oss-sec mailing list archives

Information on recent sqlite3 issues?

From: Moritz Muehlenhoff <jmm () debian org>
Date: Wed, 31 May 2017 22:30:37 +0200

Hi,
one of the latest Apple advisories mentions several vulnerabilities in sqlite:
https://support.apple.com/en-us/HT207798

CVE-2017-2513: found by OSS-Fuzz
CVE-2017-2518: found by OSS-Fuzz
CVE-2017-2520: found by OSS-Fuzz
CVE-2017-2519: found by OSS-Fuzz
CVE-2017-6983: Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative
CVE-2017-6991: Chaitin Security Research Lab (@ChaitinTech) working with Trend Micro's Zero Day Initiative

Does anyone have additional information on those and whether that
applies to the standard sqlite releases or Apple-specific changes?

Cheers,
        Moritz

Current thread:

Information on recent sqlite3 issues? Moritz Muehlenhoff (May 31)
- Re: Information on recent sqlite3 issues? Andreas Stieger (May 31)
  - Re: Information on recent sqlite3 issues? Johannes Segitz (Jun 01)
    - Re: Information on recent sqlite3 issues? Kurt Seifried (Jun 01)
    - Re: Information on recent sqlite3 issues? Moritz Muehlenhoff (Jun 01)
    - Re: Information on recent sqlite3 issues? Moritz Muehlenhoff (Jun 04)
    - Re: Information on recent sqlite3 issues? Salvatore Bonaccorso (Jun 05)
    - Re: Information on recent sqlite3 issues? Nicholas Luedtke (Jun 01)
    - Re: Information on recent sqlite3 issues? Johannes Segitz (Jun 22)
- Re: Information on recent sqlite3 issues? Agostino Sarubbo (May 31)