Your message dated Fri, 12 Dec 2014 21:34:50 +0000 with message-id <e1xzxro-0005rf...@franck.debian.org> and subject line Bug#772880: fixed in firebird2.5 2.5.3.26778.ds4-5 has caused the Debian Bug report #772880, regarding src:firebird2.5: Unauthenticated remote server crash to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact ow...@bugs.debian.org immediately.) -- 772880: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=772880 Debian Bug Tracking System Contact ow...@bugs.debian.org with problems
--- Begin Message ---Package: src:firebird2.5 Severity: important Tags: security upstream patch Forwarded: http://tracker.firebirdsql.org/browse/CORE-4630 According to upstream¹, firebird server versions prior to 3.0 can be tricked to a null pointer dereference by an unauthenticated remote client. 1: http://www.firebirdsql.org/en/news/security-updates-for-v2-1-and-v2-5-series-66011/ The fix is contained in revision 60322² of upstream's subversion repository. 2: https://sourceforge.net/p/firebird/code/60322/ -- dam -- System Information: Debian Release: 8.0 APT prefers stable-updates APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental') Architecture: amd64 (x86_64) Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores) Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system)
--- End Message ---
--- Begin Message ---Source: firebird2.5 Source-Version: 2.5.3.26778.ds4-5 We believe that the bug you reported is fixed in the latest version of firebird2.5, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to 772...@bugs.debian.org, and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Damyan Ivanov <d...@debian.org> (supplier of updated firebird2.5 package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing ftpmas...@ftp-master.debian.org) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Fri, 12 Dec 2014 19:38:13 +0000 Source: firebird2.5 Binary: firebird2.5-super firebird2.5-classic firebird2.5-superclassic libfbclient2 libfbembed2.5 libib-util firebird2.5-common firebird2.5-server-common firebird2.5-classic-common firebird-dev firebird2.5-examples firebird2.5-doc firebird2.5-common-doc firebird2.5-super-dbg firebird2.5-classic-dbg libfbclient2-dbg Architecture: source all amd64 Version: 2.5.3.26778.ds4-5 Distribution: unstable Urgency: high Maintainer: Debian Firebird Group <pkg-firebird-gene...@lists.alioth.debian.org> Changed-By: Damyan Ivanov <d...@debian.org> Description: firebird-dev - Development files for Firebird - an RDBMS based on InterBase 6.0 firebird2.5-classic - Firebird Classic Server - an RDBMS based on InterBase 6.0 code firebird2.5-classic-common - common files for firebird 2.5 "classic" and "superclassic" firebird2.5-classic-dbg - collected debug symbols for firebird2.5-classic and -superclassic firebird2.5-common - common files for firebird 2.5 servers and clients firebird2.5-common-doc - copyright, licensing and changelogs of firebird2.5 firebird2.5-doc - Documentation files for firebird database version 2.5 firebird2.5-examples - Examples for Firebird - an RDBMS based on InterBase 6.0 code firebird2.5-server-common - common files for firebird 2.5 servers firebird2.5-super - Firebird Super Server - an RDBMS based on InterBase 6.0 code firebird2.5-super-dbg - collected debug symbols for firebird2.5-super firebird2.5-superclassic - Firebird SuperClassic Server - an RDBMS based on InterBase 6.0 co libfbclient2 - Firebird client library libfbclient2-dbg - collected debug symbols for libfbclient2 libfbembed2.5 - Firebird embedded client/server library libib-util - Firebird UDF support library Closes: 772880 Changes: firebird2.5 (2.5.3.26778.ds4-5) unstable; urgency=high . * Apply patch from upstream revision 60322 fixing server crash (NULL-pointer dereference) with specially crafter service packet. Closes: #772880 Checksums-Sha1: 1fb952f03ccf5616c1d13d959732894a4da8dbd8 3271 firebird2.5_2.5.3.26778.ds4-5.dsc 9932cc582406be2adf7288c1facf7b34b443a599 113684 firebird2.5_2.5.3.26778.ds4-5.debian.tar.xz df95b6d6a94ccee13faa06582e60ade3e5dd4cfd 95912 firebird2.5-common_2.5.3.26778.ds4-5_all.deb c4627ee02090d3c74d19f005f7773b5887eff2da 164562 firebird2.5-examples_2.5.3.26778.ds4-5_all.deb f2b8af904efb98e5951333754e33ba84699f6703 175078 firebird2.5-doc_2.5.3.26778.ds4-5_all.deb c98d5e9fea9da52fdb6a44d5575c2f3ae96fb15e 654120 firebird2.5-common-doc_2.5.3.26778.ds4-5_all.deb Checksums-Sha256: 5ef0d35f74aa65a185061402396adbc8eddac51aac36b87e3e9925e6e0ae9331 3271 firebird2.5_2.5.3.26778.ds4-5.dsc 1955460fee1811f52f2d305babe3bc5061c394f7ea160f802551b8f40b589bb1 113684 firebird2.5_2.5.3.26778.ds4-5.debian.tar.xz 8a2e0e33b384c028f2dac2aa641930d52339919f253dfb50940e3cd04565b917 95912 firebird2.5-common_2.5.3.26778.ds4-5_all.deb 53631c304050424cb25141ff650a47f3391745b460d254749e1853302a3ff364 164562 firebird2.5-examples_2.5.3.26778.ds4-5_all.deb 0b53d39b9477eaf82b54c44d6044bcc55c86c3c4c51b49dccfc8e9b71bf78b27 175078 firebird2.5-doc_2.5.3.26778.ds4-5_all.deb 4143a869cf7a9066a6e1e6f0f82e5ae133129deca0c56fc1da9b204784cc4577 654120 firebird2.5-common-doc_2.5.3.26778.ds4-5_all.deb Files: 4fae1c6d56b5a9f813a0c3430e5981a3 3271 database optional firebird2.5_2.5.3.26778.ds4-5.dsc c079a7a19ba59fccfec8f4e2ee08517f 113684 database optional firebird2.5_2.5.3.26778.ds4-5.debian.tar.xz 185b4a8aa6edb4f76c0e28fbb96093a3 95912 database optional firebird2.5-common_2.5.3.26778.ds4-5_all.deb c91739ec6d6a45e86680cd38d1db99ec 164562 doc optional firebird2.5-examples_2.5.3.26778.ds4-5_all.deb 776733ee583f290c08ac587ced13be54 175078 doc optional firebird2.5-doc_2.5.3.26778.ds4-5_all.deb 11fcb4014cf9d3fb7e2c4ffbe9bc6e43 654120 doc optional firebird2.5-common-doc_2.5.3.26778.ds4-5_all.deb -----BEGIN PGP SIGNATURE----- Version: GnuPG v1 iQIcBAEBCAAGBQJUi17WAAoJENu+nU2Z0qAEMgAP/0EQp8s4z7RAB83Euknltg2Q CfH316ntApRjaI2kGwP1ob63bGTxlDTK/b9dkRzhdBP+gzSiNTNtQgPJzAWx2rDu nEbfHY/WVWNdsLprXwNgCrwtHxONPUHaJ0upOFCReAIGB4+dwf1lLEi6xAc327LR Uh2rAOd0ANqNMExYxF4R2hsj3BZeABbFSaTHjFzlqk547FG6vTLQO4lD6c8qJ5SM KsXEGVnBjZqxIakrMPAcu2YGkjeVvoNzjE7ecVuRCJrN1zW3pZuypATFeg9k/Nel c5tij38W+nKvX/Tn/eNnAgHqPOFp+maTXnB8WadHcIsxILue69ktYewlqK0FGsEE dn7EVb8hHsaVvYMfZnhX1FpXl4YvV75HiIXYJ1bYHoH1OsDtPw0u2jDN2CET4f8b XumUt1xwLI3YrblAByFBsJk9/vrckmyoIK8JG9u4o1qkUdwUxdiAxiQ2oDjSqoDM Tb+g8vpQfoQNhNm5gyCfg8dI65f56mLlN9lRWnY7iEy4HD1ldq0GSv8nq2TQB4s9 8wkqIVRI6qa1hWSFoOqPW3gar3+enwRo/4j8DX+0VrakySOMs0Atf8UdEUPhrwPW dDsP/eNLwTSqlND4ZkmMNGPZwMImhadKx93CnGS/bCTItBZDgYSr+PabW6P95ONN 1JAtLtWpNjcN0+B/uoyY =RsKU -----END PGP SIGNATURE-----
--- End Message ---
