Thursday, October 14, 2010

Oracle Critical Patch Update - October 2010

JD Edwards EnterpriseOne: No items included in the October 2010 CPU

That's very nice to read, very nice indeed.  The question is this:  Why are there no patches?  Is it because the user base for E1 is so small as to not attract attacks?  Is our software that secure?  Is it because we are not actively searching for exposures?  Is it because we report them but they don't get passed on to Oracle's security team?

Feel free to discuss in the comments.

By the way, to subscribe to Oracle's Critical Patch Update Emails go here: http://www.oracle.com/technetwork/topics/security/securityemail-090378.html.
Subscribe to The Karamazov Group Blog - Get an email when new posts appear

2 comments:

Unknown said...

hi,


Had a problem with a Tool release, and it was that could DoS attack, you remember this?

You have the number of SAR or something else?

Was solved with 8.98.3.x

Thanks

Jeff Stevenson said...

See this:

http://blog.karamazovgroup.com/2011/04/enterpriseone-security-vulnerability.html