{"id":"DSA-1529-1","summary":"firebird - multiple vulnerabilities","details":"\n\nMultiple security problems have been discovered in the Firebird database,\nwhich may lead to the execution of arbitrary code or denial of service.\n\n\n\n\nThis Debian security advisory is a bit unusual. While it's normally \nour strict policy to backport security bugfixes to older releases, this\nturned out to be infeasible for Firebird 1.5 due to large infrastructural\nchanges necessary to fix these issues. As a consequence security support\nfor Firebird 1.5 is hereby discontinued, leaving two options to\nadministrators running a Firebird database:\n\n\n\n1. Administrators running Firebird in a completely internal setup with\n trusted users could leave it unchanged.\n2. Everyone else should upgrade to the firebird2.0 packages available at \n [backports.org](http://www.backports.org/backports.org/pool/main/f/firebird2.0/).  \n  \n\n\n Version 2.0.3.12981.ds1-6~bpo40+1 fixes all known issues.  \n  \n\n\n Please refer to the\n [general backports.org documentation](http://www.backports.org/dokuwiki/doku.php?id=instructions)\n to add the packages to your package management configuration.  \n  \n\n\n These packages are backported to run with Debian stable. Since\n firebird2.0 is not a drop-in replacement for firebird2 (which\n is the source package name for the Firebird 1.5 packages)\n these updates are not released through security.debian.org.\n Corrections for potential future security problems affecting Debian stable will be\n released through backports.org as well.  \n  \n\n\n Arrangements have been made to ensure that Firebird in the upcoming\n Debian 5.0 release will be supportable with regular backported\n security bugfixes again.\n\n\nFor a more detailed description of the security problems, please refer\nto the entries in the Debian Bug Tracking System referenced above and\nthe following URLs:\n\n\n\n\u003chttp://www.firebirdsql.org/rlsnotes/Firebird-2.0-ReleaseNotes.pdf\u003e  \n\n\u003chttp://www.firebirdsql.org/rlsnotes/Firebird-2.0.1-ReleaseNotes.pdf\u003e  \n\n\u003chttp://www.firebirdsql.org/rlsnotes/Firebird-2.0.2-ReleaseNotes.pdf\u003e\n\n\n","modified":"2022-07-04T02:00:45.638607Z","published":"2008-03-24T00:00:00Z","withdrawn":"2024-05-15T05:36:14.135819Z","schema_version":"1.7.3"}