Oracle Patch Day Becoming Irrelevant 76
mocirac wak writes "Oracle's scheduled quarterly patch day is becoming more and more irrelevant. Oracle critical patches announced in the April 2006 CPU are still not available for download and the ETA is now set for May 15. The whole idea of a patch day was to let DBAs get prepared for testing and deployment. What's the use of having a patch day when there are no patches to download?" From the article: "... Oracle's explanation that patch testing is not yet done points to serious shortcomings and an absence of a good patch development process. 'For such a big organization with a lot of financial resources, they should be ready to handle this without problems. But they are amateurs on everything security related,' Cerrudo said. 'They spend a lot of time creating these patches. Then, patch day comes around and the patches aren't available. Then, when the patches are finally released, it's normal to find that they are incomplete and fail to address the actual vulnerability,' he added."
From TFA (Score:2, Funny)
This Week on Ask Slashdot...
'Larry' has a company that sells database software and he's trying to get developers to release security patches that are both trouble free and actually fix security holes and other problems...and then finally get them to do all of this on time.
"Microsoft isn't good at security. We're good at that and I don't think sending a memo is going to help," 'Larry' states. Now he's turning to the
Is patch timing really an issue? (Score:3, Funny)
I could be missing the point here, and these are minor (yet critical) patches, but if they are, how come they are taking so much time to develop?
Re:From TFA (Score:3, Funny)
Unofficial patches (Score:5, Funny)