Debian Bug report logs -
#772880
firebird2.5: CVE-2014-9323: Segfault in server caused by malformed network packet
Reported by: Damyan Ivanov <dmn@debian.org>
Date: Thu, 11 Dec 2014 22:06:01 UTC
Severity: grave
Tags: patch, security, upstream
Found in versions firebird2.5/2.5.2.26540.ds4-1~deb7u1, firebird2.5/2.5.3.26778.ds4-4, firebird2.5/2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze1
Fixed in versions firebird2.5/2.5.3.26778.ds4-5, firebird2.5/2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2, firebird2.5/2.5.2.26540.ds4-1~deb7u2
Done: Damyan Ivanov <dmn@debian.org>
Bug is archived. No further changes may be made.
Forwarded to http://tracker.firebirdsql.org/browse/CORE-4630
Toggle useless messages
Report forwarded
to debian-bugs-dist@lists.debian.org, team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Firebird Group <pkg-firebird-general@lists.alioth.debian.org>:
Bug#772880; Package src:firebird2.5.
(Thu, 11 Dec 2014 22:06:06 GMT) (full text, mbox, link).
Acknowledgement sent
to Damyan Ivanov <dmn@debian.org>:
New Bug report received and forwarded. Copy sent to team@security.debian.org, secure-testing-team@lists.alioth.debian.org, Debian Firebird Group <pkg-firebird-general@lists.alioth.debian.org>.
(Thu, 11 Dec 2014 22:06:06 GMT) (full text, mbox, link).
Message #5 received at submit@bugs.debian.org (full text, mbox, reply):
Package: src:firebird2.5
Severity: important
Tags: security upstream patch
Forwarded: http://tracker.firebirdsql.org/browse/CORE-4630
According to upstream¹, firebird server versions prior to 3.0 can be
tricked to a null pointer dereference by an unauthenticated remote
client.
1: http://www.firebirdsql.org/en/news/security-updates-for-v2-1-and-v2-5-series-66011/
The fix is contained in revision 60322² of upstream's subversion
repository.
2: https://sourceforge.net/p/firebird/code/60322/
-- dam
-- System Information:
Debian Release: 8.0
APT prefers stable-updates
APT policy: (500, 'stable-updates'), (500, 'unstable'), (500, 'stable'), (1, 'experimental')
Architecture: amd64 (x86_64)
Kernel: Linux 3.16.0-4-amd64 (SMP w/4 CPU cores)
Locale: LANG=bg_BG.UTF-8, LC_CTYPE=bg_BG.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash
Init: systemd (via /run/systemd/system)
Changed Bug title to 'src:firebird2.5: Unauthenticated remote server crash' from 'src:firebird2.5: Unauthenticated remote server crashVersion 2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze1'
Request was from <dam@ktnx.net>
to control@bugs.debian.org.
(Thu, 11 Dec 2014 22:15:04 GMT) (full text, mbox, link).
Marked as found in versions firebird2.5/2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze1.
Request was from <dam@ktnx.net>
to control@bugs.debian.org.
(Thu, 11 Dec 2014 22:15:05 GMT) (full text, mbox, link).
Marked as found in versions firebird2.5/2.5.2.26540.ds4-1~deb7u1.
Request was from <dam@ktnx.net>
to control@bugs.debian.org.
(Thu, 11 Dec 2014 22:15:06 GMT) (full text, mbox, link).
Marked as found in versions firebird2.5/2.5.3.26778.ds4-4.
Request was from <dam@ktnx.net>
to control@bugs.debian.org.
(Thu, 11 Dec 2014 22:15:07 GMT) (full text, mbox, link).
Severity set to 'grave' from 'important'
Request was from Damyan Ivanov <dmn@debian.org>
to control@bugs.debian.org.
(Fri, 12 Dec 2014 20:00:15 GMT) (full text, mbox, link).
Reply sent
to Damyan Ivanov <dmn@debian.org>:
You have taken responsibility.
