PublicDateAtUSN: 2019-12-10 22:15:00 UTC
Candidate: CVE-2019-13734
PublicDate: 2019-12-10 22:15:00 UTC
References:
 https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-13734
 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
 https://crbug.com/1025466
 https://ubuntu.com/security/notices/USN-4298-1
 https://ubuntu.com/security/notices/USN-4298-2
Description:
 Out of bounds write in SQLite in Google Chrome prior to 79.0.3945.79
 allowed a remote attacker to potentially exploit heap corruption via a
 crafted HTML page.
Ubuntu-Description:
Notes:
Mitigation:
Bugs:
Priority: medium
Discovered-by: Wenxiang Qian
Assigned-to:
CVSS:
 nvd: CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:U/C:H/I:H/A:H [8.8 HIGH]

Patches_chromium-browser:
upstream_chromium-browser: released (79.0.3945.79-1)
precise/esm_chromium-browser: DNE
trusty_chromium-browser: ignored (out of standard support)
trusty/esm_chromium-browser: DNE
xenial_chromium-browser: released (79.0.3945.79-0ubuntu0.16.04.1)
bionic_chromium-browser: released (79.0.3945.79-0ubuntu0.18.04.1)
disco_chromium-browser: released (79.0.3945.79-0ubuntu0.19.04.3)
eoan_chromium-browser: released (79.0.3945.79-0ubuntu0.19.10.2)
focal_chromium-browser: released (79.0.3945.79-0ubuntu1)
groovy_chromium-browser: released (79.0.3945.79-0ubuntu1)
hirsute_chromium-browser: released (79.0.3945.79-0ubuntu1)
impish_chromium-browser: released (79.0.3945.79-0ubuntu1)
jammy_chromium-browser: released (79.0.3945.79-0ubuntu1)
devel_chromium-browser: released (79.0.3945.79-0ubuntu1)

Patches_sqlite:
 upstream: https://www.sqlite.org/src/info/51525f9c3235967b
 upstream: https://github.com/sqlite/sqlite/commit/c72f2fb7feff582444b8ffdc6c900c69847ce8a9
upstream_sqlite: needs-triage
precise/esm_sqlite: DNE
trusty_sqlite: ignored (out of standard support)
trusty/esm_sqlite: needs-triage
xenial_sqlite: ignored (end of standard support, was needs-triage)
bionic_sqlite: needs-triage
disco_sqlite: ignored (reached end-of-life)
eoan_sqlite: ignored (reached end-of-life)
focal_sqlite: needs-triage
groovy_sqlite: ignored (reached end-of-life)
hirsute_sqlite: ignored (reached end-of-life)
impish_sqlite: needs-triage
jammy_sqlite: needs-triage
devel_sqlite: needs-triage

Patches_sqlite3:
 upstream: https://www.sqlite.org/src/info/51525f9c3235967b
 upstream: https://github.com/sqlite/sqlite/commit/c72f2fb7feff582444b8ffdc6c900c69847ce8a9
upstream_sqlite3: needs-triage
precise/esm_sqlite3: ignored (end of ESM support, was needs-triage)
trusty_sqlite3: ignored (out of standard support)
trusty/esm_sqlite3: released (3.8.2-1ubuntu2.2+esm2)
xenial_sqlite3: released (3.11.0-1ubuntu1.4)
esm-infra/xenial_sqlite3: released (3.11.0-1ubuntu1.4)
bionic_sqlite3: released (3.22.0-1ubuntu0.3)
disco_sqlite3: ignored (reached end-of-life)
eoan_sqlite3: released (3.29.0-2ubuntu0.2)
focal_sqlite3: not-affected (3.31.1-1ubuntu1)
groovy_sqlite3: not-affected (3.31.1-1ubuntu1)
hirsute_sqlite3: not-affected (3.31.1-1ubuntu1)
impish_sqlite3: not-affected (3.31.1-1ubuntu1)
jammy_sqlite3: not-affected (3.31.1-1ubuntu1)
devel_sqlite3: not-affected (3.31.1-1ubuntu1)