[ubuntu/xenial-security] sqlite3 3.11.0-1ubuntu1.5 (Accepted)

Wed, 10 Jun 2020 06:22:48 -0700 

sqlite3 (3.11.0-1ubuntu1.5) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in sqlite3_str_vappendf
    - debian/patches/CVE-2020-13434-pre1.patch: fix test/printf.test.
    - debian/patches/CVE-2020-13434.patch: limit the "precision" of
      floating-point to text conversions in src/printf.c, test/printf.test.
    - CVE-2020-13434
  * SECURITY UPDATE: use-after-free in fts3EvalNextRow
    - debian/patches/CVE-2020-13630.patch: add fix to ext/fts3/fts3.c,
      test/fts3snippet.test.
    - CVE-2020-13630
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2020-13632.patch: fix issue in
      ext/fts3/fts3_snippet.c, test/fts3matchinfo2.test.
    - CVE-2020-13632

Date: 2020-06-09 11:23:14.057246+00:00
Changed-By: Marc Deslauriers <marc.deslauri...@canonical.com>
https://launchpad.net/ubuntu/+source/sqlite3/3.11.0-1ubuntu1.5

Sorry, changesfile not available.
-- 
Xenial-changes mailing list
Xenial-changes@lists.ubuntu.com
Modify settings or unsubscribe at: 
https://lists.ubuntu.com/mailman/listinfo/xenial-changes

Reply via email to