(Fri, 12 Dec 2014 21:36:10 GMT) (full text, mbox, link).
Notification sent
to Damyan Ivanov <dmn@debian.org>:
Bug acknowledged by developer.
(Fri, 12 Dec 2014 21:36:10 GMT) (full text, mbox, link).
Message #20 received at 772880-close@bugs.debian.org (full text, mbox, reply):
Source: firebird2.5
Source-Version: 2.5.3.26778.ds4-5
We believe that the bug you reported is fixed in the latest version of
firebird2.5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 772880@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Damyan Ivanov <dmn@debian.org> (supplier of updated firebird2.5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Fri, 12 Dec 2014 19:38:13 +0000
Source: firebird2.5
Binary: firebird2.5-super firebird2.5-classic firebird2.5-superclassic libfbclient2 libfbembed2.5 libib-util firebird2.5-common firebird2.5-server-common firebird2.5-classic-common firebird-dev firebird2.5-examples firebird2.5-doc firebird2.5-common-doc firebird2.5-super-dbg firebird2.5-classic-dbg libfbclient2-dbg
Architecture: source all amd64
Version: 2.5.3.26778.ds4-5
Distribution: unstable
Urgency: high
Maintainer: Debian Firebird Group <pkg-firebird-general@lists.alioth.debian.org>
Changed-By: Damyan Ivanov <dmn@debian.org>
Description:
firebird-dev - Development files for Firebird - an RDBMS based on InterBase 6.0
firebird2.5-classic - Firebird Classic Server - an RDBMS based on InterBase 6.0 code
firebird2.5-classic-common - common files for firebird 2.5 "classic" and "superclassic"
firebird2.5-classic-dbg - collected debug symbols for firebird2.5-classic and -superclassic
firebird2.5-common - common files for firebird 2.5 servers and clients
firebird2.5-common-doc - copyright, licensing and changelogs of firebird2.5
firebird2.5-doc - Documentation files for firebird database version 2.5
firebird2.5-examples - Examples for Firebird - an RDBMS based on InterBase 6.0 code
firebird2.5-server-common - common files for firebird 2.5 servers
firebird2.5-super - Firebird Super Server - an RDBMS based on InterBase 6.0 code
firebird2.5-super-dbg - collected debug symbols for firebird2.5-super
firebird2.5-superclassic - Firebird SuperClassic Server - an RDBMS based on InterBase 6.0 co
libfbclient2 - Firebird client library
libfbclient2-dbg - collected debug symbols for libfbclient2
libfbembed2.5 - Firebird embedded client/server library
libib-util - Firebird UDF support library
Closes: 772880
Changes:
firebird2.5 (2.5.3.26778.ds4-5) unstable; urgency=high
.
* Apply patch from upstream revision 60322 fixing server crash (NULL-pointer
dereference) with specially crafter service packet. Closes: #772880
Checksums-Sha1:
1fb952f03ccf5616c1d13d959732894a4da8dbd8 3271 firebird2.5_2.5.3.26778.ds4-5.dsc
9932cc582406be2adf7288c1facf7b34b443a599 113684 firebird2.5_2.5.3.26778.ds4-5.debian.tar.xz
