Oval Definition:oval:org.opensuse.security:def:55953
Revision Date:2021-09-23Version:1
Title:Security update for sqlite3 (Important)
Description:

This update for sqlite3 fixes the following issues:

sqlite3 is sync version 3.36.0 from Factory (jsc#SLE-16032).

The following CVEs have been fixed in upstream releases up to this point, but were not mentioned in the change log so far:

bsc#1173641, CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization * bsc#1164719, CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in isAuxiliaryVtabOperator * bsc#1160439, CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error * bsc#1160438, CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input * bsc#1160309, CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer dereference * bsc#1159850, CVE-2019-19924: improper error handling in sqlite3WindowRewrite() * bsc#1159847, CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive * bsc#1159715, CVE-2019-19926: improper handling of certain errors during parsing multiSelect in select.c * bsc#1159491, CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference * bsc#1158960, CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name * bsc#1158959, CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns * bsc#1158958, CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements * bsc#1158812, CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service * bsc#1157818, CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage * bsc#928701, CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability * bsc#928700, CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names * CVE-2020-13434 bsc#1172115: integer overflow in sqlite3_str_vappendf * CVE-2020-13630 bsc#1172234: use-after-free in fts3EvalNextRow * CVE-2020-13631 bsc#1172236: virtual table allowed to be renamed to one of its shadow tables * CVE-2020-13632 bsc#1172240: NULL pointer dereference via crafted matchinfo() query * CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091)
Family:unixClass:patch
Status:Reference(s):1024517
1024528
1024531
1024532
1024533
1024534
1024535
1024536
1024537
1024539
1063671
1064392
1066471
1066472
1104076
1111056
1120644
1122191
1137597
1140747
1150003
1150250
1157818
1158812
1158958
1158959
1158960
1159491
1159715
1159847
1159850
1160309
1160438
1160439
1164719
1172091
1172115
1172234
1172236
1172240
1173641
845765
868682
876449
923281
928700
928701
944787
948976
958861
963964
963968
963975
970258
972468
979208
982385
982386
982426
983807
984442
984443
985860
988729
CVE-2009-1892
CVE-2010-2156
CVE-2010-3611
CVE-2010-3616
CVE-2010-5110
CVE-2011-0413
CVE-2011-0997
CVE-2011-2748
CVE-2011-2749
CVE-2011-4539
CVE-2011-4868
CVE-2012-3570
CVE-2012-3571
CVE-2012-3954
CVE-2012-3955
CVE-2013-2266
CVE-2014-2527
CVE-2014-2528
CVE-2014-2891
CVE-2015-3414
CVE-2015-3415
CVE-2015-5260
CVE-2015-5261
CVE-2015-8000
CVE-2015-8629
CVE-2015-8630
CVE-2015-8631
CVE-2016-0636
CVE-2016-0749
CVE-2016-2099
CVE-2016-2140
CVE-2016-2150
CVE-2016-4428
CVE-2016-4463
CVE-2016-5362
CVE-2016-5363
CVE-2016-6153
CVE-2017-10989
CVE-2017-13080
CVE-2017-15649
CVE-2017-2518
CVE-2017-5974
CVE-2017-5975
CVE-2017-5976
CVE-2017-5977
CVE-2017-5978
CVE-2017-5979
CVE-2017-5980
CVE-2017-5981
CVE-2018-12472
CVE-2018-20346
CVE-2018-20406
CVE-2018-8740
CVE-2019-11477
CVE-2019-11478
CVE-2019-1547
CVE-2019-1563
CVE-2019-16168
CVE-2019-19244
CVE-2019-19317
CVE-2019-19603
CVE-2019-19645
CVE-2019-19646
CVE-2019-19880
CVE-2019-19923
CVE-2019-19924
CVE-2019-19925
CVE-2019-19926
CVE-2019-19959
CVE-2019-20218
CVE-2019-5010
CVE-2019-8457
CVE-2020-13434
CVE-2020-13435
CVE-2020-13630
CVE-2020-13631
CVE-2020-13632
CVE-2020-15358
CVE-2020-9327
SUSE-SU-2015:1227-1
SUSE-SU-2015:2340-1
SUSE-SU-2016:0429-1
SUSE-SU-2016:0956-1
SUSE-SU-2016:1559-1
SUSE-SU-2016:2143-1
SUSE-SU-2016:2154-1
SUSE-SU-2017:1095-1
SUSE-SU-2017:3148-1
SUSE-SU-2018:3467-1
SUSE-SU-2019:0243-1
SUSE-SU-2019:2397-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP1
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP2-LTSS-ERICSSON
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 6
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud 8
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND libcares2-1.14.0-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • gnutls-3.6.7-lp151.2.3 is installed
  • OR gnutls-guile-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-dane0-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutls-devel-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-3.6.7-lp151.2.3 is installed
