[pkg-firebird-general] Bug#702736: firebird2.5: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability

[Damyan Ivanov]

-=| Salvatore Bonaccorso, 10.03.2013 22:14:30 +0100 |=-
> Source: firebird2.5
> Severity: grave
> Tags: security
> 
> Hi
> 
> the following vulnerability was published for firebird2.5.
> 
> CVE-2013-2492[0]:
> Request Processing Buffer Overflow Vulnerability
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see also [1] and [2].
> 
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2492
>     http://security-tracker.debian.org/tracker/CVE-2013-2492
> [1] http://tracker.firebirdsql.org/browse/CORE-4058
> [2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2492

Dear security team,

Please approve upload of firebird2.5 to stable-security with the 
attached (source) diff from the version currently in squeeze.

Attached is also the binary debdiff, just in case. It contains only 
version number changes.


Thanks,
    dam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze1-source.diff
Type: text/x-diff
Size: 3746 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20130312/5bfeab06/attachment.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firebird2.5_2.5.0.26054~ReleaseCandidate3.ds2-1+squeeze1-deb.diff
Type: text/x-diff
Size: 8099 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20130312/5bfeab06/attachment-0001.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20130312/5bfeab06/attachment.pgp>