[pkg-firebird-general] Bug#693210: server crash on prearing an empty query with tracing enabled
Damyan Ivanov
dmn at debian.org
Wed Nov 14 21:14:51 UTC 2012
(adding -security to Cc)
-=| Damyan Ivanov, 14.11.2012 11:35:02 +0200 |=-
> Source: firebird2.5
> Version: 2.5.0
> Severity: important
> Tags: upstream fixed-upstream security
> Forwarded: http://tracker.firebirdsql.org/browse/CORE-3884
>
> With trace enabled, preparing an empty query crashes the server on line 91 of
> /src/jrd/trace/TraceDSQLHelpers.h, since the dereferenced m_request variable is
> NULL.
>
> Tagged as 'security' since this is a remote crash, although it requires a valid
> user/pass.
This issue has assigned CVE-2012-5529.
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20121114/13296d8b/attachment.pgp>
More information about the pkg-firebird-general
mailing list