Package: firebird2.0 Severity: important Hi
There is another CVE[0] issued for firebird2.0. I am not sure, if that is covered with the new upstream release. Could you maybe comment on that? CVE-2007-2606: Multiple buffer overflows in Firebird 2.1 allow attackers to trigger memory corruption and possibly have other unspecified impact via certain input processed by (1) config\ConfigFile.cpp or (2) msgs\check_msgs.epp. NOTE: if ConfigFile.cpp reads a configuration file with restrictive permissions, then the ConfigFile.cpp vector may not cross privilege boundaries and perhaps should not be included in CVE. Thanks for your efforts Cheers Steffen [0]: http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-2606 -- To UNSUBSCRIBE, email to [EMAIL PROTECTED] with a subject of "unsubscribe". Trouble? Contact [EMAIL PROTECTED]
