On 17 Apr 2017, at 9:56am, Saurav Sarkar <saurav.sark...@gmail.com> wrote:
> http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-6607 > > It mentions the escalation of privilege attack in Android due to an > internal bug in SQlite > > We use SQLite distributed with Android in our application and use the > normal Android APIs for SQLite Access .And use it for our CRUD operations. > > I did not find any more details about this bug so would like to know in > this list if this is a problem. SQLite 3.8.9, which according to the announcement fixed the relevant bug, was released in April 2015, which is now two years ago. As described in the report, if you’re still using a version of Android before 5.1.1 the bug will still effect the platform. > Would like to know if the same vulnerability applies for Windows universal > platform as well. SQLite is not built into that platform. If you wish to use SQLite on WUP yourself, just make sure you include a current version, not a two year old version. Simon. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users