Format: 1.8 Date: Tue, 18 Jun 2019 09:42:23 -0300 Source: sqlite3 Binary: lemon sqlite3 sqlite3-doc libsqlite3-0-dbg libsqlite3-0 libsqlite3-dev libsqlite3-tcl Architecture: amd64 all Version: 3.11.0-1ubuntu1.2 Distribution: xenial Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Leonidas S. Barbosa Description: lemon - LALR(1) Parser Generator for C or C++ libsqlite3-0 - SQLite 3 shared library libsqlite3-0-dbg - SQLite 3 debugging symbols libsqlite3-dev - SQLite 3 development files libsqlite3-tcl - SQLite 3 Tcl bindings sqlite3 - Command line interface for SQLite 3 sqlite3-doc - SQLite 3 documentation Changes: sqlite3 (3.11.0-1ubuntu1.2) xenial-security; urgency=medium . * SECURITY UPDATE: Denial of service - debian/patches/CVE-2016-6153-*.patch: change temp direcotry search algorithm in src/os_unix.c. - CVE-2016-6153 * SECURITY UPDATE: heap-base buffer over-read - debian/patches/CVE-2017-10989.patch: enhance RTree module in ext/rtree/rtree.c and added test in ext/rtree/rtreeA.text. - CVE-2017-10989 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2017-13685.patch: adds checks in src/shell.c. - CVE-2017-13685 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2017-2518.patch: prevent a use-after-free in src/whereexpr.c. - CVE-2017-2518 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2017-2519.patch: increase the size of the reference count on table objects to 32bits in src/sqliteInt.h. - CVE-2017-2519 * SECURITY UPDATE: Denial of service - debian/patches/CVE-2017-2520.patch: add a check for pVal in src/vdbemem.c - CVE-2017-2520 * SECURITY UPDATE: Integer overflow - debian/patches/CVE-2018-20346-and-CVE-2018-20506.patch: add extra defenses against strategically corrupt databases in ext/fts3/fst3.c, ext/fts3/fts3_write.c, test/fts3corrupt4.test, test/permutations.test. - CVE-2018-20346 - CVE-2018-20506 * SECURITY UPDATE: heap out-of-bound read - debian/patches/CVE-2019-8457.patch: enhance the rtreenode() in ext/rtree/rtree.c. - debian/patches/CVE-2019-8457-string-interface.patch: add string interface in src/btree.c, src/build.c, src/func.c, src/mutex.c, src/pragma.c, src/printf.c, src/sqlite.h.in, src/sqliteInt.h, src/treeview.c, src/vdbeaux.c, src/vdbetrace.c, src/wherecode.c. - CVE-2019-8457 * security update: heap-buffer over-read - debian/patches/cve-2019-9936.patch: add checks in code in order to fix in ext/fts5/fts5_hash.c, ext/fts5/test/fts5aa.test. - CVE-2019-9936 * security update: NULL pointer dereference - debian/patches/cve-2019-9937.patch: fix in ext/fts5/fts5Int.h, ext/fts5/fts5_hash.c, ext/fts5/fts5_index.c, ext/fts5/test/fts5aa.test. - CVE-2019-9937 Checksums-Sha1: deaf78727339d3b57669c82458d0a604449e663e 1118 lemon-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb 9a5f1a43bfd63bf0f95e5fe3cc0d3cec94468657 51742 lemon_3.11.0-1ubuntu1.2_amd64.deb 421cf0c9df470676961c7c90af0a279a5118a606 3433212 libsqlite3-0-dbg_3.11.0-1ubuntu1.2_amd64.deb aaeaa7cf543dfb4d67dff23c6293e3a6ad303f6b 908 libsqlite3-0-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb 28785ab923361b72b038758f42a5ec7bdd5ce1bc 397256 libsqlite3-0_3.11.0-1ubuntu1.2_amd64.deb 61aa5522ac9c6dd8e39269fd1a2b5a81a91fb672 954 libsqlite3-dev-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb f15d67fbc3f1b104421d6e224a8d71020a1c9f6b 508682 