Описание
ELSA-2015-1634: sqlite security update (MODERATE)
[3.6.20-1.2]
- Add patch for compiler warnings highlighted by rpmdiff. Related: rhbz#1244727
[3.6.20-1.el6_7.1]
- fix for CVE-2015-3416 Resolves: #1244727
Обновленные пакеты
Oracle Linux 6
Oracle Linux x86_64
lemon
3.6.20-1.el6_7.2
sqlite
3.6.20-1.el6_7.2
sqlite-devel
3.6.20-1.el6_7.2
sqlite-doc
3.6.20-1.el6_7.2
sqlite-tcl
3.6.20-1.el6_7.2
Oracle Linux i686
lemon
3.6.20-1.el6_7.2
sqlite
3.6.20-1.el6_7.2
sqlite-devel
3.6.20-1.el6_7.2
sqlite-doc
3.6.20-1.el6_7.2
sqlite-tcl
3.6.20-1.el6_7.2
Oracle Linux sparc64
lemon
3.6.20-1.el6_7.2
sqlite
3.6.20-1.el6_7.2
sqlite-devel
3.6.20-1.el6_7.2
sqlite-doc
3.6.20-1.el6_7.2
sqlite-tcl
3.6.20-1.el6_7.2
Связанные CVE
Связанные уязвимости
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does n ...
The sqlite3VXPrintf function in printf.c in SQLite before 3.8.9 does not properly handle precision and width values during floating-point conversions, which allows context-dependent attackers to cause a denial of service (integer overflow and stack-based buffer overflow) or possibly have unspecified other impact via large integers in a crafted printf function call in a SELECT statement.