CVE-2017-7000

Priority
Description
An issue was discovered in certain Apple products. iOS before 10.3.2 is
affected. macOS before 10.12.5 is affected. The issue involves the "SQLite"
component. It allows remote attackers to execute arbitrary code or cause a
denial of service (memory corruption and application crash) via a crafted
web site.
Notes
mdeslaurthe fix for this issue was to introduce a new API in sqlite.
This flaw is in chromium-browser, not in sqlite itself.
Package
Upstream:released (60.0.3112.78)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was released [61.0.3163.100-0ubuntu0.14.04.1202])
Ubuntu 16.04 LTS (Xenial Xerus):released (61.0.3163.100-0ubuntu0.16.04.1306)
Ubuntu 18.04 LTS (Bionic Beaver):released (61.0.3163.100-0ubuntu1.1378)
Patches:
Upstream:https://chromium.googlesource.com/chromium/src.git/+/3bfe67c9c4b45eb713326aae7a67c8f7390dae08
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE (trusty was ignored [Ubuntu touch end-of-life])
Ubuntu 16.04 LTS (Xenial Xerus):ignored (Ubuntu touch end-of-life)
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Package
Priority: Low
Upstream:released (3.20.0)
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):not-affected
Package
Upstream:released (3.20.0)
Ubuntu 12.04 ESM (Precise Pangolin):not-affected
Ubuntu 14.04 ESM (Trusty Tahr):not-affected
Ubuntu 16.04 LTS (Xenial Xerus):not-affected
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (3.22.0-1)
Patches:
Upstream:https://www.sqlite.org/src/info/d6a44b352d432d52
More Information

Updated: 2020-01-29 19:59:44 UTC (commit 768ceb2fdee6790d707d0f681e1b54916744af1e)