Last week Oracle bumped heads with the database security community in a communications blunder that caused a proof of concept to be released for an unpatched four-year-old vulnerability in the database’s TNS Listener service. This week Oracle released a workaround, but still no patch, reigniting critics’ claims that the company is neglecting its database customers with shoddy patching practices.
Security professionals believe that Oracle is hurting its database customers through security negligence. Here are their charges. Dark Reading did try to contact Oracle for this article, but the company did not respond to inquiries.