Category: General news

Here is the description for CVE-2017-11509
An authenticated remote attacker can execute arbitrary code in Firebird SQL
Server versions 2.5.7 and 3.0.2 by executing a malformed SQL statement. The
only known solution is to disable external UDF libraries from being loaded. In
order to achieve this, the default configuration has changed to UdfAccess=None.
This will prevent the fbudf module from being loaded, but may also break other
functionality relying on modules.

Here is the Debian security page with the issue : CVE-2017-11509
And here is the original report https://www.tenable.com/security/research/tra-2017-36

Firebird 3.0.3 Package is uploaded into Firebird 3.0.x ppa.

There are packages for Ubuntu 18.04 (Bionic) , 16.04 (Xenial)

Firebird 3.0.3 changes are available in the release notes

 

 

Work in progress for 14.04 (Trusty).

Read the new white paper “Authentication in Firebird” from IBPhoenix: Developments introduced in Firebird 3 provide many options for authenticating users attempting to attach to a database. No longer is authentication restricted to a single method: the methods available are determined by the plug-in authentication modules configured in the global and/or database config files.
Also, there are many interesting articles in Documentation area of IBPhoenix website.

Since Firebird 3 was released, users have sometimes been confused about the “missing” kits for Firebird embedded. We hope this article will demystify the issue and help developers migrating older embedded applications to Firebird 3 and higher.
Read the new white paper by Helen Borrie, Embedded Server in Firebird 3.

Sourceforge Community Choice Project of the Month for May is Firebird

The voters have spoken! Your "Community Choice" Project of the Month for May is… Firebird! https://t.co/wirK9SId2Z #potm #opensource #FOSS #Firebird

— SourceForge (@sourceforge) May 1, 2018

FDB Python driver for Firebird v2.0 is available for download.

https://pypi.python.org/pypi/fdb

IMPORTANT: This is initial release of new “SweetBitter” driver generation.

During this (v2) generation FDB driver will undergo a transition from
development centered around Python 2.7 / Firebird 2.x to development
centered around Python 3 / Firebird 3. There are some backward
incompatible changes between v2 and v1 generation, and you may expect
some also between individual releases of second generation. To soften
this bitter pill, the second generation will have new functionality,
enhancements and optimalizations gradually added into each public release.

The second generation is also the last one that will directly support
Python 2.7 and will be tested with Firebird 2.

The plan is to move forward with v3 generation (Python 3/Firebird 3+) as
soon as v2 code base will become mature.

What’s new:

* Hooks.
* New modules for parsing Firebird trace & audit logs (fdb.trace), gstat
output (fdb.gstat) and server log (fdb.log)
* Added fdb.utils.ObjectList class for improved object collection
manipulation.
* Modules monitor and schema now use new fdb.utils.ObjectList for
collections of information objects.
* Methods fdb.Connection.database_info() and
fdb.Transaction.transaction_info() now distinguish between text and
binary strings with result_type code.
* Significant changes to documentation.
* Reworked Visitor Pattern support in schema module, added classes
fdb.utils.Visitable and fdb.utils.Visitor.
* …and more (including bug fixes).

Read more at http://fdb.readthedocs.io/en/v2.0/

IBPhoenix now have a Firebird 3.x encryption plugin available for MacOSX.

Read the new white paper “Authentication in Firebird” from IBPhoenix: Developments introduced in Firebird 3 provide many options for authenticating users attempting to attach to a database. No longer is authentication restricted to a single method: the methods available are determined by the plug-in authentication modules configured in the global and/or database config files.
Also, there are many interesting articles in Documentation area of IBPhoenix website.