df95b6d6a94ccee13faa06582e60ade3e5dd4cfd 95912 firebird2.5-common_2.5.3.26778.ds4-5_all.deb
c4627ee02090d3c74d19f005f7773b5887eff2da 164562 firebird2.5-examples_2.5.3.26778.ds4-5_all.deb
f2b8af904efb98e5951333754e33ba84699f6703 175078 firebird2.5-doc_2.5.3.26778.ds4-5_all.deb
c98d5e9fea9da52fdb6a44d5575c2f3ae96fb15e 654120 firebird2.5-common-doc_2.5.3.26778.ds4-5_all.deb
Checksums-Sha256:
5ef0d35f74aa65a185061402396adbc8eddac51aac36b87e3e9925e6e0ae9331 3271 firebird2.5_2.5.3.26778.ds4-5.dsc
1955460fee1811f52f2d305babe3bc5061c394f7ea160f802551b8f40b589bb1 113684 firebird2.5_2.5.3.26778.ds4-5.debian.tar.xz
8a2e0e33b384c028f2dac2aa641930d52339919f253dfb50940e3cd04565b917 95912 firebird2.5-common_2.5.3.26778.ds4-5_all.deb
53631c304050424cb25141ff650a47f3391745b460d254749e1853302a3ff364 164562 firebird2.5-examples_2.5.3.26778.ds4-5_all.deb
0b53d39b9477eaf82b54c44d6044bcc55c86c3c4c51b49dccfc8e9b71bf78b27 175078 firebird2.5-doc_2.5.3.26778.ds4-5_all.deb
4143a869cf7a9066a6e1e6f0f82e5ae133129deca0c56fc1da9b204784cc4577 654120 firebird2.5-common-doc_2.5.3.26778.ds4-5_all.deb
Files:
4fae1c6d56b5a9f813a0c3430e5981a3 3271 database optional firebird2.5_2.5.3.26778.ds4-5.dsc
c079a7a19ba59fccfec8f4e2ee08517f 113684 database optional firebird2.5_2.5.3.26778.ds4-5.debian.tar.xz
185b4a8aa6edb4f76c0e28fbb96093a3 95912 database optional firebird2.5-common_2.5.3.26778.ds4-5_all.deb
c91739ec6d6a45e86680cd38d1db99ec 164562 doc optional firebird2.5-examples_2.5.3.26778.ds4-5_all.deb
776733ee583f290c08ac587ced13be54 175078 doc optional firebird2.5-doc_2.5.3.26778.ds4-5_all.deb
11fcb4014cf9d3fb7e2c4ffbe9bc6e43 654120 doc optional firebird2.5-common-doc_2.5.3.26778.ds4-5_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJUi17WAAoJENu+nU2Z0qAEMgAP/0EQp8s4z7RAB83Euknltg2Q
CfH316ntApRjaI2kGwP1ob63bGTxlDTK/b9dkRzhdBP+gzSiNTNtQgPJzAWx2rDu
nEbfHY/WVWNdsLprXwNgCrwtHxONPUHaJ0upOFCReAIGB4+dwf1lLEi6xAc327LR
Uh4rAOd0ANqNMExYxF4R2hsj3BZeABbFSaTHjFzlqk547FG6vTLQO4lD6c8qJ5SM
KsXEGVnBjZqxIakrMPAcu2YGkjeVvoNzjE7ecVuRCJrN1zW3pZuypATFeg9k/Nel
c5tij38W+nKvX/Tn/eNnAgHqPOFp+maTXnB8WadHcIsxILue69ktYewlqK0FGsEE
dn7EVb8hHsaVvYMfZnhX1FpXl4YvV75HiIXYJ1bYHoH1OsDtPw0u2jDN2CET4f8b
XumUt1xwLI3YrblAByFBsJk9/vrckmyoIK8JG9u4o1qkUdwUxdiAxiQ2oDjSqoDM
Tb+g8vpQfoQNhNm5gyCfg8dI65f56mLlN9lRWnY7iEy4HD1ldq0GSv8nq2TQB4s9
8wkqIVRI6qa1hWSFoOqPW3gar3+enwRo/4j8DX+0VrakySOMs0Atf8UdEUPhrwPW
dDsP/eNLwTSqlND4ZkmMNGPZwMImhadKx93CnGS/bCTItBZDgYSr+PabW6P95ONN
1JAtLtWpNjcN0+B/uoyY
=RsKU
-----END PGP SIGNATURE-----
Changed Bug title to 'firebird2.5: CVE-2014-9323: Segfault in server caused by malformed network packet' from 'src:firebird2.5: Unauthenticated remote server crash'
Request was from Salvatore Bonaccorso <carnil@debian.org>
to control@bugs.debian.org.
(Sat, 20 Dec 2014 05:33:04 GMT) (full text, mbox, link).
