UbuntuUpdates.org

Bugs fixes in "sqlite3"

Origin Bug number Title Date fixed
CVE CVE-2020-13632 ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. 2020-06-10
CVE CVE-2020-13630 ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. 2020-06-10
CVE CVE-2020-13434 SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. 2020-06-10
CVE CVE-2018-8740 In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to bu 2020-06-10
CVE CVE-2020-13632 ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. 2020-06-10
CVE CVE-2020-13631 SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. 2020-06-10
CVE CVE-2020-13630 ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. 2020-06-10
CVE CVE-2020-13435 SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. 2020-06-10
CVE CVE-2020-13434 SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. 2020-06-10
CVE CVE-2020-11655 SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo ob 2020-06-10
CVE CVE-2020-13632 ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query. 2020-06-10
CVE CVE-2020-13631 SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c. 2020-06-10
CVE CVE-2020-13630 ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature. 2020-06-10
CVE CVE-2020-13435 SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c. 2020-06-10
CVE CVE-2020-13434 SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c. 2020-06-10
CVE CVE-2020-11655 SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo ob 2020-06-10
CVE CVE-2020-9327 In SQLite 3.31.1, isAuxiliaryVtabOperator allows attackers to trigger a NULL pointer dereference and segmentation fault because of generated column o 2020-03-11
CVE CVE-2019-20218 selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error. 2020-03-11
CVE CVE-2019-19959 ext/misc/zipfile.c in SQLite 3.30.1 mishandles certain uses of INSERT INTO in situations involving embedded '\0' characters in filenames, leading to 2020-03-11
CVE CVE-2019-19926 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE: 2020-03-11



About   -   Send Feedback to @ubuntu_updates