Overview

File _patchinfo of Package patchinfo.10998

<patchinfo incident="10998">
  <issue tracker="cve" id="2019-9936"/>
  <issue tracker="cve" id="2019-9937"/>
  <issue tracker="bnc" id="1130325">VUL-1: CVE-2019-9937: sqlite3: interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference</issue>
  <issue tracker="bnc" id="1130326">VUL-1: CVE-2019-9936: sqlite3: running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read</issue>
  <packager>rmax</packager>
  <rating>moderate</rating>
  <category>security</category>
  <summary>Security update for sqlite3</summary>
  <description>This update for sqlite3 to version 3.28.0 fixes the following issues:

Security issues fixed:

- CVE-2019-9936: Fixed a heap-based buffer over-read, when running fts5 prefix
  queries inside transaction (bsc#1130326).
- CVE-2019-9937: Fixed a denial of service related to interleaving reads and writes in
  a single transaction with an fts5 virtual table (bsc#1130325).
</description>
</patchinfo>
openSUSE Build Service is sponsored by
Places