[Git][security-tracker-team/security-tracker][master] sqlite: associate past sqlite3 CVEs to sqlite + buster triage (2013-2019)
Sylvain Beucler (@beuc)
beuc at debian.org
Wed May 3 19:14:51 BST 2023
Sylvain Beucler pushed to branch master at Debian Security Tracker / security-tracker
Commits:
749a4beb by Sylvain Beucler at 2023-05-03T20:14:06+02:00
sqlite: associate past sqlite3 CVEs to sqlite + buster triage (2013-2019)
Follow-up to afc2c3682db83440621c28005b856e21ebb51907
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -248309,6 +248309,7 @@ CVE-2019-20218 (selectExpander in select.c in SQLite 3.30.1 proceeds with WITH s
- sqlite3 3.30.1+fossil191229-1
[buster] - sqlite3 3.27.2-3+deb10u1
[jessie] - sqlite3 <no-dsa> (Minor issue)
+ - sqlite <not-affected> (WITH introduced in v3.8.1)
NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/a6c1a71cde082e09750465d5675699062922e387
CVE-2019-20217 (D-Link DIR-859 1.05 and 1.06B01 Beta01 devices allow remote attackers ...)
NOT-FOR-US: D-Link
@@ -251635,6 +251636,7 @@ CVE-2019-19959 (ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of I
[buster] - sqlite3 3.27.2-3+deb10u1
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
+ - sqlite <not-affected> (misc/zipfile extension introduced in v3.22.0)
NOTE: https://github.com/sqlite/sqlite/commit/1e490c4ca6b43a9cf8637d695907888349f69bec
NOTE: https://github.com/sqlite/sqlite/commit/d8f2d46cbc9925e034a68aaaf60aad788d9373c1
CVE-2019-19958 (In libIEC61850 1.4.0, StringUtils_createStringFromBuffer in common/str ...)
@@ -251737,6 +251739,7 @@ CVE-2019-19927 (In the Linux kernel 5.0.0-rc7 (as distributed in ubuntu/linux.gi
CVE-2019-19926 (multiSelect in select.c in SQLite 3.30.1 mishandles certain errors dur ...)
{DSA-4638-1}
- sqlite3 <not-affected> (Incomplete fix for CVE-2019-19880 not applied)
+ - sqlite <not-affected> (Incomplete fix for CVE-2019-19880 not applied)
NOTE: https://github.com/sqlite/sqlite/commit/8428b3b437569338a9d1e10c4cd8154acbe33089
- chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
@@ -251746,6 +251749,7 @@ CVE-2019-19925 (zipfileUpdate in ext/misc/zipfile.c in SQLite 3.30.1 mishandles
[buster] - sqlite3 3.27.2-3+deb10u1
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
+ - sqlite <not-affected> (misc/zipfile extension introduced in v3.22.0)
- chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://github.com/sqlite/sqlite/commit/54d501092d88c0cf89bec4279951f548fb0b8618
@@ -251762,6 +251766,7 @@ CVE-2019-19923 (flattenSubquery in select.c in SQLite 3.30.1 mishandles certain
[buster] - sqlite3 3.27.2-3+deb10u1
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
+ - sqlite <not-affected> (Vulnerable code introduced later)
- chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: https://github.com/sqlite/sqlite/commit/396afe6f6aa90a31303c183e11b2b2d4b7956b35
@@ -252212,6 +252217,7 @@ CVE-2019-19880 (exprListAppendList in window.c in SQLite 3.30.1 allows attackers
[buster] - sqlite3 <not-affected> (Vulnerable code introduced later)
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
+ - sqlite <not-affected> (Vulnerable code introduced later)
- chromium 80.0.3987.106-1
[stretch] - chromium <end-of-life> (see DSA 4562)
NOTE: Introduced in: https://github.com/sqlite/sqlite/commit/08f6de7f314ad6b15d34cc5f27c3e737fcd99268 (3.29.0)
@@ -255766,6 +255772,7 @@ CVE-2019-19647 (radare2 through 4.0.0 lacks validation of the content variable i
NOTE: https://github.com/radareorg/radare2/commit/07b5e062f2d4a00403ff031302cb18dfa58e3805 (4.1.0)
CVE-2019-19646 (pragma.c in SQLite through 3.30.1 mishandles NOT NULL in an integrity_ ...)
- sqlite3 <not-affected> (Generated column support added later)
+ - sqlite <not-affected> (Generated column support added later)
NOTE: https://github.com/sqlite/sqlite/commit/926f796e8feec15f3836aa0a060ed906f8ae04d3
NOTE: https://github.com/sqlite/sqlite/commit/ebd70eedd5d6e6a890a670b5ee874a5eae86b4dd
CVE-2019-19645 (alter.c in SQLite through 3.30.1 allows attackers to trigger infinite ...)
