Bug#856120: unblock (pre-approval): sqlite3
Control: tag -1 confirmed moreinfo
On Sat, Feb 25, 2017 at 11:47:13AM +0100, Laszlo Boszormenyi (GCS) wrote:
> There's a NULL pointer problem fixed in the 3.17.0 version of
> SQLite that affects the Stretch version.
> The bugreport[1] contains a proof of concept code, which doesn't crash
> (it seems it doesn't have a security impact) - but still the bug marked
> as severe code defect and fixed immediately. Upstream fix[2] is small,
> checking the value and assign 0 if it's NULL. Then the next 'if' will
> print an error message that the value can not be opened as being NULL.
> The debdiff is attached and I hope the upload and later the unblock
> can be approved.
Please go ahead and when built on all architectures remove the moreinfo tag
from this bug (although please also fix this first:)
> --- sqlite3-3.16.2/debian/patches/35-fix-sqlite3_blob_reopen.patch 1970-01-01 00:00:00.000000000 +0000
> +++ sqlite3-3.16.2/debian/patches/35-fix-sqlite3_blob_reopen.patch 2017-02-13 17:31:26.000000000 +0000
> @@ -0,0 +1,22 @@
> +Description: Ensure that sqlite3_blob_reopen() correctly handles short rows
> + TODO: Put a short summary on the line above and replace this paragraph
> + * Non-maintainer upload.
> +Origin: upstream, https://www.sqlite.org/src/info/8cd1a4451cce1fe2
> +Author: Laszlo Boszormenyi (GCS) <gcs@debian.org>
--
Jonathan Wiltshire jmw@debian.org
Debian Developer http://people.debian.org/~jmw
4096R: 0xD3524C51 / 0A55 B7C5 1223 3942 86EC 74C3 5394 479D D352 4C51
Reply to: