UbuntuUpdates.org

Package "firebird-dev"

Name: firebird-dev

Description:

Development files for Firebird - an RDBMS based on InterBase 6.0 code
Latest version: 2.5.2.26540.ds4-9ubuntu1.1
Release: trusty (14.04)
Level: security
Repository: universe
Head package: firebird2.5
Homepage: http://firebirdsql.org/

Links

All versions of this package
Bug fixes

List of files in package
Repository home page

Download "firebird-dev"

32-bit deb package
64-bit deb package
APT INSTALL

Other versions of "firebird-dev" in Trusty

Repository Area Version
base universe 2.5.2.26540.ds4-9ubuntu1
updates universe 2.5.2.26540.ds4-9ubuntu1.1

Changelog

Version: *DELETED* 2019-04-02 22:06:19 UTC
Moved to trusty:universe:updates
No changelog for deleted or moved packages.

Version: 2.5.2.26540.ds4-9ubuntu1.1 2019-04-02 19:09:03 UTC

  firebird2.5 (2.5.2.26540.ds4-9ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Authenticated remote code execution
    - debian/patches/CVE-2017-6369-1.patch: Fix for CORE-5474: 'Restrict UDF'
      is not effective because fbudf.so is dynamically linked against libc
    - debian/patches/CVE-2017-6369-2.patch: Postfix for CORE-5474: unresolved
      symbol in FBINTL
    - CVE-2017-6369

  * SECURITY UPDATE: Denial of Service (Segfault, Null ptr dereference)
    - debian/patches/CVE-2014-9323.patch: Fixed CORE-4630: Segfault in server
      caused by bad packet
    - CVE-2014-9323

 -- Mike Salvatore <email address hidden> Mon, 01 Apr 2019 10:19:59 -0400
CVE-2017-6369 Insufficient checks in the UDF subsystem in Firebird 2.5.x before 2.5.7 and 3.0.x before 3.0.2 allow remote authenticated users to execute code by us
CVE-2014-9323 The xdr_status_vector function in Firebird before 2.1.7 and 2.5.x before 2.5.3 SU1 allows remote attackers to cause a denial of service (NULL pointer


About   -   Send Feedback to @ubuntu_updates