GNU bug report logs - #47231
sqlite package is vulnerable to CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358 and CVE-2020-9327

Previous Next

Package: guix;

Reported by: Léo Le Bouter <lle-bout <at> zaclys.net>

Date: Thu, 18 Mar 2021 11:43:02 UTC

Severity: normal

Tags: security

Done: Léo Le Bouter <lle-bout <at> zaclys.net>

Bug is archived. No further changes may be made.

Full log

Message #10 received at 47231 <at> debbugs.gnu.org (full text, mbox):

From: Léo Le Bouter <lle-bout <at> zaclys.net>
To: 47231 <at> debbugs.gnu.org
Subject: Re: bug#47231: sqlite package is vulnerable to CVE-2020-11655,
 CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630,
 CVE-2020-13631, CVE-2020-13632, CVE-2020-15358 and CVE-2020-9327
Date: Wed, 24 Mar 2021 00:37:00 +0100

[Message part 1 (text/plain, inline)]

One more:

CVE-2021-20227	23.03.21 18:15
A flaw was found in SQLite's SELECT query functionality (src/select.c).
This flaw allows an attacker who is capable of running SQL queries
locally on the SQLite database to cause a denial of service or possible
code execution by triggering a use-after-free. The highest threat from
this vulnerability is to system availability.

[signature.asc (application/pgp-signature, inline)]

This bug report was last modified 4 years and 54 days ago.

Previous Next

GNU bug tracking system
Copyright (C) 1999 Darren O. Benham, 1997,2003 nCipher Corporation Ltd, 1994-97 Ian Jackson.

GNU bug report logs - #47231 sqlite package is vulnerable to CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358 and CVE-2020-9327

GNU bug report logs - #47231
sqlite package is vulnerable to CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358 and CVE-2020-9327