This bug was fixed in the package db5.3 - 5.3.28+dfsg1-0.8ubuntu1 --------------- db5.3 (5.3.28+dfsg1-0.8ubuntu1) impish; urgency=low
* Merge from Debian unstable (LP: #1927978). Remaining changes: - SECURITY UPDATE: Heap out-of-bounds read - debian/patches/CVE-2019-8457.patch: enhance the rtreenode function in lang/sql/sqlite/ext/rtree/rtree.c. - CVE-2019-8457 * Removed patches obsoleted/merged by upstream: - Fix FTBFS due to multiple definitions of progname, switch one of them to glibc provided program_invocation_name. - Test-suite sh_list segfaults when db5.3 built with gcc-10, switch to gcc-9. - Build everything with gcc-9. -- Dave Jones <dave.jo...@canonical.com> Tue, 23 Mar 2021 15:15:50 +0000 ** Changed in: db5.3 (Ubuntu) Status: Fix Committed => Fix Released ** CVE added: https://cve.mitre.org/cgi-bin/cvename.cgi?name=2019-8457 -- You received this bug notification because you are a member of Ubuntu Bugs, which is subscribed to Ubuntu. https://bugs.launchpad.net/bugs/1927978 Title: Please merge db5.3 5.3.28+dfsg1-0.8 from Debian unstable To manage notifications about this bug go to: https://bugs.launchpad.net/ubuntu/+source/db5.3/+bug/1927978/+subscriptions -- ubuntu-bugs mailing list ubuntu-bugs@lists.ubuntu.com https://lists.ubuntu.com/mailman/listinfo/ubuntu-bugs