Some vulnerabilities have been reported in Firebird, where some have unknown impact and others can be exploited by malicious users to cause a DoS (Denial of Service). 1) An error exists in the processing of event registration requests. This can potentially be exploited by a client application connected via XNET to crash the Firebird server by registering several events in parallel. 2) An error exists in the processing of network packets. This can potentially be exploited to increase the CPU load to a high value and consume large amounts of memory by sending large network packets containing garbage data. 3) An unspecified error exists in the processing of Service API calls. This can be exploited to cause a DoS on the affected Firebird server. 4) An unspecified vulnerability with unknown impact exists in the processing of "attach database" and "create database" commands when the passed filename is larger than "MAX_PATH_LEN". The vulnerabilities are reported in versions prior to 2.0.2.
Cc'ing maintainers and setting whiteboard status.
Wasn't even aware of release. I will see about bumping asap. I was in the process of moving to opt. Guess I will pause on that for now.
Ok, I have bumped the ebuild and it compiled and seems to be good to go. If others can test, and if no problems we can look to rush stabilize.
arches, please stabilise dev-db/firebird-2.0.2.12964.0
x86 stable
*** Bug 192274 has been marked as a duplicate of this bug. ***
Firebird 2.0.2 is Recalled The Firebird 2.0.2 release has been recalled due to a significant regression that has shown up (Tracker Issue CORE-1434). Our sincere apologies for the inconvenience. A release candidate for v.2.0.3 will follow shortly. http://tracker.firebirdsql.org/browse/CORE-1434 (2.0.3_rc1 is out, BTW).
(In reply to comment #7) > Firebird 2.0.2 is Recalled Yeah not sure what's going on with apps I love and have never had issues with. ASSP and Firebird :( > (2.0.3_rc1 is out, BTW). Not really. It's a pre-release, and I can't download sources. :( http://www.firebirdsql.org/index.php?op=files&id=fb203_rc1 404
(In reply to comment #8) > Not really. It's a pre-release, and I can't download sources. :( > > http://www.firebirdsql.org/index.php?op=files&id=fb203_rc1 Works fine here.
(In reply to comment #9) > > Works fine here. So you can download sources? http://www.firebirdsql.org/download/prerelease/Firebird-2.0.3.12981-0.tar.bz2 404
(In reply to comment #10) > So you can download sources? > http://www.firebirdsql.org/download/prerelease/Firebird-2.0.3.12981-0.tar.bz2 > 404 The link is wrong, but this works: http://www.firebirdsql.org/download/prerelease/source/Firebird-2.0.3.12981-0.tar.bz2
ok, thanks, a URL is what I needed for ebuild :)
Ok pre-release committed to tree. I didn't tag it as such atm. Should be moot since if upstream does another 2.0.3 release, the build number will have gone up :)
Thanks William. Arches, please test and stabilize dev-db/firebird-2.0.3.12981.0. Target keywords: "amd64 x86"
amd64 stable
If severity level stays that way, glsa voting is now open.
In case of a GLSA, there's also CVE-2007-4669 not covered by the Secunia advisory. You might want to review it, too.
I tend to vote NO.
I tend to vote NO too, though the 4th "unspecified issue" with the MAX_PATH_LEN might imply code execution :/
I usually vote noglsa for unspecified vulnerabilities with unknown impact. Plus, the DoS vulnerabilities by opening several connections or sending large packets could happen all the time. Perhaps, there is CVE-2007-4669, but i don't know if the logfile would provide much sensible information. I vote no, and closing. Feel free to reopen if you disagree.
Just as further info, unless a user is doing something abnormal with logging sensitive stuff to the log file. Having access to it's contents is quite moot IMHO. It hardly reveals much if anything. Other than maybe if someone were beating on a db server trying to take it down. While viewing logs at the same time to see any signs of distress.
