Format: 1.8 Date: Tue, 03 Mar 2020 09:20:41 -0500 Source: sqlite3 Binary: lemon sqlite3 sqlite3-doc libsqlite3-0 libsqlite3-dev libsqlite3-tcl Architecture: ppc64el Version: 3.22.0-1ubuntu0.3 Distribution: bionic Urgency: medium Maintainer: Launchpad Build Daemon Changed-By: Marc Deslauriers Description: lemon - LALR(1) Parser Generator for C or C++ libsqlite3-0 - SQLite 3 shared library libsqlite3-dev - SQLite 3 development files libsqlite3-tcl - SQLite 3 Tcl bindings sqlite3 - Command line interface for SQLite 3 sqlite3-doc - SQLite 3 documentation Changes: sqlite3 (3.22.0-1ubuntu0.3) bionic-security; urgency=medium . * SECURITY UPDATE: more shadow table corruption - debian/patches/CVE-2019-13734_50.patch: more improvements to shadow table corruption detection in ext/fts3/fts3.c, ext/fts3/fts3Int.h, ext/fts3/fts3_write.c. - CVE-2019-13734 - CVE-2019-13750 * SECURITY UPDATE: corrupt records in fts3 - debian/patches/CVE-2019-13751-pre1.patch: detect and prevent infinite recursion in fts3SelectLeaf() due to a malformed FTS3 btree in ext/fts3/fts3.c, test/fts4aa.test. - debian/patches/CVE-2019-13751.patch: improve detection of corrupt records in ext/fts3/fts3.c, ext/fts3/fts3_write.c. - CVE-2019-13751 * SECURITY UPDATE: shadow table corruption - debian/patches/CVE-2019-13752.patch: improved detection of corrupt shadow tables in ext/fts3/fts3.c, ext/fts3/fts3Int.h, ext/fts3/fts3_write.c. - CVE-2019-13752 * SECURITY UPDATE: out of bounds read - debian/patches/CVE-2019-13753.patch: remove a reachable NEVER() in ext/fts3/fts3_write.c. - CVE-2019-13753 * SECURITY UPDATE: SELECT DISTINCT involving a LEFT JOIN issue - debian/patches/CVE-2019-19923.patch: continue to back away from the LEFT JOIN optimization of check-in by disallowing query flattening if the outer query is DISTINCT in src/select.c, test/join.test. - CVE-2019-19923 * SECURITY UPDATE: certain parser-tree rewriting mishandling - debian/patches/CVE-2019-19924.patch: properly handle errors in src/expr.c, src/vdbeaux.c, src/window.c. - CVE-2019-19924 * SECURITY UPDATE: NULL pathname mishandling in zipfileUpdate - debian/patches/CVE-2019-19925.patch: properly handle pathname in ext/misc/zipfile.c. - CVE-2019-19925 * SECURITY UPDATE: multiSelect error handling issue - debian/patches/CVE-2019-19926.patch: abort early due to prior errors in src/select.c. - CVE-2019-19926 * SECURITY UPDATE: embedded NULL filename mishandling - debian/patches/CVE-2019-19959.patch: handle filenames that contain embedded zeros in ext/misc/zipfile.c. - CVE-2019-19959 * SECURITY UPDATE: selectExpander stack unwinding issue - debian/patches/CVE-2019-20218-pre1.patch: make sure the WITH stack in the Parse object is disabled following an error in src/select.c, src/util.c, test/with3.test. - debian/patches/CVE-2019-20218.patch: do not attempt to unwind the WITH stack in the Parse object following an error in src/select.c, test/altertab3.test. - CVE-2019-20218 * SECURITY UPDATE: NULL pointer deref via generated column optimizations - debian/patches/CVE-2020-9327.patch: take care when checking the table of a TK_COLUMN expression node src/sqliteInt.h, src/whereexpr.c. Checksums-Sha1: d7a64b06e4f46848101d8c48465a1aaf50c15c6a 67300 lemon-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb a6a33a023267604060a64e4923a9cee907607706 57544 lemon_3.22.0-1ubuntu0.3_ppc64el.deb 8971118fac14b5ffcf480d4f808bd137a1e57dfc 1413224 libsqlite3-0-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb 919732ddb02c2fb3320f9d47d40e0739a8d5ec32 470280 libsqlite3-0_3.22.0-1ubuntu0.3_ppc64el.deb 6f5536d3faeefab6cc6bf93ef20108f6066a8844 614132 libsqlite3-dev_3.22.0-1ubuntu0.3_ppc64el.deb 60ede57a95c4ea83b3f29a2891a11f869915d36d 60576 libsqlite3-tcl-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb 1609da0d311cb7ac631518015dc3934d31ad9fcf 22328 libsqlite3-tcl_3.22.0-1ubuntu0.3_ppc64el.deb e04fe21bbf0a7408247ea4ab621d11b59cf507c9 3080904 sqlite3-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb d235aff98603546e280ec7592188edb3e43c41a4 7477 sqlite3_3.22.0-1ubuntu0.3_ppc64el.buildinfo 10839c940ccedc857e24d73a26bfdd6c85d9e0e5 707988 sqlite3_3.22.0-1ubuntu0.3_ppc64el.deb Checksums-Sha256: 7e466ca312752eff1759ecb050ae1276f4df0d72adbe0566796250124c8f801d 67300 lemon-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb eface917c2323f862faaaf33513d92bf107ab615086eb9347d5fee1fc88ce1f9 57544 lemon_3.22.0-1ubuntu0.3_ppc64el.deb 2a440403aab7c4f0801057d4cb7825329d1abeb8e5c0d668ee648157e1b1490f 1413224 libsqlite3-0-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb 7eea19613fe88c2dd379e331325158d99bc6a81d1c62ad38bc6e10c03877e619 470280 libsqlite3-0_3.22.0-1ubuntu0.3_ppc64el.deb 28110ecdc49f2a7fcf99ef242ef332f525bd7bb6852cf8147263a61a9b26b06b 614132 libsqlite3-dev_3.22.0-1ubuntu0.3_ppc64el.deb 95f43330ef1052e77b64ad350114623051af191a4d35442b6f862c9ef724a84b 60576 libsqlite3-tcl-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb 8987185f1d9bce52d06b54dc4bbd99a20648ec2551774a389357d30a3e31319d 22328 libsqlite3-tcl_3.22.0-1ubuntu0.3_ppc64el.deb 4683a78ed63e837a1a99feb5be3d101a772b5e75a7818bd688e464101a57a7c5 3080904 sqlite3-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb eac237edf118c8639109b487393fc272c98b34aa257a71cdb55e23c8b860b152 7477 sqlite3_3.22.0-1ubuntu0.3_ppc64el.buildinfo 17be9fea703521bcf8864e9001f7276f54a42307ddba0eb27392348998e63927 707988 sqlite3_3.22.0-1ubuntu0.3_ppc64el.deb Files: e101bbc903814aae29ac552fabf82c79 67300 debug optional lemon-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb 7f0e0ba941f5ae806764eb3ec965340c 57544 devel optional lemon_3.22.0-1ubuntu0.3_ppc64el.deb 549e9e8f58ee45fde25349bd23430773 1413224 debug optional libsqlite3-0-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb 2fde8e1eba0f316fc1cc22bb0f8a8f33 470280 libs standard libsqlite3-0_3.22.0-1ubuntu0.3_ppc64el.deb a132657f67f108cba7e9674330329851 614132 libdevel optional libsqlite3-dev_3.22.0-1ubuntu0.3_ppc64el.deb f99a0aafce9fe983145433b5c9e31347 60576 debug optional libsqlite3-tcl-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb 6ea0cae8a4cd83b49b042cc2c01a9cad 22328 interpreters optional libsqlite3-tcl_3.22.0-1ubuntu0.3_ppc64el.deb 52d6462706204bb4e5d2f03feb4932d3 3080904 debug optional sqlite3-dbgsym_3.22.0-1ubuntu0.3_ppc64el.ddeb d7df041b9b03ce68b28b66a74d751c6d 7477 devel optional sqlite3_3.22.0-1ubuntu0.3_ppc64el.buildinfo a979db8f1315ddb2f9fd9136c7b149f0 707988 database optional sqlite3_3.22.0-1ubuntu0.3_ppc64el.deb Original-Maintainer: Laszlo Boszormenyi (GCS)