[pkg-firebird-general] Bug#702735: firebird2.1: CVE-2013-2492: Request Processing Buffer Overflow Vulnerability

[Damyan Ivanov]

(not a duplicate, firebird has two versions in squeeze)

-=| Salvatore Bonaccorso, 10.03.2013 22:13:22 +0100 |=-
> Source: firebird2.1
> Severity: grave
> Tags: security
> 
> Hi
> 
> the following vulnerability was published for firebird2.1.
> 
> CVE-2013-2492[0]:
> Request Processing Buffer Overflow Vulnerability
> 
> If you fix the vulnerability please also make sure to include the
> CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
> 
> For further information see also [1] and [2].
> 
> [0] http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2013-2492
>     http://security-tracker.debian.org/tracker/CVE-2013-2492
> [1] http://tracker.firebirdsql.org/browse/CORE-4058
> [2] https://bugzilla.redhat.com/show_bug.cgi?id=CVE-2013-2492

Dear security team,

Please approve the uploading of firebird2.1 with the attached (source) 
diff from the version in squeeze.

Also attached is the binary diff.


Thanks,
    dam
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firebird2.1_2.1.3.18185-0.ds1-11+squeeze1-source.diff
Type: text/x-diff
Size: 2165 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20130312/33885714/attachment-0002.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: firebird2.1_2.1.3.18185-0.ds1-11+squeeze1-deb.diff
Type: text/x-diff
Size: 4650 bytes
Desc: not available
URL: <http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20130312/33885714/attachment-0003.diff>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: signature.asc
Type: application/pgp-signature
Size: 836 bytes
Desc: Digital signature
URL: <http://lists.alioth.debian.org/pipermail/pkg-firebird-general/attachments/20130312/33885714/attachment-0001.pgp>