- 11g Release 2, versions 184.108.40.206, 220.127.116.11
- 11g Release 1, version 18.104.22.168
- 10g Release 2, versions 10.2.0.3, 10.2.0.4, 10.2.0.5
- 10g Release 1, version 10.1.0.5
Oracle provided us with a download of the patch in advance of its release today. Although we've run preliminary tests and confirmed that the patch prevents some forms of manipulation of the SCN, we do not know how Oracle's remedy will fare in complex, interconnected database environments.
So I'd like to invite all Oracle customers who install the patch to contact InfoWorld and let us know about your experiences.
In the interests of protecting Oracle customers from malicious attack, we refrained from releasing any information about the vulnerability until today. Now that our story has broken, we want to hear from Oracle users about the effectiveness of the fix -- including advice on how to apply it, particularly in complex environments.
This article, "Calling all Oracle customers," originally appeared at InfoWorld.com. Read more of Eric Knorr's Modernizing IT blog, and for the latest business technology news, follow InfoWorld on Twitter.