* Official 2.5.2 release
+ CORE-3912: segfault in superclassic (Closes: #693192)
+ Restored the on-disk-structure compatibility with 2.5.1 index keys
(Closes: #693193)
+ Fixed broken (working as no-op) sweep in SuperServer (Closes: #693195)
+ CORE-3902: Derived fields may not be optimized via an index
(Closes: #693196)
+ CORE-3895: High memory usage when PSQL code SELECT's from stored
procedure which modified some data (Closes: #693202)
+ CORE-3238: GEN_UUID returns a non-RFC-4122-compliant UUID
(Closes: #693207)
+ CORE-3887: CHAR_TO_UUID and UUID_TO_CHAR works different in big endian
architectures (Closes: #693209)
+ Enabled per-table runtime stats for sweeper
+ Changes not concerning Debian
- CORE-3786: Hangs on MacOSX 10.7 (Lion) on DB create after reboot
- CORE-3911: API entrypoints Bopen and BLOB_open are not visible on Darwin
- CORE-3740: SELECT using IN list with >413 elements causes crash on Mac
(stack overflow with default stack size)
- CORE-3740: optimisation bug in GCC on Darwin
* Update debian/copyright (two new files, no licensing changes)
* Add NEWS.Debian about incompatible fix in char↔UUID conversion functions
* drop patches included in the upstream release:
+ upstream/r54702-cve-2012-5529.patch
+ upstream/r57728-cve-2013-2429.patch
* refresh separate-file-and-sem-perms.patch to apply cleanly
* Patches taken from upstream SVN
+ r57516r57773-gbak-y-redirection.patch
make gbak -y work with redirection again (regression from 2.5.1) http://tracker.firebirdsql.org/browse/CORE-3995
+ r57707r57710-lots-autonomous-trx-leaks-crash.patch
fix engine crash/memory leak with many autonomous transactions (remote
crash/memory leak) http://tracker.firebirdsql.org/browse/CORE-3908
+ r57349-bad-trn-num-logged-during-sweep.patch
fix invalid transaction counters logged during sweep (trivial fix) http://tracker.firebirdsql.org/browse/CORE-3978
+ r57714r57716-fix-isql-edit-command.patch
fix isql's edit command broken in 2.5.2 (regression from 2.5.1) http://tracker.firebirdsql.org/browse/CORE-3990
+ r58004-crash-converting-overscaled-numeric-to-string.patch
fix engine crash while converting an overscaled numeric to a string
(remote crash) http://tracker.firebirdsql.org/browse/CORE-4093
+ r57795-crash-storing-long-incompressible-data.patch
fix bugcheck/corruption when storing long uncompressible data (possible
db corruption) http://tracker.firebirdsql.org/browse/CORE-4036
* add out/crash-create-db-restricted.patch
fixes a server crash when attempting creation of a database outside of
allowed paths with firebrd.xonf setting of 'DatabaseAccess' other than
'Full'
* Recover lost doc/libfbclient2 -> firebird2.5-common-doc symlink
In Lenny, all firebird binary packages were shipping their doc/ directory
with copyright information. Because of the size of that copyright
information, when firebird2.5 packages were introduced in squeeze, they
used symlinks to the doc/firebird2.5-common-doc directory, which contained
a single copy of the copyright file. However, since dpkg won't replace
directory with a symlink, upgrading libfbclient2 from lenny (2.0) to
squeeze (2.5) leaves an empty doc/libfbclient2 directory, breaking the
Policy requirement (12.5) that every binary package ships a copyright
file.
The fix implemented in this version is to check if doc/libfbclient2 is an
empty directory (and not a symlink) and remove it in preinst. If it is a
directory and is not empty, it is renamed with .dpkg-old extension. This
gives dpkg way to unpack the shipped symlink.
Closes: #692948 -- missing copyright file after upgrade from lenny to
squeeze to wheezy/sid.
Thanks go to Andreas Beckmann for reporting the issue, Julian Taylor,
Slávek Banko and Serafeim Zanikolas for helping with the implementation.
