Steve, who is using PeopleSoft, started to get exposed to Oracle's patches. He writes:
"I'm the security admin for a organization which uses PeopleSoft, which of course was purchased by Oracle last eyar. This meant, unfortunately, that I had to start subscribing ot the Oracle Critical Patch Update. [...] I've never figured out how to get actual details on the vulnerabilities it lists. [...] Maybe one [of your diary readers] can offer a tutorial or some tips" Kilynn writes that you can signup for notifications at http:/www.oracle.com/technology/deploy/security/alerts.htm . This will also provide access to the "Risk Matrix" which should also help in applying the patches. However, to know more you need to signup for a "MetaLink" account, which appears to be reserved for Oracle customers. (Actually the original poster, Steve, mentioned the risk matrix, but it wasn't too much help for him without details to adjust it for his environment. It wasn't clear to him how to get access to MetaLink as a former PeopleSoft customer). I will be teaching next: Application Security: Securing Web Apps, APIs, and Microservices - SANS London June 2022 |
Johannes 4479 Posts ISC Handler Apr 19th 2006 |
Thread locked Subscribe |
Apr 19th 2006 1 decade ago |
Sign Up for Free or Log In to start participating in the conversation!