USN-3929-1: Firebird vulnerabilities
02 April 2019
- firebird2.5 - A full-featured, open source SQL database derived from Borland InterBase 6.0
It was discovered that Firebird incorrectly handled certain malformed
packets. A remote attacker could possibly use this issue with a specially
crafted network packet to cause Firebird to crash, resulting in a denial of
It was discovered that Firebird incorrectly handled certain UDF libraries.
A remote attacker could possibly use this issue to execute arbitrary code.
The problem can be corrected by updating your system to the following package versions:
- firebird2.5-classic - 220.127.116.11540.ds4-9ubuntu1.1
- firebird2.5-classic-common - 18.104.22.168540.ds4-9ubuntu1.1
- firebird2.5-server-common - 22.214.171.124540.ds4-9ubuntu1.1
- firebird2.5-super - 126.96.36.199540.ds4-9ubuntu1.1
- firebird2.5-superclassic - 188.8.131.52540.ds4-9ubuntu1.1
- libfbclient2 - 184.108.40.206540.ds4-9ubuntu1.1
- libfbembed2.5 - 220.127.116.11540.ds4-9ubuntu1.1
- libib-util - 18.104.22.168540.ds4-9ubuntu1.1
In general, a standard system update will make all the necessary changes.