This update for firebird fixes the following security issues:
CVE-2017-6369: Insufficient checks in the UDF subsystem in Firebird allowed remote authenticated users to execute code by using a 'system' entrypoint from fbudf.so (bsc#1023990).
Affected Packages
firebird-classic
SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Software Development Kit 12 SP1SUSE Linux Enterprise Software Development Kit 12 SP2SUSE Linux Enterprise Workstation Extension 12 SP1
Fixed in:
2.5.2.26539-15.1
libfbembed2_5
SUSE Linux Enterprise Desktop 12 SP1SUSE Linux Enterprise Desktop 12 SP2SUSE Linux Enterprise Software Development Kit 12 SP1SUSE Linux Enterprise Software Development Kit 12 SP2SUSE Linux Enterprise Workstation Extension 12 SP1
Fixed in:
2.5.2.26539-15.1
firebird
SUSE Linux Enterprise Software Development Kit 12 SP1
Fixed in:
2.5.2.26539-15.1
firebird-devel
SUSE Linux Enterprise Software Development Kit 12 SP1
Fixed in:
2.5.2.26539-15.1
libfbembed-devel
SUSE Linux Enterprise Software Development Kit 12 SP1SUSE Linux Enterprise Software Development Kit 12 SP2