Syindication
firebird2.0 security bug is now fixed in debian/gentoo
Mon, 05/19/2008 - 09:38
There is an grave security bug in firebird package 2.0 from debian and ubuntu
where an user can connect to the server with SYSDBA and NO password
The bug is now fixed in debian sid (unstable)
http://packages.debian.org/sid/firebird2.0-super
and here is the changelog
firebird2.0-super.init: stop exporting ISC_USER and ISC_PASSWORD.
Fixes a hole causing remote connections as user SYSDBA to succeed
without giving a [...]
You have already tagged this post. Your tags:
Similar entries
- COBOL language in Firebird SQL Pre-processor is now enabled on debian/ubuntu
- Firebird security bug fixed in gentoo linux
- Testing needed for 2.0.4 and 2.1.0 packages for debian
- Firebird Project has now ports for the top4 embedded processors
- Firebird Project has now ports for the top4 embedded processors
- Firebird Project has now ports for the top4 embedded processors
- Firebird Project has now ports for the top4 embedded processors
- firebird2.1 security bug is now fixed in debian experimental
- Firebird ports for Intanium and hppa to be released soon
- Ubuntu 8.04 released with Firebird+Flamerobin included