@@ -258610,6 +258617,7 @@ CVE-2019-19318 (In the Linux kernel 5.3.11, mounting a crafted btrfs image twice
NOTE: https://git.kernel.org/linus/9f7fec0ba89108b9385f1b9fb167861224912a4a
CVE-2019-19317 (lookupName in resolve.c in SQLite 3.30.1 omits bits from the colUsed b ...)
- sqlite3 <not-affected> (Generated column support was added with SQLite version 3.31.0)
+ - sqlite <not-affected> (Generated column support was added with SQLite version 3.31.0)
NOTE: Fixed by: https://github.com/sqlite/sqlite/commit/522ebfa7cee96fb325a22ea3a2464a63485886a8
NOTE: Additional testcases: https://github.com/sqlite/sqlite/commit/73bacb7f93eab9f4bd5a65cbc4ae242acf63c9e3
CVE-2019-19316 (When using the Azure backend with a shared access signature (SAS), Ter ...)
@@ -258853,6 +258861,7 @@ CVE-2019-19242 (SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the T
[buster] - sqlite3 <not-affected> (Vulnerable code not present)
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code not present)
+ - sqlite <not-affected> (Vulnerable code not present)
NOTE: https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c
CVE-2019-19241 (In the Linux kernel before 5.4.2, the io_uring feature leads to reques ...)
- linux 5.3.15-1
@@ -270658,10 +270667,11 @@ CVE-2019-16168 (In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c ca
- sqlite3 3.29.0-2
[buster] - sqlite3 3.27.2-3+deb10u1
[jessie] - sqlite3 <no-dsa> (Minor issue)
+ - sqlite <not-affected> (Vulnerable code introduced in 3.8.5)
NOTE: https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg116312.html
NOTE: https://www.sqlite.org/src/info/e4598ecbdd18bd82945f6029013296690e719a62
- NOTE: Fixed by: https://www.sqlite.org/src/info/d93508fc9913cfe6
- NOTE: Introduced by: https://www.sqlite.org/src/info/90e36676476e8db0
+ NOTE: Fixed by: https://www.sqlite.org/src/info/98357d8c1263920b (v3.30.0)
+ NOTE: Introduced by: https://www.sqlite.org/src/info/90e36676476e8db0 (v3.8.5)
NOTE: https://github.com/sqlite/sqlite/commit/725dd72400872da94dcfb6af48128905b93d57fe
CVE-2019-16148 (Sakai through 12.6 allows XSS via a chat user name.)
NOT-FOR-US: Sakai
@@ -290417,11 +290427,13 @@ CVE-2019-9937 (In SQLite 3.27.2, interleaving reads and writes in a single trans
{DLA-2340-1}
- sqlite3 3.27.2-2 (low; bug #925290)
[jessie] - sqlite3 <not-affected> (fts5 introducded later, function not available for fts3)
+ - sqlite <not-affected> (FTS (full-text search) modules not present in v2)
NOTE: https://sqlite.org/src/info/45c73deb440496e8
CVE-2019-9936 (In SQLite 3.27.2, running fts5 prefix queries inside a transaction cou ...)
{DLA-2340-1}
- sqlite3 3.27.2-2 (low; bug #925289)
[jessie] - sqlite3 <not-affected> (fts5 introducded later, function not available for fts3)
+ - sqlite <not-affected> (FTS (full-text search) modules not present in v2)
NOTE: https://sqlite.org/src/info/b3fa58dd7403dbd4
CVE-2019-9935 (Various Lexmark products have Incorrect Access Control (issue 2 of 2).)
NOT-FOR-US: Lexmark
@@ -304436,6 +304448,7 @@ CVE-2019-5018 (An exploitable use after free vulnerability exists in the window
- sqlite3 3.27.2-3 (bug #928770)
[stretch] - sqlite3 <not-affected> (windowfuncs introduced in 3.25.0)
[jessie] - sqlite3 <not-affected> (windowfuncs introduced in 3.25.0)
+ - sqlite <not-affected> (window functions not present in v2)
NOTE: https://www.talosintelligence.com/vulnerability_reports/TALOS-2019-0777
CVE-2019-5017 (An exploitable information disclosure vulnerability exists in the KCod ...)
NOT-FOR-US: NETGEAR
@@ -308552,11 +308565,13 @@ CVE-2018-20507 (An issue was discovered in GitLab Enterprise Edition 11.2.x thro
CVE-2018-20506 (SQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...)
