[Git][security-tracker-team/security-tracker][master] CVE-2019-19244/sqlite3: Remove unimportant

Adrian Bunk (@bunk) bunk at debian.org
Mon Sep 30 22:08:09 BST 2024 


Adrian Bunk pushed to branch master at Debian Security Tracker / security-tracker


Commits:
ab6c25ca by Adrian Bunk at 2024-10-01T00:06:49+03:00
CVE-2019-19244/sqlite3: Remove unimportant

In buster the testcase from the fix did not crash,
but it had wrong output.

bullseye already contains an upstream version with the fix.

- - - - -


1 changed file:

- data/CVE/list


Changes:

=====================================
data/CVE/list
=====================================
@@ -370272,12 +370272,11 @@ CVE-2019-19246 (Oniguruma through 6.9.3, as used in PHP 7.3.x and other products
 CVE-2019-19245 (NAPC Xinet Elegant 6 Asset Library 6.1.655 allows Pre-Authentication S ...)
 	NOT-FOR-US: NAPC Xinet Elegant 6 Asset Library
 CVE-2019-19244 (sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-sel ...)
-	- sqlite3 3.30.1+fossil191229-1 (unimportant; bug #946656)
+	- sqlite3 3.30.1+fossil191229-1 (bug #946656)
 	[stretch] - sqlite3 <not-affected> (Vulnerable code introduced later)
 	[jessie] - sqlite3 <not-affected> (Vulnerable code, i.e. window functions, not present)
 	- sqlite <not-affected> (Vulnerable code, i.e. window functions, not present)
 	NOTE: https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348
-	NOTE: Only triggerable with SQLITE_DEBUG, which Debian builds don't use
 CVE-2019-19243
 	RESERVED
 CVE-2019-19242 (SQLite 3.30.1 mishandles pExpr->y.pTab, as demonstrated by the TK_COLU ...)



View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab6c25ca41fe1c0e9974be9313f9f3e37933d869

-- 
View it on GitLab: https://salsa.debian.org/security-tracker-team/security-tracker/-/commit/ab6c25ca41fe1c0e9974be9313f9f3e37933d869
You're receiving this email because of your account on salsa.debian.org.


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://alioth-lists.debian.net/pipermail/debian-security-tracker-commits/attachments/20240930/9ed57b66/attachment.htm>

More information about the debian-security-tracker-commits mailing list