Category: General news

Firebird related news

Firebird 2.5.9 with CVE-2025-54989 fix

Leave a comment

A bug in the Firebird server was found by the Zero Day Initiative (ZDI) program. The bug exploits a weakness in Firebird’s remote protocol.

The official CVE record is published here.

This bug has existed in the code base since InterBase 6 (or earlier.) and all versions of Firebird released prior to 5th May 2025 are affected.

The vulnerability allows remote unauthenticated users to cause a denial of service via a NULL pointer dereference and subsequent crash of the server.

A malicious user can cause a DoS attack on a Firebird server by sending a specific sequence of bytes. It is not necessary to be logged in to the server. To exploit the vulnerability, it is sufficient to have access to the Firebird port.

It should be noted that the Classic server architecture is less vulnerable, inasmuch as existing connections will remain active. However if the attack is sustained no new connections will be possible for the lifetime of the attack, no matter which architecture is used.

It is not known if a proof of concept has been developed. However, once the vulnerability is published one should expect rogue users to develop an attack. With increased access to AI based code generation models the bar to exploit development has been lowered considerably.

The Firebird Project has fixed this bug in the latest releases of all branches currently supported: 5.0.3, 4.0.6 and 3.0.13

While Firebird 2.5 is no longer supported by the Firebird project, it’s still supported by IBPhoenix!

We have produced a special build of Firebird 2.5.9 with this fix. There are no other changes to the source code for this build other than the fix itself. It is intended to be dropped in to an existing setup. Users can be confident that only minimal acceptance testing will be required.

You can get both 64-bit and 32-bit builds for Windows from our store for whatever price you see fair for our effort (including for free).

Database Workbench 6.8.0 released

Leave a comment

Upscene Productions is proud to announce the availability of the next release of the popular multi-DBMS development tool:

“Database Workbench 6.8.0”

This release introduces support for Oracle 23 Domains, Vector and Boolean datatypes, JavaScript stored routines and more.

Other changes include support for PostgreSQL 17, MariaDB 11.7 and MySQL 9.2, bugfixes and small new features.

Database Workbench supports Firebird, MySQL, MariaDB, PostgreSQL, SQLite, Oracle, MS SQL Server, SQL Azure, NexusDB and InterBase.

It includes tools for database design, database maintenance, testing, data transfer, data import & export, database migration, database compare and numerous other tools.

Database Workbench 6 comes in 3 different editions with different pricing models, there’s always a version that suits you!

There’s also free Lite Editions available for Firebird and MySQL.

Read more

MCP Firebird 2.2.0 – Complete SSE Transport Implementation

Leave a comment

This release 2.2.0 brings complete SSE (Server-Sent Events) transport support to MCP Firebird, making it fully compatible with the MCP Inspector and modern MCP clients while maintaining 100% backwards compatibility with existing STDIO implementations.

✨ New Features

🌐 SSE Transport Support

  • Full SSE Implementation: Complete Server-Sent Events transport using official MCP SDK v1.13.2
  • MCP Inspector Compatible: Works seamlessly with npx @modelcontextprotocol/inspector
  • Backwards Compatible Server: Supports both modern and legacy MCP clients
  • Multi-Protocol Support: Single server instance handles STDIO, SSE, and HTTP simultaneously
Read more

Flamerobin 0.9.14 Snapshot released with a few fixes and features

Leave a comment

Flamerobin 0.9.14 Snapshot released with a few fixes and features.

What’s Changed

  • Table/view triggers: add enable/disable button by @arvanus in #405
  • small improvements by @arvanus in #406
  • Bug fixed (Build-on : GNU/Linux) -> target_file: PreferencesDialogStyle.cpp, target_line: 571 by @baldeuniversel in #408
  • Fix binary fields being extracted incorrectly by @arvanus in #415
  • Fix binary fields being extracted incorrectly by @arvanus in #416
  • Workflow for Linux systems (the deb executable file will be generated) by @baldeuniversel in #417
  • New feature: highlight text selection at SqlEditor by @arvanus in #418
  • Add index, functions and packages to generate rebuild script by @arvanus in #421

New Contributors

MCP Firebird 2.0.4 Released: Enhanced Model Context Protocol Implementation for Firebird Databases

Leave a comment

Enhanced Model Context Protocol Implementation for Firebird Databases

We are excited to announce the release of MCP Firebird v2.0.4, a significant update to our Model Context Protocol implementation for Firebird databases. This stable release brings several important improvements and new features that enhance both functionality and user experience.

MCP Firebird provides a robust interface between Firebird databases and AI models, enabling seamless integration with tools like Claude Desktop and other MCP-compatible clients.

Key Features and Improvements

Server-Sent Events (SSE) Support

The new version introduces full support for Server-Sent Events (SSE) as a transport mechanism, allowing real-time data streaming between your Firebird database and client applications. This feature enables more responsive applications with live updates without requiring constant polling.

Robust Command-Line Parameter Handling

We’ve significantly enhanced the command-line interface with improved parameter handling, ensuring seamless compatibility with both NPX parameters and environment variables. This makes MCP Firebird more flexible and easier to configure in various environments.

npx mcp-firebird --database your_database.fdb --user SYSDBA --password masterkey

Read more
1 2 3 4 5 6 207