Latest DBMS Security Patch Levels – Updated
Posted May 11, 2012 by Alex Rothacker in Best Practices, Database Security, IBM DB2, Lotus Domino, Misconfigurations, MS SQL Server, MySQL, Oracle, Sybase ASE with 3 comments
TeamSHATTER keeps you up to date with the latest DBMS Security Patch levels to ensure you are protected with the latest security fixes.
Last updated 5/11/2012
| Edition | Latest Patch | Release Date | Comments |
| Database 11g R2 Database 11g R1 Database 10g R2 Database 10g R1 |
Critical Patch Update April 2012 | April17th 2012 | |
| Database 9i | Critical Patch Update July 2010 |
July 13th 2010 | Out of support. This was the final patch for 9i. |
Reference:
http://www.oracle.com/technetwork/topics/security/alerts-086861.html
Next CPU is due July17th 2012
MySQL
| Edition | Latest Version | Release Date | Comments | |
| MySQL 5.5 | 5.5.24 | May 7th 2012 | ||
| MySQL 5.1 | 5.1.62 | March 21st 2012 | ||
| MySQL 5.0 | 5.0.96 |
|
On extended support. Active Support ended on Dec. 31 2009 |
Reference:
http://dev.mysql.com/doc/index.html
Microsoft SQL Server
| Edition | Latest Version | Release Date | Comments |
| SQL Server 2008 R2 | Service Pack 1 v10.50.2500.0 |
July 11th 2011 | |
| SQL Server 2008 | Service Pack 3 (v10.00.5500.00) | October 6th 2011 | |
| SQL Server 2005 | Service Pack 4 + Q2494123 (v9.00.5292) |
June 14th 2011 | Mainstream Support ended on Apr. 12th 2011 |
| SQL Server 2000 | Service Pack 4 + Q941203 (v8.00.2273) |
September 26th 2008 | Mainstream Support ended on Apr. 8th 2008 |
References:
http://support.microsoft.com/ph/14917
http://www.sqlsecurity.com/FAQs/SQLServerVersionDatabase/tabid/63/Default.aspxIBM DB2 LUW
| Edition | Latest Fix Pack | Release Date | Comments |
| DB2 9.8 | Fix Pack 4 | August 2nd 2011 | |
| DB2 9.7 | Fix Pack 5 | October 28th 2011 | |
| DB2 9.5 | Fix Pack 9 | March 6th 2012 | |
| DB2 9.1 | Fix Pack 11 | November 15th 2011 | Support ended on April 30th 2012 |
| DB2 8.2 | Fix Pack 18 | August 14th 2009 | Support ended on Apr 30th 2009. This is the final Fix Pack. |
Reference:
http://www-01.ibm.com/support/docview.wss?rs=71&uid=swg27007053
IBM Lotus Domino
| Edition | Latest Fix Pack | Release Date | Comments |
| 8.5.3 MR | Fix Pack 1 | March 23th 2012 | |
| 8.5.2 MR | Fix Pack 4 | December 2nd 2011 | Upgrade to 8.5.3 |
| 8.5.1 MR | Fix Pack 5 | October 19th 2010 | Upgrade to 8.5.3 |
| 8.5 | Fix Pack 1 | July 29th 2009 | Upgrade to 8.5.3 |
| 8.0.2 MR | Fix Pack 6 | July 26th 2010 | |
| 7.0.4 MR | Fix Pack 2 | June 30th 2010 | Support ended on April 30th 2011 |
| 6.5.6 MR | Fix Pack 3 | April 24th 2008 | Support ended on April 30th 2010 |
Reference: http://www-01.ibm.com/support/docview.wss?uid=swg27010592
Sybase ASE
| Edition | Latest Patch | Release Date | Comments |
| ASE 15.5 | ESD #5 | December 22nd 2011 | |
| ASE 15 | ESD #4 | September 17th 2010 | For installations with JRE installed, install Henry Patch |
| ASE 12.5.4 | ESD #10 | November 20th 2009 |
Reference: http://www.sybase.com/products/databasemanagement/adaptiveserverenterprise/technicalsupport
Oracle CPUs
Comments
RE “Latest DBMS Security Patch Levels ” webpage: Would it be possible to post the availability or release date for the versions or fixpacks that are lsited? One of our problems is that our database standards call for the application of patches and such. The release date is a valuable piece of information in dealing with managers and presenting findings (patch has not been applied in the XX months since it was generall avaiable. PATCH NOW!)
Hi Bruce, thank you for your comment and excellent suggestion. We will be adding that detail shortly to the pages.
Bruce, thanks for the suggestion. I reworked that page and it now has release dates for the patches included.
Leave a Reply