Login
Newsletter
Werbung

Sicherheit: Mehrere Probleme in SQLite
Aktuelle Meldungen Distributionen
Name: Mehrere Probleme in SQLite
ID: FEDORA-2015-6349
Distribution: Fedora
Plattformen: Fedora 20
Datum: So, 26. April 2015, 18:57
Referenzen: https://bugzilla.redhat.com/show_bug.cgi?id=1212353
https://bugzilla.redhat.com/show_bug.cgi?id=1212356
https://bugzilla.redhat.com/show_bug.cgi?id=1212357
Applikationen: SQLite

Originalnachricht

Name        : sqlite
Product : Fedora 20
Version : 3.8.9
Release : 1.fc20
URL : http://www.sqlite.org/
Summary : Library that implements an embeddable SQL database engine
Description :
SQLite is a C library that implements an SQL database engine. A large
subset of SQL92 is supported. A complete database is stored in a
single disk file. The API is designed for convenience and ease of use.
Applications that link against SQLite can enjoy the power and
flexibility of an SQL database without the administrative hassles of
supporting a separate database server. Version 2 and version 3 binaries
are named to permit each to be installed on a single host

-------------------------------------------------------------------------------
-
Update Information:

Update of sqlite to latest upstream version, with spatialite-tools rebuild.
-------------------------------------------------------------------------------
-
ChangeLog:

* Tue Apr 14 2015 Jan Stanek <jstanek@redhat.com> - 3.8.9-1
- Updated to version 3.8.9 (https://www.sqlite.org/releaselog/3_8_9.html)
* Thu Feb 26 2015 Jan Stanek <jstanek@redhat.com> - 3.8.8.3-1
- Updated to version 3.8.8.3 (https://sqlite.org/releaselog/3_8_8_3.html)
* Sat Feb 21 2015 Till Maas <opensource@till.name> - 3.8.8-3
- Rebuilt for Fedora 23 Change
https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Tue Feb 3 2015 Jan Stanek <jstanek@redhat.com> - 3.8.8-2
- Fixed out-of-date source URLs (rhbz#1188092)
* Tue Jan 20 2015 Jan Stanek <jstanek@redhat.com> - 3.8.8-1
- Updated to version 3.8.8 (https://sqlite.org/releaselog/3_8_8.html)
- Recreated patches to work on current version.
* Fri Dec 12 2014 Jan Stanek <jstanek@redhat.com> - 3.8.7.4-1
- Updated to version 3.8.7.4 (http://www.sqlite.org/releaselog/3_8_7_4.html)
* Tue Nov 25 2014 Jan Stanek <jstanek@redhat.com> - 3.8.7.2-1
- Updated to version 3.8.7.2 (http://sqlite.org/releaselog/3_8_7_2.html)
* Tue Oct 21 2014 Jan Stanek <jstanek@redhat.com> - 3.8.7-1
- Updated to version 3.8.7 (http://sqlite.org/releaselog/3_8_7.html)
- Dropped patch for problem fixed upstream
* Tue Aug 19 2014 Jan Stanek <jstanek@redhat.com> - 3.8.6-2
- Added auto-selection of Tcl version based on Fedora version
* Tue Aug 19 2014 Jan Stanek <jstanek@redhat.com> - 3.8.6-1
- Updated to version 3.8.6 (http://www.sqlite.org/releaselog/3_8_6.html)
* Mon Aug 18 2014 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 3.8.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Jun 11 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.5-2
- Re-enable tests on aarch64 now they pass again
* Tue Jun 10 2014 Jan Stanek <jstanek@redhat.com> - 3.8.5-1
- Update to version 3.8.5 (http://www.sqlite.org/releaselog/3_8_5.html)
- Dropped patch already included upstream
* Sun Jun 8 2014 Fedora Release Engineering
<rel-eng@lists.fedoraproject.org> - 3.8.4.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Jun 5 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.4.3-4
- Don't make tests fail the build on aarch64 like some of the other arches
* Wed May 28 2014 Jan Stanek <jstanek@redhat.com> - 3.8.4.3-3
- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86 with correct tcl_version
* Wed May 21 2014 Jaroslav Škarvada <jskarvad@redhat.com> - 3.8.4.3-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86
* Tue Apr 29 2014 Jan Stanek <jstanek@redhat.com> - 3.8.4.3-1
- Update to version 3.8.4.3 (http://www.sqlite.org/releaselog/3_8_4_3.html)
- Changed patch for rhbz#1075889 to upstream version
Related: #1075889
* Fri Apr 25 2014 Honza Horak <hhorak@redhat.com> - 3.8.4.2-3
- Revert part of the upstream commit dca1945aeb3fb005, since it causes
nautilus to crash
Related: #1075889
* Wed Apr 2 2014 Jan Stanek <jstanek@redhat.com> 3.8.4.2-2
- Added building and shipping of sqlite3_analyzer (#1007159)
* Fri Mar 28 2014 Jan Stanek <jstanek@redhat.com> 3.8.4.2-1
- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4_2.html)
* Tue Mar 11 2014 Jan Stanek <jstanek@redhat.com> 3.8.4-1
- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4.html)
* Sun Feb 23 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.3-2
- Re-enable check on ARM/aarch64 as failing test fixed upstream for non x86
arches
- Modernise spec
* Tue Feb 11 2014 Jan Stanek <jstanek@redhat.com> 3.8.3-1
- Update to 3.8.3 (http://www.sqlite.org/releaselog/3_8_3.html)
- Dropped man-page patch - included upstream
* Mon Jan 6 2014 Peter Robinson <pbrobinson@fedoraproject.org> 3.8.2-2
- Add aarch64 to all the other arch excludes for tests
* Tue Dec 10 2013 Jan Stanek <jstanek@redhat.com> - 3.8.2-1
- Update to 3.8.2 (http://www.sqlite.org/releaselog/3_8_2.html)
-------------------------------------------------------------------------------
-
References:

[ 1 ] Bug #1212353 - sqlite: use of uninitialized memory when parsing
collation sequences in src/where.c
https://bugzilla.redhat.com/show_bug.cgi?id=1212353
[ 2 ] Bug #1212356 - sqlite: invalid free() in src/vdbe.c
https://bugzilla.redhat.com/show_bug.cgi?id=1212356
[ 3 ] Bug #1212357 - sqlite: stack buffer overflow in src/printf.c
https://bugzilla.redhat.com/show_bug.cgi?id=1212357
-------------------------------------------------------------------------------
-

This update can be installed with the "yum" update program. Use
su -c 'yum update sqlite' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key. More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
-------------------------------------------------------------------------------
-
_______________________________________________
package-announce mailing list
package-announce@lists.fedoraproject.org
https://admin.fedoraproject.org/mailman/listinfo/package-announce
Pro-Linux
Pro-Linux @Facebook
Neue Nachrichten
Werbung