Debian Security Advisory

DLA-879-1 firebird2.5 -- LTS security update

Date Reported:
29 Mar 2017
Affected Packages:
Security database references:
In the Debian bugtracking system: Bug 858641.
In Mitre's CVE dictionary: CVE-2017-6369.
More information:

George Noseevich discovered that firebird2.5, a relational database system, did not properly check User-Defined Functions (UDF), thus allowing remote authenticated users to execute arbitrary code on the firebird server.

For Debian 7 Wheezy, these problems have been fixed in version

We recommend that you upgrade your firebird2.5 packages.

Further information about Debian LTS security advisories, how to apply these updates to your system and frequently asked questions can be found at: