Advisories » MGASA-2018-0181

Updated sqlite3 packages fix security vulnerability

Publication date: 22 Mar 2018
Modification date: 22 Mar 2018
Type: security
Affected Mageia releases : 5 , 6
CVE: CVE-2018-8740

Description

In SQLite through 3.22.0, databases whose schema is corrupted using
a CREATE TABLE AS statement could cause a NULL pointer dereference,
related to build.c and prepare.c (CVE-2018-8740).
                

References

• https://bugs.mageia.org/show_bug.cgi?id=22792
• http://openwall.com/lists/oss-security/2018/03/17/1
• https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2018-8740

SRPMS

6/core

• sqlite3-3.17.0-2.2.mga6

5/core

• sqlite3-3.10.2-1.2.mga5