| Abstract: |
Ever wonder what is being fixed in an Oracle Critical Patch Update? As a follow-up to the 2007 IOUG SELECT Journal article "Oracle Critical Patch Updates: Common Questions", this session will provide an inside look at the Critical Patch Updates (CPU) and the security bugs fixed by the CPU patches. Understand what are buffer overflows and SQL injection attacks by seeing how these types of security bugs compromise the security of the database. Learn about the complexities of the CPU patches including certification issues, patch differences across operating systems, and why the latest database version may have not yet released security fixes. Best practices for installing and testing CPU patches will be discussed. |
| Track: |
Architecture - Enterprise Security (e.g. Firewall, LDAP, hardening best-practices techniques)
|
| Product Line: |
10g,11g |
| Expertise: |
Beginner |
| Prerequisites: |
Basic Knowledge of the Oracle Database |
| Objective 1: |
An overview of the Critical Patch Update process |
| Objective 2: |
What type of security bugs are fixed in a CPU |
| Objective 3: |
Best practices for installing and testing CPU security patches |
| Session: |
120 |
| Date: |
Wednesday, April 16, 2008 |
| Time: |
1:30 PM - 2:30 PM |