libsqlite3-dev_3.11.0-1ubuntu1.2_amd64.deb 735016fe13e619642640904e433067ff3b3f823a 932 libsqlite3-tcl-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb d6faccfc99a27b5f36569a0c2706b93e1f770198 19188 libsqlite3-tcl_3.11.0-1ubuntu1.2_amd64.deb d50dabc12d790b1c340789d9c217bd2d48f07025 910 sqlite3-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb 87c423c7d5bcec3be7dc4655aae910baf602ed0f 3149228 sqlite3-doc_3.11.0-1ubuntu1.2_all.deb 666345f66bf762ba45e25fddffd3f53ada7d7cca 515696 sqlite3_3.11.0-1ubuntu1.2_amd64.deb Checksums-Sha256: 48a10842dea37e1de10dec3a769c2c60f28dfabe121739e4217040b6fbc36350 1118 lemon-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb 658dba8bd66afeca3f6bbac493779d851a8cc9302cb9eaacbb00f1a339ba9777 51742 lemon_3.11.0-1ubuntu1.2_amd64.deb b4787cc4aee2ff49034f110aef2f162f0dde68a4eae526d08dd94b671d470c03 3433212 libsqlite3-0-dbg_3.11.0-1ubuntu1.2_amd64.deb 41f1d27c0bbf128c96edddbd65f070b83b807cf1255e170ddb7fcb6ebe72a088 908 libsqlite3-0-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb c33bde90998ca545f5a031b8b378cea11c8c3d4e49ff4168bf20e7e52fe4ca25 397256 libsqlite3-0_3.11.0-1ubuntu1.2_amd64.deb 7d8801f77b9b33e9328455af505898a3933bac303c4a7a568a0a427006399a97 954 libsqlite3-dev-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb d043d43fb9037afdacd54583dfcf70c5f56bbf3ee02431914170a5190b59d568 508682 libsqlite3-dev_3.11.0-1ubuntu1.2_amd64.deb f444d9963d722ffd624889e11348fb59e06bbeecdb7a98851f378bb6aabf721a 932 libsqlite3-tcl-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb 61aa9ca75eec108e7b44780a4d34e9e60f953b159f00002c707c245e1f35abcc 19188 libsqlite3-tcl_3.11.0-1ubuntu1.2_amd64.deb 27d70ea1f3a75c1885502a8cf02abad83b6bb7bb5cd9d345c55953f4e75a6720 910 sqlite3-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb c89fbb7bd93ee5589a72fa1bed28dcbc838ba4e66f14125ef79f1d46a7558c52 3149228 sqlite3-doc_3.11.0-1ubuntu1.2_all.deb 4194e2eebbb2adac10975c73a4a2fc15382926816346349ab254acbb3c00ceb7 515696 sqlite3_3.11.0-1ubuntu1.2_amd64.deb Files: 24aeafc6eab0561f26f98cc001d03147 1118 devel extra lemon-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb 7b1e2be3753299c95bed283cc4ae279a 51742 devel optional lemon_3.11.0-1ubuntu1.2_amd64.deb c6d841d68347a6176b6e2d8e80da11ef 3433212 debug extra libsqlite3-0-dbg_3.11.0-1ubuntu1.2_amd64.deb 3d3ec6268954ea79537157e6c5d42c62 908 libs extra libsqlite3-0-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb b4b55d8fdb3ca9461dafc1ad3c1b9c7c 397256 libs standard libsqlite3-0_3.11.0-1ubuntu1.2_amd64.deb 4bb86ee1633b28cb8db270a6a9be7538 954 libdevel extra libsqlite3-dev-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb 92bc8e4dc461236b44cd100f1332ec63 508682 libdevel optional libsqlite3-dev_3.11.0-1ubuntu1.2_amd64.deb fc13c7957ae8a0575d6767df155e8038 932 interpreters extra libsqlite3-tcl-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb cfb5a9989d8d80a505fbcb88133ce5c9 19188 interpreters optional libsqlite3-tcl_3.11.0-1ubuntu1.2_amd64.deb 133368a6a4a6acb8d115708a3035a76f 910 database extra sqlite3-dbgsym_3.11.0-1ubuntu1.2_amd64.ddeb e043d3be0313ee14413179d872fefac2 3149228 doc optional sqlite3-doc_3.11.0-1ubuntu1.2_all.deb cf33a697c590021766eb591e503bb451 515696 database optional sqlite3_3.11.0-1ubuntu1.2_amd64.deb Original-Maintainer: Laszlo Boszormenyi (GCS)