On 28 aug 2012, at 08:47, Víctor Orozco <caba...@gmail.com> wrote:
In Linux distributions root privilege escalations are more common than the people believes but the difference resides in the fact that you can expect a patch in two or three days (as much) and the idea that I received from the sentence "Oracle has yet to comment on the reports or say when it plans to fix the vulnerability. The next scheduled patch release isn't until the middle of October" is not very comforting. Maybe Oracle have to improve his public relationships concerning to security issues :).
The Oracle policy has a bit more nuance than this -- for reference it can be found here: