-=| Chris Lamb, 04.04.2018 08:39:52 +0100 |=-
> Dear maintainer(s),
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of firebird2.5:
> https://security-tracker.debian.org/tracker/source-package/firebird2.5
> Would you like to take care of this yourself?

Sorry, no.

AFAIS, the only open vulnerability is CVE-2017-11509. Moritz from the 
security team advised against updating that for stable, and the issue 
is still open in unstable.

According to the researchers discovering it, upstream refused to fix 
it :( so the only "fix" I am aware of is the change in the default 
config to disable the vulnerable functionality. You can find the patch 
for firebird3.0 at 

It is perhaps not directly applicable to firebid2.5, but should help 

Good luck!

Reply via email to