[35115] in bugtraq
[Fwd: Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird]
daemon@ATHENA.MIT.EDU (KF (lists))
Thu Jun 3 12:08:58 2004
Message-ID: <40BE7A26.6050208@secnetops.com>
Date: Wed, 02 Jun 2004 21:08:54 -0400
From: "KF (lists)" <kf_lists@secnetops.com>
MIME-Version: 1.0
To: bugtraq@securityfocus.com
Content-Type: multipart/mixed;
boundary="------------090008070900060409060806"
This is a multi-part message in MIME format.
--------------090008070900060409060806
Content-Type: text/plain; charset=us-ascii; format=flowed
Content-Transfer-Encoding: 7bit
--------------090008070900060409060806
Content-Type: message/rfc822;
name="Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird"
Content-Transfer-Encoding: 7bit
Content-Disposition: inline;
filename="Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird"
Return-Path: <Cgweav@aol.com>
Received: from imo-m23.mx.aol.com (imo-m23.mx.aol.com [64.12.137.4])
by mail.snosoft.com (8.12.11/8.12.10) with ESMTP id i529AcvG028357
for <kf_lists@secnetops.com>; Wed, 2 Jun 2004 05:10:38 -0400 (EDT)
(envelope-from Cgweav@aol.com)
Received: from Cgweav@aol.com
by imo-m23.mx.aol.com (mail_out_v37_r2.6.) id p.d1.e26e36f (17228)
for <kf_lists@secnetops.com>; Wed, 2 Jun 2004 05:01:24 -0400 (EDT)
From: Cgweav@aol.com
Message-ID: <d1.e26e36f.2deef164@aol.com>
Date: Wed, 2 Jun 2004 05:01:24 EDT
Subject: Re: [ GLSA 200405-18 ] Buffer Overflow in Firebird
To: kf_lists@secnetops.com
MIME-Version: 1.0
Content-Type: multipart/alternative; boundary="-----------------------------1086166884"
X-Mailer: 9.0 for Windows sub 5110
X-Spam-Checker-Version: SpamAssassin 2.60 (1.212-2003-09-23-exp) on
mail.snosoft.com
X-Spam-Level:
X-Spam-Status: No, hits=0.3 required=5.0 tests=BAYES_44,HTML_MESSAGE,
NO_REAL_NAME autolearn=no version=2.60
-------------------------------1086166884
Content-Type: text/plain; charset="US-ASCII"
Content-Transfer-Encoding: 7bit
I'm not a subscriber, I read bugtraq via a mail2news
gateway, but you can forward this to the list if
you want:
(excerpt from http://firebird.sourceforge.net/index.php?op=files)
"The V1.5 release of Firebird represents a major upgrade to the V1.0 database
engine, which has been developed by an independent team of voluntary
developers from the original InterBase source code that was released by Borland under
the InterBase Public License on 25th July 2000.
Development on the Firebird 2 codebase began early on during the Firebird
V1.0 development process, with the porting of the Firebird 1.0 C code to C++ and
the first major steps at code clean up. Firebird V1.5 is the first release of
the Firebird 2 codebase and represents a significant milestone for the
developers and the whole Firebird project, but it is not an end in itself. As
Firebird V1.5 goes to release, major development continues toward the next point
release on the journey to Firebird V2.0.
There are many new features and bugs fixed and the list of major changes
beyond the original V1.0 version is quite long. Please read the Release Notes for
more information."
The C code that implemented many old Interbase bugs is
no longer used in V1.5 (although it is always wise to test
a new release to be sure, as replacement of the old C code
with the new C++ code may be incremental).
(This is merely fyi on the revamped Firebird code base,
and is not intended to express any opinion on the
average relative bugginess of C vs C++ code.)
Regards,
Clayton Weaver
"The test of our progress is not whether we add
more to the abundance of those who have much;
it is whether we provide enough for those who have
too little." Franklin D. Roosevelt
-------------------------------1086166884
Content-Type: text/html; charset="US-ASCII"
Content-Transfer-Encoding: quoted-printable
<HTML><HEAD>
<META charset=3DUS-ASCII http-equiv=3DContent-Type content=3D"text/html; cha=
rset=3DUS-ASCII">
<META content=3D"MSHTML 6.00.2800.1106" name=3DGENERATOR></HEAD>
<BODY style=3D"FONT-SIZE: 11pt; FONT-FAMILY: Arial; BACKGROUND-COLOR: #fffff=
f">
<DIV><FONT face=3D"Trebuchet MS" size=3D2>I'm not a subscriber, I read bugtr=
aq via a mail2news</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>gateway, but you can forward this=20=
to the list if</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>you want:</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>(excerpt from </FONT><FONT face=
=3D"Trebuchet MS" size=3D2><A href=3D"http://firebird.sourceforge.net/index.=
php?op=3Dfiles">http://firebird.sourceforge.net/index.php?op=3Dfiles</A>)</F=
ONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>"The V1.5 release of Firebird repr=
esents a major upgrade to the V1.0 database engine, which has been developed=
by an independent team of voluntary developers from the original InterBase=20=
source code that was released by Borland under the InterBase Public License=20=
on 25th July 2000.</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>Development on the Firebird 2 code=
base began early on during the Firebird V1.0 development process, with the p=
orting of the Firebird 1.0 C code to C++ and the first major steps at code c=
lean up. Firebird V1.5 is the first release of the Firebird 2 codebase and r=
epresents a significant milestone for the developers and the whole Firebird=20=
project, but it is not an end in itself. As Firebird V1.5 goes to release, m=
ajor development continues toward the next point release on the journey to F=
irebird V2.0.</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>There are many new features and bu=
gs fixed and the list of major changes beyond the original V1.0 version is q=
uite long. Please read the Release Notes for more information."</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>The C code that implemented many o=
ld Interbase bugs is</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>no longer used in V1.5 (although i=
t is always wise to test</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>a new </FONT><FONT face=3D"Trebuch=
et MS" size=3D2>release to be sure, as replacement of the old C code</FONT><=
/DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>with </FONT><FONT face=3D"Trebuche=
t MS" size=3D2>the new C++ code may be incremental).</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2></FONT> </DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>(T</FONT><FONT face=3D"Trebuchet M=
S" size=3D2>his is merely </FONT><FONT face=3D"Trebuchet MS" size=3D2>fyi on=
the revamped Firebird code base,</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>and is not intended to express any=
opinion on the</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2>average relative bugginess of C vs=
C++ code.)</FONT></DIV>
<DIV><FONT face=3D"Trebuchet MS" size=3D2></FONT> </DIV>
<DIV><FONT lang=3D0 face=3D"Trebuchet MS" size=3D3 FAMILY=3D"SANSSERIF" PTSI=
ZE=3D"11">Regards,<BR><BR>Clayton Weaver<BR><BR>"The test of our progress is=
not whether we add<BR> more to the abundance of those who have mu=
ch;<BR> it is whether we provide enough for those who have<BR> too=
little." Franklin D. Roosevelt<BR></FONT></DIV></BODY></HTML>
-------------------------------1086166884--
--------------090008070900060409060806--
