Opened 16 months ago

Closed 16 months ago

Last modified 14 months ago

#13574 closed enhancement (fixed)

sqlite-autoconf-3320100 (3.32.1)

Reported by: Bruce Dubbs Owned by: Douglas R. Reno
Priority: high Milestone: 10.0
Component: BOOK Version: SVN
Severity: normal Keywords:
Cc:

Description

Now point version already.

2020-05-25 (3.32.1)

  • Fix two long-standing bugs that allow malicious SQL statements to crash the process that is running SQLite. These bugs were announced by a third-party approximately 24 hours after the 3.32.0 release but are not specific to the 3.32.0 release.
  • Other minor compiler-warning fixes and whatnot.

Change History (4)

comment:1 by Douglas R. Reno, 16 months ago

Owner: changed from blfs-book to Douglas R. Reno
Priority: normalhigh
Status: newassigned

This is due to two 0day vulnerabilities that were released to the public 24 hours after the release and were not reported to SQLite until after 3.32.0 was released. Irresponsible practice on the researchers part.

comment:2 by Douglas R. Reno, 16 months ago

Resolution: fixed
Status: assignedclosed

Fixed at r23203

comment:3 by Bruce Dubbs, 14 months ago

Milestone: 9.210,0

Milestone renamed

comment:4 by Bruce Dubbs, 14 months ago

Milestone: 10,010.0

Milestone renamed

Note: See TracTickets for help on using tickets.