Reply sent
to Thorsten Alteholz <debian@alteholz.de>:
You have taken responsibility.
(Tue, 23 Dec 2014 15:21:05 GMT) (full text, mbox, link).
Notification sent
to Damyan Ivanov <dmn@debian.org>:
Bug acknowledged by developer.
(Tue, 23 Dec 2014 15:21:05 GMT) (full text, mbox, link).
Message #27 received at 772880-close@bugs.debian.org (full text, mbox, reply):
Source: firebird2.5
Source-Version: 2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2
We believe that the bug you reported is fixed in the latest version of
firebird2.5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 772880@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Thorsten Alteholz <debian@alteholz.de> (supplier of updated firebird2.5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Tue, 23 Dec 2014 13:21:04 +0100
Source: firebird2.5
Binary: firebird2.5-super firebird2.5-classic firebird2.5-superclassic libfbclient2 libfbembed2.5 libib-util firebird2.5-common firebird2.5-server-common firebird2.5-classic-common firebird2.5-dev firebird2.5-examples firebird2.5-doc firebird2.5-common-doc
Architecture: source all i386
Version: 2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2
Distribution: squeeze-lts
Urgency: high
Maintainer: Debian Firebird Group <pkg-firebird-general@lists.alioth.debian.org>
Changed-By: Thorsten Alteholz <debian@alteholz.de>
Description:
firebird2.5-classic - Firebird Classic Server - an RDBMS based on InterBase 6.0 code
firebird2.5-classic-common - common files for firebird 2.5 "classic" and "superclassic" server
firebird2.5-common - common files for firebird 2.5 servers and clients
firebird2.5-common-doc - copyright, licnesing and changelogs of firebird2.5
firebird2.5-dev - Development files for Firebird - an RDBMS based on InterBase 6.0
firebird2.5-doc - Documentation files for firebird database version 2.5
firebird2.5-examples - Examples for Firebird - an RDBMS based on InterBase 6.0 code
firebird2.5-server-common - common files for firebird 2.5 servers
firebird2.5-super - Firebird Super Server - an RDBMS based on InterBase 6.0 code
firebird2.5-superclassic - Firebird SupecClassic Server - an RDBMS based on InterBase 6.0 co
libfbclient2 - Firebird client library
libfbembed2.5 - Firebird embedded client/server library
libib-util - Firebird UDF support library
Closes: 772880
Changes:
firebird2.5 (2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2) squeeze-lts; urgency=high
.
* Non-maintainer upload by the Squeeze LTS Team.
* Apply patch from upstream revision 60322 fixing an unauthenticated remote
null-pointer dereference crash (CVE-2014-9323). Closes: #772880
Checksums-Sha1:
b6a712552b0e0735548083551b83c44abb3b17e4 2674 firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2.dsc
07f39f34dd8ec37c0e9bdfa1b9ca450257102c29 6915217 firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2.orig.tar.gz
1fd41609057dcb4208d8329977b0a8b30a031e46 126333 firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2.diff.gz
ae11b05a16b8b9f7fba46d82ac54ab5e17cf55e1 64972 firebird2.5-dev_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
897e084f660d864e671ac49d4e942b14e172b388 167708 firebird2.5-examples_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
a094cabbfffd9f5d8477baa7ab2c280da6ea59a3 183094 firebird2.5-doc_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
