Sign in / up

back to article Oracle working on at least 13 Heartbleed fixes

Oracle has emitted its formal advice about Heartbleed, revealing it has 13 products that need a patch and 14 more “which may be vulnerable”. Detailed here, Oracle points out that all its cloud services should be Heartbleed-proof, and that six of its products – including Oracle Linux 6 and Solaris 11.2 – were vulnerable but can …

COMMENTS

House rules Send corrections
This topic is closed for new posts.
  1. Anonymous Coward
    Anonymous Coward

    What should be interesting

    Is to know exactly how much money or resources Oracle has contributed to OpenSSL, or for that matter, all the FOSS products they use. That way we'll know how much of the hefty Oracle license fees are being used in actually improving the products they sell instead of buying airlines or islands.

    Same for all the Akamais, Junipers, Ciscos, etc of the world. Making profits from something available for free, without apparently too much concern over the quality or fit for purpose of what they were using in a key component does not seem to be right.

    3 0
    1. Robert Helpmann??
      Reply Icon
      Childcatcher

      Re: What should be interesting

      I agree, though these companies are hardly unique in failing to ensure the security of their resources. There are plenty of examples of this to be had with a quick read through the history books... or the financial section of any major newspaper.

      On the other hand, I think that Oracle is taking the correct approach in dealing with the immediate issue. They give a list of their products' status, including that some are in process. I dislike Oracle in general, but they seem to be doing things correctly in this instance.

      1 0
    2. TheDoc
      Reply Icon

      Re: What should be interesting

      Oracle's not the very best company in the world for giving back to the community, but they do have MySQL, InnoDB, Java, OpenOffice, VirtualBox, and more - that's quite a list of widely used free software. All came from acquisitions you say? I suspect so did those products that are using OpenSSL.

      1 0
    3. SJG
      Reply Icon

      Re: What should be interesting

      In the latest analysis, Oracle is the 13th largest contributor to the linux kernel with 1.3% of changes. Notable by not appearing in the top 30 despite their business models being substantially reliant on Linux are :

      Amazon

      Facebook

      HP

      EMC/VMware

      SAP

      Yahoo

      Twitter

      ... and none of the bigdata startups who are all totally reliant on Linux.

      1 0
      1. Anonymous Coward
        Reply Icon
        Anonymous Coward

        Re: What should be interesting

        Very true, and it is time to ask those which of their products are affected by this bug and how much they have contributed to the ton of open source they use.

        0 0
  2. PeterM42
    FAIL

    Why should Java "have issues"?

    It is so full of security holes, that one more problem should not make much difference.

    0 1
This topic is closed for new posts.

Other stories you might like