My name is Stefan Oehrli. I’m a Swiss electrical engineer working since several years as an Oracle DBA. My main interests are backup & recovery, database internals, database security, infrastructure management and other stuff coming across my daily work as a DBA. On this website I share my experience and some of my thoughts in these areas with you. Among other things, you find my blog, a few scripts, links to some papers and presentations I have written or co-authored, list of public appearances as well links to other interesting web resources.
A list of the 5 most recent posts. To see a full list go to the Blogs.
- 16 April 2014 : Update: Oracle and OpenSSL ‘Heartbleed’ vulnerability
While writing a post about the new Critical Patch Advisory I've discovered, that Oracle made the Information about the OpenSSL Vulnerability publicly available. The information in MOS Note 1645479.1 has been moved to OpenSSL Security Bug - Heartbleed CVE-2014-0160. Until now it looks like that Oracle Databases are not affected since they do not use OpenSSL. On the other hand products [Read more...]
- 16 April 2014 : Oracle released CPU / PSU April 2014
As announced last week in my post Oracle CPU / PSU Pre-Release Announcement April 2014, Oracle has now released the Critical Patch Updates for April 2014. Overall this CPU contains 104 new security fixes across several Oracle products like Database Server, MySQL Server, Sun Product Suite, WebLogic Server etc. For Oracle Database it contains only 2 security fixes, whereas one [Read more...]
- 13 April 2014 : Oracle and OpenSSL ‘Heartbleed’ vulnerability
Earlier this week the OpenSSL Project as well US-CERT informed about a Security Vulnerability in OpenSSL. See OpenSSL Security Advisory or US-CERT Alert (TA14-098A) The vulnerability may affect Oracle Products as well, since some of them do use OpenSSL. So far Oracle did not provide dedicate information on it's public Critical Patch Updates and Security Alerts web page. But there [Read more...]
- 12 April 2014 : Trivadis CBO Days 2014
The company I work for, Trivadis, organized again an exceptional event with top speakers in Zurich. This year’s focus will be on the Oracle Database query optimizer, also known as cost-based optimizer (CBO). The query optimizer is not only one of the most complex pieces of software that constitutes the Oracle kernel; it is also one of the most unappreciated. Why? [Read more...]
- 11 April 2014 : Oracle CPU / PSU Pre-Release Announcement April 2014
Today Oracle has published the Pre-Release Announcement of the CPU Advisory for April 2014. This Critical Patch Update contains 103 new security vulnerability fixes for several Oracle products. There are only a few days since the publication of the vulnerability CVE-2014-0160 known as "Heartbleed". Therefore I assume, that this patch update does not yet address the corresponding vulnerability. Nevertheless it [Read more...]