6de3f0e05fc2b018ecf1c2166a0b33fdc8c45369 632852 firebird2.5-common-doc_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
53215a86ba19ea8de29644f359b9fd03dc62a187 3634882 firebird2.5-super_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
7265b3095eac960a26e0196fba1525206e42f742 32920 firebird2.5-classic_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
9ba0819351e9099ce91502ba0ffae361fddd77be 217788 firebird2.5-superclassic_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
a70f502078ca757297583dedd2533f4129cec9d2 333044 libfbclient2_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
6f6ef10af3eba12fe154ce4afe1b23354c9966dc 1970418 libfbembed2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
fc5208071ecf524b9ebe7e58629699da18be5e05 3818 libib-util_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
252c175c850cc39c94375ad739d788c364bba06d 493734 firebird2.5-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
ee514795c12f1670431f7d691a31b5e98bbb5f9c 417706 firebird2.5-server-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
c461de3f018008158e7286e40388ed8025fb2088 1616596 firebird2.5-classic-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
Checksums-Sha256:
e7d70c53d860217e93b74c5331db7331ea85bb7e704cb3c0248b970f7a1426ed 2674 firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2.dsc
55520f0d9342b9f5f5360895343b30e6d2663f9bfd870c6ce9bd5d26001e2638 6915217 firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2.orig.tar.gz
fecaa36deddec0a743db7a6d7f5f5c0ddc5ab6644b0ff4aaf0e9d969ca81ce0f 126333 firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2.diff.gz
4b2f558329959e68b41f3e848261a659d766cdfa134d1b36b4fa043425756cff 64972 firebird2.5-dev_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
d07337eb76f5c687259820c5dd23de7161e22a20b6b451ef05eefdb9d4b8d86c 167708 firebird2.5-examples_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
f4f439a6933707df8e87a598a0439f0d2f062127ba2f60d41cbd6b8a5423db9d 183094 firebird2.5-doc_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
254c224e56c5a4caee454edd5aa84e22110dc2dd9adf2c526965f46724662348 632852 firebird2.5-common-doc_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
2b71ad69316fdedef763cbd4949935250b581482bfba7057751399c3163d52d9 3634882 firebird2.5-super_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
81e0258c68942b2577bfe4849423c299bfc0f4ed0b44fff567a3cdbfb2cc233c 32920 firebird2.5-classic_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
c934711595880b097ffc0a1c34a1ee9e92bd03dcef88eb1a8ec7bd8a33c1e5d4 217788 firebird2.5-superclassic_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
a49908a6808d6133dcb9b6d91be2e132ea754d4c0d3e1683dc81e2a08072d3fc 333044 libfbclient2_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
809052451a5f42ffab47b2c506c7f8cf0d0b86c3c12175afce3044efcb49195d 1970418 libfbembed2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
f6dfe9cc96b554f33227a37554f439cc0b0c670d8fb7b9397c155bd32dac098c 3818 libib-util_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
116d5a983377905210ab08b1416f2bee93ae1e002e6379a5aa9d1176c789c335 493734 firebird2.5-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
f87e7d5adf73c2af14f6b3759aa029e110390f39dcd2ee7e09ed7d739087a51a 417706 firebird2.5-server-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
