- 10.2.0.4 (1)
- 11g (3)
- Allgemein (11)
- BEA (1)
- checkpwd (4)
- CPUApr2008 (3)
- CPUJan2008 (2)
- CPUJul2007 (3)
- CPUOct2007 (1)
- Database Vault (1)
- David Litchfield (4)
- Exploit (4)
- Forensics (3)
- Inguma (2)
- MacOS (1)
- Mary Ann (1)
- Oracle (2)
- Oracle Security (46)
- passwords (3)
- Podcast (1)
- rootkits (1)
- Security (9)
- Security Book (1)
- Sentrigo (1)
- software (2)
- Source Code Analysis (1)
- source code audit (3)
- SQL Injection (4)
- Trainings (1)
- 9 Aug 2008: July 2008 CPU Advisory - Windows Patch update for Oracle 10.1.0.5
- 29 Jul 2008: Exploit for Oracle Bea Weblogic - Apache Connector published
- 8 Mai 2008: Checkpwd 1.23 for MacOS Intel native released
- 16 Apr 2008: Oracle CPU April 2008 - Update
- 15 Apr 2008: Oracle Critical Patch Update April 2008 is out
- 11 Apr 2008: Looking Glass and Oracle 11g
- 11 Apr 2008: Oracle Critical Patch Update Pre-Release Announcement - April 2008
- 4 Mrz 2008: We proudly present: Anna Marie Kornbrust
- 4 Mrz 2008: Corba Exploit for VisiBroker published
- 25 Feb 2008: Oracle Patchset 10.2.0.4 is out
Oracle Molecule / napply CPU
Eric Maurice from Oracle Global Security wrote in his blog that this CPU comes with a new concept called molecule.
“The napply CPU is an enhanced CPU format for Oracle Database Server for Unix and Linux platforms version 10.2.0.3 and onward (including 10.2.0.4 and 11g). In a napply CPU, the security fixes are now grouped in what are called molecules. Each molecule in the CPU is independent, and does not conflict with other molecules in the CPU. Conflicts between molecules occur when fixes included respectively in each molecule affect the same file or group of files.”
“The new CPU format will greatly simplify the patch conflict resolution procedures, thus providing for a quicker resolution of security vulnerabilities than was previously the case.“