And says 'read all about it!'...
Published: 1 March 2006 08:20 GMT
Oracle has issued an upgrade to its E-Business Suite 11i diagnostics module containing a number of security fixes, according to an alert from applications security firm Integrigy.
In releasing the upgrade, Oracle took an usual move by alerting its users about the security patches, according to Integrigy's advisory. Historically, the software maker has released product upgrades but not disclosed whether they included security fixes, Integrigy noted.
The Diagnostics Support Pack February 2006 with Oracle Diagnostics 2.3 RUP A aims to address security flaws in Oracle diagnostics web pages and Java classes, according to Integrigy. Oracle diagnostics, a troubleshooting module of Oracle E-Business Suite 11i, is designed to allow IT administrators to conduct tests when configuring and setting up applications.
According to the Integrigy report: "The significant [security] issue is [that] some diagnostics can be executed without any authentication, and it is possible to configure the diagnostics to be unrestricted."
The security patches are designed to limit access to the diagnostics tests.
Although the company releases quarterly security updates, "Oracle has not previously provided customers a notification that security fixes were included [in an upgrade]," Integrigy noted in its report. "We believe Oracle is encouraging customers to upgrade to the latest support diagnostics as a way to improve technical support and... accelerate the adoption of the diagnostics patch."
Oracle's next quarterly security update is scheduled for 18 April.
Oracle was not immediately available for comment.
Dawn Kawamoto writes for CNET News.com
Plan and execute patches, upgrades and product releases. Job responsibilities: include setup/install/configure/upgrade/troubleshoot/performance ...
Key Responsibilities Line management of a team of functional, automation and performance QA engineers Resource and task management of QA engineers ...
The role covers all aspects of development and support including upgrades, enhancements, access, fixes, patches, bandwidth issues, SQL queries, SQL ...
Agenda Setters 2009
Welcome to the ninth annual Agenda Setters poll – silicon.com's list of the top 50 most influential individuals in the technology and IT industries, from techies and CIOs to entrepreneurs and business leaders. Find out more in our latest special report.
Is Your Enterprise Architected for Tomorrow's Growth?
Improving IT service delivery through an integrated approach to software asset management...
TechRepublic Resource Guide: Software as a Service (SaaS) for Small and Midsize Businesses...
Download a Free Trial of SmartDraw: Learn why SmartDraw is the ideal alternative...
Stories from the web...
Copyright © 2008 CBS Interactive Limited. All rights reserved. Top of page
Digg
Slashdot
Del.icio.us
Stumble
Reddit
RSS Feeds
Clive Longbottom Windows 7: Not perfect - but ready for prime time Microsoft's latest OS fixes most of Vista's ills - but still has challenges ahead
Stephen Kleynhans Mind the details with Windows 7 Just because it might work better than Vista, it doesn't mean you can be sloppy