[Date Prev][Date Next] [Thread Prev][Thread Next] [Date Index] [Thread Index]

Re: Incomplete fix for CVE-2019-20218/sqlite3

Hi Moritz & Chris,

On Tue, Dec 08, 2020 at 02:37:14PM +0000, Chris Lamb wrote:
> Hi Moritz,
> > CVE-2019-20218 isn't fixed in Stretch/LTS. Running the reproducer:

Thanks for reporting this.  It seems I overlooked something in my
update.  I should have taken greater care.

> Roberto, can you follow-up on this?
I have claimed the package in dla-needed.txt.  I will get this
straightened out (including properly confirming that the vulnerability
is fixed) in the coming days.



Roberto C. Sánchez

Reply to: