CVE-2019-8457

Priority
Description
SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap
out-of-bound read in the rtreenode() function when handling invalid rtree
tables.
Notes
 leosilva> db5.3 has a sqlite into /lang/sql/sqlite
Assigned-to
leosilva
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):DNE
Ubuntu 18.10 (Cosmic Cuttlefish):DNE
Ubuntu 19.04 (Disco Dingo):DNE
Ubuntu 19.10 (Eoan):DNE
Package
Source: db5.3 (LP Ubuntu Debian)
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):released (5.3.28-3ubuntu3.1+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (5.3.28-11ubuntu0.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (5.3.28-13.1ubuntu1.1)
Ubuntu 18.10 (Cosmic Cuttlefish):released (5.3.28+dfsg1-0.1ubuntu0.1)
Ubuntu 19.04 (Disco Dingo):released (5.3.28+dfsg1-0.5ubuntu0.1)
Ubuntu 19.10 (Eoan):released (5.3.28+dfsg1-0.6ubuntu1)
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):DNE
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):needs-triage
Ubuntu 19.04 (Disco Dingo):needs-triage
Ubuntu 19.10 (Eoan):needs-triage
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):DNE
Ubuntu 14.04 ESM (Trusty Tahr):DNE
Ubuntu 16.04 LTS (Xenial Xerus):needs-triage
Ubuntu 18.04 LTS (Bionic Beaver):needs-triage
Ubuntu 18.10 (Cosmic Cuttlefish):needs-triage
Ubuntu 19.04 (Disco Dingo):needs-triage
Ubuntu 19.10 (Eoan):needs-triage
Package
Upstream:needs-triage
Ubuntu 12.04 ESM (Precise Pangolin):released (3.7.9-2ubuntu1.3)
Ubuntu 14.04 ESM (Trusty Tahr):released (3.8.2-1ubuntu2.2+esm1)
Ubuntu 16.04 LTS (Xenial Xerus):released (3.11.0-1ubuntu1.2)
Ubuntu 18.04 LTS (Bionic Beaver):released (3.22.0-1ubuntu0.1)
Ubuntu 18.10 (Cosmic Cuttlefish):released (3.24.0-1ubuntu0.1)
Ubuntu 19.04 (Disco Dingo):released (3.27.2-2ubuntu0.1)
Ubuntu 19.10 (Eoan):released (3.27.2-3)
More Information

Updated: 2019-06-19 18:14:30 UTC (commit 837e440be10812bfd807c193b0c8f06ee3a3c57b)