Yes I noticed, and the fix is in fact patchset 10. patchset 9 affected one of our web form apps, now we are leery of applying patchset 10 without prior thorough testing.
But now it has become a security issue. I went through a bit of a rigmarole with Oracle Support a few months ago, trying to get the Metalink techs to tell me whether we should apply patchsets or not - the readme files say no, the techs often say yes. I thought that I could corner them by asking if security bugs are included in patchsets, but they never gave me a clear answer. We did go through the full circle, and I did get something that vaguely resembled an answer, but it took many iterations and it still wasn't as clear as I would have liked. Now I have my answer. Not sure, but I think patchset 10 takes them one patchset away from windowsXP support. Regards, Patrice Boivin Systems Analyst (Oracle Certified DBA) -----Original Message----- Sent: Tuesday, June 11, 2002 9:38 AM To: Multiple recipients of list ORACLE-L Hi all, Security Vulnerability in Oracle Net (Oracle9i Database Server) Doc ID:198544.1 ALERT: Buffer Overflow Vulnerability in Oracle9iAS Reports Server Doc ID: 198531.1 Nothing trusty under the skies. Regards, -- Alexandre -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Alexandre Gorbatchev INET: [EMAIL PROTECTED] -- Please see the official ORACLE-L FAQ: http://www.orafaq.com -- Author: Boivin, Patrice J INET: [EMAIL PROTECTED] Fat City Network Services -- (858) 538-5051 FAX: (858) 538-5051 San Diego, California -- Public Internet access / Mailing Lists -------------------------------------------------------------------- To REMOVE yourself from this mailing list, send an E-Mail message to: [EMAIL PROTECTED] (note EXACT spelling of 'ListGuru') and in the message BODY, include a line containing: UNSUB ORACLE-L (or the name of mailing list you want to be removed from). You may also send the HELP command for other information (like subscribing).
