[Git][security-tracker-team/security-tracker][master] Revert "CVE-2019-19244/sqlite3: Remove unimportant"
Salvatore Bonaccorso (@carnil)
carnil at debian.org
Tue Oct 1 20:00:13 BST 2024
Salvatore Bonaccorso pushed to branch master at Debian Security Tracker / security-tracker
Commits:
5bf87af9 by Salvatore Bonaccorso at 2024-10-01T20:58:48+02:00
Revert "CVE-2019-19244/sqlite3: Remove unimportant"
This reverts commit ab6c25ca41fe1c0e9974be9313f9f3e37933d869.
And clarify why this is unimportant. In debug builds this would crash
sqlite3 due to an assertion, and this is what the CVE is for:
sqlite> SELECT (SELECT DISTINCT sum(aa) OVER() FROM t1 ORDER BY 1), x FROM t2 ORDER BY 1;
sqlite3: sqlite3.c:86237: sqlite3VdbeExec: Assertion `memIsValid(pRec)' failed.
Aborted
The invalid Mem object may still lead to undefined behaviour. In fact in
non-debug builds the query does not give the correct answer, which could
be considered a normal bug.
Link: https://bugzilla.redhat.com/show_bug.cgi?id=1777945#c3
- - - - -
1 changed file:
- data/CVE/list
Changes:
=====================================
data/CVE/list
=====================================
@@ -370435,11 +370435,15 @@ CVE-2019-19246 (Oniguruma through 6.9.3, as used in PHP 7.3.x and other products
CVE-2019-19245 (NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication S ...)
NOT-FOR-US: NAPC Xinet Elegant 6 Asset Library
CVE-2019-19244 (sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-sel ...)
- - sqlite3 3.30.1+fossil191229-1 (bug #946656)
+ - sqlite3 3.30.1+fossil191229-1 (unimportant; bug #946656)
[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
[jessie] - sqlite3 <not-affected> (Vulnerable code, i.e. window functions, not present)
- sqlite <not-affected> (Vulnerable code, i.e. window functions, not present)
NOTE: https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348
+ NOTE: CLI crash is only triggerable with SQLITE_DEBUG builds by reaching an asserion statement
+ NOTE: in sqlite3VdbeExec function. Debian does not use SQLITE_DEBUG for the regular builds.
+ NOTE: In non-debug builds this results in wrong output/result from the query only.
+ NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=1777945#c3
CVE-2019-19243
RESERVED
CVE-2019-19242 (SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLU ...)
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bf87af9f608b28d838c0b8747f904c82469fbdf
--
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/5bf87af9f608b28d838c0b8747f904c82469fbdf
You're receiving this email because of your account on salsa.debian.org.
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241001/e9018af1/attachment.htm>
More information about the debian-security-tracker-commits
mailing list