back to article Oracle working on at least 13 Heartbleed fixes

Oracle has emitted its formal advice about Heartbleed, revealing it has 13 products that need a patch and 14 more “which may be vulnerable”. Detailed here, Oracle points out that all its cloud services should be Heartbleed-proof, and that six of its products – including Oracle Linux 6 and Solaris 11.2 – were vulnerable but can …

COMMENTS

This topic is closed for new posts.

This post has been deleted by a moderator

Anonymous Coward

What should be interesting

Is to know exactly how much money or resources Oracle has contributed to OpenSSL, or for that matter, all the FOSS products they use. That way we'll know how much of the hefty Oracle license fees are being used in actually improving the products they sell instead of buying airlines or islands.

Same for all the Akamais, Junipers, Ciscos, etc of the world. Making profits from something available for free, without apparently too much concern over the quality or fit for purpose of what they were using in a key component does not seem to be right.

3
0
Bronze badge
Childcatcher

Re: What should be interesting

I agree, though these companies are hardly unique in failing to ensure the security of their resources. There are plenty of examples of this to be had with a quick read through the history books... or the financial section of any major newspaper.

On the other hand, I think that Oracle is taking the correct approach in dealing with the immediate issue. They give a list of their products' status, including that some are in process. I dislike Oracle in general, but they seem to be doing things correctly in this instance.

1
0

Re: What should be interesting

Oracle's not the very best company in the world for giving back to the community, but they do have MySQL, InnoDB, Java, OpenOffice, VirtualBox, and more - that's quite a list of widely used free software. All came from acquisitions you say? I suspect so did those products that are using OpenSSL.

1
0
SJG

Re: What should be interesting

In the latest analysis, Oracle is the 13th largest contributor to the linux kernel with 1.3% of changes. Notable by not appearing in the top 30 despite their business models being substantially reliant on Linux are :

Amazon

Facebook

HP

EMC/VMware

SAP

Yahoo

Twitter

... and none of the bigdata startups who are all totally reliant on Linux.

1
0
Anonymous Coward

Re: What should be interesting

Very true, and it is time to ask those which of their products are affected by this bug and how much they have contributed to the ton of open source they use.

0
0
FAIL

Why should Java "have issues"?

It is so full of security holes, that one more problem should not make much difference.

0
1
This topic is closed for new posts.

Forums