{DLA-2340-1 DLA-1613-1}
- sqlite3 3.25.3-1
+ - sqlite <not-affected> (FTS (full-text search) modules not present in v2)
NOTE: https://sqlite.org/src/info/940f2adc8541a838
CVE-2018-20505 (SQLite 3.25.2, when queries are run on a table with a malformed PRIMAR ...)
- sqlite3 3.25.3-1
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
+ - sqlite <not-affected> (Vulnerable code introduced later)
NOTE: https://sqlite.org/src/info/1a84668dcfdebaf12415d
CVE-2018-20504
RESERVED
@@ -309696,6 +309711,7 @@ CVE-2018-20173 (Zoho ManageEngine OpManager 12.3 before 123238 allows SQL inject
CVE-2018-20346 (SQLite before 3.25.3, when the FTS3 extension is enabled, encounters a ...)
{DSA-4352-1 DLA-2340-1 DLA-1613-1}
- sqlite3 3.25.3-1
+ - sqlite <not-affected> (FTS (full-text search) modules not present in v2)
- chromium 71.0.3578.80-1
NOTE: https://blade.tencent.com/magellan/index_en.html
NOTE: RedHat: https://bugzilla.redhat.com/show_bug.cgi?id=1659379
@@ -347709,6 +347725,7 @@ CVE-2018-8740 (In SQLite through 3.22.0, databases whose schema is corrupted usi
{DLA-2340-1 DLA-1633-1}
- sqlite3 3.22.0-2 (bug #893195)
[wheezy] - sqlite3 <no-dsa> (Minor issue)
+ - sqlite <removed>
NOTE: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349
NOTE: https://www.sqlite.org/cgi/src/vdiff?from=1774f1c3baf0bc3d&to=d75e67654aa9620b
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=6964
@@ -378924,6 +378941,7 @@ CVE-2017-15286 (SQLite 3.20.1 has a NULL pointer dereference in tableColumnList
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code introduced later)
[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
+ - sqlite <not-affected> (Vulnerable code not present)
NOTE: https://github.com/Ha0Team/crash-of-sqlite3/blob/master/poc.md
NOTE: https://www.sqlite.org/src/info/5d0ceb8dcdef92cd
CVE-2017-15285 (X-Cart 5.2.23, 5.3.1.9, 5.3.2.13, and 5.3.3 is vulnerable to Remote Co ...)
@@ -392108,6 +392126,7 @@ CVE-2017-10989 (The getNodeSize function in ext/rtree/rtree.c in SQLite through
{DLA-1633-1 DLA-1018-1}
- sqlite3 3.19.3-3 (bug #867618)
[stretch] - sqlite3 3.16.2-5+deb9u1
+ - sqlite <not-affected> (rtree extension not present in v2)
NOTE: https://sqlite.org/src/vpatch?from=0db20efe201736b3&to=66de6f4a9504ec26
NOTE: https://sqlite.org/src/info/66de6f4a
NOTE: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1700937
@@ -418411,6 +418430,7 @@ CVE-2017-2520 (An issue was discovered in certain Apple products. iOS before 10.
{DLA-1633-1}
- sqlite3 3.16.2-1
[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
+ - sqlite <not-affected> (Vulnerable code not present)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=384
NOTE: https://clusterfuzz-external.appspot.com/testcase?key=5694101458518016
NOTE: Fixed by: https://www.sqlite.org/src/info/2dc7eeb5b4d2eaf1
@@ -418418,6 +418438,7 @@ CVE-2017-2519 (An issue was discovered in certain Apple products. iOS before 10.
{DLA-1633-1}
- sqlite3 3.16.0-1
[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
+ - sqlite <not-affected> (Vulnerable code not present)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=288
NOTE: https://clusterfuzz-external.appspot.com/testcase?key=6739028850245632
NOTE: Fixed by: https://www.sqlite.org/src/info/d08b72c38ff6fae6
@@ -418425,9 +418446,11 @@ CVE-2017-2518 (An issue was discovered in certain Apple products. iOS before 10.
{DLA-1633-1}
- sqlite3 3.15.2-1
[wheezy] - sqlite3 <no-dsa> (Minor issue)
+ - sqlite <not-affected> (Vulnerable code introduced later)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=199
NOTE: https://clusterfuzz-external.appspot.com/testcase?key=4603622180519936
NOTE: Fixed by: https://www.sqlite.org/src/info/0a98c8d76ac86412
+ NOTE: Introduced by: https://www.sqlite.org/src/info/0d2e258e1a3276e5 (v3.5.9)
CVE-2017-2517 (An issue was discovered in certain Apple products. iOS before 10.3.3 i ...)
NOT-FOR-US: Apple Safari
CVE-2017-2516 (An issue was discovered in certain Apple products. macOS before 10.12. ...)