* fix server crash when preparing an empty SQL statement with tracing enabled
patch taken from upstream revision 54702. Closes: #693210 (CVE-2012-5529)
* fix remote pre-authentication stack overflow in firebird server
patch taken from upstream revision 57728. Closes: #702736 (CVE-2013-2429)
This bug was fixed in the package firebird2.5 - 2.5.2.26540.ds4-1
---------------
firebird2.5 (2.5.2.26540.ds4-1) unstable; urgency=low
* Official 2.5.2 release 4122-compliant UUID
+ CORE-3912: segfault in superclassic (Closes: #693192)
+ Restored the on-disk-structure compatibility with 2.5.1 index keys
(Closes: #693193)
+ Fixed broken (working as no-op) sweep in SuperServer (Closes: #693195)
+ CORE-3902: Derived fields may not be optimized via an index
(Closes: #693196)
+ CORE-3895: High memory usage when PSQL code SELECT's from stored
procedure which modified some data (Closes: #693202)
+ CORE-3238: GEN_UUID returns a non-RFC-
(Closes: #693207)
+ CORE-3887: CHAR_TO_UUID and UUID_TO_CHAR works different in big endian
architectures (Closes: #693209)
+ Enabled per-table runtime stats for sweeper
+ Changes not concerning Debian
- CORE-3786: Hangs on MacOSX 10.7 (Lion) on DB create after reboot
- CORE-3911: API entrypoints Bopen and BLOB_open are not visible on Darwin
- CORE-3740: SELECT using IN list with >413 elements causes crash on Mac
(stack overflow with default stack size)
- CORE-3740: optimisation bug in GCC on Darwin
* Update debian/copyright (two new files, no licensing changes)
* Add NEWS.Debian about incompatible fix in char↔UUID conversion functions
* drop patches included in the upstream release: r54702- cve-2012- 5529.patch r57728- cve-2013- 2429.patch file-and- sem-perms. patch to apply cleanly
+ upstream/
+ upstream/
* refresh separate-
* Patches taken from upstream SVN gbak-y- redirection. patch tracker. firebirdsql. org/browse/ CORE-3995 lots-autonomous -trx-leaks- crash.patch tracker. firebirdsql. org/browse/ CORE-3908 bad-trn- num-logged- during- sweep.patch tracker. firebirdsql. org/browse/ CORE-3978 fix-isql- edit-command. patch tracker. firebirdsql. org/browse/ CORE-3990 crash-convertin g-overscaled- numeric- to-string. patch tracker. firebirdsql. org/browse/ CORE-4093 crash-storing- long-incompress ible-data. patch tracker. firebirdsql. org/browse/ CORE-4036 create- db-restricted. patch
+ r57516r57773-
make gbak -y work with redirection again (regression from 2.5.1)
http://
+ r57707r57710-
fix engine crash/memory leak with many autonomous transactions (remote
crash/memory leak)
http://
+ r57349-
fix invalid transaction counters logged during sweep (trivial fix)
http://
+ r57714r57716-
fix isql's edit command broken in 2.5.2 (regression from 2.5.1)
http://
+ r58004-
fix engine crash while converting an overscaled numeric to a string
(remote crash)
http://
+ r57795-
fix bugcheck/corruption when storing long uncompressible data (possible
db corruption)
http://
* add out/crash-
fixes a server crash when attempting creation of a database outside of
allowed paths with firebrd.xonf setting of 'DatabaseAccess' other than
'Full'
-- Damyan Ivanov <email address hidden> Thu, 09 May 2013 16:39:17 +0300
firebird2.5 (2.5.2~ svn+54698. ds4-3) unstable; urgency=high
* Recover lost doc/libfbclient2 -> firebird2. 5-common- doc symlink
In Lenny, all firebird binary packages were shipping their doc/ directory 5-common- doc directory, which contained
with copyright information. Because of the size of that copyright
information, when firebird2.5 packages were introduced in squeeze, they
used symlinks to the doc/firebird2.
a single copy of the copyright file. However, since dpkg won't replace
directory with a symlink, upgrading libfbclient2 from lenny (2.0) to
squeeze (2.5) leaves an empty doc/libfbclient2 directory, breaking the
Policy requirement (12.5) that every binary package ships a copyright
file.
The fix implemented in this version is to check if doc/libfbclient2 is an
empty directory (and not a symlink) and remove it in preinst. If it is a
directory and is not empty, it is renamed with .dpkg-old extension. This
gives dpkg way to unpack the shipped symlink.
Closes: #692948 -- missing copyright file after upgrade from lenny to
squeeze to wheezy/sid.
Thanks go to Andreas Beckmann for reporting the issue, Julian Taylor,
Slávek Banko and Serafeim Zanikolas for helping with the implementation.
-- Damyan Ivanov <email address hidden> Fri, 22 Mar 2013 15:11:16 +0200
firebird2.5 (2.5.2~ svn+54698. ds4-2) unstable; urgency=high
* High urgency for upload fixing security issues
* fix server crash when preparing an empty SQL statement with tracing enabled
patch taken from upstream revision 54702. Closes: #693210 (CVE-2012-5529)
* fix remote pre-authentication stack overflow in firebird server
patch taken from upstream revision 57728. Closes: #702736 (CVE-2013-2429)
-- Damyan Ivanov <email address hidden> Mon, 18 Mar 2013 17:23:50 +0200