  • OR libgnutls30-32bit-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx-devel-3.6.7-lp151.2.3 is installed
  • OR libgnutlsxx28-3.6.7-lp151.2.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • bind-9.9.6P1-0.19 is installed
  • OR bind-libs-9.9.6P1-0.19 is installed
  • OR bind-libs-32bit-9.9.6P1-0.19 is installed
  • OR bind-utils-9.9.6P1-0.19 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.99-0.20 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.99-0.20 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.99-0.20 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP1 is installed
  • AND Package Information
  • libspice-server1-0.12.5-4 is installed
  • OR spice-0.12.5-4 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • dhcp-4.3.3-2 is installed
  • OR dhcp-client-4.3.3-2 is installed
  • OR dhcp-relay-4.3.3-2 is installed
  • OR dhcp-server-4.3.3-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_57-default-4-2 is installed
  • OR kgraft-patch-3_12_74-60_64_57-xen-4-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_20-4-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • fetchmail-6.3.26-12 is installed
  • OR fetchmailconf-6.3.26-12 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • libdcerpc-atsvc0-4.2.4-28.29 is installed
  • OR samba-4.2.4-28.29 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • xen-4.7.5_04-43.33 is installed
  • OR xen-doc-html-4.7.5_04-43.33 is installed
  • OR xen-libs-4.7.5_04-43.33 is installed
  • OR xen-libs-32bit-4.7.5_04-43.33 is installed
  • OR xen-tools-4.7.5_04-43.33 is installed
  • OR xen-tools-domU-4.7.5_04-43.33 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND libopus0-1.1-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • libsolv-0.6.36-2.27.19 is installed
  • OR libsolv-tools-0.6.36-2.27.19 is installed
  • OR libzypp-16.20.2-27.60 is installed
  • OR perl-solv-0.6.36-2.27.19 is installed
  • OR python-solv-0.6.36-2.27.19 is installed
  • OR zypper-1.13.54-18.40 is installed
  • OR zypper-log-1.13.54-18.40 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libX11-1.6.2-12.5 is installed
  • OR libX11-6-1.6.2-12.5 is installed
  • OR libX11-6-32bit-1.6.2-12.5 is installed
  • OR libX11-data-1.6.2-12.5 is installed
  • OR libX11-xcb1-1.6.2-12.5 is installed
  • OR libX11-xcb1-32bit-1.6.2-12.5 is installed
  • OR libxcb-1.10-4.3 is installed
  • OR libxcb-dri2-0-1.10-4.3 is installed
  • OR libxcb-dri2-0-32bit-1.10-4.3 is installed
  • OR libxcb-dri3-0-1.10-4.3 is installed
  • OR libxcb-dri3-0-32bit-1.10-4.3 is installed
  • OR libxcb-glx0-1.10-4.3 is installed
  • OR libxcb-glx0-32bit-1.10-4.3 is installed
  • OR libxcb-present0-1.10-4.3 is installed
  • OR libxcb-present0-32bit-1.10-4.3 is installed
  • OR libxcb-randr0-1.10-4.3 is installed
  • OR libxcb-render0-1.10-4.3 is installed
  • OR libxcb-render0-32bit-1.10-4.3 is installed
  • OR libxcb-shape0-1.10-4.3 is installed
  • OR libxcb-shm0-1.10-4.3 is installed
  • OR libxcb-shm0-32bit-1.10-4.3 is installed
  • OR libxcb-sync1-1.10-4.3 is installed
  • OR libxcb-sync1-32bit-1.10-4.3 is installed
  • OR libxcb-xf86dri0-1.10-4.3 is installed
  • OR libxcb-xfixes0-1.10-4.3 is installed
  • OR libxcb-xfixes0-32bit-1.10-4.3 is installed
  • OR libxcb-xinerama0-1.10-4.3 is installed
  • OR libxcb-xkb1-1.10-4.3 is installed
  • OR libxcb-xkb1-32bit-1.10-4.3 is installed
  • OR libxcb-xv0-1.10-4.3 is installed
  • OR libxcb1-1.10-4.3 is installed
  • OR libxcb1-32bit-1.10-4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • DirectFB-1.7.1-6 is installed
  • OR lib++dfb-1_7-1-1.7.1-6 is installed
  • OR libdirectfb-1_7-1-1.7.1-6 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 6 is installed
  • AND Package Information
  • openstack-ceilometer-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-central-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-compute-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-ipmi-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-agent-notification-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-alarm-evaluator-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-alarm-notifier-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-api-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-collector-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-doc-5.0.4~a0~dev6-6 is installed
  • OR openstack-ceilometer-polling-5.0.4~a0~dev6-6 is installed
  • OR openstack-cinder-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-api-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-backup-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-doc-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-scheduler-7.0.3~a0~dev2-7 is installed
