Last week Oracle released a workaround for an unpatched 4-year-old vulnerability in the database’s TNS Listener service. Security professionals believe Oracle is hurting its database customers through security negligence. Oracle has a long history of antagonism with the research community, experts say. The company did not release a patch for the vulnerability, but instead only fixed the issue in code destined for future releases of its database products. Oracle’s software security assurance director says code maturity is actually an indicator of database code maturity.”]
Source: https://www.darkreading.com/database-security/7-ways-oracle-puts-database-customers-at-risk