Categoria: Database Security

Oracle Database 21c introduced the new feature called "Gradual Database Password Rollover". This allows the database password of the application user to be altered while allowing the older password to remain valid for the time specified by the PASSWORD_ROLLOVER_TIME limit (PROFILE parameter). With this new feature, a password of an application can be changed without having …

Continue lendo

Oracle October 2020 Critical Patch Advisory changed objects performed by each database patch. For more details and the catalog, check the main post: Dissecting 201020 BP, PSU, RU and RUR What exactly changed for each? (click to see detailed line changes) 11.2.0.4 SYS.DBMS_PDB - PACKAGE BODY 11g (BP) 12.1.0.2 DVSYS.DBMS_MACADM - PACKAGE BODY 12cR1 (PSU) …

Continue lendo

I am quarterly writing a post dissecting the changes implemented by Oracle CPUs so we can understand better the modifications implemented by Oracle in our Databases. The following patches were analysed: 11.2.0.4 11.2.0.4.201020 DB PSU 11.2.0.4.201020 Exadata Bundle Patch 11.2.0.4.201020 OJVM PSU 12.1.0.2 12.1.0.2.201020 DB PSU 12.1.0.2.201020 Exadata Bundle Patch 12.1.0.2.201020 OJVM PSU 12.2.0.1 12.2.0.1.201020 …

Continue lendo

I am quarterly writing a post dissecting the changes implemented by Oracle CPUs so we can understand better the modifications implemented by Oracle in our Databases. The following patches were analysed: 11.2.0.4 11.2.0.4.200714 DB PSU 11.2.0.4.200714 Exadata Bundle Patch 11.2.0.4.200714 OJVM PSU 12.1.0.2 12.1.0.2.200714 DB PSU 12.1.0.2.200714 Exadata Bundle Patch 12.1.0.2.200714 OJVM PSU 12.2.0.1 12.2.0.1.200717 …

Continue lendo

Today I'm releasing v20.03 of ORACHKSUM! Now the tool was updated with latest MOAT369 API and also received all the July-2020 CPU cycle dictionary updates. For the ones who don't know what I'm talking about, orachksum is a tool that scans your database for malicious internal code changes (like tampering your DBMS_OUTPUT PL/SQL code), comparing …

Continue lendo