Oracle products hit by heartbleed vulnerability - anyone surprised?

[kai_uk]

Here is a list of products that need to be patched up - none available yet (no surprises there..). There is also no timetable for when they can deliver these security patches (still no surprises!)

BlueKai
Java ME - JSRs and Optional Packages
Java ME - Mobile and Wireless
MySQL Connector/C
MySQL Connector/ODBC
MySQL Workbench
Oracle Communication Application Session Controller
Oracle Communication Session Monitor
Oracle Communications Internet Name and Address Management
Oracle Communications Interactive Session Recorder 5.1
Oracle Communications Network
Oracle Communications WebRTC Session Controller
Primavera P6 Prof Project Management

VMware patched 27 of their products in 1 week! Why does oracle not care about security!?

 

[kai_uk]

It appears they have released some security patches - 104 of them :uncomfortableness:

Java updates fix 37 security flaws, why this product is so popular is beyond belief. No sign of the heartbleed patch yet so anyone who uses their products will just have to hope for the best!

 

[Sly14Cat]

I'm not surprised, SSL is still SSL no matter what product it is. Since Oracle keeps their products up to date, it makes sense that they would be exposed to Heartbleed. What's good is that they're releasing patches quickly and efficiently.