Source: sqlite3 Version: 3.27.2-2 Severity: important Tags: security upstream Control: found -1 3.16.2-5+deb9u1 Control: found -1 3.16.2-5
Hi, The following vulnerability was published for sqlite3. CVE-2019-8457[0]: | SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out- | of-bound read in the rtreenode() function when handling invalid rtree | tables. If you fix the vulnerability please also make sure to include the CVE (Common Vulnerabilities & Exposures) id in your changelog entry. For further information see: [0] https://security-tracker.debian.org/tracker/CVE-2019-8457 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-8457 [1] https://www.sqlite.org/src/info/90acdbfce9c08858 Regards, Salvatore