Today Oracle has published the Pre-Release Announcement for the october CPU Patch. This Critical Patch Update contains 109 new security vulnerability fixes for several Oracle products. 5 of these fixes are just for the Oracle Database Server. Continue reading →

Oracle has officially released the CPU / PSU Patches for january 2012. The Critical Patch Updates contains 78 security fixes across all products. But only two out of this 78 fixes are for Oracle databases. Continue reading →

Oracle has just officially released the CPU / PSU Patches for october 2011. In contrast to the previously announced 56 bug fixes, there are now 57 bugfix. It looks like another bug fix for databases has been added to the CPU / PSU bundle. Continue reading →

Oracle has recently published the Pre-Release Announcement for the CPU Patch. This Critical Patch Update contains 56 new security vulnerability fixes for several Oracle products. 4 of these fixes are just for the Oracle Database Server. Continue reading →

It looks that not only diamonds are forever but also tablespace quotas. Due to the fact that Oracle has a history of tablespaces, it's kind of obvious that it also keeps information quotas. Is this an expected behavior? What could be the impact ? Continue reading →

Setting up database audit is fairly easy. Since the availability of DBMS_AUDIT_MGMT the housekeeping of the audit trail is just a trifle. After the introduction of DBMS_AUDIT_MGMT in an post early this February, I would like to take a closer look at the housekeeping of the Audit Trail and provide a simple...

When performing a database security audit various informations about users, roles and privileges have to be collected, including "who has unlimited tablespace on SYSTEM". It is quite easy to find user with UNLIMITED TABLESPACE or a UNLIMITED quota on SYSTEM. But what when the system privilege...

With 11g R1 Oracle introduced case sensitive passwords for database accounts based on the SHA1 hash algorithm. This feature can easily be enabled with the init.ora parameter SEC_CASE_SENSITIVE_LOGON. As soon as this parameter is set to true, all new passwords will be case sensitive. Existing passwords...

I've recently wrote an DOAG article about Managing Audit Trails with dbms_audit_mgmt, which has been officially introduced in Oracle 11g R2. This blog post is just to link the article and provides a few more information. Continue reading →

I’ve recently wrote an DOAG article about Managing Audit Trails with dbms_audit_mgmt, which has been officially introduced in Oracle 11g R2. The same article will also be in the upcoming SOUG newsletter. The article itself is written in german and … Continue reading →