracle’s database; its TimesTen in-memory database; Oracle Application Server; a number of PeopleSoft Enterprise products; Oracle Enterprise Manager Database Control; E-Business Suite; and WebLogic Server, which it acquired by purchasing BEA Systems. There are no new patches for Oracle’s J.D. Edwards products.
The patch set includes 11 database fixes that affect a number of versions within the 11g, 10g and 9i releases. None of the security weaknesses the patches target can be exploited over a network without a user name and password, Oracle said.
Meanwhile, three of the seven patches for WebLogic Server and all nine for Oracle Application Server regard vulnerabilities that can be exploited with no authentication needed, according to Oracle.
More information is available on Oracle’s Web site.
Given that databases are growing 3X to 5X in size every three years, the technology keeps getting more and more complex, add onto that security issues its amazing what is expected out of DBA’s intodays world
Posted by Michael Corey