CVE-2019-19645

Priority
Description
alter.c in SQLite through 3.30.1 allows attackers to trigger infinite
recursion via certain types of self-referential views in conjunction with
ALTER TABLE statements.
Notes
mdeslaurThe code changes required to backport the fix for this issue to
older versions of SQLite shipped in Ubuntu stable releases is
subtantial and may introduce regressions. Due to the low
severity of this issue, we will not be releasing a fix for
Ubuntu 18.04 LTS and earlier. Marking as ignored.
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):not-affected (code not present)
Ubuntu 16.04 LTS (Xenial Xerus):not-affected (code not present)
Ubuntu 18.04 LTS (Bionic Beaver):not-affected (code not present)
Ubuntu 19.10 (Eoan Ermine):not-affected (code not present)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (code not present)
Ubuntu 20.10 (Groovy Gorilla):not-affected (code not present)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):ignored
Ubuntu 14.04 ESM (Trusty Tahr):ignored
Ubuntu 16.04 LTS (Xenial Xerus):ignored
Ubuntu 18.04 LTS (Bionic Beaver):ignored
Ubuntu 19.10 (Eoan Ermine):released (3.29.0-2ubuntu0.3)
Ubuntu 20.04 LTS (Focal Fossa):not-affected (3.31.1-1ubuntu1)
Ubuntu 20.10 (Groovy Gorilla):not-affected (3.31.1-1ubuntu1)
Patches:
Upstream:https://github.com/sqlite/sqlite/commit/38096961c7cd109110ac21d3ed7dad7e0cb0ae06
More Information

Updated: 2020-06-10 19:15:24 UTC (commit 18e7d1af54e8cf89d0d8dfa78fa39177236d19cd)