Oval Definition:oval:com.redhat.rhsa:def:20211968
Revision Date:2021-05-18Version:638
Title:RHSA-2021:1968: mingw packages security and bug fix update (Moderate)
Description:MinGW is a free and open source software development environment to create Microsoft Windows applications.

  • The following packages have been upgraded to a later upstream version: mingw-sqlite (3.26.0.0). (BZ#1845475)

    Security Fix(es):

  • sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c (CVE-2019-16168)

  • sqlite: Integer overflow in sqlite3_str_vappendf function in printf.c (CVE-2020-13434)

  • sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c (CVE-2020-13630)

  • sqlite: Virtual table can be renamed into the name of one of its shadow tables (CVE-2020-13631)

  • sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query (CVE-2020-13632)

    For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

    Additional Changes:

    For detailed information on changes in this release, see the Red Hat Enterprise Linux 8.4 Release Notes linked from the References section.
    • Family:unixClass:patch
    Status:Reference(s):CVE-2019-16168
    CVE-2020-13434
    CVE-2020-13630
    CVE-2020-13631
    CVE-2020-13632
    RHSA-2021:1968
    Platform(s):Red Hat Enterprise Linux 8
    		Product(s):
    Definition Synopsis
  • Red Hat Enterprise Linux must be installed
  • OR Package Information
  • Red Hat Enterprise Linux 8 is installed
  • OR Red Hat CoreOS 4 is installed
  • AND
  • mingw-binutils-generic is earlier than 0:2.30-3.el8
  • AND mingw-binutils-generic is signed with Red Hat redhatrelease2 key
  • mingw32-binutils is earlier than 0:2.30-3.el8
  • AND mingw32-binutils is signed with Red Hat redhatrelease2 key
  • mingw64-binutils is earlier than 0:2.30-3.el8
  • AND mingw64-binutils is signed with Red Hat redhatrelease2 key
  • mingw32-sqlite is earlier than 0:3.26.0.0-1.el8
  • AND mingw32-sqlite is signed with Red Hat redhatrelease2 key
  • mingw32-sqlite-static is earlier than 0:3.26.0.0-1.el8
  • AND mingw32-sqlite-static is signed with Red Hat redhatrelease2 key
  • mingw64-sqlite is earlier than 0:3.26.0.0-1.el8
  • AND mingw64-sqlite is signed with Red Hat redhatrelease2 key
  • mingw64-sqlite-static is earlier than 0:3.26.0.0-1.el8
  • AND mingw64-sqlite-static is signed with Red Hat redhatrelease2 key
  • mingw32-bzip2 is earlier than 0:1.0.6-14.el8
  • AND mingw32-bzip2 is signed with Red Hat redhatrelease2 key
  • mingw32-bzip2-static is earlier than 0:1.0.6-14.el8
  • AND mingw32-bzip2-static is signed with Red Hat redhatrelease2 key
  • mingw64-bzip2 is earlier than 0:1.0.6-14.el8
  • AND mingw64-bzip2 is signed with Red Hat redhatrelease2 key
  • mingw64-bzip2-static is earlier than 0:1.0.6-14.el8
  • AND mingw64-bzip2-static is signed with Red Hat redhatrelease2 key
  • mingw-filesystem-base is earlier than 0:104-2.el8
  • AND mingw-filesystem-base is signed with Red Hat redhatrelease2 key
  • mingw32-filesystem is earlier than 0:104-2.el8
  • AND mingw32-filesystem is signed with Red Hat redhatrelease2 key
  • mingw64-filesystem is earlier than 0:104-2.el8
  • AND mingw64-filesystem is signed with Red Hat redhatrelease2 key
    • BACK