[Git][security-tracker-team/security-tracker][master] Add CVE-2019-19925/sqlite3

Tue, 24 Dec 2019 13:51:31 -0800 


Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
82e1c980 by Salvatore Bonaccorso at 2019-12-24T21:49:45Z
Add CVE-2019-19925/sqlite3

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -89,7 +89,9 @@ CVE-2019-19926 (multiSelect in select.c in SQLite 3.30.1 
mishandles certain erro
        - sqlite3 <not-affected> (Incomplete fix for CVE-2019-19880 not applied)
        NOTE: 
https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
 CVE-2019-19925 (zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 
mishandles a NULL ...)
-       TODO: check
+       - sqlite3 <unfixed>
+       [stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
+       NOTE: 
https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618
 CVE-2019-19924 (SQLite 3.30.1 mishandles certain parser-tree rewriting, 
related to exp ...)
        TODO: check
 CVE-2019-19923 (flattenSubquery in select.c in SQLite 3.30.1 mishandles 
certain uses o ...)



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/82e1c980d11c47a6d21d108c5270bac0b0d024a2

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/commit/82e1c980d11c47a6d21d108c5270bac0b0d024a2
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to