We currently have an Oracle package with a number of discovered flaws and it has taken considerable time for Oracle to fix. Even with the understanding that proper bug fix, testing, and release does require a significant amount of resources; the issue detailed here is unacceptable. I would like to see how many companies are dealing with similar issues. Perhaps that information won't become public until a company actually suffers a loss as a result. All said and done, still a great product - just a shame they don't have the heat of competition to get things moving faster with these issues.

[ reply ]

Link to this comment: http://www.securityfocus.com/comments/articles/11252/32158#32158