Your message dated Mon, 18 Mar 2013 15:48:17 +0000
with message-id <[email protected]>
and subject line Bug#702736: fixed in firebird2.5 2.5.2~svn+54698.ds4-2
has caused the Debian Bug report #702736,
regarding firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow
Vulnerability
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
702736: http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=702736
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: firebird2.5
Severity: grave
Tags: security
Hi
the following vulnerability was published for firebird2.5.
CVE-2013-2492[0]:
Request Processing Buffer Overflow Vulnerability
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see also [1] and [2].
[0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2492
http://security-tracker.debian.org/tracker/CVE-2013-2492
[1] http://tracker.firebirdsql.org/browse/CORE-4058
[2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2492
Thank you for looking into this.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: firebird2.5
Source-Version: 2.5.2~svn+54698.ds4-2
We believe that the bug you reported is fixed in the latest version of
firebird2.5, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Damyan Ivanov <[email protected]> (supplier of updated firebird2.5 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Format: 1.8
Date: Mon, 18 Mar 2013 17:23:50 +0200
Source: firebird2.5
Binary: firebird2.5-super firebird2.5-classic firebird2.5-superclassic
libfbclient2 libfbembed2.5 libib-util firebird2.5-common
firebird2.5-server-common firebird2.5-classic-common firebird-dev
firebird2.5-examples firebird2.5-doc firebird2.5-common-doc
firebird2.5-super-dbg firebird2.5-classic-dbg libfbclient2-dbg
Architecture: source all amd64
Version: 2.5.2~svn+54698.ds4-2
Distribution: unstable
Urgency: high
Maintainer: Debian Firebird Group <[email protected]>
Changed-By: Damyan Ivanov <[email protected]>
Description:
firebird-dev - Development files for Firebird - an RDBMS based on InterBase 6.0
firebird2.5-classic - Firebird Classic Server - an RDBMS based on InterBase
6.0 code
firebird2.5-classic-common - common files for firebird 2.5 "classic" and
"superclassic"
firebird2.5-classic-dbg - collected debug symbols for firebird2.5-classic and
-superclassic
firebird2.5-common - common files for firebird 2.5 servers and clients
firebird2.5-common-doc - copyright, licnesing and changelogs of firebird2.5
firebird2.5-doc - Documentation files for firebird database version 2.5
firebird2.5-examples - Examples for Firebird - an RDBMS based on InterBase 6.0
code
firebird2.5-server-common - common files for firebird 2.5 servers
firebird2.5-super - Firebird Super Server - an RDBMS based on InterBase 6.0
code
firebird2.5-super-dbg - collected debug symbols for firebird2.5-super
firebird2.5-superclassic - Firebird SuperClassic Server - an RDBMS based on
InterBase 6.0 co
libfbclient2 - Firebird client library
libfbclient2-dbg - collected debug symbols for libfbclient2
libfbembed2.5 - Firebird embedded client/server library
libib-util - Firebird UDF support library
Closes: 693210 702736
Changes:
firebird2.5 (2.5.2~svn+54698.ds4-2) unstable; urgency=high
.
* High urgency for upload fixing security issues
.
* fix server crash when preparing an empty SQL statement with tracing enabled
patch taken from upstream revision 54702. Closes: #693210 (CVE-2012-5529)
* fix remote pre-authentication stack overflow in firebird server
