Database - eWeek


Is the Smart Grid a Dumb Idea?
Surgical Adhesive Offers Smarter Way to Mend Bones
Get Smarter Technology on Your Mobile!
  Database


Oracle Shifts to Quarterly Patch Cycle



 By: Brian Fonseca
2004-11-18
Article Rating:starstarstarstarstar / 0


There are 0 user comments on this Database story.


Rate This Article:
Poor Best
The database giant now says it will issue security patches four times a year instead of monthly.

Oracle Corp. plans to announce yet another change to its security patch release process.

Three months after adopting a monthly schedule to roll out security fixes, the database management firm says patches will now be issued on a quarterly schedule, beginning January 18, 2005.

It effectively means that Oracle customers will get four Critical Patch Updates a year—January 18, April 12, July 12, and October 18—instead of the 12 promised earlier this year.

Resource Library:

Oracle has been heavily criticized in the past for adopting a lackadaisical approach to addressing critical security flaws.

The issue came to a head at the BlackHat conference in Las Vegas this year when research firm NGSS (Next Generation Security Software Ltd.) released details on more than two dozen security holes in Oracle products that had not been fixed.

At the time, NGSS said Oracle was aware of the vulnerabilities—some of them critical—for several months.

Officials from Redwood City, Calif.-based Oracle have confirmed the first security patch offering will include fixes across Oracles database products. No other information was provided on which Oracle database versions will be targeted, or which other software lines would be addressed by the inaugural Critical Patch Update.

In general, the quarterly security patches will address flaws and vulnerabilities on an as-needed basis for Oracle Database, Oracle Application Server, Oracle E-Business Suite, Oracle Enterprise Manager and Oracle Collaboration Suite at the time of each rollout. Security patches offered in preceding Critical Patch Updates will automatically be part of each following quarterly update for customers who may still be unprotected if they missed any prior security updates.

Critical Patch Updates are scheduled to be issued to customers simultaneously via MetaLink, Oracles online support Web site. If no security patches are needed at the time a quarterly update is scheduled than none will be offered.

Click here to read about Oracles first-ever monthly rollup of security patches.

Oracle officials said the adoption of a new cycle is an attempt to avoid customer surprise with numerous patch "alerts" and guard against interference with common blackout periods when systems are traditionally not updated.

The company believes that giving customers enough notice to properly prepare for the required patch installations will result in less costs and reduced complexities.

Oracle officials said the company will reserve the right to institute a security patch alert at any time and without warning to customers if vulnerabilities are severe enough to warrant a patch.

Additional reporting by Ryan Naraine.

Check out eWEEK.coms for the latest database news, reviews and analysis.



  Reader Comments: Oracle Shifts to Quarterly Patch Cycle
>>> Be the FIRST to comment on this article!
 

 
 
