tags 441405 pending thanks Hi, Thijs,
Thanks for taking time to follow security bulletins and reporting these issues. All these are supposed to be fixed in the 2.0.3 release, which I am preparing upload of. I'll use urgency=medium instead of high because of two reasons: 1) this is new upstream release (although minor) 2) it is actually a pre-release, that is expected to be released without changes unless severe problems appear Now, why not 2.0.2 then? Because there were a bad regression in it. 2.0.3 is released just to fix this. All the issues are present in the 1.5 series (source package firebird2 in etch, source package firebird1.5 in lenny/sid), but fixing them is not possible. There are other security issues with 1.5 series (#438855) and fixing these is very hard as upstream no longer supports them and backporting patches is impossible due to the severe changes between 1.5 and 2.0. Because of the above, 1.5 series are pending removal from Debian (see #438862) -- dam JabberID: [EMAIL PROTECTED]
signature.asc
Description: OpenPGP digital signature