Oval Definition:	oval:org.opensuse.security:def:51930
Revision Date: 2022-11-02 Version: 1 Title: Security update for sqlite3 (Moderate) Description: This update for sqlite3 fixes the following issues: Security issues fixed: - CVE-2022-35737: Fixed an array-bounds overflow if billions of bytes are used in a string argument to a C API (bnc#1201783). - CVE-2021-36690: Fixed an issue with the SQLite Expert extension when a column has no collating sequence (bsc#1189802). - Package the Tcl bindings here again so that we only ship one copy of SQLite (bsc#1195773). sqlite was updated to 3.39.3: Use a statement journal on DML statement affecting two or more database rows if the statement makes use of a SQL functions that might abort. * Use a mutex to protect the PRAGMA temp_store_directory and PRAGMA data_store_directory statements, even though they are decremented and documented as not being threadsafe. Update to 3.39.2: Fix a performance regression in the query planner associated with rearranging the order of FROM clause terms in the presences of a LEFT JOIN. * Apply fixes for CVE-2022-35737, Chromium bugs 1343348 and 1345947, forum post 3607259d3c, and other minor problems discovered by internal testing. [boo#1201783] Update to 3.39.1: Fix an incorrect result from a query that uses a view that contains a compound SELECT in which only one arm contains a RIGHT JOIN and where the view is not the first FROM clause term of the query that contains the view * Fix a long-standing problem with ALTER TABLE RENAME that can only arise if the sqlite3_limit(SQLITE_LIMIT_SQL_LENGTH) is set to a very small value. * Fix a long-standing problem in FTS3 that can only arise when compiled with the SQLITE_ENABLE_FTS3_PARENTHESIS compile-time option. * Fix the initial-prefix optimization for the REGEXP extension so that it works correctly even if the prefix contains characters that require a 3-byte UTF8 encoding. * Enhance the sqlite_stmt virtual table so that it buffers all of its output. Update to 3.39.0: Add (long overdue) support for RIGHT and FULL OUTER JOIN * Add new binary comparison operators IS NOT DISTINCT FROM and IS DISTINCT FROM that are equivalent to IS and IS NOT, respective, for compatibility with PostgreSQL and SQL standards * Add a new return code (value '3') from the sqlite3_vtab_distinct() interface that indicates a query that has both DISTINCT and ORDER BY clauses * Added the sqlite3_db_name() interface * The unix os interface resolves all symbolic links in database filenames to create a canonical name for the database before the file is opened * Defer materializing views until the materialization is actually needed, thus avoiding unnecessary work if the materialization turns out to never be used * The HAVING clause of a SELECT statement is now allowed on any aggregate query, even queries that do not have a GROUP BY clause * Many microoptimizations collectively reduce CPU cycles by about 2.3%. Update to 3.38.5: Fix a blunder in the CLI of the 3.38.4 release Update to 3.38.4: fix a byte-code problem in the Bloom filter pull-down optimization added by release 3.38.0 in which an error in the byte code causes the byte code engine to enter an infinite loop when the pull-down optimization encounters a NULL key Update to 3.38.3: Fix a case of the query planner be overly aggressive with optimizing automatic-index and Bloom-filter construction, using inappropriate ON clause terms to restrict the size of the automatic-index or Bloom filter, and resulting in missing rows in the output. * Other minor patches. See the timeline for details. Update to 3.38.2: Fix a problem with the Bloom filter optimization that might cause an incorrect answer when doing a LEFT JOIN with a WHERE clause constraint that says that one of the columns on the right table of the LEFT JOIN is NULL. * Other minor patches. - Package the Tcl bindings here again so that we only ship one copy of SQLite (bsc#1195773). Update to 3.38.1: Fix problems with the new Bloom filter optimization that might cause some obscure queries to get an incorrect answer. * Fix the localtime modifier of the date and time functions so that it preserves fractional seconds. * Fix the