Описание
Security update for sqlite3
This update for sqlite3 fixes the following issues:
The following security issue was fixed:
- CVE-2016-6153: Fixed a tempdir selection vulnerability (bsc#987394)
Список пакетов
SUSE Linux Enterprise Desktop 12 SP1
libsqlite3-0-3.8.10.2-3.1
libsqlite3-0-32bit-3.8.10.2-3.1
sqlite3-3.8.10.2-3.1
SUSE Linux Enterprise Server 12 SP1
libsqlite3-0-3.8.10.2-3.1
libsqlite3-0-32bit-3.8.10.2-3.1
sqlite3-3.8.10.2-3.1
SUSE Linux Enterprise Server for SAP Applications 12 SP1
libsqlite3-0-3.8.10.2-3.1
libsqlite3-0-32bit-3.8.10.2-3.1
sqlite3-3.8.10.2-3.1
SUSE Linux Enterprise Software Development Kit 12 SP1
sqlite3-devel-3.8.10.2-3.1
Ссылки
- Link for SUSE-SU-2016:1945-1
- E-Mail link for SUSE-SU-2016:1945-1
- SUSE Security Ratings
- SUSE Bug 987394
- SUSE CVE CVE-2016-6153 page
Описание
os_unix.c in SQLite before 3.13.0 improperly implements the temporary directory search algorithm, which might allow local users to obtain sensitive information, cause a denial of service (application crash), or have unspecified other impact by leveraging use of the current working directory for temporary files.
Затронутые продукты
SUSE Linux Enterprise Desktop 12 SP1:libsqlite3-0-3.8.10.2-3.1
SUSE Linux Enterprise Desktop 12 SP1:libsqlite3-0-32bit-3.8.10.2-3.1
SUSE Linux Enterprise Desktop 12 SP1:sqlite3-3.8.10.2-3.1
SUSE Linux Enterprise Server 12 SP1:libsqlite3-0-3.8.10.2-3.1
Ссылки
- CVE-2016-6153
- SUSE Bug 1149969
- SUSE Bug 987394