sashton
Reputable Poster
Has anyone else noticed that the latest Oracle Quarterly Critical Patch issued on January 16, 2024 has several critical vulnerabilities related to tools release prior to 9.2.8.1 - so basically anything but the most recent? My security team is asking when I can have this "patch applied". I have 7 instances of E1 on varying releases, 2 of which haven't even had their 64 bit conversion done. This will take some time to mitigate. Really want Oracle to explain how/what they patched in a tools release that they can't release as a hotfix so we don't have to go right to a full blown tools upgrade. At least temporarily.