[firebird] [DSA-1529-1] Debian recommends upgrade to firebird2, support for firebird1.5 discontinued
Affects | Status | Importance | Assigned to | Milestone | |
---|---|---|---|---|---|
firebird1.5 (Ubuntu) |
Won't Fix
|
Undecided
|
Popa Adrian Marius | ||
firebird2 (Ubuntu) |
Won't Fix
|
Undecided
|
Popa Adrian Marius |
Bug Description
References:
DSA-1529-1 (http://
Quoting:
"Multiple security problems have been discovered in the Firebird database, which may lead to the execution of arbitrary code or denial of service.
This Debian security advisory is a bit unusual. While it's normally our strict policy to backport security bugfixes to older releases, this turned out to be infeasible for Firebird 1.5 due to large infrastructural changes necessary to fix these issues. As a consequence security support for Firebird 1.5 is hereby discontinued, leaving two options to administrators running a Firebird database:
1. Administrators running Firebird in a completely internal setup with trusted users could leave it unchanged.
2. Everyone else should upgrade to the firebird2.0 packages available at backports.org.
Version 2.0.3.12981.
Please refer to the general backports.org documentation to add the packages to your package management configuration.
These packages are backported to run with Debian stable. Since firebird2.0 is not a drop-in replacement for firebird2 (which is the source package name for the Firebird 1.5 packages) these updates are not released through security.
Arrangements have been made to ensure that Firebird in the upcoming Debian 5.0 release will be supportable with regular backported security bugfixes again."
Changed in firebird1.5: | |
status: | In Progress → Fix Committed |
Changed in firebird2: | |
status: | In Progress → Fix Committed |
Changed in firebird2: | |
status: | Fix Committed → Triaged |
Changed in firebird1.5: | |
status: | Fix Committed → Triaged |
See also: bugs.debian. org/cgi- bin/bugreport. cgi?bug= 362001 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 432753 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 444976 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 441405 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 460048 bugs.debian. org/cgi- bin/bugreport. cgi?bug= 463596
http://
http://
http://
http://
http://
http://