[SECURITY] [DLA 4282-1] firebird3.0 security update

To: debian-lts-announce@lists.debian.org
Subject: [SECURITY] [DLA 4282-1] firebird3.0 security update
From: Adrian Bunk <bunk@debian.org>
Date: Mon, 25 Aug 2025 16:00:17 +0300
Message-id: <[🔎] aKxeYSGWoO3u3idZ@localhost>
Mail-followup-to: debian-lts@lists.debian.org
Reply-to: debian-lts@lists.debian.org

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512

- -------------------------------------------------------------------------
Debian LTS Advisory DLA-4282-1                debian-lts@lists.debian.org
https://www.debian.org/lts/security/                          Adrian Bunk
August 25, 2025                               https://wiki.debian.org/LTS
- -------------------------------------------------------------------------

Package        : firebird3.0
Version        : 3.0.7.33374.ds4-2+deb11u1
CVE ID         : CVE-2025-54989
Debian Bug     : 1111321

An XDR message parsing NULL pointer dereference has been fixed in the 
Firebird database.

For Debian 11 bullseye, this problem has been fixed in version
3.0.7.33374.ds4-2+deb11u1.

We recommend that you upgrade your firebird3.0 packages.

For the detailed security status of firebird3.0 please refer to
its security tracker page at:
https://security-tracker.debian.org/tracker/firebird3.0

Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
-----BEGIN PGP SIGNATURE-----

iQIzBAEBCgAdFiEEOvp1f6xuoR0v9F3wiNJCh6LYmLEFAmisXmEACgkQiNJCh6LY
mLEWyg/9HIVdUBGwf5KPxFRpZCrGBXcGugn/hUOPsFwkReUAkD83b5GGAIhELgEk
qMmHEyrPcQGnrA071U8zzJFGHECEshecam7WzvqqsQSY4FgEFdMjhjTi1TytJC+q
a87ktfdPTfoa+pSTnEUCzuHUY3QMynU4PHHT4DoHXipITU+tI8NDM0nZWOoiq/vO
XJGD9M3tOmXdm2UT+D0FFpClO+6eVZh34iy33/Qo2KrehT7yeSVUv2ZnpAQ3YQK4
6ZdUPZRvzDYmckBrM3Ux8PPiUALma0Ykregy/eFGeEY4vCtWuGpH0ecwVWHyPvhB
Svs/SFKTuHhw9A8zYXJApjVOQYb3yl+FX/LlfgW5MxDYo+jmG0eE3TAmN0qUiUT9
AZNnaSE6gZH68GcQwCZYa7aDSMdsC1F8wjEZOMzkVpuBZG7/wWLThluuVuae+xQl
JiLq90sPS9X6jq526j347onJI/yC3n+ZN06pZeFtEgtbgDw1xZvz0SKxa7pnIGEh
/XT+Z1j226/Nw25WAOWn1k6EKiEHSrJCfc0HlmRbyDvrI++1LBBNsi+qf05p5zRa
1hXcKwWurC3I9V3USiArYNAr5XpMXVEbqgfC+j5v39YCV9GZW0LnBwGRNZ0kpQ/I
ok/3dRfL/dwV8w9EIGKkDAxGGIFhAXEJBitMHFL6TXOoJfzZP5c=
=kcsg
-----END PGP SIGNATURE-----

Reply to:

Prev by Date: [SECURITY] [DLA 4281-1] iperf3 security update
Next by Date: [SECURITY] [DLA 4283-1] luajit security update
Previous by thread: [SECURITY] [DLA 4281-1] iperf3 security update
Next by thread: [SECURITY] [DLA 4283-1] luajit security update
Index(es):
- Date
- Thread