Oval Definition:oval:com.redhat.rhsa:def:20151634
Revision Date:2015-08-17Version:637
Title:RHSA-2015:1634: sqlite security update (Moderate)
Description:SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.

  • It was found that SQLite's sqlite3VXPrintf() function did not properly handle precision and width values during floating-point conversions. A local attacker could submit a specially crafted SELECT statement that would crash the SQLite process, or have other unspecified impacts. (CVE-2015-3416)

    All sqlite users are advised to upgrade to this updated package, which contains a backported patch to correct this issue.
  • Family:unixClass:patch
    Status:Reference(s):CVE-2015-3416
    RHSA-2015:1634
    RHSA-2015:1634-00
    RHSA-2015:1634-01
    Platform(s):Red Hat Enterprise Linux 6
    Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 6 is installed
  • AND
  • lemon is earlier than 0:3.6.20-1.el6_7.2
  • AND lemon is signed with Red Hat redhatrelease2 key
  • sqlite is earlier than 0:3.6.20-1.el6_7.2
  • AND sqlite is signed with Red Hat redhatrelease2 key
  • sqlite-devel is earlier than 0:3.6.20-1.el6_7.2
  • AND sqlite-devel is signed with Red Hat redhatrelease2 key
  • sqlite-doc is earlier than 0:3.6.20-1.el6_7.2
  • AND sqlite-doc is signed with Red Hat redhatrelease2 key
  • sqlite-tcl is earlier than 0:3.6.20-1.el6_7.2
  • AND sqlite-tcl is signed with Red Hat redhatrelease2 key
  • BACK