sqlite3 (3.7.9-2ubuntu1.4) precise-security; urgency=medium

  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2018-8740.patch: fix checking
      for pSelect and zExtra[0] in src/build.c, src/prepare.c.
    - CVE-2018-8740

sqlite3 (3.7.9-2ubuntu1.3) precise-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2016-6153-*.patch: change temp direcotry
      search algorithm in src/os_unix.c.
    - CVE-2016-6153
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-13685.patch: adds checks in
      src/shell.c.
    - CVE-2017-13685
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-2518.patch: prevent a use-after-free
      in src/whereexpr.c.
    - CVE-2017-2518
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2018-20346-and-CVE-2018-20506*.patch:
      add extra defenses against strategically corrupt databases
      in ext/fts3/fst3.c, ext/fts3/fts3_write.c, test/fts3corrupt4.test,
      test/permutations.test.
    - CVE-2018-20346
    - CVE-2018-20506
  * SECURITY UPDATE: heap out-of-bound read
    - debian/patches/CVE-2019-8457.patch: enhance the
      rtreenode() in ext/rtree/rtree.c.
    - debian/patches/CVE-2019-8457-string-interface.patch:
      add string interface in src/btree.c, src/build.c,
      src/func.c, src/mutex.c, src/pragma.c, src/printf.c,
      src/sqlite.h.in, src/sqliteInt.h, src/treeview.c,
      src/vdbeaux.c, src/vdbetrace.c, src/where.c,
      src/insert.c.
    - CVE-2019-8457

Date: 2019-11-29 17:33:22.786494+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-ro...@lists.canonical.com>
https://launchpad.net/ubuntu/+source/sqlite3/3.7.9-2ubuntu1.4
Sorry, changesfile not available.
-- 
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/precise-changes

Reply via email to