sqlite_offset SQL function so that it works correctly even in corner cases such as when the argument is a virtual column or the column of a view. * Fix row value IN operator constraints on virtual tables so that they work correctly even if the virtual table implementation relies on bytecode to filter rows that do not satisfy the constraint. * Other minor fixes to assert() statements, test cases, and documentation. See the source code timeline for details. Update to 3.38.0 Add the -> and ->> operators for easier processing of JSON * The JSON functions are now built-ins * Enhancements to date and time functions * Rename the printf() SQL function to format() for better compatibility, with alias for backwards compatibility. * Add the sqlite3_error_offset() interface for helping localize an SQL error to a specific character in the input SQL text * Enhance the interface to virtual tables * CLI columnar output modes are enhanced to correctly handle tabs and newlines embedded in text, and add options like '--wrap N', '--wordwrap on', and '--quote' to the columnar output modes. * Query planner enhancements using a Bloom filter to speed up large analytic queries, and a balanced merge tree to evaluate UNION or UNION ALL compound SELECT statements that have an ORDER BY clause. * The ALTER TABLE statement is changed to silently ignores entries in the sqlite_schema table that do not parse when PRAGMA writable_schema=ON Update to 3.37.2: Fix a bug introduced in version 3.35.0 (2021-03-12) that can cause database corruption if a SAVEPOINT is rolled back while in PRAGMA temp_store=MEMORY mode, and other changes are made, and then the outer transaction commits * Fix a long-standing problem with ON DELETE CASCADE and ON UPDATE CASCADE in which a cache of the bytecode used to implement the cascading change was not being reset following a local DDL change Update to 3.37.1: Fix a bug introduced by the UPSERT enhancements of version 3.35.0 that can cause incorrect byte-code to be generated for some obscure but valid SQL, possibly resulting in a NULL- pointer dereference. * Fix an OOB read that can occur in FTS5 when reading corrupt database files. * Improved robustness of the --safe option in the CLI. * Other minor fixes to assert() statements and test cases. Updated to 3.37.0: STRICT tables provide a prescriptive style of data type management, for developers who prefer that kind of thing. * When adding columns that contain a CHECK constraint or a generated column containing a NOT NULL constraint, the ALTER TABLE ADD COLUMN now checks new constraints against preexisting rows in the database and will only proceed if no constraints are violated. * Added the PRAGMA table_list statement. * Add the .connection command, allowing the CLI to keep multiple database connections open at the same time. * Add the --safe command-line option that disables dot-commands and SQL statements that might cause side-effects that extend beyond the single database file named on the command-line. * CLI: Performance improvements when reading SQL statements that span many lines. * Added the sqlite3_autovacuum_pages() interface. * The sqlite3_deserialize() does not and has never worked for the TEMP database. That limitation is now noted in the documentation. * The query planner now omits ORDER BY clauses on subqueries and views if removing those clauses does not change the semantics of the query. * The generate_series table-valued function extension is modified so that the first parameter ('START') is now required. This is done as a way to demonstrate how to write table-valued functions with required parameters. The legacy behavior is available using the -DZERO_ARGUMENT_GENERATE_SERIES compile-time option. * Added new sqlite3_changes64() and sqlite3_total_changes64() interfaces. * Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2(). * Use less memory to hold the database schema. * bsc#1189802, CVE-2021-36690: Fix an issue with the SQLite Expert extension when a column has no collating sequence. Family: unix Class: patch Status: Reference(s): 1081947 1082293 1085196 1106214 1121197 1122417 1125886 1127701 1135534 1135656 1135708 1139937 1141113 1141844 1142031 1153611 1157465 1158940 1159118 1160931 1162327 1162504 1165425 1168994 1173812 1174463 1174570 1176262 1177582 1178666 1178667 1178668 1187646 1189802 1195773 1201783 353876 CVE-2009-0316 CVE-2009-2624 CVE-2010-0001 CVE-2010-1163 CVE-2010-1646 CVE-2011-0010 CVE-2011-1526 CVE-2011-4862 CVE-2012-2337 CVE-2013-1775 CVE-2013-1776 CVE-2013-5653 CVE-2014-0107 CVE-2014-3248 CVE-2015-1038 CVE-2015-3228 CVE-2016-10220 CVE-2016-1248 CVE-2016-2335 CVE-2016-7978 CVE-2016-7979 CVE-2016-8602 CVE-2016-9601 CVE-2017-5951 CVE-2017-5953 CVE-2017-6349 CVE-2017-6350 CVE-2017-7207 CVE-2017-8291 CVE-2018-20843 CVE-2019-13616 CVE-2019-13626 CVE-2019-17361 CVE-2019-18897 CVE-2019-20916 CVE-2020-10713 CVE-2020-13943 CVE-2020-14308 CVE-2020-14309 CVE-2020-14310 CVE-2020-14311 CVE-2020-15706 CVE-2020-15707 CVE-2020-25694 CVE-2020-25695 CVE-2020-25696 CVE-2021-3570 CVE-2021-36690 CVE-2022-35737 SUSE-SU-2019:1835-1 SUSE-SU-2019:2307-1 SUSE-SU-2019:2463-1 SUSE-SU-2020:0684-1 SUSE-SU-2020:2073-1 SUSE-SU-2020:2784-1 SUSE-SU-2020:3068-1 SUSE-SU-2020:3463-1 SUSE-SU-2021:2443-1 SUSE-SU-2022:3307-2 Platform(s): openSUSE Leap 15.0 SUSE Linux Enterprise Desktop 11 SP2 SUSE Linux Enterprise Desktop 11 SP3 SUSE Linux Enterprise Desktop 12 SUSE Linux Enterprise Desktop 12 SP1 SUSE Linux Enterprise Desktop 12 SP2 SUSE Linux Enterprise Desktop 12 SP3 SUSE Linux Enterprise Desktop 12 SP4 SUSE Linux Enterprise Micro 5.3 SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP1 SUSE Linux Enterprise Module for Server Applications 15 SP2 SUSE Linux Enterprise Module for Web Scripting 15 SP2 SUSE Linux Enterprise Server 12 SP1 SUSE Linux Enterprise Server 12 SP1-LTSS SUSE Linux Enterprise Server 12 SP2 SUSE Linux Enterprise Server 12 SP2-BCL SUSE Linux Enterprise Server 12 SP2-ESPOS SUSE Linux Enterprise Server 12 SP2-LTSS SUSE Linux Enterprise Server 12 SP3 SUSE Linux Enterprise Server 12 SP3-BCL SUSE Linux Enterprise Server 12 SP3-ESPOS SUSE Linux Enterprise Server 12 SP3-LTSS SUSE Linux Enterprise Server 12 SP3-TERADATA SUSE Linux Enterprise Server 12 SP4 SUSE Linux Enterprise Server 15-LTSS SUSE Linux Enterprise Server for SAP Applications 12 SP4 SUSE Linux Enterprise Server for SAP Applications 15 SUSE OpenStack Cloud 6 SUSE OpenStack Cloud 7 SUSE OpenStack Cloud 8 SUSE OpenStack Cloud Crowbar 8 SUSE OpenStack Cloud Crowbar 9 Product(s): Definition Synopsis openSUSE Leap 15.0 is installed AND Package Information accountsservice-0.6.45-lp150.2 is installed OR accountsservice-lang-0.6.45-lp150.2 is installed OR libaccountsservice0-0.6.45-lp150.2 is installed OR typelib-1_0-AccountsService-1_0-0.6.45-lp150.2 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP2 is installed AND Package Information libQtWebKit4-4.6.3-5.20.23 is installed OR libQtWebKit4-32bit-4.6.3-5.20.23 is installed OR libqt4-4.6.3-5.20.23 is installed OR libqt4-32bit-4.6.3-5.20.23 is installed OR libqt4-qt3support-4.6.3-5.20.23 is installed OR libqt4-qt3support-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-4.6.3-5.20.23 is installed OR libqt4-sql-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-mysql-4.6.3-5.20.23 is installed OR libqt4-sql-mysql-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-postgresql-4.6.3-5.20.23 is installed OR libqt4-sql-postgresql-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-sqlite-4.6.3-5.20.23 is installed OR libqt4-sql-sqlite-32bit-4.6.3-5.20.23 is installed OR libqt4-sql-unixODBC-4.6.3-5.20.23 is installed OR libqt4-sql-unixODBC-32bit-4.6.3-5.20.23 is installed OR libqt4-x11-4.6.3-5.20.23 is installed OR libqt4-x11-32bit-4.6.3-5.20.23 is installed Definition Synopsis SUSE Linux Enterprise Desktop 11 SP3 is installed AND Package Information pam-1.1.5-0.12 is installed OR pam-32bit-1.1.5-0.12 is installed OR pam-doc-1.1.5-0.12 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 is installed AND facter-2.0.2-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP1 is installed AND krb5-appl-clients-1.0.3-1 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP2 is installed AND p7zip-9.20.1-6 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP3 is installed AND Package Information ghostscript-9.15-22 is installed OR ghostscript-x11-9.15-22 