  • OR openstack-cinder-volume-7.0.3~a0~dev2-7 is installed
  • OR openstack-dashboard-8.0.2~a0~dev34-8 is installed
  • OR openstack-glance-11.0.2~a0~dev13-7 is installed
  • OR openstack-glance-doc-11.0.2~a0~dev13-7 is installed
  • OR openstack-heat-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-api-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-api-cfn-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-api-cloudwatch-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-doc-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-engine-5.0.2~a0~dev93-9 is installed
  • OR openstack-heat-plugin-heat_docker-5.0.2~a0~dev93-9 is installed
  • OR openstack-keystone-8.1.1~a0~dev13-3 is installed
  • OR openstack-keystone-doc-8.1.1~a0~dev13-3 is installed
  • OR openstack-manila-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-api-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-doc-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-scheduler-1.0.2~a0~dev11-9 is installed
  • OR openstack-manila-share-1.0.2~a0~dev11-9 is installed
  • OR openstack-neutron-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-dhcp-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-doc-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-fwaas-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-fwaas-doc-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-ha-tool-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-l3-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-lbaas-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-lbaas-agent-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-lbaas-doc-7.1.2~a0~dev1-6 is installed
  • OR openstack-neutron-linuxbridge-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-metadata-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-metering-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-mlnx-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-nvsd-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-openvswitch-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-restproxy-agent-7.1.2~a0~dev29-10 is installed
  • OR openstack-neutron-server-7.1.2~a0~dev29-10 is installed
  • OR openstack-nova-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-api-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-cells-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-cert-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-compute-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-conductor-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-console-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-consoleauth-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-doc-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-novncproxy-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-objectstore-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-scheduler-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-serialproxy-12.0.5~a0~dev2-7 is installed
  • OR openstack-nova-vncproxy-12.0.5~a0~dev2-7 is installed
  • OR openstack-resource-agents-1.0+git.1467079370.4f2c49d-7 is installed
  • OR python-ceilometer-5.0.4~a0~dev6-6 is installed
  • OR python-cinder-7.0.3~a0~dev2-7 is installed
  • OR python-glance-11.0.2~a0~dev13-7 is installed
  • OR python-heat-5.0.2~a0~dev93-9 is installed
  • OR python-horizon-8.0.2~a0~dev34-8 is installed
  • OR python-keystone-8.1.1~a0~dev13-3 is installed
  • OR python-manila-1.0.2~a0~dev11-9 is installed
  • OR python-networking-cisco-2.1.1-6 is installed
  • OR python-neutron-7.1.2~a0~dev29-10 is installed
  • OR python-neutron-fwaas-7.1.2~a0~dev1-6 is installed
  • OR python-neutron-lbaas-7.1.2~a0~dev1-6 is installed
  • OR python-nova-12.0.5~a0~dev2-7 is installed
  • OR python-openstackclient-1.7.2-4 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND Package Information
  • java-1_7_0-openjdk-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-demo-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-devel-1.7.0.181-43.15 is installed
  • OR java-1_7_0-openjdk-headless-1.7.0.181-43.15 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 8 is installed
  • AND ipmitool-1.8.18-5.9 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • apache2-2.4.23-29.54 is installed
  • OR apache2-doc-2.4.23-29.54 is installed
  • OR apache2-example-pages-2.4.23-29.54 is installed
  • OR apache2-prefork-2.4.23-29.54 is installed
  • OR apache2-utils-2.4.23-29.54 is installed
  • OR apache2-worker-2.4.23-29.54 is installed
  • BACK