[SECURITY] [DLA 2203-1] sqlite3 security update
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256
Package : sqlite3
Version : 3.8.7.1-1+deb8u5
CVE ID : CVE-2020-11655
It was discovered that there was a denial of service attack in the
SQLite database, often embedded into other programs and servers.
In the event of a semantic error in an aggregate query, SQLite did
not return early from the "resetAccumulator()" function which would
lead to a crash via a segmentation fault.
For Debian 8 "Jessie", this issue has been fixed in sqlite3 version
3.8.7.1-1+deb8u5.
We recommend that you upgrade your sqlite3 packages.
Further information about Debian LTS security advisories, how to apply
these updates to your system and frequently asked questions can be
found at: https://wiki.debian.org/LTS
Regards,
- --
,''`.
: :' : Chris Lamb
`. `'` lamby@debian.org / chris-lamb.co.uk
`-
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCAAdFiEEwv5L0nHBObhsUz5GHpU+J9QxHlgFAl6xzDkACgkQHpU+J9Qx
Hlg0yxAAxtGVrOHs5KLHzkABNV4DR/r6TkFd1kioWNUgBT+QJNaZg+JXaXUTeT7E
r1GC/pJaTur9852AOQ9lkF4e+JBGeudiTAEWoceTAKZrT6htCvG0wNuUHElNvNMG
RTT/tNA6UCKH0OBuvqO7nRPJS7F9gkT1IfQefqDPb94V4CYo1IPDZ1cz+s87N+wk
gudln5rCdyoEROsc68q5hcus6qDJTD9bURxV028JnLO95ObnkkLGLCH58FhqID5c
zk7Z9F0w2HNIXcFr90izjHBLaZazDP8nuR6/pEPgT9rMk/HCwLONSjsGwzTRIoLk
IV3j9MHwsnJw16h4ytgqc8T2kzbYOkPCKqGgZXZ+XWZLUUeAwmdIEEMEXclTNx2o
KsEJkqSiurutYufFojaxlip3Qgpsxj93g0PiivO6qQ9iK3zXPFREtb2kDfxvVHmj
BL7Un/fhVs39ItahSZUQFnxFzz4pC3L2rF6tnqZAhZBSjouSpdv5hd0lqOPn2MeD
8fTkBoCuuQ2XeKqtQHPxLz/jLnGJxZquFO9iyRBINOWUctZ437j2ny2UNRs1Kbfq
3IAv1u0mZ7Ocn9zA+e6Q/3B5vN9hD2R0VKeNO0KvatvJjI2J2Fw2CBDi7XWNayYj
0zNk0q9O1Mb8BE9JqhmJi6CXBDZAQCi0Ftgq6mel9Z2Aev2U69M=
=NKm0
-----END PGP SIGNATURE-----
Reply to: