Overview

File _patchinfo of Package patchinfo.11011

<patchinfo incident="11011">
  <issue tracker="cve" id="2017-10989"/>
  <issue tracker="cve" id="2018-8740"/>
  <issue tracker="bnc" id="1132045">VUL-1: CVE-2017-10989: sqlite3: getNodeSize function in ext/rtree/rtree.c issues</issue>
  <issue tracker="bnc" id="1085790">VUL-1: CVE-2018-8740: sqlite3, sqlite2: Databases whose schema is corrupted using a CREATE TABLE AS statement could cause a NULL pointer dereference</issue>
  <packager>rmax</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for sqlite3</summary>
  <description>This update for sqlite3 fixes the following issues:

Security issue fixed:

- CVE-2018-8740: Fixed a NULL pointer dereference related to corrupted databases schemas (bsc#1085790).
- CVE-2017-10989: Fixed a heap-based buffer over-read in getNodeSize() (bsc#1132045).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places