[Previous entry: "New version of cracker-2.0 the PL/SQL cracker - option to not reveal passwords"] [Next entry: "How to write injection proof PL/SQL"]
October Critical Patch Update 2008 is out
October 14th, 2008 by Pete
Post to del.icio.us
Post to Furl
The latest in the line of Critical Patch Updates (CPU October 2008) has just come out. The Oracle advisory "Oracle Critical Patch Update Advisory - October 2008" has just been released and it describes the fixes available with this patch.
There are a few new names in the credits section and also an increase in people helping with the security in depth program. I was credited again on this CPU, the second time this year. I will release an advisory later related to this fix. The number of database fixes is set at 15, one of which can be expoited remotely without authentication. The highest CVSS ratings are two 6.5's. There are also a number of application server, E-Business Suite, Peoplesoft and BEA fixes included in the patch/advisory.