@@ -418442,6 +418465,7 @@ CVE-2017-2513 (An issue was discovered in certain Apple products. iOS before 10.
- sqlite3 3.15.2-1
[jessie] - sqlite3 <not-affected> (Vulnerable code not present)
[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
+ - sqlite <not-affected> (Vulnerable code not present)
NOTE: https://bugs.chromium.org/p/oss-fuzz/issues/detail?id=171
NOTE: https://clusterfuzz-external.appspot.com/testcase?key=5770842466156544
NOTE: Fixed by: https://www.sqlite.org/src/info/c5dbc599b910c02a
@@ -435341,10 +435365,12 @@ CVE-2016-6153 (os_unix.c in SQLite before 3.13.0 improperly implements the tempo
{DLA-543-1}
- sqlite3 3.13.0-1
[jessie] - sqlite3 3.8.7.1-1+deb8u2
+ - sqlite <removed>
NOTE: http://www.sqlite.org/cgi/src/info/67985761aa93fb61
NOTE: http://www.sqlite.org/cgi/src/info/b38fe522cfc971b3
NOTE: and possibly http://www.sqlite.org/cgi/src/info/614bb709d34e1148
NOTE: https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt
+ NOTE: Vulnerable code in os.c:sqliteOsTempFileName() for sqlite(v2)
CVE-2016-6129 (The rsa_verify_hash_ex function in rsa_verify_hash.c in LibTomCrypt, a ...)
{DLA-612-1}
- libtomcrypt 1.17-8 (bug #837042)
@@ -463938,8 +463964,9 @@ CVE-2013-7443 (Buffer overflow in the skip-scan optimization in SQLite 3.8.2 all
- sqlite3 3.8.3-1
[wheezy] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
[squeeze] - sqlite3 <not-affected> (Vulnerable code introduced in 3.8.2)
- NOTE: Fixed by: https://www.sqlite.org/src/info/ac5852d6403c9c96
- NOTE: Introduced by: https://www.sqlite.org/src/info/b0bb975c0986fe01
+ - sqlite <not-affected> (Vulnerable code introduced in 3.8.2)
+ NOTE: Fixed by: https://www.sqlite.org/src/info/ac5852d6403c9c96 (v3.8.3)
+ NOTE: Introduced by: https://www.sqlite.org/src/info/b0bb975c0986fe01 (v3.8.2)
NOTE: https://www.sqlite.org/src/info/520070ec7fbaac
NOTE: https://www.openwall.com/lists/oss-security/2015/07/14/5
CVE-2015-5461 (Open redirect vulnerability in the Redirect function in stageshow_redi ...)
@@ -471058,6 +471085,7 @@ CVE-2015-3416 (The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 d
{DSA-3252-2 DSA-3252-1}
- sqlite3 3.8.9-1 (bug #783968)
[squeeze] - sqlite3 <not-affected> (Can't reproduce the issue)
+ - sqlite <removed>
NOTE: http://www.sqlite.org/src/info/c494171f77dc2e5e
NOTE: http://seclists.org/bugtraq/2015/Apr/97
NOTE: https://lists.debian.org/debian-lts/2015/06/msg00031.html
@@ -471066,6 +471094,7 @@ CVE-2015-3415 (The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9 doe
- sqlite3 3.8.9-1 (bug #783968)
[wheezy] - sqlite3 <not-affected> (Vulnerable code not present)
[squeeze] - sqlite3 <not-affected> (Vulnerable code not present)
+ - sqlite <not-affected> (Vulnerable code not present)
NOTE: https://www.sqlite.org/src/info/02e3c88fbf6abdcf
NOTE: http://seclists.org/bugtraq/2015/Apr/97
CVE-2015-3414 (SQLite before 3.8.9 does not properly implement the dequoting of colla ...)
@@ -471073,6 +471102,7 @@ CVE-2015-3414 (SQLite before 3.8.9 does not properly implement the dequoting of
- sqlite3 3.8.9-1 (bug #783968)
[wheezy] - sqlite3 <not-affected> (Can't reproduce the issue)
[squeeze] - sqlite3 <not-affected> (Can't reproduce the issue)
+ - sqlite <not-affected> (Can't reproduce the issue, quotes in collate names aren't supported)
NOTE: https://www.sqlite.org/src/info/eddc05e7bb31fae7
NOTE: http://seclists.org/bugtraq/2015/Apr/97
CVE-2015-3306 (The mod_copy module in ProFTPD 1.3.5 allows remote attackers to read a ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/749a4beb57d0cd82342f5057531b7b7b35a06194
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/749a4beb57d0cd82342f5057531b7b7b35a06194
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20230503/181397cb/attachment-0001.htm>
More information about the debian-security-tracker-commits
mailing list