-=| Chris Lamb, 04.04.2018 08:39:52 +0100 |=-
> Dear maintainer(s),
> The Debian LTS team would like to fix the security issues which are
> currently open in the Wheezy version of firebird2.5:
> Would you like to take care of this yourself?
AFAIS, the only open vulnerability is CVE-2017-11509. Moritz from the
security team advised against updating that for stable, and the issue
is still open in unstable.
According to the researchers discovering it, upstream refused to fix
it :( so the only "fix" I am aware of is the change in the default
config to disable the vulnerable functionality. You can find the patch
for firebird3.0 at
It is perhaps not directly applicable to firebid2.5, but should help