[Git][security-tracker-team/security-tracker][master] Add CVE-2019-19925/sqlite3
Salvatore Bonaccorso
carnil at debian.org
Tue Dec 24 21:51:07 GMT 2019
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
82e1c980 by Salvatore Bonaccorso at 2019-12-24T21:49:45Z
Add CVE-2019-19925/sqlite3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -89,7 +89,9 @@ CVE-2019-19926 (multiSelect in select.c in SQLite 3.30.1 mishandles certain erro
- sqlite3 <not-affected> (Incomplete fix for CVE-2019-19880 not applied)
NOTE: https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
CVE-2019-19925 (zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles a NULL ...)
- TODO: check
+ - sqlite3 <unfixed>
+ [stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
+ NOTE: https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618
CVE-2019-19924 (SQLite 3.30.1 mishandles certain parser-tree rewriting, related to exp ...)
TODO: check
CVE-2019-19923 (flattenSubquery in select.c in SQLite 3.30.1 mishandles certain uses o ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/82e1c980d11c47a6d21d108c5270bac0b0d024a2
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/commit/82e1c980d11c47a6d21d108c5270bac0b0d024a2
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20191224/d71d728d/attachment.html>
More information about the debian-security-tracker-commits
mailing list