Mageia alert MGASA-2021-0303 (sqlite3)
| From: | Mageia Updates <buildsystem-daemon@mageia.org> | |
| To: | updates-announce@ml.mageia.org | |
| Subject: | [updates-announce] MGASA-2021-0303: Updated sqlite3 packages fix security vulnerabilities | |
| Date: | Thu, 01 Jul 2021 01:59:51 +0200 | |
| Message-ID: | <20210630235951.60AB1A00B5@duvel.mageia.org> | |
| Archive-link: | Article |
MGASA-2021-0303 - Updated sqlite3 packages fix security vulnerabilities Publication date: 30 Jun 2021 URL: https://advisories.mageia.org/MGASA-2021-0303.html Type: security Affected Mageia releases: 7 CVE: CVE-2020-9327, CVE-2020-11655, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-13871, CVE-2020-15358 Description: In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column optimizations (CVE-2020-9327). SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled (CVE-2020-11655). SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c (CVE-2020-13434). SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c (CVE-2020-13435). ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature (CVE-2020-13630). SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c (CVE-2020-13631). ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query (CVE-2020-13632). SQLite 3.32.2 has a use-after-free in resetAccumulator in select.c because the parse tree rewrite for window functions is too late (CVE-2020-13871). In SQLite before 3.32.3, select.c mishandles query-flattener optimization, leading to a multiSelectOrderBy heap overflow because of misuse of transitive properties for constant propagation (CVE-2020-15358). References: - https://bugs.mageia.org/show_bug.cgi?id=26270 - https://access.redhat.com/errata/RHSA-2020:4442 - https://www.debian.org/lts/security/2020/dla-2340 - https://lists.fedoraproject.org/archives/list/package-ann... - https://ubuntu.com/security/notices/USN-4438-1 - https://www.sqlite.org/releaselog/3_32_3.html - https://www.sqlite.org/releaselog/3_32_2.html - https://www.sqlite.org/releaselog/3_32_1.html - https://www.sqlite.org/releaselog/3_32_0.html - https://usn.ubuntu.com/4394-1/ - https://lists.fedoraproject.org/archives/list/package-ann... - https://www.debian.org/lts/security/2020/dla-2221 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-9327 - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... - https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-1... SRPMS: - 7/core/sqlite3-3.31.1-1.1.mga7