Salvatore Bonaccorso pushed to branch master at Debian Security Tracker /
security-tracker
Commits:
fd656817 by Salvatore Bonaccorso at 2020-01-12T09:09:07+01:00
Update information on CVE-2019-19880/sqlite3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -7385,9 +7385,11 @@ CVE-2019-19881
RESERVED
CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows
attackers to tr ...)
- sqlite3 3.30.1+fossil191229-1
+ [buster] - sqlite3 <not-affected> (Vulnerable code introduced later)
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
- NOTE:
https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54
+ NOTE: Introduced in:
https://github.com/sqlite/sqlite/commit/08f6de7f314ad6b15d34cc5f27c3e737fcd99268
(3.29.0)
+ NOTE: Fixed by:
https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54
NOTE: When fixing this issue make sure to apply as well
NOTE:
https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
NOTE: to not open CVE-2019-19926.
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd656817d3cd6fb133adaaba612ef51101f6b3fc
--
View it on GitLab:
https://salsa.debian.org/security-tracker-team/security-tracker/commit/fd656817d3cd6fb133adaaba612ef51101f6b3fc
You're receiving this email because of your account on salsa.debian.org.
_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits
