Ред База Данных 3 - 3.0.23
04/20/2026
Changelog:
Fixes:
- Win32: KERNEL32.GetThreadId import breaks Windows XP. FB-8850.
- Fatal lock manager error: invalid lock id. FB-8817.
- Fixed potential endless loop inside MET_scan_relation: when relation is system-defined and its ODS is greater than ODS of current database.
- Fix BUGCHECK "buffer marked for update (217)" when the marked pointer page needs to be written while fetching the data page. RS-275739.
- Indexes may not be used for multiple ORed conditions containing both field and non-field references. FB-8926.
- Use of some switches with parameter in gbak's command line before name of database in -SE mode breaks access to databases with non-default security database. FB-8903
- Postfix for RS-197357: Restore the initial scope of BackgroundContextHolder to avoid a deadlock in WorkerAttachment::releaseAttachment. RS-281075.
- Check plugin name for directory separator and path component.
- CryptCallback DOS (CVE-2026-28224). RS-280046.
- Pre-Auth DOS (CVE-2026-27890). RS-278355.
- DoS via op_response packet from client (CVE-2026-34232). RS-284676.
- Buffer overflow on parsing corrupted slice packet (CVE-2026-33337). RS-281063.
- Server hangs when using specific clumplet on batch creation (CVE-2026-28214). RS-276405.
- Server emergency shutdown on specific packet receive (CVE-2026-28212). RS-278352.
- Treat string descriptor with zero dsc_length as invalid slice descriptor. Also check data length and dsc length separately (CVE-2026-35215). RS-285833.
Improvements:
- Update Windows distributions with zlib version 1.3.2. FB-8922.
- Increase isql max password length
View available only to authorised users
Authorisation