[ubuntu/trusty-security] firebird2.5 2.5.2.26540.ds4-9ubuntu1.1 (Accepted)

Mike Salvatore mike.salvatore at canonical.com
Tue Apr 2 12:42:30 UTC 2019


firebird2.5 (2.5.2.26540.ds4-9ubuntu1.1) trusty-security; urgency=medium

  * SECURITY UPDATE: Authenticated remote code execution
    - debian/patches/CVE-2017-6369-1.patch: Fix for CORE-5474: 'Restrict UDF'
      is not effective because fbudf.so is dynamically linked against libc
    - debian/patches/CVE-2017-6369-2.patch: Postfix for CORE-5474: unresolved
      symbol in FBINTL
    - CVE-2017-6369

  * SECURITY UPDATE: Denial of Service (Segfault, Null ptr dereference)
    - debian/patches/CVE-2014-9323.patch: Fixed CORE-4630: Segfault in server
      caused by bad packet
    - CVE-2014-9323

Date: 2019-04-01 18:05:13.006292+00:00
Changed-By: Mike Salvatore <mike.salvatore at canonical.com>
https://launchpad.net/ubuntu/+source/firebird2.5/2.5.2.26540.ds4-9ubuntu1.1
-------------- next part --------------
Sorry, changesfile not available.


More information about the Trusty-changes mailing list