[Fake sync] sqlite (2.8.17-2.1build1) from Debian unstable
Bug #138149 reported by
Michael Bienia
| Affects | Status | Importance | Assigned to | Milestone | |
|---|---|---|---|---|---|
| sqlite (Ubuntu) |
Fix Released
|
Undecided
|
Kees Cook | ||
Bug Description
Binary package hint: sqlite
The current packages has no Ubuntu changes (it's also a fake-sync).
The new package builds cleanly in a gutsy pbuilder.
Changelog:
sqlite (2.8.17-2.1build1) gutsy; urgency=low
* Fake-sync because of a different orig.tar.gz.
-- Michael Bienia <email address hidden> Sat, 08 Sep 2007 03:24:29 +0200
sqlite (2.8.17-2.1) unstable; urgency=high
* Non-maintainer upload by testing security team.
* Included 01-fix-
in encode.c (CVE-2007-1888) (Closes: #441233).
-- Nico Golde <email address hidden> Fri, 07 Sep 2007 17:47:03 +0200
CVE References
Revision history for this message
| Michael Bienia (geser) wrote | #1 |
Revision history for this message
| Kees Cook (kees) wrote | #2 |
| Changed in sqlite: | |
| assignee: | nobody → keescook |
| status: | New → Fix Committed |
| status: | Fix Committed → Fix Released |
To post a comment you must log in.
Thanks! I'll get this uploaded shortly. (For the record, PHP was already fixed to avoid calling sqlite with the "bad" parameter.)