USN-4822-1: Firebird vulnerability
15 March 2021
Firebird could be made to crash or run programs if it received specially crafted input.
Releases
Packages
- firebird2.5 - A full-featured, open source SQL database derived from Borland InterBase 6.0
Details
It was discovered that Firebird exposed certain UDF libraries. An
authenticated attacker could use this vulnerability to cause a denial of service
(crash) or possibly execute arbitrary code.
Update instructions
The problem can be corrected by updating your system to the following package versions:
Ubuntu 16.04
-
libfbclient2
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
firebird2.5-classic-common
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
libfbembed2.5
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
firebird2.5-server-common
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
firebird2.5-common
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
firebird2.5-classic
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
firebird2.5-superclassic
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
libib-util
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
-
firebird2.5-super
-
2.5.4.26856.ds4-1ubuntu0.1~esm1
Available with Ubuntu Pro
In general, a standard system update will make all the necessary changes.