Ubuntu
sqlite3 package

  1. Bug #1448758
  2. Comment #5

Comment 5 for bug 1448758

Revision history for this message
Launchpad Janitor (janitor) wrote :

This bug was fixed in the package sqlite3 - 3.8.2-1ubuntu2.1

---------------
sqlite3 (3.8.2-1ubuntu2.1) trusty-security; urgency=medium

  * SECURITY UPDATE: array overrun in the skip-scan optimization
    (LP: #1448758)
    - debian/patches/CVE-2013-7443.patch: make sure array is large enough
      in src/where.c, added test to test/skipscan1.test.
    - CVE-2013-7443
  * SECURITY UPDATE: improper dequoting of collation-sequence names
    - debian/patches/CVE-2015-3414.patch: handle dequoting in src/expr.c,
      src/parse.y, src/sqliteInt.h, src/where.c, added tests to
      test/collate1.test.
    - CVE-2015-3414
  * SECURITY UPDATE: improper large integers handling in printf function
    - debian/patches/CVE-2015-3416.patch: handle large integers in
      src/printf.c, added tests to test/printf.test.
    - CVE-2015-3416

 -- Marc Deslauriers <email address hidden> Tue, 14 Jul 2015 13:26:04 -0400