sqlite3 (3.7.9-2ubuntu1.4) precise-security; urgency=medium
* SECURITY UPDATE: NULL pointer dereference
- debian/patches/CVE-2018-8740.patch: fix checking
for pSelect and zExtra[0] in src/build.c, src/prepare.c.
- CVE-2018-8740
sqlite3 (3.7.9-2ubuntu1.3) precise-security; urgency=medium
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2016-6153-*.patch: change temp direcotry
search algorithm in src/os_unix.c.
- CVE-2016-6153
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2017-13685.patch: adds checks in
src/shell.c.
- CVE-2017-13685
* SECURITY UPDATE: Denial of service
- debian/patches/CVE-2017-2518.patch: prevent a use-after-free
in src/whereexpr.c.
- CVE-2017-2518
* SECURITY UPDATE: Integer overflow
- debian/patches/CVE-2018-20346-and-CVE-2018-20506*.patch:
add extra defenses against strategically corrupt databases
in ext/fts3/fst3.c, ext/fts3/fts3_write.c, test/fts3corrupt4.test,
test/permutations.test.
- CVE-2018-20346
- CVE-2018-20506
* SECURITY UPDATE: heap out-of-bound read
- debian/patches/CVE-2019-8457.patch: enhance the
rtreenode() in ext/rtree/rtree.c.
- debian/patches/CVE-2019-8457-string-interface.patch:
add string interface in src/btree.c, src/build.c,
src/func.c, src/mutex.c, src/pragma.c, src/printf.c,
src/sqlite.h.in, src/sqliteInt.h, src/treeview.c,
src/vdbeaux.c, src/vdbetrace.c, src/where.c,
src/insert.c.
- CVE-2019-8457
Date: 2019-11-29 17:33:22.786494+00:00
Changed-By: leo.barb...@canonical.com (Leonidas S. Barbosa)
Signed-By: Ubuntu Archive Robot <ubuntu-archive-ro...@lists.canonical.com>
https://launchpad.net/ubuntu/+source/sqlite3/3.7.9-2ubuntu1.4
Sorry, changesfile not available.
--
Precise-changes mailing list
Precise-changes@lists.ubuntu.com
Modify settings or unsubscribe at:
https://lists.ubuntu.com/mailman/listinfo/precise-changes