GLSA
Advocate
Joined: 12 May 2004
Posts: 2663
|
 Posted: Sun Mar 15, 2020 3:26 am Post subject: [ GLSA 202003-16 ] SQLite |
 |
|
Gentoo Linux Security Advisory
Title: SQLite: Multiple vulnerabilities (GLSA 202003-16)
Severity: normal
Exploitable: local, remote
Date: 2020-03-15
Bug(s): #697678, #711526
ID: 202003-16
Synopsis
Multiple vulnerabilities have been found in SQLite, the worst of
which could result in the arbitrary execution of code.
Background
SQLite is a C library that implements an SQL database engine.
Affected Packages
Package: dev-db/sqlite
Vulnerable: < 3.31.1
Unaffected: >= 3.31.1
Architectures: All supported architectures
Description
Multiple vulnerabilities have been discovered in SQLite. Please review
the CVE identifiers referenced below for details.
Impact
A remote attacker could possibly execute arbitrary code with the
privileges of the process, or cause a Denial of Service condition.
Workaround
There is no known workaround at this time.
Resolution
All SQLite users should upgrade to the latest version: | Code: | # emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/sqlite-3.31.1"
|
References
CVE-2019-16168
CVE-2019-5827
CVE-2020-9327 |
|
News & Announcements
