Описание
Security update for sqlite3
This update for sqlite3 fixes the following issues:
- CVE-2022-46908: Properly implement the azProhibitedFunctions protection mechanism, when relying on --safe for execution of an untrusted CLI script (bsc#1206337).
Список пакетов
SUSE Linux Enterprise Server 12 SP2-BCL
libsqlite3-0-3.39.3-9.26.1
libsqlite3-0-32bit-3.39.3-9.26.1
sqlite3-3.39.3-9.26.1
sqlite3-devel-3.39.3-9.26.1
sqlite3-tcl-3.39.3-9.26.1
SUSE Linux Enterprise Server 12 SP4-ESPOS
libsqlite3-0-3.39.3-9.26.1
libsqlite3-0-32bit-3.39.3-9.26.1
sqlite3-3.39.3-9.26.1
sqlite3-devel-3.39.3-9.26.1
sqlite3-tcl-3.39.3-9.26.1
SUSE Linux Enterprise Server 12 SP4-LTSS
libsqlite3-0-3.39.3-9.26.1
libsqlite3-0-32bit-3.39.3-9.26.1
sqlite3-3.39.3-9.26.1
sqlite3-devel-3.39.3-9.26.1
sqlite3-tcl-3.39.3-9.26.1
SUSE Linux Enterprise Server for SAP Applications 12 SP4
libsqlite3-0-3.39.3-9.26.1
libsqlite3-0-32bit-3.39.3-9.26.1
sqlite3-3.39.3-9.26.1
sqlite3-devel-3.39.3-9.26.1
sqlite3-tcl-3.39.3-9.26.1
SUSE OpenStack Cloud 9
libsqlite3-0-3.39.3-9.26.1
libsqlite3-0-32bit-3.39.3-9.26.1
sqlite3-3.39.3-9.26.1
sqlite3-devel-3.39.3-9.26.1
sqlite3-tcl-3.39.3-9.26.1
SUSE OpenStack Cloud Crowbar 9
libsqlite3-0-3.39.3-9.26.1
libsqlite3-0-32bit-3.39.3-9.26.1
sqlite3-3.39.3-9.26.1
sqlite3-devel-3.39.3-9.26.1
sqlite3-tcl-3.39.3-9.26.1
Ссылки
- Link for SUSE-SU-2023:2668-1
- E-Mail link for SUSE-SU-2023:2668-1
- SUSE Security Ratings
- SUSE Bug 1206337
- SUSE CVE CVE-2022-46908 page
Описание
SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE.
Затронутые продукты
SUSE Linux Enterprise Server 12 SP2-BCL:libsqlite3-0-3.39.3-9.26.1
SUSE Linux Enterprise Server 12 SP2-BCL:libsqlite3-0-32bit-3.39.3-9.26.1
SUSE Linux Enterprise Server 12 SP2-BCL:sqlite3-3.39.3-9.26.1
SUSE Linux Enterprise Server 12 SP2-BCL:sqlite3-devel-3.39.3-9.26.1
Ссылки
- CVE-2022-46908
- SUSE Bug 1206337
- SUSE Bug 1220151