Today Oracle has published the Pre-Release Announcement for the october CPU Patch. This Critical Patch Update contains 109 new security vulnerability fixes for several Oracle products. 5 of these fixes are just for the Oracle Database Server. Continue reading →

The DOAG regional group is organizing together with SOUG a Security Lounge on the 24th of April. I'll attend this event with two short presentations on Database Security and Oracle Auditing. Continue reading →

Oracle has officially released the CPU / PSU Patches for january 2012. The Critical Patch Updates contains 78 security fixes across all products. But only two out of this 78 fixes are for Oracle databases. Continue reading →

Oracle has recently published the Pre-Release Announcement for the CPU Patch. This Critical Patch Update contains 78 new security vulnerability fixes for several Oracle products. 2 of these fixes are just for the Oracle Database Server. Continue reading →

I was on leave for the past few weeks. After digging through tons of e-mails I finally found time to look into EM 12 Cloud Control. Unfortunately, I've forgotten my SYSMAN password and the EM 12c test installation is no longer running. As you say: "Holidays where one forgets everything, must...

Oracle has just officially released the CPU / PSU Patches for october 2011. In contrast to the previously announced 56 bug fixes, there are now 57 bugfix. It looks like another bug fix for databases has been added to the CPU / PSU bundle. Continue reading →

Oracle has recently published the Pre-Release Announcement for the CPU Patch. This Critical Patch Update contains 56 new security vulnerability fixes for several Oracle products. 4 of these fixes are just for the Oracle Database Server. Continue reading →

Just realized, that the Patchset 11.2.0.3.0 has been released for Solaris SPARC 64 and Solaris x86-64 Continue reading →

Almost a week ago Oracle has released the latest patch set 11.2.0.3.0 for Oracle 11g Release 2. So far the patch set has only be released for Linux 32bit and 64bit. Continue reading →

It looks that not only diamonds are forever but also tablespace quotas. Due to the fact that Oracle has a history of tablespaces, it's kind of obvious that it also keeps information quotas. Is this an expected behavior? What could be the impact ? Continue reading →

Tablespace point in time recovery (TSPITR) in particular, the fully automatic TSPITR is not a 11g new feature. It is likely that this can be used without any problem. But it looks like that a bug has been introduced with the latest patchset (11.2.0.2). What is the problem and how can it be workaround...

Setting up database audit is fairly easy. Since the availability of DBMS_AUDIT_MGMT the housekeeping of the audit trail is just a trifle. After the introduction of DBMS_AUDIT_MGMT in an post early this February, I would like to take a closer look at the housekeeping of the Audit Trail and provide a simple...

When performing a database security audit various informations about users, roles and privileges have to be collected, including "who has unlimited tablespace on SYSTEM". It is quite easy to find user with UNLIMITED TABLESPACE or a UNLIMITED quota on SYSTEM. But what when the system privilege...

With 11g R1 Oracle introduced case sensitive passwords for database accounts based on the SHA1 hash algorithm. This feature can easily be enabled with the init.ora parameter SEC_CASE_SENSITIVE_LOGON. As soon as this parameter is set to true, all new passwords will be case sensitive. Existing passwords...

I've recently wrote an DOAG article about Managing Audit Trails with dbms_audit_mgmt, which has been officially introduced in Oracle 11g R2. This blog post is just to link the article and provides a few more information. Continue reading →

I’ve recently wrote an DOAG article about Managing Audit Trails with dbms_audit_mgmt, which has been officially introduced in Oracle 11g R2. The same article will also be in the upcoming SOUG newsletter. The article itself is written in german and … Continue reading →