Oracle.com passwords
Just a quick note for anyone who has missed the Oracle Security alerts email. If you downloaded either Enterprise Manager 11g or Oracle Database 11.2.0.2 before November 17th last year then you downloaded a version of OUI that sent unencrypted passwords for your oracle.com SSO account to Oracle over the intertubes. Not Good. Oracle have updated the downloads of these products so you should replace the older downloads if you haven’t already. In addition Oracle recommended that your SSO account password was changed. What I missed at the time is that Oracle will enforce this by making the change for you on January 21st. So if you are affected it would seem prudent to make your own password change in the next 2 weeks.