Updated sqlite3 packages fix bug & security vulnerability
Publication date: 11 Jun 2026Modification date: 11 Jun 2026
Type: security
Affected Mageia releases : 9
CVE: CVE-2025-70873
Description
sqlite3 shipped in Mageia 9 lacks ICU support. This update brings
sqlite3-icu to allow ICU support be loaded as an optional extension.
This update fixes CVE-2025-70873, an information disclosure issue. The
zipfileInflate function in the zipfile extension in SQLite v3.51.1 and
earlier allows attackers to obtain heap memory via supplying a crafted
ZIP file.
References
SRPMS
9/core
- sqlite3-3.40.1-1.8.mga9