Hi This vulnerability seems to have been already handled. See URL: https://security-tracker.debian.org/tracker/TEMP-0566326-9A899F
But no CVE assigned as this is not public yet. Additionally, the Tencent team's page itself on the link referred by you state that in order to apply the fix, update to 3.26.0 version. The Debian package in unstable/sid is already at 3.26.0-3. This also indicates that the issue is already handled. https://packages.debian.org/sid/sqlite3 On Mon, Dec 17, 2018 at 02:20:25PM +0900, Hideki Yamane wrote: > Tencent Blade Team released a security advisory about "Magellan" bug > in sqlite, that was fixed in upstream 3.26.0. > See https://blade.tencent.com/magellan/index_en.html > > CVE is not assigned yet, but we should track and try to fix it. > > -- > Hideki Yamane <[email protected]> Tell me if I am wrong. Regards, -- qmi | Debian GNU/Linux enthusiast Email: [email protected] WWW: http://www.miklos.info GPG: 3C4B 1364 A379 7366 7FED 260A 2208 F2CE 3FCE A0D3
