CVE-2019-8457

Priority
Description
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap
out-of-bound read in the rtreenode() function when handling invalid rtree
tables.
References
Bugs
Assigned-to
leosilva
Notes
leosilvadb5.3 has a sqlite into /lang/sql/sqlite
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 20.04 LTS (Focal Fossa):DNE
Ubuntu 20.10 (Groovy Gorilla):DNE
Package
Source: db5.3 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (5.3.28-3ubuntu3.1+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (5.3.28-11ubuntu0.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.28-13.1ubuntu1.1)
Ubuntu 20.04 LTS (Focal Fossa):released (5.3.28+dfsg1-0.6ubuntu1)
Ubuntu 20.10 (Groovy Gorilla):released (5.3.28+dfsg1-0.6ubuntu1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 20.04 LTS (Focal Fossa):needs-triage
Ubuntu 20.10 (Groovy Gorilla):needs-triage
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needed
Ubuntu 18.04 LTS (Bionic Beaver):needed
Ubuntu 20.04 LTS (Focal Fossa):needed
Ubuntu 20.10 (Groovy Gorilla):needed
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (3.7.9-2ubuntu1.3)
Ubuntu 14.04 ESM (Trusty Tahr):released (3.8.2-1ubuntu2.2+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.11.0-1ubuntu1.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (3.22.0-1ubuntu0.1)
Ubuntu 20.04 LTS (Focal Fossa):released (3.27.2-3)
Ubuntu 20.10 (Groovy Gorilla):released (3.27.2-3)
More Information

Updated: 2020-10-24 06:59:45 UTC (commit 69e225d81a6ee3e2e014950178db797c5d4e5009)