[Git][security-tracker-team/security-tracker][master] LTS: Mark CVE-2019-8457/{db5.3,sqlite3} as ignored

Sat, 03 Jun 2023 06:45:23 -0700 


Roberto C. Sánchez pushed to branch master at Debian Security Tracker / 
security-tracker


Commits:
fd91ffaa by Roberto C. Sánchez at 2023-06-03T09:44:52-04:00
LTS: Mark CVE-2019-8457/{db5.3,sqlite3} as ignored

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -298717,11 +298717,11 @@ CVE-2019-8458 (Check Point Endpoint Security Client 
for Windows, with Anti-Malwa
 CVE-2019-8457 (SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to 
heap out-o ...)
        - db5.3 5.3.28+dfsg1-0.9 (bug #1010974)
        [bullseye] - db5.3 <no-dsa> (Minor issue)
-       [buster] - db5.3 <no-dsa> (Minor issue)
-       [stretch] - db5.3 <no-dsa> (Minor issue)
+       [buster] - db5.3 <ignored> (vulnerable code is present but unused in 
Debian, and fix is too risky to backport)
+       [stretch] - db5.3 <ignored> (vulnerable code is present but unused in 
Debian, and fix is too risky to backport)
        - sqlite3 3.27.2-3 (bug #929775)
-       [stretch] - sqlite3 <no-dsa> (Minor issue; can be fixed via point 
release)
-       [jessie] - sqlite3 <no-dsa> (Minor issue)
+       [stretch] - sqlite3 <ignored> (vulnerable code is present but unused in 
Debian, and fix is too risky to backport)
+       [jessie] - sqlite3 <ignored> (vulnerable code is present but unused in 
Debian, and fix is too risky to backport)
        - sqlite <not-affected> (rtree extension not present in v2)
        NOTE: Fixed by: https://www.sqlite.org/src/info/90acdbfce9c08858
        NOTE: Make the internal dynamic string interface available to 
extensions:



View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd91ffaa5d850d1ec5fecd0fb75ed4d28ba468f0

-- 
View it on GitLab: 
https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/fd91ffaa5d850d1ec5fecd0fb75ed4d28ba468f0
You're receiving this email because of your account on salsa.debian.org.



_______________________________________________
debian-security-tracker-commits mailing list
[email protected]
https://alioth-lists.debian.net/cgi-bin/mailman/listinfo/debian-security-tracker-commits

Reply via email to