CVE-2019-19244 in Ubuntu

CVE-2019-19244

Priority

Description

sqlite3Select in select.c in SQLite 3.30.1 allows a crash if a sub-select
uses both DISTINCT and window functions, and also has certain ORDER BY
usage.

References

https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-19244
https://ubuntu.com/security/notices/USN-4205-1

Assigned-to

leosilva

Notes

leosilva

there is no support for pWin in bionic, so
marking as not-affected.

Package

Source: sqlite (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	not-affected (code not present)
Ubuntu 14.04 ESM:	not-affected (code not present)

Patches:

Package

Source: sqlite3 (LP Ubuntu Debian)

Upstream:	needs-triage
Ubuntu 18.04 LTS:	not-affected
Ubuntu 16.04 ESM:	not-affected
Ubuntu 14.04 ESM:	not-affected

Patches:

Upstream:

https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348

More Information

Mitre
NVD
Launchpad
Debian

Updated: 2022-04-13 13:53:09 UTC (commit f411bd370d482ef4385c4e751d121a4055fbc009)