UbuntuUpdates.org

Package "lemon"

Name: lemon

Description:

LALR(1) Parser Generator for C or C++

Latest version: 3.11.0-1ubuntu1.5
Release: xenial (16.04)
Level: updates
Repository: universe
Head package: sqlite3
Homepage: http://www.sqlite.org/

Links


Download "lemon"


Other versions of "lemon" in Xenial

Repository Area Version
base universe 3.11.0-1ubuntu1
security universe 3.11.0-1ubuntu1.5

Changelog

Version: 3.11.0-1ubuntu1.5 2020-06-10 16:06:42 UTC

  sqlite3 (3.11.0-1ubuntu1.5) xenial-security; urgency=medium

  * SECURITY UPDATE: integer overflow in sqlite3_str_vappendf
    - debian/patches/CVE-2020-13434-pre1.patch: fix test/printf.test.
    - debian/patches/CVE-2020-13434.patch: limit the "precision" of
      floating-point to text conversions in src/printf.c, test/printf.test.
    - CVE-2020-13434
  * SECURITY UPDATE: use-after-free in fts3EvalNextRow
    - debian/patches/CVE-2020-13630.patch: add fix to ext/fts3/fts3.c,
      test/fts3snippet.test.
    - CVE-2020-13630
  * SECURITY UPDATE: NULL pointer dereference
    - debian/patches/CVE-2020-13632.patch: fix issue in
      ext/fts3/fts3_snippet.c, test/fts3matchinfo2.test.
    - CVE-2020-13632

 -- Marc Deslauriers <email address hidden> Mon, 08 Jun 2020 13:17:03 -0400

Source diff to previous version
CVE-2020-13434 SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
CVE-2020-13630 ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature.
CVE-2020-13632 ext/fts3/fts3_snippet.c in SQLite before 3.32.0 has a NULL pointer dereference via a crafted matchinfo() query.

Version: 3.11.0-1ubuntu1.4 2020-03-10 21:07:24 UTC

  sqlite3 (3.11.0-1ubuntu1.4) xenial-security; urgency=medium

  * SECURITY UPDATE: more shadow table corruption
    - debian/patches/CVE-2019-13734_50.patch: more improvements to shadow
      table corruption detection in ext/fts3/fts3.c, ext/fts3/fts3Int.h,
      ext/fts3/fts3_write.c.
    - CVE-2019-13734
    - CVE-2019-13750
  * SECURITY UPDATE: corrupt records in fts3
    - debian/patches/CVE-2019-13751-pre1.patch: detect and prevent infinite
      recursion in fts3SelectLeaf() due to a malformed FTS3 btree in
      ext/fts3/fts3.c, test/fts4aa.test.
    - debian/patches/CVE-2019-13751.patch: improve detection of corrupt
      records in ext/fts3/fts3.c, ext/fts3/fts3_write.c.
    - CVE-2019-13751
  * SECURITY UPDATE: shadow table corruption
    - debian/patches/CVE-2019-13752.patch: improved detection of corrupt
      shadow tables in ext/fts3/fts3.c, ext/fts3/fts3Int.h,
      ext/fts3/fts3_write.c.
    - CVE-2019-13752
  * SECURITY UPDATE: out of bounds read
    - debian/patches/CVE-2019-13753.patch: remove a reachable NEVER() in
      ext/fts3/fts3_write.c.
    - CVE-2019-13753
  * SECURITY UPDATE: multiSelect error handling issue
    - debian/patches/CVE-2019-19926.patch: abort early due to prior errors
      in src/select.c.
    - CVE-2019-19926
  * SECURITY UPDATE: selectExpander stack unwinding issue
    - debian/patches/CVE-2019-20218-pre1.patch: make sure the WITH stack in
      the Parse object is disabled following an error in src/select.c,
      src/util.c, test/with3.test.
    - debian/patches/CVE-2019-20218.patch: do not attempt to unwind the
      WITH stack in the Parse object following an error in src/select.c,
      test/altertab3.test.
    - CVE-2019-20218

 -- Marc Deslauriers <email address hidden> Tue, 03 Mar 2020 09:46:28 -0500

Source diff to previous version
CVE-2019-13734 Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to potentially exploit heap corruption via a crafted H
CVE-2019-13750 Insufficient data validation in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to bypass defense-in-depth measures via a cra
CVE-2019-13751 Uninitialized data in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from proces
CVE-2019-13752 Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from proces
CVE-2019-13753 Out of bounds read in SQLite in Google Chrome prior to 79.0.3945.79 allowed a remote attacker to obtain potentially sensitive information from proces
CVE-2019-19926 multiSelect in select.c in SQLite 3.30.1 mishandles certain errors during parsing, as demonstrated by errors from sqlite3WindowRewrite() calls. NOTE:
CVE-2019-20218 selectExpander in select.c in SQLite 3.30.1 proceeds with WITH stack unwinding even after a parsing error.

