UbuntuUpdates.org

Package "libsqlite3-0"

Name: libsqlite3-0

Description:

SQLite 3 shared library

Latest version: 3.22.0-1ubuntu0.7
Release: bionic (18.04)
Level: updates
Repository: main
Head package: sqlite3
Homepage: http://www.sqlite.org/

Links


Download "libsqlite3-0"


Other versions of "libsqlite3-0" in Bionic

Repository Area Version
base main 3.22.0-1
security main 3.22.0-1ubuntu0.7

Changelog

Version: 3.22.0-1ubuntu0.7 2022-11-07 18:06:23 UTC

  sqlite3 (3.22.0-1ubuntu0.7) bionic-security; urgency=medium

  * SECURITY UPDATE: array-bounds overflow via large string argument
    - debian/patches/CVE-2022-35737.patch: increase the size of loop
      variables in src/printf.c.
    - CVE-2022-35737

 -- Marc Deslauriers <email address hidden> Fri, 04 Nov 2022 09:14:10 -0400

Source diff to previous version
CVE-2022-35737 SQLite 1.0.12 through 3.39.x before 3.39.2 sometimes allows an array-bounds overflow if billions of bytes are used in a string argument to a C API.

Version: 3.22.0-1ubuntu0.6 2022-09-15 19:07:13 UTC

  sqlite3 (3.22.0-1ubuntu0.6) bionic-security; urgency=medium

  * SECURITY UPDATE: null pointer dereference in INTERSEC query processing
    - debian/patches/CVE-2020-35525.patch: early-out on the INTERSECT query
      processing following an error in src/select.c.
    - CVE-2020-35525

 -- Marc Deslauriers <email address hidden> Wed, 14 Sep 2022 13:02:25 -0400

Source diff to previous version
CVE-2020-35525 In SQlite 3.31.1, a potential null pointer derreference was found in the INTERSEC query processing.

Version: 3.22.0-1ubuntu0.5 2022-05-05 09:06:24 UTC

  sqlite3 (3.22.0-1ubuntu0.5) bionic-security; urgency=medium

  * SECURITY UPDATE: segmentation fault in idxGetTableInfo
    - debian/patches/CVE-2021-36690.patch: perform validation
      over the column to ensure it has collating sequence in
      ext/expert/sqlite3expert.c
    - CVE-2021-36690

 -- David Fernandez Gonzalez <email address hidden> Thu, 28 Apr 2022 16:04:18 +0200

Source diff to previous version
CVE-2021-36690 ** DISPUTED ** A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there

Version: 3.22.0-1ubuntu0.4 2020-06-10 16:06:45 UTC

  sqlite3 (3.22.0-1ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2018-8740.patch: better error message text when
      the schema is corrupted in src/build.c, src/prepare.c.
    - CVE-2018-8740
  * SECURITY UPDATE: integer overflow in sqlite3_str_vappendf
    - debian/patches/CVE-2020-13434-pre1.patch: fix test/printf.test.
    - debian/patches/CVE-2020-13434.patch: limit the "precision" of
      floating-point to text conversions in src/printf.c, test/printf.test.
    - CVE-2020-13434
  * SECURITY UPDATE: use-after-free in fts3EvalNextRow
    - debian/patches/CVE-2020-13630.patch: add fix to ext/fts3/fts3.c,
      test/fts3snippet.test.
    - CVE-2020-13630
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2020-13632.patch: fix issue in
      ext/fts3/fts3_snippet.c, test/fts3matchinfo2.test.
    - CVE-2020-13632

 -- Marc Deslauriers <email address hidden> Mon, 08 Jun 2020 11:07:38 -0400

Source diff to previous version
CVE-2018-8740 In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to bu
CVE-2020-13434 SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
CVE-2020-13630 ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
CVE-2020-13632 ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

