|
|
Subscribe / Log in / New account

Debian alert DLA-4282-1 (firebird3.0)



From:
              Adrian Bunk <bunk@debian.org>


To:
              debian-lts-announce@lists.debian.org


Subject:
              [SECURITY] [DLA 4282-1] firebird3.0 security update


Date:
              Mon, 25 Aug 2025 16:00:17 +0300


Message-ID:
              <aKxeYSGWoO3u3idZ@localhost>


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4282-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
August 25, 2025                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firebird3.0
Version        : 3.0.7.33374.ds4-2+deb11u1
CVE ID         : CVE-2025-54989
Debian Bug     : 1111321

An XDR message parsing NULL pointer dereference has been fixed in the 
Firebird database.

For Debian 11 bullseye, this problem has been fixed in version
3.0.7.33374.ds4-2+deb11u1.

We recommend that you upgrade your firebird3.0 packages.

For the detailed security status of firebird3.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firebird3.0

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmisXmEACgkQiNJCh6LY
mLEWyg/9HIVdUBGwf5KPxFRpZCrGBXcGugn/hUOPsFwkReUAkD83b5GGAIhELgEk
qMmHEyrPcQGnrA071U8zzJFGHECEshecam7WzvqqsQSY4FgEFdMjhjTi1TytJC+q
a87ktfdPTfoa+pSTnEUCzuHUY3QMynU4PHHT4DoHXipITU+tI8NDM0nZWOoiq/vO
XJGD9M3tOmXdm2UT+D0FFpClO+6eVZh34iy33/Qo2KrehT7yeSVUv2ZnpAQ3YQK4
6ZdUPZRvzDYmckBrM3Ux8PPiUALma0Ykregy/eFGeEY4vCtWuGpH0ecwVWHyPvhB
Svs/SFKTuHhw9A8zYXJApjVOQYb3yl+FX/LlfgW5MxDYo+jmG0eE3TAmN0qUiUT9
AZNnaSE6gZH68GcQwCZYa7aDSMdsC1F8wjEZOMzkVpuBZG7/wWLThluuVuae+xQl
JiLq90sPS9X6jq526j347onJI/yC3n+ZN06pZeFtEgtbgDw1xZvz0SKxa7pnIGEh
/XT+Z1j226/Nw25WAOWn1k6EKiEHSrJCfc0HlmRbyDvrI++1LBBNsi+qf05p5zRa
1hXcKwWurC3I9V3USiArYNAr5XpMXVEbqgfC+j5v39YCV9GZW0LnBwGRNZ0kpQ/I
ok/3dRfL/dwV8w9EIGKkDAxGGIFhAXEJBitMHFL6TXOoJfzZP5c=
=kcsg
-----END PGP SIGNATURE-----
to post comments


Copyright © 2025, Eklektix, Inc.
Comments and public postings are copyrighted by their creators.
Linux is a registered trademark of Linus Torvalds