[Git][security-tracker-team/security-tracker][master] 2 commits: mark CVE-2018-20505 as not affected for Jessie

Thorsten Alteholz alteholz at debian.org
Fri Jan 24 15:07:27 GMT 2020



Thorsten Alteholz pushed to branch master at Debian Security Tracker / security-tracker


Commits:
32cfd136 by Thorsten Alteholz at 2020-01-24T15:50:10+01:00
mark CVE-2018-20505 as not affected for Jessie

- - - - -
81610064 by Thorsten Alteholz at 2020-01-24T16:06:29+01:00
mark CVE-2019-9936 as not-affected for Jessie

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -46573,7 +46573,7 @@ CVE-2019-9937 (In SQLite 3.27.2, interleaving reads and writes in a single trans
 CVE-2019-9936 (In SQLite 3.27.2, running fts5 prefix queries inside a transaction cou ...)
 	- sqlite3 3.27.2-2 (low; bug #925289)
 	[stretch] - sqlite3 <no-dsa> (Minor issue)
-	[jessie] - sqlite3 <no-dsa> (Minor issue)
+	[jessie] - sqlite3 <not-affected> (fts5 introducded later, function not available for fts3)
 	NOTE: https://sqlite.org/src/info/b3fa58dd7403dbd4
 CVE-2019-9935 (Various Lexmark products have Incorrect Access Control (issue 2 of 2). ...)
 	NOT-FOR-US: Lexmark
@@ -64487,7 +64487,7 @@ CVE-2018-20506 (SQLite before 3.25.3, when the FTS3 extension is enabled, encoun
 CVE-2018-20505 (SQLite 3.25.2, when queries are run on a table with a malformed PRIMAR ...)
 	- sqlite3 3.25.3-1
 	[stretch] - sqlite3 <no-dsa> (Minor issue)
-	[jessie] - sqlite3 <no-dsa> (Minor issue)
+	[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
 	NOTE: https://sqlite.org/src/info/1a84668dcfdebaf12415d
 CVE-2018-20504
 	RESERVED



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9e94f07d1deffc86ba785d86a3c3d2c7ece4106b...8161006474a220a7f4b98f6311f4a100b7b2236f

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/compare/9e94f07d1deffc86ba785d86a3c3d2c7ece4106b...8161006474a220a7f4b98f6311f4a100b7b2236f
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20200124/669d2469/attachment.html>


More information about the debian-security-tracker-commits mailing list