Oval Definition:oval:org.opensuse.security:def:56073
Revision Date:2021-09-23Version:1
Title:Security update for sqlite3 (Important)
Description:

This update for sqlite3 fixes the following issues:

sqlite3 is sync version 3.36.0 from Factory (jsc#SLE-16032).

The following CVEs have been fixed in upstream releases up to this point, but were not mentioned in the change log so far:

bsc#1173641, CVE-2020-15358: heap-based buffer overflow in multiSelectOrderBy due to mishandling of query-flattener optimization * bsc#1164719, CVE-2020-9327: NULL pointer dereference and segmentation fault because of generated column optimizations in isAuxiliaryVtabOperator * bsc#1160439, CVE-2019-20218: selectExpander in select.c proceeds with WITH stack unwinding even after a parsing error * bsc#1160438, CVE-2019-19959: memory-management error via ext/misc/zipfile.c involving embedded '\0' input * bsc#1160309, CVE-2019-19923: improper handling of certain uses of SELECT DISTINCT in flattenSubquery may lead to null pointer dereference * bsc#1159850, CVE-2019-19924: improper error handling in sqlite3WindowRewrite() * bsc#1159847, CVE-2019-19925: improper handling of NULL pathname during an update of a ZIP archive * bsc#1159715, CVE-2019-19926: improper handling of certain errors during parsing multiSelect in select.c * bsc#1159491, CVE-2019-19880: exprListAppendList in window.c allows attackers to trigger an invalid pointer dereference * bsc#1158960, CVE-2019-19603: during handling of CREATE TABLE and CREATE VIEW statements, does not consider confusion with a shadow table name * bsc#1158959, CVE-2019-19646: pragma.c mishandles NOT NULL in an integrity_check PRAGMA command in certain cases of generated columns * bsc#1158958, CVE-2019-19645: alter.c allows attackers to trigger infinite recursion via certain types of self-referential views in conjunction with ALTER TABLE statements * bsc#1158812, CVE-2019-19317: lookupName in resolve.c omits bits from the colUsed bitmask in the case of a generated column, which allows attackers to cause a denial of service * bsc#1157818, CVE-2019-19244: sqlite3,sqlite2,sqlite: The function sqlite3Select in select.c allows a crash if a sub-select uses both DISTINCT and window functions, and also has certain ORDER BY usage * bsc#928701, CVE-2015-3415: sqlite3VdbeExec comparison operator vulnerability * bsc#928700, CVE-2015-3414: sqlite3,sqlite2: dequoting of collation-sequence names * CVE-2020-13434 bsc#1172115: integer overflow in sqlite3_str_vappendf * CVE-2020-13630 bsc#1172234: use-after-free in fts3EvalNextRow * CVE-2020-13631 bsc#1172236: virtual table allowed to be renamed to one of its shadow tables * CVE-2020-13632 bsc#1172240: NULL pointer dereference via crafted matchinfo() query * CVE-2020-13435: Malicious SQL statements could have crashed the process that is running SQLite (bsc#1172091)
Family:unixClass:patch
Status:Reference(s):1009026
1010395
1010401
1010402
1010404
1010410
1010422
1010427
1010517
1041847
1052311
1052368
1052916
1053373
1083125
1085447
1090368
1090646
1107116
1107121
1111499
1118597
1130246
1137001
1143194
1143273
1157818
1158812
1158958
1158959
1158960
1159491
1159715
1159847
1159850
1159856
1159858
1159860
1160250
1160251
1160309
1160438
1160439
1160937
1161167
1164719
1170771
1172091
1172115
1172234
1172236
1172240
1173641
774666
843174
881524
917427
928700
928701
939709
939712
946148
946744
952539
954126
954519
955493
955609
956631
969894
992549
CVE-2011-3389
CVE-2011-4944
CVE-2012-0845
CVE-2012-1150
CVE-2012-3547
CVE-2013-1752
CVE-2013-4238
CVE-2013-5745
CVE-2014-2015
CVE-2014-2667
CVE-2014-3970
CVE-2014-4650
CVE-2015-1335
CVE-2015-3414
CVE-2015-3415
CVE-2015-5165
CVE-2015-5166
CVE-2015-8370
CVE-2016-1950
CVE-2016-1952
CVE-2016-1953
CVE-2016-1954
CVE-2016-1957
CVE-2016-1958
CVE-2016-1960
CVE-2016-1961
CVE-2016-1962
CVE-2016-1964
CVE-2016-1965
CVE-2016-1966
CVE-2016-1974
CVE-2016-1977
CVE-2016-1978
CVE-2016-1979
CVE-2016-2790
CVE-2016-2791
CVE-2016-2792
CVE-2016-2793
CVE-2016-2794
CVE-2016-2795
CVE-2016-2796
CVE-2016-2797
CVE-2016-2798
CVE-2016-2799
CVE-2016-2800
CVE-2016-2801
CVE-2016-2802
CVE-2016-5285
CVE-2016-5290
CVE-2016-5291
CVE-2016-5296
CVE-2016-5297
CVE-2016-6153
CVE-2016-9064
CVE-2016-9066
CVE-2016-9074
CVE-2017-1000112
CVE-2017-10989
CVE-2017-13166
CVE-2017-2518
CVE-2017-2885
CVE-2018-16428
CVE-2018-16429
CVE-2018-19870
CVE-2018-19872
CVE-2018-20346
CVE-2018-8740
CVE-2018-8781
CVE-2018-8897
CVE-2019-12450
CVE-2019-13057
CVE-2019-13565
CVE-2019-15691
CVE-2019-15692
CVE-2019-15693
CVE-2019-15694
CVE-2019-15695
CVE-2019-16168
CVE-2019-19244
CVE-2019-19317
CVE-2019-19603
CVE-2019-19645
CVE-2019-19646
CVE-2019-19880
CVE-2019-19923
CVE-2019-19924
CVE-2019-19925
CVE-2019-19926
CVE-2019-19959
CVE-2019-20218
CVE-2019-8457
CVE-2020-0569
CVE-2020-12243
CVE-2020-13434
CVE-2020-13435
CVE-2020-13630
CVE-2020-13631
CVE-2020-13632
CVE-2020-15358
CVE-2020-9327
SUSE-SU-2015:1404-1
SUSE-SU-2015:1829-1
SUSE-SU-2015:2387-1
SUSE-SU-2016:0727-1
SUSE-SU-2016:3014-1
SUSE-SU-2017:2129-1
SUSE-SU-2017:2436-1
SUSE-SU-2018:1546-1
SUSE-SU-2019:1596-1
SUSE-SU-2020:0266-1
SUSE-SU-2020:0319-1
SUSE-SU-2020:1210-1
Platform(s):openSUSE Leap 15.0
openSUSE Leap 15.1
SUSE Linux Enterprise Desktop 11 SP3
SUSE Linux Enterprise Desktop 11 SP4
SUSE Linux Enterprise Desktop 12 SP2
SUSE Linux Enterprise Server 12 SP1
SUSE Linux Enterprise Server 12 SP1-LTSS
SUSE Linux Enterprise Server 12 SP2
SUSE Linux Enterprise Server 12 SP2-BCL
SUSE Linux Enterprise Server 12 SP2-ESPOS
SUSE Linux Enterprise Server 12 SP2-LTSS
SUSE Linux Enterprise Server 12 SP2-LTSS-SAP
SUSE Linux Enterprise Server 12 SP3
SUSE Linux Enterprise Server 12 SP3-ESPOS
SUSE Linux Enterprise Server 12 SP3-TERADATA
SUSE Linux Enterprise Server 12 SP4
SUSE OpenStack Cloud 7
SUSE OpenStack Cloud Crowbar 8
Product(s):
Definition Synopsis
  • openSUSE Leap 15.0 is installed
  • AND Package Information
  • dbus-1-1.12.2-lp150.1 is installed
  • OR dbus-1-x11-1.12.2-lp150.1 is installed
  • OR libdbus-1-3-1.12.2-lp150.1 is installed
  • Definition Synopsis
  • openSUSE Leap 15.1 is installed
  • AND Package Information
  • evolution-3.26.6-lp151.4.3 is installed
  • OR evolution-devel-3.26.6-lp151.4.3 is installed
  • OR evolution-lang-3.26.6-lp151.4.3 is installed
  • OR evolution-plugin-bogofilter-3.26.6-lp151.4.3 is installed
  • OR evolution-plugin-pst-import-3.26.6-lp151.4.3 is installed
  • OR evolution-plugin-spamassassin-3.26.6-lp151.4.3 is installed
  • OR glade-catalog-evolution-3.26.6-lp151.4.3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP3 is installed
  • AND Package Information
  • libpulse-browse0-0.9.23-0.15 is installed
  • OR libpulse-mainloop-glib0-0.9.23-0.15 is installed
  • OR libpulse0-0.9.23-0.15 is installed
  • OR libpulse0-32bit-0.9.23-0.15 is installed
  • OR pulseaudio-0.9.23-0.15 is installed
  • OR pulseaudio-esound-compat-0.9.23-0.15 is installed
  • OR pulseaudio-gdm-hooks-0.9.23-0.15 is installed
  • OR pulseaudio-lang-0.9.23-0.15 is installed
  • OR pulseaudio-module-bluetooth-0.9.23-0.15 is installed
  • OR pulseaudio-module-gconf-0.9.23-0.15 is installed
  • OR pulseaudio-module-jack-0.9.23-0.15 is installed
  • OR pulseaudio-module-lirc-0.9.23-0.15 is installed
  • OR pulseaudio-module-x11-0.9.23-0.15 is installed
  • OR pulseaudio-module-zeroconf-0.9.23-0.15 is installed
  • OR pulseaudio-utils-0.9.23-0.15 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 11 SP4 is installed
  • AND Package Information
  • xen-4.4.2_12-23 is installed
  • OR xen-doc-html-4.4.2_12-23 is installed
  • OR xen-kmp-default-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-kmp-pae-4.4.2_12_3.0.101_63-23 is installed
  • OR xen-libs-4.4.2_12-23 is installed
  • OR xen-libs-32bit-4.4.2_12-23 is installed
  • OR xen-tools-4.4.2_12-23 is installed
  • OR xen-tools-domU-4.4.2_12-23 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Desktop 12 SP2 is installed
  • AND Package Information
  • MozillaFirefox-45.5.0esr-88 is installed
  • OR MozillaFirefox-translations-45.5.0esr-88 is installed