Version: 3.11.0-1ubuntu1.3 2019-12-02 15:07:22 UTC

  sqlite3 (3.11.0-1ubuntu1.3) xenial-security; urgency=medium

  * SECURITY UPDATE: Severe division by zero
    - debian/patches/CVE-2019-16168.patch: fix in
      src/analyze.c, src/where.c, test/analyzeC.test.
    - CVE-2019-16168
  * SECURITY UPDATE: Heap corruption exploit
    - debian/patches/CVE-2019-5827-*.patch: fix in
      ext/fts3*, ext/rtree/geopoly.c, src/build.c,
      src/expr.c, src/main.c, src/test_fs.c, src/util.c,
      src/vdbeaux.c, src/vdbesort.c, src/vtab.c.
    - CVE-2019-5827

 -- <email address hidden> (Leonidas S. Barbosa) Thu, 28 Nov 2019 13:39:43 -0300

Source diff to previous version
CVE-2019-16168 In SQLite through 3.29.0, whereLoopAddBtreeIndex in sqlite3.c can crash a browser or other application because of missing validation of a sqlite_stat
CVE-2019-5827 Integer overflow in SQLite via WebSQL in Google Chrome prior to 74.0.3729.131 allowed a remote attacker to potentially exploit heap corruption via a

Version: 3.11.0-1ubuntu1.2 2019-06-19 18:06:27 UTC

  sqlite3 (3.11.0-1ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2016-6153-*.patch: change temp direcotry
      search algorithm in src/os_unix.c.
    - CVE-2016-6153
  * SECURITY UPDATE: heap-base buffer over-read
    - debian/patches/CVE-2017-10989.patch: enhance RTree
      module in ext/rtree/rtree.c and added test in
      ext/rtree/rtreeA.text.
    - CVE-2017-10989
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-13685.patch: adds checks in
      src/shell.c.
    - CVE-2017-13685
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-2518.patch: prevent a use-after-free
      in src/whereexpr.c.
    - CVE-2017-2518
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-2519.patch: increase the size of
      the reference count on table objects to 32bits in src/sqliteInt.h.
    - CVE-2017-2519
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-2520.patch: add a check for pVal in
      src/vdbemem.c
    - CVE-2017-2520
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2018-20346-and-CVE-2018-20506.patch:
      add extra defenses against strategically corrupt databases
      in ext/fts3/fst3.c, ext/fts3/fts3_write.c, test/fts3corrupt4.test,
      test/permutations.test.
    - CVE-2018-20346
    - CVE-2018-20506
  * SECURITY UPDATE: heap out-of-bound read
    - debian/patches/CVE-2019-8457.patch: enhance the
      rtreenode() in ext/rtree/rtree.c.
    - debian/patches/CVE-2019-8457-string-interface.patch:
      add string interface in src/btree.c, src/build.c,
      src/func.c, src/mutex.c, src/pragma.c, src/printf.c,
      src/sqlite.h.in, src/sqliteInt.h, src/treeview.c,
      src/vdbeaux.c, src/vdbetrace.c, src/wherecode.c.
    - CVE-2019-8457
  * security update: heap-buffer over-read
    - debian/patches/cve-2019-9936.patch: add checks
      in code in order to fix in ext/fts5/fts5_hash.c,
      ext/fts5/test/fts5aa.test.
    - CVE-2019-9936
  * security update: NULL pointer dereference
    - debian/patches/cve-2019-9937.patch: fix in
      ext/fts5/fts5Int.h, ext/fts5/fts5_hash.c, ext/fts5/fts5_index.c,
      ext/fts5/test/fts5aa.test.
    - CVE-2019-9937

 -- <email address hidden> (Leonidas S. Barbosa) Tue, 18 Jun 2019 09:42:23 -0300

Source diff to previous version
CVE-2016-6153 os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive i
CVE-2017-10989 The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a cr
CVE-2017-13685 The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted
CVE-2017-2518 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. w
CVE-2017-2519 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. w
CVE-2017-2520 An issue was discovered in certain Apple products. iOS before 10.3.2 is affected. macOS before 10.12.5 is affected. tvOS before 10.2.1 is affected. w
CVE-2018-20346 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries that occur
CVE-2018-20506 SQLite before 3.25.3, when the FTS3 extension is enabled, encounters an integer overflow (and resultant buffer overflow) for FTS3 queries in a "merge
CVE-2019-8457 SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound read in the rtreenode() function when handling invalid rtree tables.
CVE-2019-9936 In SQLite 3.27.2, running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read in fts5HashEntrySort in sqlite3.c, whi
CVE-2019-9937 In SQLite 3.27.2, interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference in fts5Chu

Version: 3.11.0-1ubuntu1.1 2019-02-26 22:06:32 UTC

  sqlite3 (3.11.0-1ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Avoid segmentation fault while using a corrupted file.
    - d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch:
      Check if parser is busy before using it and raise an error if positive.
      (LP: #1814869)
    - d/p/0002-Better-error-message-text-when-the-schema-is-corrupt.patch:
      Better message and additional checks.
    - No CVE associated.

 -- Paulo Flabiano Smorigo <email address hidden> Thu, 21 Feb 2019 16:35:05 +0100




About   -   Send Feedback to @ubuntu_updates