[39574] in bugtraq
Re: Problems with the Oracle Critical Patch Update for April 2005
daemon@ATHENA.MIT.EDU (David Litchfield)
Tue Jul 12 17:14:28 2005
Message-ID: <005201c5869e$5e56aaa0$2100a8c0@ngssoftware.com>
From: "David Litchfield" <davidl@ngssoftware.com>
To: "Cesar" <cesarc56@yahoo.com>, <bugtraq@securityfocus.com>,
<ntbugtraq@listserv.ntbugtraq.com>, <vulnwatch@vulnwatch.org>
Date: Tue, 12 Jul 2005 05:58:38 +0100
MIME-Version: 1.0
Content-Type: text/plain;
format=flowed;
charset="iso-8859-1";
reply-type=original
Content-Transfer-Encoding: 7bit
Hi Cesar,
> We always test Oracle patches against the bugs we have
> reported to them just to be sure the patches work.
<SNIP>
> (10.1.0.4) applied (we tested the patch on this system
> after April CPU relase)
Yep; that's why at NGSSoftware we're absolutely thorough about testing these
things. By only looking at one version, serious problems like this can slip
through the net.
As it happens, after retesting, having used Oracle's suggested remediation:
exec sys.dbms_java.loadjava('-v -f -r -s -g public rdbms/jlib/CDC.jar');
there are _still_ problems. The new java classes are still not being loaded.
To properly fix the problem use the loadjava utility:
$ cd $ORACLE_HOME/bin
$ ./loadjava -user sys/password ../rdbms/jlib/CDC.jar
On all our systems executing the above solved the problem whereas the
DBMS_JAVA.LOADJAVA procedure did not.
Cheers,
David Litchfield
NGSSoftware Ltd
http://www.ngssoftware.com/