>>> More Database Articles          >>> More By Brian Fonseca
 


x}ks8q8c"e=lGJɖhcY^K7SJE1ErIʎ2wro7)?2s&)6ЍFh@ޛ$\8aSsE1F>=zg{HRsoM#5 J;AFT :,t}w5k9 Mz=>;|9|@D%3jNgACm1S{zc_6ڔ2zũ9o2 fE63&IEJǤ~9KKQ/w,8!a}N$J g.5oj Q19,^b&{By2%;^0k>BaU70vK]K[@SѠ*v25vk6^;4 ȅ3oOni=TS͝ L=iTVVGV;&3ýtXF?Dc9 NZ]!RhsӂhYlɧ9 \d`ԏPL0H<~0[ QM%$7 .8Q* G[0~b>4I҅N؎MWEnڏMھx5v9 8& z5 wjH??q74Fa% ;Ef4 ؗcY֌,`F-S-4uDU*#^*kգщVr_7mù-^|1q*sܢ͇_Qop}U GAݍƖfm[h[I"ijY=uϮ\?u.. N.|#kL V)Uj\>'ȇ Tr3 u3P\3apQY-'jR?ѓ,f3} 3+i3YNa[~2t.C9ϟ̒Y JUdva ?ޙ:75Mݿ5iw>u:d#t>+?_fV'Z-[O{uH2|kh`;;R^9[dӋ)H|S>M~ػ =M%˝)$\t< ,_ fk7 JKe9" : P;N}ƆN(GGGmҌj 9B%υy(7!hr Q@e)#8?3̓IhJq䰉c,YSl؅ RMǯye "}PE4G[fT}OWJ${3BDȝ`g@ BD4?CC0&pt/\~_ .Σwaw7ں9Qۤ kk\M7Uя0=,;{<ﴆ;m2_ Z:0*>cq4Y`E-. :7Z(6RCxtN~ _1p-~qf0B m] :VP|E0`贁;mN_{0XP? M/6G˥ 4}f>;$äpV83 5CuӅݰ=Wԇ9(G`I l"v| c9м`yna23CF{7t,5,/{@`\@Z8`$8ʼE ]qk B7}ŜiM L<ģB~q (~9-7RO^axrI2% EEKy3@ $h-4Oaz.mb?I~ޑvR9LZ '9Rɻ=!ԑtLR|τÔ=*%nqR%a 934YIjL=?뺾i1!G,D`v9J,L.h)jܲ aDUutBބdb&,au}=]AZ-|' m L3F3pEql90SϹx (Y`6Ê0ӊYs3 s>xFXvGMm ݜ6,g>#&B~`Z&4$ 7s%準I"yTX% 3=Ͱ&p:+owznré&9|YrY2ۿ%RyUPS7˕L4+׬MPM g2)*[hyrt+PX3nR>Jij?Ք{`CLE2a3?%fQ/0}̙S3BZsOsR| ~2-m$֚eRuk"$l *zmXW@:4@0[_Xuo jQ6tT(6АT um:aXVGJ]F!1~ha2(9Jp3w{{jN`a;C+eE.W˟AzE-xK[ʸASAjH[ ҆b|ku9.PCϱȧvo6*gϣ(a!w1 JkX"L U+=t%\42.|O V,'0{Kgбsbma88אָ eK^HI6ϯ; V!2D+ه0`NL EFw6R^ 0iXW+Ĥ_&I?րH{A2,exY.5mILr 'jY$ Ei. "8So>5 < ĉ\rĨ0uIغ?])2q͝a&?@R)Ö1sglim';ǙZT'ROքk&.}yL DA#E . B m!\bj H"ԫ5 `pl@;RԒtZC ^qq JIhdT_x>P7Ϗ9(gd%d)GHV/뵘PR*Z 7+|&-)R3KuqL& '|m9ܷ7\Fe^>\:JoG?#0t.tȕds|eLVմlxXa<*U*I3$#v%*'L90='fQ9/즮?!gj j8z3ǾhݤS>ɑ1[DDz`{ n( ?K[3]W" OQ: A\=1< f`QtEa6Ni-M[ P}X9I h5[S GŕR cn7 3Zbzž.n(QW֢n`7bBc$D!3 #2z q[kh0mf;;pL' e[h+sJbOW2EݙizvunFIT^E3p{9~fKޒ,ga9;pi#uQby*Am!