Firebird: Buffer overflow and the patch for gentoo
A vulnerability has been discovered in Firebird, allowing for the
execution of arbitrary code.
Category: Firebird Releases
Annoucements about Firebird oficial releases.
Firebird 2.1 Beta 1 Ready for Field Testing
The Firebird team is pleased to announce that the first Beta builds of
Firebird V.2.1 are ready for testing. Binary and source kits should
start appearing at the Sourceforge mirrors today.
Download links for all the released kits can be found here:
http://www.firebirdsql.org/index.php?op=files&id=fb210_beta01
Release Notes are here:
http://www.firebirdsql.org/devel/doc/rlsnotes/html/rlsnotes21.html
Dmitry
Firebird 2.x/3.0 roadmap for 2007
Here is the firebird 3.0 developer roadmap for 2007 (also you can watch for firibird 2.1 and 2.0.x fixes)
firebird-2.0.1 package added to gentoo package system
William L. Thomson Jr added the new package
Firebird “fbserver” Service Connect Request Handling Buffer Overflow Vulnerability
Vulnerability has been identified in Firebird, which could be exploited by remote attackers to cause a denial of service or take complete control of an affected system. This issue is caused by a buffer overflow error in the “fbserver.exe” service (port 3050/TCP) when processing a “connect” request (0x1) with a large “p_cnct_count” value, which could be exploited by remote unauthenticated attackers to crash an affected application or execute arbitrary code with the privileges of the database.
Affected Products
Firebird version 2.0.0
Solution
Upgrade ASAP to Firebird version 2.0.1 :
http://www.firebirdsql.org/index.php?op=files&id=engine_201
Firebird for MacOS Intel – fresh builds
There are two new updated packages available on ibphoenix.com
Firebird 2.0.1 for MacOS Intel (x86)
I have two new builds of Firebird for x86 MacOS (CS and SS)
The SS build should now use UDF’s properly and
the server should start and stop properly.
Firebird 2.1 alpha, a quick glance at the new features
Firebird 2.1 alpha, a quick glance at the new features
Firebird 2.1 Alpha 1 Ready for Field Testing
The Firebird team is pleased to announce that the first Alpha builds of Firebird V.2.1 are ready for testing. Binary and source kits for Linux and and some Win64 and Win32 kits should start appearing at the Sourceforge mirrors today. For a summary of new features and bug fixes, see HERE.