patch taken from upstream revision 57728. Closes: #702736 (CVE-2013-2429)
Checksums-Sha1:
312d4d81861226a039bae5d432d0679adb194dc6 3149
firebird2.5_2.5.2~svn+54698.ds4-2.dsc
73191c0a5c9b83c60b5945f0e07174f4ea0eb212 135636
firebird2.5_2.5.2~svn+54698.ds4-2.debian.tar.gz
ce5091ab4715ee2d285406b90b028bda71165e82 95774
firebird2.5-common_2.5.2~svn+54698.ds4-2_all.deb
074553dfc6b5bf4d4feedc45b0e8e309309d2861 164394
firebird2.5-examples_2.5.2~svn+54698.ds4-2_all.deb
84aa1118df6b13dd77415dc6c784754c86bca325 170910
firebird2.5-doc_2.5.2~svn+54698.ds4-2_all.deb
3f54345d82498e3ca3cc6d6070b45ae2eab20552 636204
firebird2.5-common-doc_2.5.2~svn+54698.ds4-2_all.deb
40da99c9db9ebf959876549c335f339c187ba086 2082140
firebird2.5-super_2.5.2~svn+54698.ds4-2_amd64.deb
d4710056f8f53114d537e6a535e1c67170459573 33384
firebird2.5-classic_2.5.2~svn+54698.ds4-2_amd64.deb
bd7ad081c17750a64cf29fb06b9651a37e684b1c 181364
firebird2.5-superclassic_2.5.2~svn+54698.ds4-2_amd64.deb
6e14e8da14f7bc6c7c12b1c49465a274f372340e 272764
libfbclient2_2.5.2~svn+54698.ds4-2_amd64.deb
f22b5b6ac652faa49ab283d083d6629d1e1b3754 1458846
libfbembed2.5_2.5.2~svn+54698.ds4-2_amd64.deb
f5d2811a1560e63aa3c4fb132a9b575356e95d2c 3844
libib-util_2.5.2~svn+54698.ds4-2_amd64.deb
046bfca0bb9174f0133117c0ca539dd2a291d5ac 528386
firebird2.5-server-common_2.5.2~svn+54698.ds4-2_amd64.deb
fbbe13711bee55a049d8198504eb409ba58490e6 801076
firebird2.5-classic-common_2.5.2~svn+54698.ds4-2_amd64.deb
d05495818f6cdda2a3b9b472f77dbf5637eff9cc 30942
firebird-dev_2.5.2~svn+54698.ds4-2_amd64.deb
bf28aa2c28b742577d49246680fa0499983f3449 14960222
firebird2.5-super-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
f58e973f247e684f2fb4a8e3e096bcb422546f8e 15719484
firebird2.5-classic-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
6be5ae40fe6a7cfb378f3bed28f5bcfae88621b9 1173442
libfbclient2-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
Checksums-Sha256:
10e0214238baf8b4a96a9771fd9861849686e40ec3e867299c7f55784a48e60f 3149
firebird2.5_2.5.2~svn+54698.ds4-2.dsc
415bb8e68d3305c189128a8f4e4075d8f96e2532d034750ee0a1a18651d915ec 135636
firebird2.5_2.5.2~svn+54698.ds4-2.debian.tar.gz
f770702b33b1547107c6660ef8ba12673ace0dde96588df776590d23492f6057 95774
firebird2.5-common_2.5.2~svn+54698.ds4-2_all.deb
622aa7985f7284bca0a4ba2dfd6e1231733d1f61d6935b80e128cc9d051d75a2 164394
firebird2.5-examples_2.5.2~svn+54698.ds4-2_all.deb
7b5f2dd6240d798d947b45951a58034fd03b903ffae0aaaf65bdf2a8cea63333 170910
firebird2.5-doc_2.5.2~svn+54698.ds4-2_all.deb
c7ebd18ee0a9c88e3cd27d9528aaa64a2e4d459e2de8e2dc3dc7a69a9a66c4ab 636204
firebird2.5-common-doc_2.5.2~svn+54698.ds4-2_all.deb
a3d1e7afe9e44cf6d347cde216103e0b0cbbbce7e315190563933107076f7c3c 2082140
firebird2.5-super_2.5.2~svn+54698.ds4-2_amd64.deb
6bddfe158efc1530d7ee99f844f93a2ef4870d065acc275d2cf03db1a020a46e 33384
firebird2.5-classic_2.5.2~svn+54698.ds4-2_amd64.deb
0d86a2900aa70433d0b82a1a6d93c4ca2bf7f44b3c95e6bc12c09e47978b458d 181364
firebird2.5-superclassic_2.5.2~svn+54698.ds4-2_amd64.deb
6bccca79f1fa42d41b6601211d855605035d81b64b0671c093d2bd83f31c6682 272764
libfbclient2_2.5.2~svn+54698.ds4-2_amd64.deb
ac115cc5103abf8fb8c721d28bd11c224373b39ac9c2297c78448688c5f29f4c 1458846
libfbembed2.5_2.5.2~svn+54698.ds4-2_amd64.deb
ad6fcfd258116c6e08873f26215e85ea1eb877f840d6c47393b035ba59f39c2f 3844
libib-util_2.5.2~svn+54698.ds4-2_amd64.deb
85fcb962e27bbfa97ff9f11aa49f2517fd7c7522dbca72ce4d0b6106f5f9d09c 528386
firebird2.5-server-common_2.5.2~svn+54698.ds4-2_amd64.deb
