-BEGIN PGP SIGNED MESSAGE-
Hash: SHA1
Martin Schulze wrote:
> This is CVE-2004-2043, please mention it in the changelog when you're
Great! Thanks.
> doing the next upload.
Sure.
- --
dam
-BEGIN PGP SIGNATURE-
Version: GnuPG v1.4.2.2 (GNU/Linux)
Comment: Using GnuPG with Mozill
Damyan Ivanov wrote:
> Here's a patch that fixes the crash. The fix is
> rather ugly IMHO, but this is what upstream proposed.
>
> Please apply it to stable version of firebird2.
>
> Unstable package is due for upload.
>
> More information (discovery, reproduction) on
> http://bugs.debian.org/35
Damyan Ivanov wrote:
> Here's a patch that fixes the crash. The fix is
> rather ugly IMHO, but this is what upstream proposed.
The patch looks good. I've requested a CVE name as well,
will upload fixed packages for sarge tonight.
Regards,
Joey
--
Of course, I didn't mean that, which i
reassign 357580 firebird2-super-server,libfbembed1
thanks
Hi,
Here's a patch that fixes the crash. The fix is
rather ugly IMHO, but this is what upstream proposed.
Please apply it to stable version of firebird2.
Unstable package is due for upload.
More information (discovery, reproduction) on
Processing commands for [EMAIL PROTECTED]:
> forwarded 357580
> http://sourceforge.net/tracker/index.php?func=detail&aid=1282031&group_id=9028&atid=109028
Bug#357580: firebird2-*-server: remotelly crashable
Noted your statement that Bug has been forwarded to
http://sourc
mp;atid=109028.
Recognized are: patch wontfix moreinfo unreproducible fixed potato woody sid
help security upstream pending sarge sarge-ignore experimental d-i confirmed
ipv6 lfs fixed-in-experimental fixed-upstream l10n etch etch-ignore.
Bug#357580: firebird2-*-server: remotelly crashable
Tags
Package: firebird2-super-server,firebird2-classic-server
Version: 1.5.3.4870-2
Severity: critical
Tags: security help
Justification: root security hole
As noted in [1], fbserver (the daemon listening for TCP, found in
firebird2-super-server, source package firebird2) crashes if given too
long data
7 matches
Mail list logo