is installed Definition Synopsis SUSE Linux Enterprise Desktop 12 SP4 is installed AND Package Information curl-7.60.0-2 is installed OR libcurl4-7.60.0-2 is installed OR libcurl4-32bit-7.60.0-2 is installed Definition Synopsis SUSE Linux Enterprise Micro 5.3 is installed AND Package Information libsqlite3-0-3.39.3-150000.3.17.1 is installed OR sqlite3-tcl-3.39.3-150000.3.17.1 is installed Definition Synopsis SUSE Linux Enterprise Module for Open Buildservice Development Tools 15 SP1 is installed AND Package Information expat-2.2.5-3.3 is installed OR libexpat-devel-32bit-2.2.5-3.3 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP1 is installed AND Package Information util-linux-systemd-2.33.1-4.5 is installed OR uuidd-2.33.1-4.5 is installed Definition Synopsis SUSE Linux Enterprise Module for Server Applications 15 SP2 is installed AND Package Information libecpg6-12.5-8.10 is installed OR postgresql12-12.5-8.10 is installed OR postgresql12-contrib-12.5-8.10 is installed OR postgresql12-devel-12.5-8.10 is installed OR postgresql12-docs-12.5-8.10 is installed OR postgresql12-plperl-12.5-8.10 is installed OR postgresql12-plpython-12.5-8.10 is installed OR postgresql12-pltcl-12.5-8.10 is installed OR postgresql12-server-12.5-8.10 is installed OR postgresql12-server-devel-12.5-8.10 is installed Definition Synopsis SUSE Linux Enterprise Module for Web Scripting 15 SP2 is installed AND Package Information tomcat-9.0.36-3.12 is installed OR tomcat-admin-webapps-9.0.36-3.12 is installed OR tomcat-el-3_0-api-9.0.36-3.12 is installed OR tomcat-jsp-2_3-api-9.0.36-3.12 is installed OR tomcat-lib-9.0.36-3.12 is installed OR tomcat-servlet-4_0-api-9.0.36-3.12 is installed OR tomcat-webapps-9.0.36-3.12 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1 is installed AND Package Information libgudev-1_0-0-210-83 is installed OR libgudev-1_0-0-32bit-210-83 is installed OR libudev1-210-83 is installed OR libudev1-32bit-210-83 is installed OR systemd-210-83 is installed OR systemd-32bit-210-83 is installed OR systemd-bash-completion-210-83 is installed OR systemd-sysvinit-210-83 is installed OR udev-210-83 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP1-LTSS is installed AND Package Information kgraft-patch-3_12_74-60_64_54-default-3-4 is installed OR kgraft-patch-3_12_74-60_64_54-xen-3-4 is installed OR kgraft-patch-SLE12-SP1_Update_19-3-4 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2 is installed AND Package Information alsa-1.0.27.2-11 is installed OR alsa-docs-1.0.27.2-11 is installed OR libasound2-1.0.27.2-11 is installed OR libasound2-32bit-1.0.27.2-11 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-BCL is installed AND squid-3.5.21-26.17 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-ESPOS is installed AND Package Information kgraft-patch-4_4_121-92_80-default-6-2 is installed OR kgraft-patch-SLE12-SP2_Update_22-6-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP2-LTSS is installed AND Package Information kgraft-patch-4_4_74-92_29-default-11-2 is installed OR kgraft-patch-SLE12-SP2_Update_10-11-2 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3 is installed AND Package Information alsa-1.0.27.2-15 is installed OR alsa-docs-1.0.27.2-15 is installed OR libasound2-1.0.27.2-15 is installed OR libasound2-32bit-1.0.27.2-15 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-BCL is installed AND Package Information MozillaFirefox-60.9.0-109.86 is installed OR MozillaFirefox-translations-common-60.9.0-109.86 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-ESPOS is installed AND log4j-1.2.15-126.3 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-LTSS is installed AND Package Information bzip2-1.0.6-30.5 is installed OR bzip2-doc-1.0.6-30.5 is installed OR libbz2-1-1.0.6-30.5 is installed OR libbz2-1-32bit-1.0.6-30.5 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP3-TERADATA is installed AND Package Information libsqlite3-0-3.8.10.2-9.9 is installed OR libsqlite3-0-32bit-3.8.10.2-9.9 is installed OR sqlite3-3.8.10.2-9.9 is installed Definition Synopsis SUSE Linux Enterprise Server 12 SP4 is installed AND Package Information crash-7.2.1-2 is installed OR