Dear Alexander Kornbrust and Amichai Shulman , It's astonishing how customers are left vulnerable for _years_ trying to conceal hundreds of bugs under a single patch. Knowing what type of sensitive data I have come across on certain Oracle servers I wonder whether this strategy pays out for Oracle in the long run.
Quick Note to Oracle : Bugs are not only found by the Good GuysTM. (Kudos to your non disclosure endurance) Oracle Bug 5882923 : 875 days Oracle Bug 5883603 : 889 days Oracle Bug 5883621 : 874 days ago Oracle Bug 5802023 : 190 days -- http://secdev.zoller.lu Thierry Zoller Fingerprint : 5D84 BFDC CD36 A951 2C45 2E57 28B3 75DD 0AC6 F1C7 _______________________________________________ Full-Disclosure - We believe in it. Charter: http://lists.grok.org.uk/full-disclosure-charter.html Hosted and sponsored by Secunia - http://secunia.com/
