Call: +44 (0)7759 277220 Call

Pete Finnigan's Oracle Security Weblog

This is the weblog for Pete Finnigan. Pete works in the area of Oracle security and he specialises in auditing Oracle databases for security issues. This weblog is aimed squarely at those interested in the security of their Oracle databases.

[Previous entry: "Installing Oracle Password Repository (OPR) - a walk through"] [Next entry: "Protecting network based storage"]

A new version of OPR is released

Jasper Spit, one of the Oracle Password Repository (OPR) authors has emailed me today to let me know that this very useful piece of software has been updated to version 1.1.7. The new version has been posted to SourceForge. Jasper emailed me a list of the following changes that have been made to the software:

Changes from the previous release:

15-06-2005 1.1.7 J.Spit

* Oracle client libraries are now dynamically opened/closed only for those operations that require them.
This goes for all platforms. This means you can use OPR on systems without an Oracle installation to
e.g. list, retrieve and delete passwords from the repository.
* added -f flag to forcibly add a password entry without verification on the database
* bugfix: ocisessionend function was not initialized
* bugfix: when retrieving a password, schemaname was case sensitive.
* currently database is converted to uppercase, and schemaname to lowercase. OSuser is left
* raised max. repository entries from 1024 to 4096
* minor cosmetic changes

17-06-2005 1.1.7 J.M.Spit

* Removed possible buffer overflow in askPassword.

As Jasper said, enjoy!