crash-kmp-default-7.2.1_k4.12.14_94.41-2 is installed Definition Synopsis SUSE Linux Enterprise Server 15-LTSS is installed AND Package Information python-pip-10.0.1-3.3 is installed OR python2-pip-10.0.1-3.3 is installed OR python3-pip-10.0.1-3.3 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 12 SP4 is installed AND linuxptp-1.4-15.3.1 is installed Definition Synopsis SUSE Linux Enterprise Server for SAP Applications 15 is installed AND Package Information grub2-2.02-19.48 is installed OR grub2-i386-pc-2.02-19.48 is installed OR grub2-powerpc-ieee1275-2.02-19.48 is installed OR grub2-snapper-plugin-2.02-19.48 is installed OR grub2-systemd-sleep-plugin-2.02-19.48 is installed OR grub2-x86_64-efi-2.02-19.48 is installed OR grub2-x86_64-xen-2.02-19.48 is installed Definition Synopsis SUSE OpenStack Cloud 6 is installed AND Package Information kernel-default-3.12.74-60.64.51 is installed OR kernel-default-base-3.12.74-60.64.51 is installed OR kernel-default-devel-3.12.74-60.64.51 is installed OR kernel-devel-3.12.74-60.64.51 is installed OR kernel-macros-3.12.74-60.64.51 is installed OR kernel-source-3.12.74-60.64.51 is installed OR kernel-syms-3.12.74-60.64.51 is installed OR kernel-xen-3.12.74-60.64.51 is installed OR kernel-xen-base-3.12.74-60.64.51 is installed OR kernel-xen-devel-3.12.74-60.64.51 is installed OR kgraft-patch-3_12_74-60_64_51-default-1-2 is installed OR kgraft-patch-3_12_74-60_64_51-xen-1-2 is installed OR kgraft-patch-SLE12-SP1_Update_18-1-2 is installed Definition Synopsis SUSE OpenStack Cloud 7 is installed AND Package Information libdcerpc-binding0-4.4.2-38.20 is installed OR libdcerpc-binding0-32bit-4.4.2-38.20 is installed OR libdcerpc0-4.4.2-38.20 is installed OR libdcerpc0-32bit-4.4.2-38.20 is installed OR libndr-krb5pac0-4.4.2-38.20 is installed OR libndr-krb5pac0-32bit-4.4.2-38.20 is installed OR libndr-nbt0-4.4.2-38.20 is installed OR libndr-nbt0-32bit-4.4.2-38.20 is installed OR libndr-standard0-4.4.2-38.20 is installed OR libndr-standard0-32bit-4.4.2-38.20 is installed OR libndr0-4.4.2-38.20 is installed OR libndr0-32bit-4.4.2-38.20 is installed OR libnetapi0-4.4.2-38.20 is installed OR libnetapi0-32bit-4.4.2-38.20 is installed OR libsamba-credentials0-4.4.2-38.20 is installed OR libsamba-credentials0-32bit-4.4.2-38.20 is installed OR libsamba-errors0-4.4.2-38.20 is installed OR libsamba-errors0-32bit-4.4.2-38.20 is installed OR libsamba-hostconfig0-4.4.2-38.20 is installed OR libsamba-hostconfig0-32bit-4.4.2-38.20 is installed OR libsamba-passdb0-4.4.2-38.20 is installed OR libsamba-passdb0-32bit-4.4.2-38.20 is installed OR libsamba-util0-4.4.2-38.20 is installed OR libsamba-util0-32bit-4.4.2-38.20 is installed OR libsamdb0-4.4.2-38.20 is installed OR libsamdb0-32bit-4.4.2-38.20 is installed OR libsmbclient0-4.4.2-38.20 is installed OR libsmbclient0-32bit-4.4.2-38.20 is installed OR libsmbconf0-4.4.2-38.20 is installed OR libsmbconf0-32bit-4.4.2-38.20 is installed OR libsmbldap0-4.4.2-38.20 is installed OR libsmbldap0-32bit-4.4.2-38.20 is installed OR libtevent-util0-4.4.2-38.20 is installed OR libtevent-util0-32bit-4.4.2-38.20 is installed OR libwbclient0-4.4.2-38.20 is installed OR libwbclient0-32bit-4.4.2-38.20 is installed OR samba-4.4.2-38.20 is installed OR samba-client-4.4.2-38.20 is installed OR samba-client-32bit-4.4.2-38.20 is installed OR samba-doc-4.4.2-38.20 is installed OR samba-libs-4.4.2-38.20 is installed OR samba-libs-32bit-4.4.2-38.20 is installed OR samba-winbind-4.4.2-38.20 is installed OR samba-winbind-32bit-4.4.2-38.20 is installed Definition Synopsis SUSE OpenStack Cloud 8 is installed AND Package Information java-1_7_1-ibm-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-alsa-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-jdbc-1.7.1_sr4.55-38.44 is installed OR java-1_7_1-ibm-plugin-1.7.1_sr4.55-38.44 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 8 is installed AND Package Information bzip2-1.0.6-30.8 is installed OR bzip2-doc-1.0.6-30.8 is installed OR libbz2-1-1.0.6-30.8 is installed OR libbz2-1-32bit-1.0.6-30.8 is installed Definition Synopsis SUSE OpenStack Cloud Crowbar 9 is installed AND python-Django1-1.11.20-3.3 is installed
BACK