Advisories ยป MGASA-2016-0255

Updated sqlite3 packages fix security vulnerability

Publication date: 14 Jul 2016
Modification date: 14 Jul 2016
Type: security
Affected Mageia releases : 5
CVE: CVE-2016-6153

Description

It was discovered that sqlite3 would reject a temporary directory (e.g.,
as specified by the TMPDIR environment variable) to which the executing
user did not have read permissions. This could result in information
leakage as less secure global temporary directories (e.g., /var/tmp or
/tmp) would be used instead (CVE-2016-6153).
                

References

SRPMS

5/core