e6c704a271ab2f5c1a66ade6eda73ff14d4ade972a89d9b40a3d3e7f23815728 801076
firebird2.5-classic-common_2.5.2~svn+54698.ds4-2_amd64.deb
1587b2e3c2d8546f499f070121257c46285c5001933b42cfb85b180c55d49609 30942
firebird-dev_2.5.2~svn+54698.ds4-2_amd64.deb
2c494d3d223af3e831d17d298a96d48e8f5517046e0473d24a709ba16b17c8c2 14960222
firebird2.5-super-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
88454fd8a25d5777096a696c862d337abda28501aec44c48aaa973cbd2565e1d 15719484
firebird2.5-classic-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
b0861f2a3983932b564bec2cbf75b421131fe01aa0b94a8f5b22706be538cb7e 1173442
libfbclient2-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
Files:
68c8f66436d043d4730f32e8035cdf1b 3149 database optional
firebird2.5_2.5.2~svn+54698.ds4-2.dsc
6cc80cce74b66dea7ca453f0b1e41772 135636 database optional
firebird2.5_2.5.2~svn+54698.ds4-2.debian.tar.gz
4cbc4922c0f35ab567a67091aead031c 95774 database optional
firebird2.5-common_2.5.2~svn+54698.ds4-2_all.deb
63c10f6d245e459b13e190587144aa8a 164394 doc optional
firebird2.5-examples_2.5.2~svn+54698.ds4-2_all.deb
414beb0d565d8fe7bc66a2f2c0538ec0 170910 doc optional
firebird2.5-doc_2.5.2~svn+54698.ds4-2_all.deb
44db8c8ca5c679194ea590db7b5bbd9b 636204 doc optional
firebird2.5-common-doc_2.5.2~svn+54698.ds4-2_all.deb
5fa23d50c617ce8d9d37dbcd6d91f706 2082140 database optional
firebird2.5-super_2.5.2~svn+54698.ds4-2_amd64.deb
7f720abcaa7dc0876ff2051ac8ad6a19 33384 database optional
firebird2.5-classic_2.5.2~svn+54698.ds4-2_amd64.deb
ef7250689c3ed8e70b8192806d990119 181364 database optional
firebird2.5-superclassic_2.5.2~svn+54698.ds4-2_amd64.deb
b5903356b14a366b0160c2ef523e9f32 272764 libs optional
libfbclient2_2.5.2~svn+54698.ds4-2_amd64.deb
d8c55b13f3815a65486d1eb0b71b7891 1458846 libs optional
libfbembed2.5_2.5.2~svn+54698.ds4-2_amd64.deb
795cb9838ef98df4b662d7442804339c 3844 libs optional
libib-util_2.5.2~svn+54698.ds4-2_amd64.deb
c32c1d42762a85bfac525ed06ac91eec 528386 database optional
firebird2.5-server-common_2.5.2~svn+54698.ds4-2_amd64.deb
56c402ab696db47e39efa8da680de209 801076 database optional
firebird2.5-classic-common_2.5.2~svn+54698.ds4-2_amd64.deb
aa7cdf74d72bd30f57c8be48ee590a21 30942 libdevel optional
firebird-dev_2.5.2~svn+54698.ds4-2_amd64.deb
f1ec72dd68337ac225c97776c086f911 14960222 debug extra
firebird2.5-super-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
5bf40c85596ec1935e38eb4a11bcc903 15719484 debug extra
firebird2.5-classic-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
e99b9cbaf9297e3f42c6aaae7a6cf071 1173442 debug extra
libfbclient2-dbg_2.5.2~svn+54698.ds4-2_amd64.deb
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.12 (GNU/Linux)
iQIcBAEBCAAGBQJRRzPPAAoJENu+nU2Z0qAEELkP/RP+DQ2EUdMiqYDj925blHKi
yS+w/dCM14mnvBhz6Zm0jC0UyV/xNSTw1QYgh5sPw2HK2adLYfY2xMQZFeH1V7Ei
/Mgor9HAUH5qNxr1PGhss/7cQUYKk8+gK357BTYwGS/6+M+2phgtkBdD9ke7tdAm
Vx26JYkq7hPN9k5WirjPwPwywg+NYvVURzW9YPBusP1/J/wJMdzC/ejuDZvsWQVq
Mal12c3XS7YqLL4vLa0KJBkPwyVzeppEC9Zos4FX/qOoqqkVz6V/wlztLHh+EsdQ
B9J2G21deSqMF6j0ejE4GaqLqO+OWLMiWnhW/3x1w2xL7sg7/e/5xlHq8zuG8tgf
v0HJ+RB3G50Bx+Ci+5xa/+NaXzKis8oUQVPl6T1tKUvNs0AvQ84lrNob1ud+G/mj
cgXAfPUweStcxtlOfAomNpHNZQDqyiwaJA5eQ382cWisZ5ipuBT8LyDH7OqhB6hX
OnL4bWoGbLhQk832MQKgF7T7s6p5OfZD9Hiqfs3kwUCtxLXf+k1D1VGJ8eJbsrbJ
MpepWAJYLXHlpJ/lddRo8iXE5SLZ1+/GQ6PdiqlOGGWs7xWfICdHeSWPYj/k771k
NqhOTvb4zNFryWWheM6XizOKeTlHYTdQ2/9kKz8Tgx1s4XStcSugNZTXMZUk4K1+
3N6xMBlEXf7cbSrgMWK5
=9bVv
-----END PGP SIGNATURE-----
--- End Message ---
