RLSA-2024:0253

See a problem?

Import Source

https://storage.googleapis.com/resf-osv-data/RLSA-2024:0253.json

JSON Data

https://api.osv.dev/v1/vulns/RLSA-2024:0253

Related

CVE-2023-7104

Published

2024-01-16T18:06:14.664106Z

Modified

2024-01-16T18:08:36.091975Z

Summary

Moderate: sqlite security update

Details

SQLite is a C library that implements an SQL database engine. A large subset of SQL92 is supported. A complete database is stored in a single disk file. The API is designed for convenience and ease of use. Applications that link against SQLite can enjoy the power and flexibility of an SQL database without the administrative hassles of supporting a separate database server.

Security Fix(es):

sqlite: heap-buffer-overflow at sessionfuzz (CVE-2023-7104)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

References

Credits

- Rocky Enterprise Software Foundation
- Red Hat

Affected packages

Rocky Linux:8 / sqlite

Package

Name: sqlite
Purl: pkg:rpm/rocky-linux/sqlite?distro=rocky-linux-8&epoch=0

Affected ranges

Type: ECOSYSTEM
Events: Introduced

0Unknown introduced version / All previous versions are affected

Fixed

0:3.26.0-19.el8_9