  • OR libfreebl3-3.21.3-50 is installed
  • OR libfreebl3-32bit-3.21.3-50 is installed
  • OR libsoftokn3-3.21.3-50 is installed
  • OR libsoftokn3-32bit-3.21.3-50 is installed
  • OR mozilla-nss-3.21.3-50 is installed
  • OR mozilla-nss-32bit-3.21.3-50 is installed
  • OR mozilla-nss-certs-3.21.3-50 is installed
  • OR mozilla-nss-certs-32bit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-3.21.3-50 is installed
  • OR mozilla-nss-sysinit-32bit-3.21.3-50 is installed
  • OR mozilla-nss-tools-3.21.3-50 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1 is installed
  • AND Package Information
  • freeradius-server-3.0.3-10 is installed
  • OR freeradius-server-doc-3.0.3-10 is installed
  • OR freeradius-server-krb5-3.0.3-10 is installed
  • OR freeradius-server-ldap-3.0.3-10 is installed
  • OR freeradius-server-libs-3.0.3-10 is installed
  • OR freeradius-server-mysql-3.0.3-10 is installed
  • OR freeradius-server-perl-3.0.3-10 is installed
  • OR freeradius-server-postgresql-3.0.3-10 is installed
  • OR freeradius-server-python-3.0.3-10 is installed
  • OR freeradius-server-sqlite-3.0.3-10 is installed
  • OR freeradius-server-utils-3.0.3-10 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP1-LTSS is installed
  • AND Package Information
  • kgraft-patch-3_12_74-60_64_40-default-4-2 is installed
  • OR kgraft-patch-3_12_74-60_64_40-xen-4-2 is installed
  • OR kgraft-patch-SLE12-SP1_Update_15-4-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2 is installed
  • AND Package Information
  • libXrender1-0.9.8-3 is installed
  • OR libXrender1-32bit-0.9.8-3 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-BCL is installed
  • AND Package Information
  • java-1_7_1-ibm-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-alsa-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-devel-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-jdbc-1.7.1_sr4.50-38.41 is installed
  • OR java-1_7_1-ibm-plugin-1.7.1_sr4.50-38.41 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_90-92_45-default-11-2 is installed
  • OR kgraft-patch-SLE12-SP2_Update_14-11-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP2-LTSS is installed
  • AND Package Information
  • libssh2-1-1.4.3-20.9 is installed
  • OR libssh2-1-32bit-1.4.3-20.9 is installed
  • OR libssh2_org-1.4.3-20.9 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3 is installed
  • AND Package Information
  • evince-3.20.1-5 is installed
  • OR evince-browser-plugin-3.20.1-5 is installed
  • OR evince-lang-3.20.1-5 is installed
  • OR evince-plugin-djvudocument-3.20.1-5 is installed
  • OR evince-plugin-dvidocument-3.20.1-5 is installed
  • OR evince-plugin-pdfdocument-3.20.1-5 is installed
  • OR evince-plugin-psdocument-3.20.1-5 is installed
  • OR evince-plugin-tiffdocument-3.20.1-5 is installed
  • OR evince-plugin-xpsdocument-3.20.1-5 is installed
  • OR libevdocument3-4-3.20.1-5 is installed
  • OR libevview3-3-3.20.1-5 is installed
  • OR nautilus-evince-3.20.1-5 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-ESPOS is installed
  • AND Package Information
  • kgraft-patch-4_4_176-94_88-default-7-2 is installed
  • OR kgraft-patch-SLE12-SP3_Update_24-7-2 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP3-TERADATA is installed
  • AND Package Information
  • libtiff5-4.0.9-44.27 is installed
  • OR libtiff5-32bit-4.0.9-44.27 is installed
  • OR tiff-4.0.9-44.27 is installed
  • Definition Synopsis
  • SUSE Linux Enterprise Server 12 SP4 is installed
  • AND Package Information
  • libHX28-3.18-1 is installed
  • OR libHX28-32bit-3.18-1 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud 7 is installed
  • AND memcached-1.4.39-3.3 is installed
  • Definition Synopsis
  • SUSE OpenStack Cloud Crowbar 8 is installed
  • AND Package Information
  • icu-52.1-8.10 is installed
  • OR libicu-doc-52.1-8.10 is installed
  • OR libicu52_1-52.1-8.10 is installed
  • OR libicu52_1-32bit-52.1-8.10 is installed
  • OR libicu52_1-data-52.1-8.10 is installed
  • BACK