| Summary: | <dev-db/sqlite-3.21.0: Segmentation fault in /usr/bin/sqlite3 caused by "PRAGMA empty_result_callbacks=1;" followed by ".dump" (CVE-2017-13685) | ||
|---|---|---|---|
| Product: | Gentoo Security | Reporter: | D'juan McDonald (domhnall) <flopwiki> |
| Component: | Vulnerabilities | Assignee: | Gentoo Security <security> |
| Status: | RESOLVED FIXED | ||
| Severity: | minor | CC: | arfrever.fta, gnome, proxy-maint |
| Priority: | Normal | ||
| Version: | unspecified | ||
| Hardware: | All | ||
| OS: | Linux | ||
| URL: | https://sqlite.org/src/info/02f0f4c54f2819b3 | ||
| Whiteboard: | B3 [noglsa cve] | ||
| Package list: | Runtime testing required: | --- | |
Please keep in mind that stabilizing sqlite 3.20 would very likely break stable app-misc/tracker functionality. I hope we can coordinate in a way stable tracker users won't have issues. Me and EvaSDK should be available for such on IRC; might be easier to backport any fix for starters instead of stabilizing 3.20, but maybe we can get newer tracker stable together with sqlite 3.20 if needed and verified it's fine. https://sqlite.org/src/info/02f0f4c54f2819b3 : "This is a problem in the command-line shell program, not the the core SQLite library." So it does not seem like a real security vulnerability. @maintainer(s), please test patches and call for stable if possible. Patch Set: https://sqlite.org/src/info/c54498abb153028f https://sqlite.org/src/info/cf0d3715caac9149 https://sqlite.org/src/info/db4451b8f4f2e0dc [The ".dump" comman crashes following PRAGMA empty_result_callbacks=1] |
From ${URL}: The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. CVE Details: https://web.nvd.nist.gov/view/vuln/detail?vulnId=CVE-2017-13685 Upstream Bug: http://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg105314.html