Join Firebird!

Join Firebird Foundation to support Firebird SQL development and receive multiple bonuses

Follow Us

Select your media preference

Newsletter

Subscribe to Firebird’s Newsletter to receive the latest news

Developer's Report: Firebird Security and Design Enhancements
October to December 2013
 
  1. Avoid man-in-the-middle attack on ATTACH packet in FB3. Wire encryption is started before attaching database or service manager, right after connect.
  2. Simplified build of editline library, avoiding automake build dependency.
  3. Avoid deprecated macros in configure.ac. Use autoconf 2.68 as basic for FB3.
  4. Fixed races in legacy auth plugin.
  5. Fixed CORE-4200: An uncommitted select of the pseudo table sec$users blocks new database connections.
  6. Enhanced diags when trying to get info about unprepared statement.
  7. Implemented CORE-4263: Database linger.
  8. Fixed new gcc 4.7 warning "deleting object of polymorphic class" and some other new warnings.
  9. Fixed CORE-4178: Make new API return proper metadata properties for character set, scale and subtype.
  10. Implemented CORE-4273: Per-database control on access to database from remote stations
  11. Fixed CORE-4283: Resource temporarily unavailable errors while simultaneously registering events
  12. 12.Added debuginfo uninstall to posix uninstall script.
  13. Implemented CORE-4290: Extensible property (tags) support in user manaegement  - one can add arbitrary name-value pairs to users.
  14. Implemented CORE-2004: Ability to alter user inactive/active
  15. Implemented CORE-2063: Added CREATE OR ALTER USER operator
  16. Implemented CORE-3931: Ability to set comment for the user
  17. Implemented CORE-3365: Extend syntax for ALTER CURRENT USER
  18. Fixed CORE-4298: fbsvcmgr doesn't recognise sts_record_versions and other sts switches
Alex Peshkov
Yaroslavl, Russia
October to December 2013
 
  1. Avoid man-in-the-middle attack on ATTACH packet in FB3. Wire encryption is started before attaching database or service manager, right after connect.
  2. Simplified build of editline library, avoiding automake build dependency.
  3. Avoid deprecated macros in configure.ac. Use autoconf 2.68 as basic for FB3.
  4. Fixed races in legacy auth plugin.
  5. Fixed CORE-4200: An uncommitted select of the pseudo table sec$users blocks new database connections.
  6. Enhanced diags when trying to get info about unprepared statement.
  7. Implemented CORE-4263: Database linger.
  8. Fixed new gcc 4.7 warning "deleting object of polymorphic class" and some other new warnings.
  9. Fixed CORE-4178: Make new API return proper metadata properties for character set, scale and subtype.
  10. Implemented CORE-4273: Per-database control on access to database from remote stations
  11. Fixed CORE-4283: Resource temporarily unavailable errors while simultaneously registering events
  12. 12.Added debuginfo uninstall to posix uninstall script.
  13. Implemented CORE-4290: Extensible property (tags) support in user manaegement  - one can add arbitrary name-value pairs to users.
  14. Implemented CORE-2004: Ability to alter user inactive/active
  15. Implemented CORE-2063: Added CREATE OR ALTER USER operator
  16. Implemented CORE-3931: Ability to set comment for the user
  17. Implemented CORE-3365: Extend syntax for ALTER CURRENT USER
  18. Fixed CORE-4298: fbsvcmgr doesn't recognise sts_record_versions and other sts switches
Alex Peshkov
Yaroslavl, Russia