My name is Stefan Oehrli. I’m a Swiss electrical engineer working since several years as an Oracle DBA. My main interests are backup & recovery, database internals, database security, infrastructure management and other stuff coming across my daily work as a DBA. On this website I share my experience and some of my thoughts in these areas with you. Among other things, you find my blog, a few scripts, links to some papers and presentations I have written or co-authored, list of public appearances as well links to other interesting web resources.
A list of the 5 most recent posts. To see a full list go to the Blogs.
- 10 July 2015 : Oracle CPU / PSU Pre-Release Announcement July 2015
Oracle has published the Pre-Release Announcement for the July Critical Patch Update. This Critical Patch Update contains 193 new security vulnerability fixes across all Oracle products. It looks like that this CPU does contain a bunch of critical security fixes for Oracle databases. Actually there are 10 fixes for security vulnerabilities, 2 of them are remotely exploitable. There is no [Read more...]
- 19 May 2015 : DOAG SIG Security Munich 2015
Just finished my presentation about Unified Audit at the DOAG SIG Security in München. It is about Oracle Unified Audit and a few considerations for migrating old standard audit to new policy based unified audit. The slides are available for download . Some impression for the event and my presentation.
- 15 May 2015 : Release of Audit Vault and Database Firewall 12.1.2 Bundle Patch 5
Today Oracle released the new Bundle Patch for Audit Vault and Database Firewall 12.1.2. The patch can be downloaded as usual on Oracle Metalink as Patchset 20829881 for existing installations. The full installation image for new installations is not yet available on Oracle eDelivery. I guess this will follow in a couple of days. Beside the Bundle Patch, Oracle also [Read more...]
- 20 January 2015 : Oracle CPU / PSU Pre-Release Announcement January 2015
Oracle has published the Pre-Release Announcement for the first Critical Patch Update in 2015. This Critical Patch Update contains 167 new security vulnerability fixes across all Oracle products. It looks like that this CPU does contain a bunch of critical security fixes for Oracle databases. Actually there are 7 fixes for security vulnerabilities, but none of them is remotely exploitable [Read more...]
- 2 October 2014 : Oracle Software Appliances and Bash Shellshock
Late September a vulnerability in the bash Shell has been published. The vulnerability also known as shellshock, was classified as extremely critical. Anyway, in the meantime security patch has been released for the different operating systems and bash implementations. A bugfix is also available for Oracle Enterprise Linux, which is used as operating system of the two Oracle software appliances [Read more...]