5131fe73f7593ff2d89e8616ab76db49f1171b484a5283f93c3c81aef076b7c7 1616596 firebird2.5-classic-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
Files:
bb103f9b206487c87e38e975a7a81519 2674 database optional firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2.dsc
ca144c7a9efdf24862b1b026f7da7a05 6915217 database optional firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2.orig.tar.gz
9fc66e506a2444098afa2e9cee4c31ec 126333 database optional firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2.diff.gz
d93a362da35c6f9c57567171de83a9b5 64972 libdevel optional firebird2.5-dev_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
251c55ce6bd0301798c18dc79e37d316 167708 doc optional firebird2.5-examples_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
5087ad84c65baaa6a5ff63dfcbddb5d6 183094 doc optional firebird2.5-doc_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
a116e0a27998ec7151726d14deaac479 632852 doc optional firebird2.5-common-doc_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_all.deb
8a168b418ebc30cce79619bb4c7c6029 3634882 database optional firebird2.5-super_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
39d5a0287378f7bbd6b0248c3707e0f4 32920 database optional firebird2.5-classic_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
5ede48ba1f517e989565b09cd3cc73ac 217788 database optional firebird2.5-superclassic_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
adcaedfd8797f236951cdd9b22a28206 333044 libs optional libfbclient2_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
ee2077a47c96161243cc59e066b02186 1970418 libs optional libfbembed2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
1599459695b0a49907407a252c7535da 3818 libs optional libib-util_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
385156e5cfbd8acd79ff0e736a8aeb4a 493734 database optional firebird2.5-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
6043aae31bda6ce45f03754682687e3e 417706 database optional firebird2.5-server-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
a4469144201e8b45b04027d0babb0003 1616596 database optional firebird2.5-classic-common_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze2_i386.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQJ8BAEBCgBmBQJUmXTyXxSAAAAAAC4AKGlzc3Vlci1mcHJAbm90YXRpb25zLm9w
ZW5wZ3AuZmlmdGhob3JzZW1hbi5uZXQ2MjAxRkJGRkRCQkRFMDc4MjJFQUJCOTY5
NkZDQUMwRDM4N0I1ODQ3AAoJEJb8rA04e1hH+24QALGJFaeKFvcyxcIaze9zfxzL
1i9A+0tjot/IyqHbWpm3R6M4BliFqLth53240N65eOACtpDOREu7ySho0g995NVH
1Pkjc5jcLICbMUsxEMWgovnUY/cY2zAIVh9Llx0PhEylpWD51kIW6OiT6nIBuO2w
Ik0nYMLSRCsw3PoJ+amtRpVqSzAcNTR3zA/mMl3Xx2a2kQbhZhstlAlJVb5XIWTf
sFbaIv1Sj8v039GNdR4OvqBgHByt+rrio1ZHLgqrNga+C2LrOradSMoimI6EWsLP
vNjLvkgHlb4QVIX9Fi2r/9MO4EPNPAH1T9DFbHprIAgfc5JzKcvNvmQvEvrpHzUE
4LTNBf7KZODm1EpbMFRIieKq4zv7NVwFI1Gxlsbanz19SRWTSWsOQzXAKE4Us0Qe
q51dPzKI4WdMfotXzQtL4XqFIiyNxxQ9zBeN4mGTHd33CKO4imUKRTFgQ18Hk3OB
sEe9OUk+cfS1hZzeKqFB+zPPuq7xRlcD04XcKntpHl8mk1DnPm9/cfr6p/LIgnln
R7UXDdowfVkCM8P+MUFaCbpKfn3m/kL7R+/BpVqI6aHp4gwU2BSlOpx54RVq90Rq
+td8qCNEC34c2w4i+hNcmBjGuOrZp7PKXOdiMWYp/izGbRyNr9oklu1hCmF1dg0a
79oXJlTJLBsyalfFnryD
=ypgo
-----END PGP SIGNATURE-----
Reply sent
to Damyan Ivanov <dmn@debian.org>:
You have taken responsibility.
(Wed, 24 Dec 2014 15:21:09 GMT) (full text, mbox, link).
Notification sent
to Damyan Ivanov <dmn@debian.org>:
Bug acknowledged by developer.
(Wed, 24 Dec 2014 15:21:09 GMT) (full text, mbox, link).
