* SECURITY UPDATE: array overrun in the skip-scan optimization
(LP: #1448758)
- debian/patches/CVE-2013-7443.patch: make sure array is large enough
in src/where.c, added test to test/skipscan1.test.
- CVE-2013-7443
* SECURITY UPDATE: improper dequoting of collation-sequence names
- debian/patches/CVE-2015-3414.patch: handle dequoting in src/expr.c,
src/parse.y, src/sqliteInt.h, src/where.c, added tests to
test/collate1.test.
- CVE-2015-3414
* SECURITY UPDATE: improper large integers handling in printf function
- debian/patches/CVE-2015-3416.patch: handle large integers in
src/printf.c, added tests to test/printf.test.
- CVE-2015-3416
This bug was fixed in the package sqlite3 - 3.8.2-1ubuntu2.1
---------------
sqlite3 (3.8.2-1ubuntu2.1) trusty-security; urgency=medium
* SECURITY UPDATE: array overrun in the skip-scan optimization patches/ CVE-2013- 7443.patch: make sure array is large enough test. patches/ CVE-2015- 3414.patch: handle dequoting in src/expr.c, collate1. test. patches/ CVE-2015- 3416.patch: handle large integers in
(LP: #1448758)
- debian/
in src/where.c, added test to test/skipscan1.
- CVE-2013-7443
* SECURITY UPDATE: improper dequoting of collation-sequence names
- debian/
src/parse.y, src/sqliteInt.h, src/where.c, added tests to
test/
- CVE-2015-3414
* SECURITY UPDATE: improper large integers handling in printf function
- debian/
src/printf.c, added tests to test/printf.test.
- CVE-2015-3416
-- Marc Deslauriers <email address hidden> Tue, 14 Jul 2015 13:26:04 -0400