/5r-}6&q3旁 /hy4抪V] b&T~\yYRglg^a+o_3OwOž~TEpaNqgTo ZAS40ѻMklޥ0͜9i /ZOR4sp>lz*j gHVW4qMݗo8mIcodk R{4@,5yX JhU m{\ cw=]ITY) q ΀LdvXU񋰷83pa-X.ՕH)k(Gݩ?^nɵ:0fI0D|)>|T#UV)RBЛ'Q!vY%"ZAY_MkO[hs)p -B0_\PF.^Ge2wI$̸yF0ŗ1%GK'oH@lXC-B5MnIo.Z[2&v ˽'jD@KY #f#ENKj^$t`)۳"%8tpL\'eM=Js5{uk{<#ɟ?9?qwH3F| w1z]Ujɏ{_ 1i#uL9ֿ({He~W9ـo9 |Z-G5+NdP\xO+4CN\i+TgnB'wƒ"'! M43,`jrUܚ㏌&м~>Z/>I п"}QLXUv٩k cyó&m!'LGϢ}n{U}޿J^12`^=G}#WAw_ab>!;wQQ^qkq O,}U^;8&/RzGQ^ٷgP K)rF16fd߫]}jw5a>F)$ _9k]^/~/ ^vdcxxLR@!hWHN:<eShMF2 0S65!麫?72lzA-q_;לY0z%BZOUe z EUO:M6&k?זdN-j `ֳsDϝ́(|@3Ibع&iWO$ tyD/^W{.||(=~![3ZxEu?qF.ҟ Fi'  ]s_I}i^wol'-UFᆎy J}~l/t>D(E_c[{c׫Ȋ̅S.r NZx~2&lꇵwD Zb̔:q KMnglxnM-9&p$~qI̼V&v Fؓqi+"@ыO-1-}O&b k4ٮgTgLZ2i_Vo`X bi"W&5f9X.}Fz:caߎFՊ4EHL);2TB?"zZ8=^Ҧ o>;Hjd/KIy&&Ĥ⍭>E_ +|Lx9XLG_ЊO py;ayʔQ;XS$lL'|Q~0n!f+۠1&&|;Yo!6jPh|ĝANc $*ŦDZv̥X i-[ q $lငMߥz"Bz=2ͧbIY4ьh~g@ģ93 Ζ()P 4c"CD6Ueʋ͎9h߂QLiLO"jf?rOi37]؉esTKaAt1Z0, |Do&}abV*P\;]uY~\0|W~,(q40Hڧa {^Ȋjɇvsڻ:vyTpqڜA h.DZkFѶk󘈿`vRo)u IUTWXb(fIoIcߖӲBH7#|0>=4ģcLo:K/mmiƒk1$0jm2@0@(! C" 9վ}Juw:4RN)?%{J1ЪikKL>&Usۘg߼x6sV9܇5 Q.% O@`A )B UNYh^ܡrNХuh]aaOՄPJ$/1$$c|K9N;ns}ǹpMtx*{aB{tS[#f<!Qn殺#C%Ë/r8S &7lpK-A]a=`h0W1R&ۄG॰+k?G! fZ% 0Phk`xWjH[icMbNIh|cx<%6Tra?̗BJ̜eHxY;``+R2y6 1?<6sW֮w{A`7KHhʱ~:8^أ͍h»$z$n}w)a$ltvԞϩĂmXe],"n: ۄb!aro:5V6saܡ;8LH=l!0@1a $D8$"e'{s7Sd_|yn%qTHv/'6S`+HxYVX!Vw1C.#Fqシ?#MUI P֌pvC y6Xxۗ(hHeɔD᷆Ip6zNҬ[HܭV/Hx8<u /iF(VyӔUsVs!('E#~\UQf=:ZVY,Effqնy糙fc ~ P2O3@84[I/NlI$8ǦpI8gYXCn ç^q75]D/cY_>W'9EM _ K}~6-; Ɔ/*`C`R 'K҈a4#h{8R9T?^<@&F}d@ aDX&l_ZvGeπO3ٿggqtGJ xS Y+ Z?Gy`R3\)B7o|qH e_M BA)ȁbòW7c37 <~܋n "p+R4Ha敊zXWSw4ZxuBbK&caL˭txZډrL+݊wO^$pr|w\\]Ovƌ͎2%'4 㽻W"|17 ;a!m:w^`ci7tK1ft+ >Ѓ_Đ|LϱA:Ə_sn?Ja.