[Pkg-firebird-general] Bug#251458: firebird: remote vulnerability
Steve Langasek
Steve Langasek <vorlon@debian.org>, 251458@bugs.debian.org
Tue, 27 Jul 2004 02:34:32 -0700
--MAH+hnPXVZWQ5cD/
Content-Type: text/plain; charset=us-ascii
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Hello,
The firebird package in Debian has a long-standing remote security hole.
We should not release such a package in sarge.
Removing this package from sarge will also mean removing the
php4-interbase, python-kinterbasdb, and zope-kinterbasdbda packages;
therefore, as maintainers of these packages, I am cc:ing you to see if
any of you are willing to do the necessary work to get the firebird
package ready for release.
I understand that the bugs are supposed to be fixed in firebird 1.5,
which is not yet packaged. If this is too much work to get done before
sarge, perhaps it makes sense to upload a firebird 1.0 package providing
only the client libraries?
Thanks,
--=20
Steve Langasek
postmodern programmer
--MAH+hnPXVZWQ5cD/
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: Digital signature
Content-Disposition: inline
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (GNU/Linux)
iD8DBQFBBiGmKN6ufymYLloRAsmiAJ93nbDwuJLj3aw+Hr92qsQar8fcJQCgvS+j
l1e6LLyAkCSQmK4B7bIbXX8=
=KYH8
-----END PGP SIGNATURE-----
--MAH+hnPXVZWQ5cD/--