Message #32 received at 772880-close@bugs.debian.org (full text, mbox, reply):
Source: firebird2.5
Source-Version: 2.5.2.26540.ds4-1~deb7u2
We believe that the bug you reported is fixed in the latest version of
firebird2.5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to 772880@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Damyan Ivanov <dmn@debian.org> (supplier of updated firebird2.5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Sat, 20 Dec 2014 20:52:58 +0000
Source: firebird2.5
Binary: firebird2.5-super firebird2.5-classic firebird2.5-superclassic libfbclient2 libfbembed2.5 libib-util firebird2.5-common firebird2.5-server-common firebird2.5-classic-common firebird-dev firebird2.5-examples firebird2.5-doc firebird2.5-common-doc firebird2.5-super-dbg firebird2.5-classic-dbg libfbclient2-dbg
Architecture: source all amd64
Version: 2.5.2.26540.ds4-1~deb7u2
Distribution: wheezy-security
Urgency: high
Maintainer: Debian Firebird Group <pkg-firebird-general@lists.alioth.debian.org>
Changed-By: Damyan Ivanov <dmn@debian.org>
Description:
firebird-dev - Development files for Firebird - an RDBMS based on InterBase 6.0
firebird2.5-classic - Firebird Classic Server - an RDBMS based on InterBase 6.0 code
firebird2.5-classic-common - common files for firebird 2.5 "classic" and "superclassic"
firebird2.5-classic-dbg - collected debug symbols for firebird2.5-classic and -superclassic
firebird2.5-common - common files for firebird 2.5 servers and clients
firebird2.5-common-doc - copyright, licnesing and changelogs of firebird2.5
firebird2.5-doc - Documentation files for firebird database version 2.5
firebird2.5-examples - Examples for Firebird - an RDBMS based on InterBase 6.0 code
firebird2.5-server-common - common files for firebird 2.5 servers
firebird2.5-super - Firebird Super Server - an RDBMS based on InterBase 6.0 code
firebird2.5-super-dbg - collected debug symbols for firebird2.5-super
firebird2.5-superclassic - Firebird SuperClassic Server - an RDBMS based on InterBase 6.0 co
libfbclient2 - Firebird client library
libfbclient2-dbg - collected debug symbols for libfbclient2
libfbembed2.5 - Firebird embedded client/server library
libib-util - Firebird UDF support library
Closes: 772880
Changes:
firebird2.5 (2.5.2.26540.ds4-1~deb7u2) wheezy-security; urgency=high
.
* Apply patch from upstream revision 60322 fixing an unauthenticated remote
null-pointer dereference crash (CVE-2014-9323). Closes: #772880
Checksums-Sha1:
18acaf4ebc513f436d2efe3b1b1398478e80a21d 3132 firebird2.5_2.5.2.26540.ds4-1~deb7u2.dsc
ea18243a6cb5657af03f968fb36e7247857614f3 3917484 firebird2.5_2.5.2.26540.ds4.orig.tar.xz
addca0381b16c4cb39376be32ff2ed25ae9db69d 145010 firebird2.5_2.5.2.26540.ds4-1~deb7u2.debian.tar.gz
197a9405ddc1ee258ea2db8fd6d21a93d80de4f8 95728 firebird2.5-common_2.5.2.26540.ds4-1~deb7u2_all.deb
2c70eda016dfd18c1f924950e4f8f16bed0a7a61 164430 firebird2.5-examples_2.5.2.26540.ds4-1~deb7u2_all.deb
5f31bac41bc84226d1fcff80b21e02618efc06d4 171034 firebird2.5-doc_2.5.2.26540.ds4-1~deb7u2_all.deb
fe3722d19a3c20f34ae35d86fb21e34b41b19830 638636 firebird2.5-common-doc_2.5.2.26540.ds4-1~deb7u2_all.deb
