Oracle and the #shellshock patch, really shocking negligence

http://www.oracle.com/technetwork/topics/security/bashcve-2014-7169-2317675.html

First they have a list of products for which there is a patch - by the way good luck with that

Than there is list of products that are vulnerable but for which there is yet no product available   42 products

than there is a list of products that shouldn't be vulnerable except if one has activated himself (or the programmer) a bash shell or because it is integrated in the OS one has used (or tweaked)

Than there is a list of products that is "still Under investigation. 17 products

And Oracle Cloud ? well that is also very 'open'

"Oracle Cloud teams are currently implementing relevant patches when they become available and in accordance with applicable change management processes."

and this for a product that is used in some of the most important applications and so on

The comments are closed.