[Git][security-tracker-team/security-tracker][master] CVE-2024-0232/sqlite3 does not affect bookworm

Adrian Bunk (@bunk) bunk at debian.org
Wed Oct 2 14:12:39 BST 2024



Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab58d8a8 by Adrian Bunk at 2024-10-02T16:07:23+03:00
CVE-2024-0232/sqlite3 does not affect bookworm

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -71426,13 +71426,14 @@ CVE-2023-46749 (Apache Shiro before 1.13.0 or 2.0.0-alpha-4, may be susceptible
 	NOTE: https://www.openwall.com/lists/oss-security/2024/01/12/2
 CVE-2024-0232 (A heap use-after-free issue has been identified in SQLite in the jsonP ...)
 	- sqlite3 3.43.2-1
-	[bookworm] - sqlite3 <no-dsa> (Minor issue)
+	[bookworm] - sqlite3 <not-affected> (Vulnerable code not present)
 	[bullseye] - sqlite3 <not-affected> (Vulnerable code not present)
 	[buster] - sqlite3 <not-affected> (Vulnerable code not present)
 	NOTE: https://bugzilla.redhat.com/show_bug.cgi?id=2243754
 	NOTE: https://sqlite.org/forum/forumpost/4aa381993a
 	NOTE: https://sqlite.org/forum/forumpost/b25edc1d46
 	NOTE: https://sqlite.org/src/info/a163fecca90cab9d (v3.43.2)
+	NOTE: Introduced by: https://sqlite.org/src/info/2dbb22c75e86f2e3 (v3.43.0)
 CVE-2024-22494 (A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetboo ...)
 	NOT-FOR-US: JFinalcms
 CVE-2024-22493 (A stored XSS vulnerability exists in JFinalcms 5.0.0 via the /gusetboo ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab58d8a8362f1b7778f644858d3732b0f45df59e

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab58d8a8362f1b7778f644858d3732b0f45df59e
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20241002/01c3ebfa/attachment.htm>


More information about the debian-security-tracker-commits mailing list