Summary: | dev-db/firebird < 2.0.3 Multiple buffer overflows (CVE-2007-{4992,5246}) | ||
---|---|---|---|
Product: | Gentoo Security | Reporter: | Robert Buchholz (RETIRED) <rbu> |
Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
Status: | RESOLVED FIXED | ||
Severity: | normal | CC: | wltjr |
Priority: | High | ||
Version: | unspecified | ||
Hardware: | All | ||
OS: | Linux | ||
URL: | http://www.zerodayinitiative.com/advisories/ZDI-07-057.html | ||
Whiteboard: | B2 [glsa] | ||
Package list: | Runtime testing required: | --- |
Description
Robert Buchholz (RETIRED)
2007-10-12 01:40:53 UTC
We handled stabilization of 2.0.3 in bug 190833 and decided not to issue a GLSA. Two new issues came up that might question this. The first is confirmed for Linux, for the second I don't know. William, can you advise here? If your asking about doing a GSLA or not. Hard call, but these look a bit more serious than the others. As for the one mentioning fbserver.exe, I would assume that would apply to linux as well. Obviously binary name would be different. But should have same functions, and use. So exploit should be possible regardless of OS for both. IMHO I will see if I can research this a bit to confirm 100%. If not you all can go off this. somehow this slipped through our grid. request filed. GLSA 200712-06 |