[ubuntu/disco-security] sqlite3 3.27.2-2ubuntu0.2 (Accepted)
Leonidas S. Barbosa
leo.barbosa at canonical.com
Mon Dec 2 12:52:12 UTC 2019
sqlite3 (3.27.2-2ubuntu0.2) disco-security; urgency=medium
* SECURITY UPDATE: Severe division by zero
- debian/patches/CVE-2019-16168.patch: fix in
src/analyze.c, src/where.c, test/analyzeC.test.
- CVE-2019-16168
* SECURITY UPDATE: Use after free
- debian/patches/CVE-2019-5018.patch: fix in
src/resolve.c, src/sqliteInt.h.
- CVE-2019-5018
* SECURITY UPDATE: Heap corruption exploit
- debian/patches/CVE-2019-5827-*.patch: fix in
ext/fts3*, ext/rtree/geopoly.c, src/build.c,
src/expr.c, src/main.c, src/test_fs.c, src/util.c,
src/vdbeaux.c, src/vdbesort.c, src/vtab.c.
- CVE-2019-5827
* SECURITY UPDATE: Mishandle pExpr
- debian/patches/CVE-2019-19242.patch: correctly handled
pExpr in src/expr.c.
- CVE-2019-19242
* SECURITY UPDATE: Denial of service (crash)
- debian/patches/CVE-2019-19244.patch: fix the crash
that happens if no check p->Win == 0 in src/select.c,
test1/window1.test.
- CVE-2019-19244
Date: 2019-11-28 18:51:14.950635+00:00
Changed-By: leo.barbosa at canonical.com (Leonidas S. Barbosa)
https://launchpad.net/ubuntu/+source/sqlite3/3.27.2-2ubuntu0.2
-------------- next part --------------
Sorry, changesfile not available.
More information about the Disco-changes
mailing list