Oracle
Security firms are urging users to patch as soon as possible

Oracle issues mega-patch

Update fixes 85 vulnerabilities

Iain Thomson

vnunet.com, 19 Oct 2005

Oracle has issued a major patch release covering 85 vulnerabilities in its software. 

The patch fixes a number of serious flaws, including one buffer overflow vulnerability, 17 PL/SQL injection vulnerabilities in Oracle Database 10g and Oracle9i Database Server, and flaws in the Oracle Reports Server used in 23 applications.

Advertisement

The patch also includes non-security fixes that are needed because of the security patches.

Security firm Secunia has issued an advisory on the problems and rates the flaws as 'moderately critical'. It urges users to patch as soon as possible. 

"The new database vulnerabilities addressed by this critical patch update do not affect Oracle Database Client-only installations that do not have the Oracle Database Server installed," said Oracle in a statement.

"Therefore, it is not necessary to apply this critical patch update to client-only installations if a prior critical patch update, or Alert 68, has already been applied to the client-only installations."

Oracle has come in for severe criticism from security specialists over the time it takes to patch vulnerabilities. In some cases the company has taken two years to issue a vulnerability patch after it was reported.

  • Have your say
  • Send to a friend
  • Print
  • Digg
  • Reddit
  • Share

Tags:

Do you agree?

Have your say on this article

Further reading

Oracle

Expert challenges Oracle security record

Flaws reported two years ago remain unfixed, claims security firm

Quarterly critical patch updates

Oracle goes quarterly for critical patches

Easier configuration management for customers, claims database giant

Oracle under fire over 'Severity 1' bug secrecy

Gartner calls for greater openness from database giant

Related whitepapers

Related jobs

Most watched

Summit: Salesforce.com on SaaS and information overload

How web services contribute to data headaches

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

More video

Analysis and Reports

Remote access - Three steps to getting connected

3.4 million UK professionals now work from home – is your company equipped?

Cost benefits of a global collaboration network

This white paper is a must read for organisations looking for evidence of the bottom-line benefits of high-definition video and voice communications

Poll

Impact of Information Overload poll

Impact of Information Overload poll

What is the biggest problem your firm faces as a result of the data explosion?

View poll results

Advertisement

White paper library

Keep up to date with the latest products, services and technologies from the world's leading IT companies; IThound.com brings you over 6,000 white papers, case studies and analyst reports.

Advertisement

Newsletter signup

Sign up for our range of FREE newsletters:

  • More available - 'submit' to view

Existing User

Newsletter user login:

Enter email address to edit your newsletter preferences

Job of the week

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Hiring now on ComputingCareers:

Related IT jobs

More IT jobs

Search thousands of IT jobs :

Search thousands of IT jobs:

Advanced search

Advertisement

Spotlight

V3.co.uk weekly debrief, 13 Nov 09

This week we discuss the inaugural V3.co.uk Summit

Fingers on keyboard

New Flash vulnerability discovered

Web sites could be vulnerable to Flash attacks

Chris Adams

Summit: Microsoft Office to the rescue

Chris Adams, Office Client product manager for Microsoft UK, explains...

Illegal downloader

Industry and human rights campaigners united in opposition to "three strikes" plan

Critics says government proposals to curb illegal downloading are unworkable...

Primary Navigation