Yesterday, Oracle released a conglomerate of patches for much of the various software they offer. They include Oracle Database, E-Business Suite, Application Server, Enterprise Manager, PeopleSoft Enterprise, Collaboration Suite and JD Edwards HTML Server. A total of 65 different vulnerabilities were patched in the update, with Oracle Database alone accounting for 27 of the flaws. Oracle has taken criticism similar to Microsoft's, for their very long patch cycles that leave flaws open for an amount of time that some see as excessive:
Oracle again also caught flak for the its three-month update schedule. "Three months is way too longthey could come up with some workarounds in those months," said Swa Frantzen, an analyst with the SANS Institute's Internet Storm Center.
Regardless, if you happen to be in an Oracle environment it's good to know that these flaws have been fixed.