Related debian discussion
https://lists.debian.org/debian-lts/2018/04/msg00090.html
and announcement for debian stable
https://lists.debian.org/debian-lts-announce/2018/05/msg5.html
On Thu, Apr 12, 2018 at 5:28 PM, marius adrian popa
wrote:
> So the only solution is disabling external UD
So the only solution is disabling external UDF libraries from being loaded
by changing configuration from UdfAccess=Restrict to UdfAccess=None
On Thu, Apr 12, 2018 at 2:34 PM, Alex Peshkoff via Firebird-devel <
firebird-devel@lists.sourceforge.net> wrote:
> On 04/12/18 10:37, marius adrian popa w
On 04/12/18 10:37, marius adrian popa wrote:
https://www.tenable.com/security/research/tra-2017-36
That's fixed in FB4 - loading UDFs is denied by default configuration,
use of them is deprecated, replacement is UDRs which are nt affected by
mentioned vulnerability.
In FB3 one should be sysdb