Gentoo Websites Logo
Go to: Gentoo Home Documentation Forums Lists Bugs Planet Store Wiki Get Gentoo!

Bug 578940

Summary: <dev-db/sqlite-3.12.0: Buffer overread, buffer overflow, integer overflow
Product: Gentoo Security Reporter: Arfrever Frehtes Taifersar Arahesis <arfrever.fta>
Component: VulnerabilitiesAssignee: Gentoo Security <security>
Severity: normal CC: arfrever.fta, proxy-maint
Priority: Normal    
Version: unspecified   
Hardware: All   
OS: All   
See Also:
Whiteboard: B4 [noglsa]
Package list:
Runtime testing required: ---

Description Arfrever Frehtes Taifersar Arahesis 2016-04-03 16:41:56 UTC
2016-02-26 16:03:29
"Fix the ICU extension LIKE function so that it does not read past the end of a buffer if it it passed malformed utf-8."
2016-02-26 21:20:57
"Fix a potential buffer overflow in the ICU upper() function."
2016-03-22 14:10:45
"Avoid the possibility of integer overflow on a pointer comparison test for corruption in the database file."
Comment 1 Arfrever Frehtes Taifersar Arahesis 2016-04-03 16:46:06 UTC
Stabilize dev-db/sqlite-3.12.0.
Comment 2 Jeroen Roovers (RETIRED) gentoo-dev 2016-04-04 04:45:11 UTC
Stable for HPPA PPC64.
Comment 3 Agostino Sarubbo gentoo-dev 2016-04-08 12:22:38 UTC
amd64 stable
Comment 4 Agostino Sarubbo gentoo-dev 2016-04-11 10:40:56 UTC
x86 stable
Comment 5 Markus Meier gentoo-dev 2016-04-19 15:46:27 UTC
arm stable
Comment 6 Tobias Klausmann (RETIRED) gentoo-dev 2016-05-20 15:22:17 UTC
Stable on alpha.
Comment 7 Agostino Sarubbo gentoo-dev 2016-07-08 07:54:14 UTC
ppc stable
Comment 8 Agostino Sarubbo gentoo-dev 2016-07-08 10:02:16 UTC
sparc stable
Comment 9 Agostino Sarubbo gentoo-dev 2016-07-08 12:02:45 UTC
ia64 stable
Comment 10 Aaron Bauman (RETIRED) gentoo-dev 2016-07-09 02:46:34 UTC
Removing unstable arches.

@maintainer(s), please cleanup the vulnerable ebuilds.  Considering this is a proxy-maint package please let us know if you need assistance.
Comment 11 Aaron Bauman (RETIRED) gentoo-dev 2016-07-17 10:29:31 UTC

GLSA Vote: No.