Package "sqlite3-doc"
Name: |
sqlite3-doc
|
Description: |
SQLite 3 documentation
|
Latest version: |
3.8.2-1ubuntu2.2 |
Release: |
trusty (14.04) |
Level: |
updates |
Repository: |
main |
Head package: |
sqlite3 |
Homepage: |
http://www.sqlite.org/ |
Links
Download "sqlite3-doc"
Other versions of "sqlite3-doc" in Trusty
Changelog
sqlite3 (3.8.2-1ubuntu2.2) trusty-security; urgency=medium
* SECURITY UPDATE: Avoid segmentation fault while using a corrupted file.
- d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch:
Check if parser is busy before using it and raise an error if positive.
(LP: #1814869)
- d/p/0002-Better-error-message-text-when-the-schema-is-corrupt.patch:
Better message and additional checks.
- No CVE associated.
-- Paulo Flabiano Smorigo <email address hidden> Thu, 21 Feb 2019 17:13:40 +0100
|
Source diff to previous version |
sqlite3 (3.8.2-1ubuntu2.1) trusty-security; urgency=medium
* SECURITY UPDATE: array overrun in the skip-scan optimization
(LP: #1448758)
- debian/patches/CVE-2013-7443.patch: make sure array is large enough
in src/where.c, added test to test/skipscan1.test.
- CVE-2013-7443
* SECURITY UPDATE: improper dequoting of collation-sequence names
- debian/patches/CVE-2015-3414.patch: handle dequoting in src/expr.c,
src/parse.y, src/sqliteInt.h, src/where.c, added tests to
test/collate1.test.
- CVE-2015-3414
* SECURITY UPDATE: improper large integers handling in printf function
- debian/patches/CVE-2015-3416.patch: handle large integers in
src/printf.c, added tests to test/printf.test.
- CVE-2015-3416
-- Marc Deslauriers Tue, 14 Jul 2015 13:26:04 -0400
|
1448758 |
memory corruption/crash in 64bit version of 3.8.2 |
CVE-2013-7443 |
SQLite array overrun in the skip-scan optimization |
CVE-2015-3414 |
SQLite before 3.8.9 does not properly implement the dequoting of collation-sequence names, which allows context-dependent attackers to cause a denial |
CVE-2015-3416 |
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions |
|
About
-
Send Feedback to @ubuntu_updates