Checksums-Sha256:
086ba6929a468503648bb93ae74101cb1e391ae42dfc26e8f49398643cf725aa 3132 firebird2.5_2.5.2.26540.ds4-1~deb7u2.dsc
e4744fc62ab734e5b73e82a8777732fbcbfa49899d330ff80a9e680cb6f6a88c 3917484 firebird2.5_2.5.2.26540.ds4.orig.tar.xz
353e3da71674d2cd3091bc2e564a7af7290561c9d187f4fd09f0355d1ada7a3f 145010 firebird2.5_2.5.2.26540.ds4-1~deb7u2.debian.tar.gz
45679fc2dffe7f448f20376ee76354de0860f127684f5145de13b54a9db92f91 95728 firebird2.5-common_2.5.2.26540.ds4-1~deb7u2_all.deb
21d49c68ee00d1be894d6c78505882f371d95f9c755f75b32a1cd0ead2c96c3f 164430 firebird2.5-examples_2.5.2.26540.ds4-1~deb7u2_all.deb
93f84d1fb8c461789b536015c88cba45c0f0f1eb6d1acb8e1aeaf8d16040dd48 171034 firebird2.5-doc_2.5.2.26540.ds4-1~deb7u2_all.deb
58ec04c182deb44cbb8e2b4f444a5115669c0c4c693db40f5f61d85957d1835c 638636 firebird2.5-common-doc_2.5.2.26540.ds4-1~deb7u2_all.deb
Files:
6dd2e2fe791662343a1f90eeb2c8c937 3132 database optional firebird2.5_2.5.2.26540.ds4-1~deb7u2.dsc
bf697fbeef43ba1bcbd218de6753b479 3917484 database optional firebird2.5_2.5.2.26540.ds4.orig.tar.xz
504645d23f6beae61d48e3dd67a00700 145010 database optional firebird2.5_2.5.2.26540.ds4-1~deb7u2.debian.tar.gz
18a9512f8f6148233c7a13226cadd4f7 95728 database optional firebird2.5-common_2.5.2.26540.ds4-1~deb7u2_all.deb
239320ff859016e824494ca6b17b8c7d 164430 doc optional firebird2.5-examples_2.5.2.26540.ds4-1~deb7u2_all.deb
6595d6194eefcb748649339af4228364 171034 doc optional firebird2.5-doc_2.5.2.26540.ds4-1~deb7u2_all.deb
36dfbc131c6fa98a5032f7242d80441b 638636 doc optional firebird2.5-common-doc_2.5.2.26540.ds4-1~deb7u2_all.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1
iQIcBAEBCAAGBQJUleZrAAoJENu+nU2Z0qAET0IP/j2HljE85M0+UkS7cDS8WWlH
HCGSxb4RJ9OnSFAVqYyUTXs1zZG4AroCQfdELnqy2fgvjFxVgK7cxAm39nLFDArX
zv2P1aqbAodN9lxhCJpWNP/spG95nVaDqI71uo5K1RGFjc1cVEgMZlgEXRxAjhPI
d4SR/EuUMI6uYCHwzawO28jh+63Bmj+wI7tzrbaah0ItdgPiR26zE94CTQZoT5h7
i70tqJ9MJRVMbW551oYdUl1Tqp75TWhnqieuslHBajHQO3wPsJhmY6jPBPdUzDFs
NXObpwG0c5WM3GPny/Exksui8u3E5GABYQN8oJzJqeMxJq5nwNqYtL/0d6qqfKLb
xmujPUT80RYcPKZLJYVvICo1Ryo/FdxuC7t8ma5rY1hkmyPNDlDks3XxmZtMzwph
F0ikzBv35cyGK6+hESZrr6xI1yKDhgyYgUS1EvTOh+DD0CjZcKUvXcTpamYsMPat
s5BhiYrnzJQT0/55eyjRHwzO/pSP+GzM7p7oK6d3EYdTcRmyi9YAOj70E3Q4iB35
ucywjHtFkbrJaYCZcHltQmMd1mltjw6X8tvXaI4VlREt+wkNdCaZRwiKzwvAdtls
2Pb569BSu3RRxE7IUYEhfic2Kaxe2E7jF9nsjN08Gd24+5Ziu+aIiM/RnqnJwdq2
+m9uzLH0dVvcSu+pmR41
=2z/W
-----END PGP SIGNATURE-----
Bug archived.
Request was from Debbugs Internal Request <owner@bugs.debian.org>
to internal_control@bugs.debian.org.
(Thu, 22 Jan 2015 07:29:56 GMT) (full text, mbox, link).
Send a report that this bug log contains spam.
Debian bug tracking system administrator <owner@bugs.debian.org>.
Last modified:
Wed Jun 19 18:27:09 2019;
Machine Name:
buxtehude
Debian Bug tracking system
Debbugs is free software and licensed under the terms of the GNU
Public License version 2. The current version can be obtained
from https://bugs.debian.org/debbugs-source/.
Copyright © 1999 Darren O. Benham,
1997,2003 nCipher Corporation Ltd,
1994-97 Ian Jackson,
2005-2017 Don Armstrong, and many other contributors.
Vulmon