Version: 3.22.0-1ubuntu0.3 2020-03-10 15:07:16 UTC

  sqlite3 (3.22.0-1ubuntu0.3) bionic-security; urgency=medium

  * SECURITY UPDATE: more shadow table corruption
    - debian/patches/CVE-2019-13734_50.patch: more improvements to shadow
      table corruption detection in ext/fts3/fts3.c, ext/fts3/fts3Int.h,
      ext/fts3/fts3_write.c.
    - CVE-2019-13734
    - CVE-2019-13750
  * SECURITY UPDATE: corrupt records in fts3
    - debian/patches/CVE-2019-13751-pre1.patch: detect and prevent infinite
      recursion in fts3SelectLeaf() due to a malformed FTS3 btree in
      ext/fts3/fts3.c, test/fts4aa.test.
    - debian/patches/CVE-2019-13751.patch: improve detection of corrupt
      records in ext/fts3/fts3.c, ext/fts3/fts3_write.c.
    - CVE-2019-13751
  * SECURITY UPDATE: shadow table corruption
    - debian/patches/CVE-2019-13752.patch: improved detection of corrupt
      shadow tables in ext/fts3/fts3.c, ext/fts3/fts3Int.h,
      ext/fts3/fts3_write.c.
    - CVE-2019-13752
  * SECURITY UPDATE: out of bounds read
    - debian/patches/CVE-2019-13753.patch: remove a reachable NEVER() in
      ext/fts3/fts3_write.c.
    - CVE-2019-13753
  * SECURITY UPDATE: SELECT DISTINCT involving a LEFT JOIN issue
    - debian/patches/CVE-2019-19923.patch: continue to back away from the
      LEFT JOIN optimization of check-in by disallowing query flattening if
      the outer query is DISTINCT in src/select.c, test/join.test.
    - CVE-2019-19923
  * SECURITY UPDATE: certain parser-tree rewriting mishandling
    - debian/patches/CVE-2019-19924.patch: properly handle errors in
      src/expr.c, src/vdbeaux.c, src/window.c.
    - CVE-2019-19924
  * SECURITY UPDATE: NULL pathname mishandling in zipfileUpdate
    - debian/patches/CVE-2019-19925.patch: properly handle pathname in
      ext/misc/zipfile.c.
    - CVE-2019-19925
  * SECURITY UPDATE: multiSelect error handling issue
    - debian/patches/CVE-2019-19926.patch: abort early due to prior errors
      in src/select.c.
    - CVE-2019-19926
  * SECURITY UPDATE: embedded NULL filename mishandling
    - debian/patches/CVE-2019-19959.patch: handle filenames that contain
      embedded zeros in ext/misc/zipfile.c.
    - CVE-2019-19959
  * SECURITY UPDATE: selectExpander stack unwinding issue
    - debian/patches/CVE-2019-20218-pre1.patch: make sure the WITH stack in
      the Parse object is disabled following an error in src/select.c,
      src/util.c, test/with3.test.
    - debian/patches/CVE-2019-20218.patch: do not attempt to unwind the
      WITH stack in the Parse object following an error in src/select.c,
      test/altertab3.test.
    - CVE-2019-20218
  * SECURITY UPDATE: NULL pointer deref via generated column optimizations
    - debian/patches/CVE-2020-9327.patch: take care when checking the
      table of a TK_COLUMN expression node src/sqliteInt.h,
      src/whereexpr.c.

 -- Marc Deslauriers <email address hidden> Tue, 03 Mar 2020 09:20:41 -0500

CVE-2019-13734 Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted H
CVE-2019-13750 Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a cra
CVE-2019-13751 Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from proces
CVE-2019-13752 Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from proces
CVE-2019-13753 Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from proces
CVE-2019-19923 flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses of SELECT DISTINCT involving a LEFT JOIN in which the right-hand side is a view.
CVE-2019-19924 SQLite 3.30.1 mishandles certain parser-tree rewriting, related to expr.c, vdbeaux.c, and window.c. This is caused by incorrect sqlite3WindowRewrite(
CVE-2019-19925 zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL pathname during an update of a ZIP archive.
CVE-2019-19926 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE:
CVE-2019-19959 ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to
CVE-2019-20218 selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.
CVE-2020-9327 In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column o



About   -   Send Feedback to @ubuntu_updates