[ubuntu/bionic-security] sqlite3 3.22.0-1ubuntu0.4 (Accepted)

Marc Deslauriers marc.deslauriers at canonical.com
Wed Jun 10 13:22:17 UTC 2020

sqlite3 (3.22.0-1ubuntu0.4) bionic-security; urgency=medium

  * SECURITY UPDATE: null pointer dereference
    - debian/patches/CVE-2018-8740.patch: better error message text when
      the schema is corrupted in src/build.c, src/prepare.c.
    - CVE-2018-8740
  * SECURITY UPDATE: integer overflow in sqlite3_str_vappendf
    - debian/patches/CVE-2020-13434-pre1.patch: fix test/printf.test.
    - debian/patches/CVE-2020-13434.patch: limit the "precision" of
      floating-point to text conversions in src/printf.c, test/printf.test.
    - CVE-2020-13434
  * SECURITY UPDATE: use-after-free in fts3EvalNextRow
    - debian/patches/CVE-2020-13630.patch: add fix to ext/fts3/fts3.c,
    - CVE-2020-13630
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2020-13632.patch: fix issue in
      ext/fts3/fts3_snippet.c, test/fts3matchinfo2.test.
    - CVE-2020-13632

Date: 2020-06-09 11:40:13.663060+00:00
Changed-By: Marc Deslauriers <marc.deslauriers at canonical.com>
-------------- next part --------------
Sorry, changesfile not available.

More information about the Bionic-changes mailing list