Debian bug fixed : CVE-2017-6369: authenticated remote execution in firebird 2.5 before version 3.0.2

We believe that the bug you reported is fixed in the latest version of
firebird3.0, which is due to be installed in the Debian FTP archive.

 * Apply commit 56e9a73c168 from upstream B3_0_Release branch
    fixing authenticated remote execution vulnerability (CVE-2017-6369,
    CORE-5474)
    Closes: #858644

Forwarded: http://tracker.firebirdsql.org/browse/CORE-5474

Authenticated Firebird users are allowed to declare UDFs (user-defined
functions). The default config allows using all entry points from the standard
UDF library, which is dynamically linked with libc, with its symbols
re-exported, including system().

Relevant upstream commits for 3.0:
https://github.com/FirebirdSQL/firebird/commit/8b2a9cb44bf6055e15f016d70a6842b8ada60375

1 Star2 Stars3 Stars4 Stars5 Stars (No Ratings Yet)
Loading...

Firebird 3.02 is out!

Firebird Project is happy to announce general availability of Firebird 3.0.2 — the second point release in the Firebird 3.0 series.

This sub-release offers many bug fixes (including fix for a recently reported security vulnerability) and also adds a few minor features and improvements, please refer to the Release Notes for the full list of changes. Binary kits for Windows and Linux on both 32-bit and 64-bit platforms are immediately available for download.

Not using Firebird 3 yet? Get the Migration Guide to Firebird 3 and save you a lot of time in the migration process!

1 Star2 Stars3 Stars4 Stars5 Stars (2 votes, average: 5.00 out of 5)
Loading...

Firebird 3.0.1 is available

Firebird Project is happy to announce general availability of Firebird 3.0.1 — the first point release in the Firebird 3.0 series.

This sub-release offers many bug fixes and also adds a few improvements, please refer to the Release Notes for the full list of changes. Binary kits for Windows and Linux on both 32-bit and 64-bit platforms are immediately available for download.

Do you plan to move to Firebird 3? Wanna avoid unnecessary headaches? Check out the Migration Guide to Firebird 3 right now!

1 Star2 Stars3 Stars4 Stars5 Stars (3 votes, average: 4.33 out of 5)
Loading...

Firebird 2.5.6 released

Firebird Project is happy to announce general availability of Firebird 2.5.6 — the latest minor release in the Firebird 2.5 series.

This sub-release introduces several bug fixes and a few improvements, please refer to the Release Notes for the full list of changes. Binary kits for Windows, Linux and Mac OS X on both 32-bit and 64-bit platforms are immediately available for download.

1 Star2 Stars3 Stars4 Stars5 Stars (1 votes, average: 5.00 out of 5)
Loading...

Firebird 3 is released!

Press Release: English | Russian | Brazilian Portuguese

The primary goals for Firebird 3.0 were to unify the server architecture and to improve support for SMP and multiple-core hardware platforms. Parallel objectives were to improve threading of engine processes and the options for sharing page cache across thread and connection boundaries.

Alongside these aims came new strategies to improve performance, query optimization, monitoring and scalability and to address the demand for more security options. A number of popular features were introduced into the SQL language, including the long-awaited support for the Boolean data type and the associated logical predications.

Documentation: Release Notes (PDF available), Quick Start Guide (PDF available) and other manuals.

Download it here.

A “Migration Guide to Firebird 3” eBook, written by Carlos H. Cantu, is also available.

1 Star2 Stars3 Stars4 Stars5 Stars (15 votes, average: 5.00 out of 5)
Loading...
1 2 3 24