You are here
Home > Preporuke > Sigurnosni nedostatak programskog paketa SQLite 3

Sigurnosni nedostatak programskog paketa SQLite 3

  • Detalji os-a: WN7
  • Važnost: IMP
  • Operativni sustavi: L
  • Kategorije: LUB

==========================================================================
Ubuntu Security Notice USN-4438-1
July 27, 2020

sqlite3 vulnerability
==========================================================================

A security issue affects these releases of Ubuntu and its derivatives:

– Ubuntu 20.04 LTS

Summary:

SQLite could be made to crash or run programs if it processed a specially
crafted query.

Software Description:
– sqlite3: C library that implements an SQL database engine

Details:

It was discovered that SQLite incorrectly handled query-flattener
optimization. An attacker could use this issue to cause SQLite to crash,
resulting in a denial of service, or possibly execute arbitrary code.

Update instructions:

The problem can be corrected by updating your system to the following
package versions:

Ubuntu 20.04 LTS:
libsqlite3-0 3.31.1-4ubuntu0.2
sqlite3 3.31.1-4ubuntu0.2

In general, a standard system update will make all the necessary changes.

References:
https://usn.ubuntu.com/4438-1
CVE-2020-15358

Package Information:
https://launchpad.net/ubuntu/+source/sqlite3/3.31.1-4ubuntu0.2

—–BEGIN PGP SIGNATURE—–

iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl8e91oACgkQZWnYVadE
vpMUmw/+MoAQkqpy6/LSxvJS33+APKbB7XRv3arvxMWQCEvO/NYw4LaliCgfvnEy
kTN7peab860l7kmLTxWQVUFl6pK1AEZFLpcOyrRCVGPiou4PtNQ/ll2YBHbQq9lI
yLTGcvOSUAp3r7xn7iX+a5Rp/TNVljpD7kn2kr0pW82nLS9SN1chyfk35veczHJI
V0dV9um9WeAIDSdcA5wOw6c2sg9TFn4zaqfHGwvsj1SFk/Sox+t07YHOIkp2M1eh
Ua0yeDMg3UkmhO7B1K4AFMiXUc8bb0hzFGDacgyxu+3P1beea79V0s/sa2rlE3LV
Vb81ZrCRLyMfHq1lfwbeLSWEwSfbxshuRO0aS7UiayyoQ/exMrP/XpohvFEn1zpX
/y9Zx7hrOlAMpyYNbFu0tR6JTTgTQvjsDeHcTAGTFwQqaYvq/eXd1tobZcb32oih
cNV28E6s/qT0RnB9uXH/7yRv5WhN9Le9gOyNRvnVAcXYqYc7Gr4yezhgaQVc0zDU
ZkpwPl8KsIwJ8yIGzAQ2qGRfR5aIOUJGdcpSOtm53QiKLO3EIyt+WfRFmnmtZW6t
eyG0NDhFYMn6ZAHnEK9V2xHQniEO32E941oVA/ln3CQYpw6Tu3LhR4ZddAn+djG6
Q/INOcfqi7zc+4NyVsxJ+EZ9KAZdzmkn0aXwqq70rNH1MVHD3YU=
=yQkR
—–END PGP SIGNATURE—–

AutorFilip Omazic
Cert idNCERT-REF-2020-07-0001-ADV
CveCERT-CVE-DUMMY
ID izvornikaCERT-ORIGID-DUMMY
ProizvodCERT-DUMMY-PRODUCT
IzvorAdobe
Top
More in Preporuke
Sigurnosni nedostaci programskog paketa go1.13

Otkriveni su sigurnosni nedostaci u programskom paketu go1.13 za operacijski sustav openSUSE. Otkriveni nedostaci potencijalnim napadačima omogućuju zaobilaženje sigurnosnih ograničenja...

Close