[Previous entry: "The Patch Impasse: Front line perspectives from enterprise IT"] [Next entry: "Cisco, others invest $6.3m in Guardium"]
Security Patch website
May 23rd, 2006 by Pete
Post to del.icio.us
Post to Furl
When Greg emailed me the pdf about the patch survey he also mentioned a website that his company sponsor called Security Patch.org. This site does not have a fantastic amount of content but it does include a very good set of pages that link to individual advisories for security bugs in Oracle, Microsoft, Apache, Linux and Sun. The Oracle page is of course of the most interest to us here. The Oracle patch page details all of the CVE references for bugs fixed in oracle CPU's and previous alerts. There is obviously not a complete cross reference against every bug fixed in each CPU and alert as Oracle never reveals this level of detail but the list is a good starting point. If you follow each CVE link you will find a page for each that often includes links to many other sources of information for each bug. Some link eventually to pages that include example exploits.
