[ MDVSA-2015:217 ] sqlite3

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________

 Mandriva Linux Security Advisory                         MDVSA-2015:217
 http://www.mandriva.com/en/support/security/
 _______________________________________________________________________

 Package : sqlite3
 Date    : April 30, 2015
 Affected: Business Server 1.0, Business Server 2.0
 _______________________________________________________________________

 Problem Description:

 Multiple vulnerabilities has been found and corrected in sqlite3:
 
 SQLite before 3.8.9 does not properly implement the dequoting of
 collation-sequence names, which allows context-dependent attackers to
 cause a denial of service (uninitialized memory access and application
 crash) or possibly have unspecified other impact via a crafted COLLATE
 clause, as demonstrated by COLLATE at the end of a SELECT statement
 (CVE-2015-3414).
 
 The sqlite3VdbeExec function in vdbe.c in SQLite before 3.8.9
 does not pro

007 Software

[ MDVSA-2015:217 ] sqlite3

Leave a Reply Cancel reply

Software and Security Information