Your message dated Sat, 22 Feb 2020 12:09:43 +0000
with message-id <[email protected]>
and subject line Bug#951835: fixed in sqlite3 3.31.1-3
has caused the Debian Bug report #951835,
regarding sqlite3: CVE-2020-9327
to be marked as done.
This means that you claim that the problem has been dealt with.
If this is not the case it is now your responsibility to reopen the
Bug report if necessary, and/or fix the problem forthwith.
(NB: If you are a system administrator and have no idea what this
message is talking about, this may indicate a serious mail system
misconfiguration somewhere. Please contact [email protected]
immediately.)
--
951835: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=951835
Debian Bug Tracking System
Contact [email protected] with problems
--- Begin Message ---
Source: sqlite3
Version: 3.31.1-2
Severity: important
Tags: security upstream
Hi,
The following vulnerability was published for sqlite3.
CVE-2020-9327[0]:
| In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger
| a NULL pointer dereference and segmentation fault because of generated
| column optimizations.
If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.
For further information see:
[0] https://security-tracker.debian.org/tracker/CVE-2020-9327
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327
Please adjust the affected versions in the BTS as needed.
Regards,
Salvatore
--- End Message ---
--- Begin Message ---
Source: sqlite3
Source-Version: 3.31.1-3
Done: Laszlo Boszormenyi (GCS) <[email protected]>
We believe that the bug you reported is fixed in the latest version of
sqlite3, which is due to be installed in the Debian FTP archive.
A summary of the changes between this version and the previous one is
attached.
Thank you for reporting the bug, which will now be closed. If you
have further comments please address them to [email protected],
and the maintainer will reopen the bug report if appropriate.
Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <[email protected]> (supplier of updated sqlite3 package)
(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing [email protected])
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA512
Format: 1.8
Date: Sat, 22 Feb 2020 10:43:26 +0000
Source: sqlite3
Architecture: source
Version: 3.31.1-3
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <[email protected]>
Changed-By: Laszlo Boszormenyi (GCS) <[email protected]>
Closes: 861670 951835
Changes:
sqlite3 (3.31.1-3) unstable; urgency=high
.
* Backport upstream security fixes for CVE-2020-9327: segmentation fault in
isAuxiliaryVtabOperator() (closes: #951835).
.
[ Kari Pahula <[email protected]> ]
* Provide sqldiff.1 manpage (closes: #861670).
Checksums-Sha1:
2a7864711a5894f91bffce719ac91b84602b0445 2404 sqlite3_3.31.1-3.dsc
74eaef70214e6879932eb17310b83af5a5787f14 24920 sqlite3_3.31.1-3.debian.tar.xz
Checksums-Sha256:
7d16c28595f8f1c7b478e77dbbdf3b65cc66a50be8333e47533d9c702f12cc28 2404
sqlite3_3.31.1-3.dsc
01d8e3fa88c420d869d1cfab833e7824726e1003cf56904d77bf4586620cceaa 24920
sqlite3_3.31.1-3.debian.tar.xz
Files:
9429a3d13f8dd469529dbf03f8d21272 2404 devel optional sqlite3_3.31.1-3.dsc
2a6112628b0bacc8e1cb90e03294ad1c 24920 devel optional
sqlite3_3.31.1-3.debian.tar.xz
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAl5RE2YACgkQ3OMQ54ZM
yL/FBRAAhNaxyu9zR98fjgRHvRTLy75Q7cRsuhYvkFCaOH3jjC5U19Ni3cWOpUhK
Lq2ZSiRgq94uR5E4d6dmShg6w+OMwEPtjPkIQEvBTps90+2YYz0pm8Cm2q8AeKW8
LKOZehSKM452gam3T4maisvITSHXWQXwcQRll+I8pJpe6Jj5D0QHZhX+Od6sJNwx
knmG0AIRcqzEVKOFEBQzv5l4xfIAeA0KRpd+HFDTZMv+vK4gpaoxdH5ioek/fjzc
OX1sz1tcH3FKyAFZ6fJIwpF7JbsIPF8H1oxL7wFIv7ZQRPtFQ8Z9G4x1EqbGVg/r
h9dw/IZzpVwfUDyy6A5iPXwNC34wph8IVbh/RwC9pkBJ+f/NdzfB/wcfgXFGyzYY
3MbwcEYObwSfWCsGo98CzYANhtT53JqOLeNz7xwSAZBEXZZTIBpRY655TG7tIEms
SlY/yzvthiSTWJvTgZRrMuD/cdMncN5qfGCe1c0cANMRF/raY4VrncosmyLJwaRA
k2ccQzJbOzYwSxQbRENKLBEP3QNSOVv9TAFoOeFaL67zT7jxwvhoQpam+y0qx9n3
fcEwnuDninMyzX6ZOixHBbunFAR6Xd1JGjXUQKqbeRi/Es1I/dX0/m6kvJO62ybI
hD+erpWpf/m2pybH/wnt5hE72LD3/AmKPpfPKTd3MkDdfxRaG/U=
=OIHN
-----END PGP SIGNATURE-----
--- End Message ---
