After reading the article, I went to oracle to download the patch and was very surprised that in order do download the patch I would have to Pay!!! To access the restrict area where I could get the patches I would have to had a contract with them, which costs about 22% of the licence I already have. I tried to explain them by phone and email that was not my fault the fact that their product had this serious security flaw and all they said was their assistance in free basis was only during the first 3 months after install and "you would have a lot of advantages signing our support services". I dont want support as far we have almost half a ton of books on our development department and all the news group on the internet... There is nothing I can do now, except to pay to correct their very own error, but, on my company, I do not intend to deploy any others product which similiar politic$ for patches. The next time we need a database, it will not be an Oracle. I'd like to hear from the list if there are others companies/products with such an absurd policy. tks Jair ----- Original Message ----- From: "Aaron C. Newman" <aaron@newman-family.com> To: "Jeffrey M. Smith" <jsmithat_private>; <bugtraqat_private> Sent: Friday, June 29, 2001 8:06 PM Subject: RE: [COVERT-2001-04] Vulnerability in Oracle 8i TNS Listener > I also could not locate a patch or even a reference to the bug id either.
This archive was generated by hypermail 2b30 : Sat Jul 07 2001 - 13:27:55 PDT