[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
This bug was fixed in the package firebird2.5 - 2.5.0.26074-0.ds4-5ubuntu0.1 --- firebird2.5 (2.5.0.26074-0.ds4-5ubuntu0.1) oneiric-security; urgency=low * SECURITY UPDATE: Fix for NULL pointer Denial of Service in TraceManager (LP: #1115902) - debian/patches/CVE-2012-5529.patch: Handle empty query safely. Based on upstream patch. - CVE-2012-5529 -- Christian Kuersteiner ckuer...@gmx.ch Wed, 06 Feb 2013 11:25:54 +0700 ** Changed in: firebird2.5 (Ubuntu Oneiric) Status: Fix Committed = Fix Released ** Changed in: firebird2.5 (Ubuntu Precise) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
This bug was fixed in the package firebird2.5 - 2.5.1.26351.ds4-2ubuntu0.1 --- firebird2.5 (2.5.1.26351.ds4-2ubuntu0.1) precise-security; urgency=low * SECURITY UPDATE: Fix for NULL pointer Denial of Service in TraceManager (LP: #1115902) - debian/patches/CVE-2012-5529.patch: Handle empty query safely. Based on upstream patch. - CVE-2012-5529 -- Christian Kuersteiner ckuer...@gmx.ch Wed, 06 Feb 2013 09:54:44 +0700 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
This bug was fixed in the package firebird2.5 - 2.5.2~svn+54698.ds4-1ubuntu0.12.10.1 --- firebird2.5 (2.5.2~svn+54698.ds4-1ubuntu0.12.10.1) quantal-security; urgency=low * SECURITY UPDATE: Fix for NULL pointer Denial of Service in TraceManager (LP: #1115902) - debian/patches/CVE-2012-5529.patch: Handle empty query safely. Based on upstream patch. - CVE-2012-5529 -- Christian Kuersteiner ckuer...@gmx.ch Tue, 05 Feb 2013 11:51:04 +0700 ** Changed in: firebird2.5 (Ubuntu Quantal) Status: Confirmed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
** Branch linked: lp:ubuntu/quantal-security/firebird2.5 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
ACK on the oneiric and precise debdiffs. Uploading now. Thanks! ** Changed in: firebird2.5 (Ubuntu Oneiric) Status: Confirmed = Fix Committed ** Changed in: firebird2.5 (Ubuntu Precise) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
The attachment lp1115902-quantal.debdiff of this bug report has been identified as being a patch in the form of a debdiff. The ubuntu- sponsors team has been subscribed to the bug report so that they can review and hopefully sponsor the debdiff. In the event that this is in fact not a patch you can resolve this situation by removing the tag 'patch' from the bug report and editing the attachment so that it is not flagged as a patch. Additionally, if you are member of the ubuntu- sponsors team please also unsubscribe the team from this bug report. [This is an automated message performed by a Launchpad user owned by Brian Murray. Please contact him regarding any issues with the action taken in this bug report.] ** Tags added: patch -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
Raring fix ** Patch added: lplp1115902-raring.debdiff https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+attachment/3515420/+files/lplp1115902-raring.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
** Also affects: firebird2.5 (Ubuntu Quantal) Importance: Undecided Status: New -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
I'm not a security team member, but for the 13.04 upload, I'll upload to raring (as opposed to raring-security) instead, as it's the current development release we should be able to just upload it there. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
Do you think you could forward the patch to Debian too? -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
** Branch linked: lp:ubuntu/raring-proposed/firebird2.5 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
Daniel, As in http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693210 they have already a patch. Don't really see why it is not applied. ** Bug watch added: Debian Bug tracker #693210 http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=693210 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
** Also affects: firebird2.5 (Ubuntu Oneiric) Importance: Undecided Status: New ** Also affects: firebird2.5 (Ubuntu Precise) Importance: Undecided Status: New ** Also affects: firebird2.5 (Ubuntu Raring) Importance: Undecided Status: New ** Changed in: firebird2.5 (Ubuntu Oneiric) Status: New = Confirmed ** Changed in: firebird2.5 (Ubuntu Precise) Status: New = Confirmed ** Changed in: firebird2.5 (Ubuntu Quantal) Status: New = Confirmed ** Changed in: firebird2.5 (Ubuntu Raring) Status: New = Confirmed ** Changed in: firebird2.5 (Ubuntu Oneiric) Importance: Undecided = Medium ** Changed in: firebird2.5 (Ubuntu Precise) Importance: Undecided = Medium ** Changed in: firebird2.5 (Ubuntu Raring) Importance: Undecided = Medium ** Changed in: firebird2.5 (Ubuntu Quantal) Importance: Undecided = Medium ** Changed in: firebird2.5 (Ubuntu Raring) Status: Confirmed = Fix Committed -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
Thanks for the quantal debdiff! I'm building packages now, and will likely release them today. -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
This bug was fixed in the package firebird2.5 - 2.5.2~svn+54698.ds4-1ubuntu1 --- firebird2.5 (2.5.2~svn+54698.ds4-1ubuntu1) raring; urgency=low * SECURITY UPDATE: Fix for NULL pointer Denial of Service in TraceManager (LP: #1115902) - debian/patches/CVE-2012-5529.patch: Handle empty query safely. Based on upstream patch. - CVE-2012-5529 -- Christian Kuersteiner ckuer...@gmx.ch Tue, 05 Feb 2013 15:18:31 +0700 ** Changed in: firebird2.5 (Ubuntu Raring) Status: Fix Committed = Fix Released -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
Precise fix ** Patch added: lp1115902-precise.debdiff https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+attachment/3516567/+files/lp1115902-precise.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
Oneiric fix ** Patch added: lp1115902-oneiric.debdiff https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+attachment/3516579/+files/lp1115902-oneiric.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs
[Bug 1115902] Re: NULL Pointer Denial of Service Vulnerability
Quantal fix ** Patch added: lp1115902-quantal.debdiff https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+attachment/3515331/+files/lp1115902-quantal.debdiff -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1115902 Title: NULL Pointer Denial of Service Vulnerability To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/firebird2.5/+bug/1115902/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs