MGASA-2023-0208

Source
https://advisories.mageia.org/MGASA-2023-0208.html
Import Source
https://advisories.mageia.org/MGASA-2023-0208.json
JSON Data
https://api.test.osv.dev/v1/vulns/MGASA-2023-0208
Related
Published
2023-06-28T05:21:41Z
Modified
2023-06-28T04:06:43Z
Summary
Updated sqlite packages fix security vulnerability
Details

os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files. (CVE-2016-6153) In SQLite through 3.22.0, databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference, related to build.c and prepare (CVE-2018-8740)

References
Credits

Affected packages

Mageia:8 / sqlite

Package

Name
sqlite
Purl
pkg:rpm/mageia/sqlite?distro=mageia-8

Affected ranges

Type
ECOSYSTEM
Events
Introduced
0Unknown introduced version / All previous versions are affected
Fixed
2.8.17-26.1.mga8

Ecosystem specific

{
    "section": "core"
}