=1ŕ%g{3Yq(J-!Zq.]F Rl3]٦v lA2̥4 ?R)!_s JC;szc6i&"&GL]{]h5!<#ZKi[x2+OckSPti) d ńaUfwܠe؃5T?0м~#n_ziIb+O>@2po:~U.TkZy5;jN黇d>MQdRNґu Ym;A=~[jDLROX j0#XDZ]7}D'鍀CN_hb#F0ix(f~hu/efp; d!/k`qXțk=@ScGVU &wlt r`(V<"q]B8!iNrooFtT*c+$u2c:/ lZh[IED#ThbGA#Os `w:pxX0!, YC) Q?򽉱0u \)9s!aZ;;təcdh7>x)`/G(8i67anq4ħElHB34[EEF(Q+Q~ Z>3ʑӇ@v' ϶}3.>Bﻅn3ʡ݌{Qfà0( 執_ 05{{~/ >зAЧAg/?QF/32CA2{P(K >>~~g+ 2޿?2 3o(_3*>e )~7P~U{7MF77$)cVpv*4RhfK "SV9,.3ʏ&c 4tk 7b[y@Yp&}:=W6vl+Jy.+ܪ}:QOXE)9+8G#aN@A殅;ޒb>s2 'գ6oL~<g܊nOArtr m>v3ySG^yPoxZLԸXGpoQV" #"5 ri3׃>Vqz`= ڋy>Y2h(d4|s&p&!H8?0HL{HNť8a>5]g  !fR}+=qqo8S4c[&4H]ꡪ*5TkZpWrn9〈P RKuW9 طV*5rF(RB4|G?oҫ&9!C;b{hǜ[ɖ@=J^?&G&|i f ۼx-ylytގe08 Y0P*`%Kמ;Ƅ^-Ƭ$rr gLvjx{]JA^֌٭V"Fn"4wPs@Ox,KX[ f)g-ԛ/4 4<;4TyEYؾ`«+5oDB΄[5W ˖ bX1\:"V| S [0FlXXHr ;= ]$]a!s\,>Rh~OX \G`͇~2K% ME\.QeLYD!Y;`3ݤ1lx_[cIW/1 wJ3 >qg|/޺dF+M߰oN-'c@௿I`Xk4{s#3΃̯fڝSLJ0u;f杻 {P+9 !n+GAflk8cXK1wSWw-['Հ& oL߳[2|cBLr pI$i/0̄wG MĮfAj?´_X  M ~^8-QO$|.G?&M[0|FK`b?94#&{>}D.q-sEUאU,&J  ~~J3!馃%؉GΗcӄ2~5W,\ {+2‡_i w EݙcE^M 27& 6LG3 hFN|`ưz< h :BQZb-ă7 n='IDOiӦMMf@gU+X읛fcz1gbV!qdfZ-[&@-U`0r`ehDSL.Ty" *>% /i˿%:Fo OX>6كl2m~>7Q$LyK~Qx3JJ B Oɮx"@FD0" m`2o̝upvVbRv ?93_(6 79Buy@t[D hex* ASVJrX}P/):OOgsZM<v"B75`=ʒHl\s(|9NQiãǍXoǸ׬[ ( qy6/D_f˟]lׁS#mHOTFE[®":s`xwy]eEP1S9?$Il} ralX ^|޹+o;ЉeruWhA@`V\3zf7tZЮ q3MgCgSa+%cPZYbcL0GW{&Lۯ 92lt* X61ˢŬ"D0ȭ'Z:tsh{h۟Y THهl*~&T/,{ нT~xBK-^|ϋ{_ CEx>WNENE<<oSf}#)VSL_X__,Q>i*\`,b/@Xqϩ8Wo ?_t֮+wBy޿J^1$ghvV;|><|v1 ®2JbQ'.t߽o(>_coli-/=m}xwxٖŠҒ%!۝4!ջjwɊxU޿`(XEh_'`bhP5]h(jU%I#;on[b$- U.Q^u o]F駐M+ d.%rRbҍR4r0>b֎6&|wZ2cë嵱_ l'y!