drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in SQLite
| Name: |
Ausführen beliebiger Kommandos in SQLite |
|
| ID: |
USN-4438-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 20.04 LTS |
|
| Datum: |
Di, 28. Juli 2020, 07:05 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2020-15358 |
|
| Applikationen: |
SQLite |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============1583148136502115798==
Content-Type: multipart/signed; micalg=pgp-sha512;
protocol="application/pgp-signature";
boundary="Zv4B5HXpHVLXENd0m4lCKtz5dajeR8BBu"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--Zv4B5HXpHVLXENd0m4lCKtz5dajeR8BBu
Content-Type: multipart/mixed;
boundary="Na1OUp8HxcieDNMFdsEecdauy4SvTULT5"
--Na1OUp8HxcieDNMFdsEecdauy4SvTULT5
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-4438-1
July 27, 2020
sqlite3 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.04 LTS
Summary:
SQLite could be made to crash or run programs if it processed a specially
crafted query.
Software Description:
- sqlite3: C library that implements an SQL database engine
Details:
It was discovered that SQLite incorrectly handled query-flattener
optimization. An attacker could use this issue to cause SQLite to crash,
resulting in a denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.04 LTS:
libsqlite3-0 3.31.1-4ubuntu0.2
sqlite3 3.31.1-4ubuntu0.2
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4438-1
CVE-2020-15358
Package Information:
https://launchpad.net/ubuntu/+source/sqlite3/3.31.1-4ubuntu0.2
--Na1OUp8HxcieDNMFdsEecdauy4SvTULT5--
--Zv4B5HXpHVLXENd0m4lCKtz5dajeR8BBu
Content-Type: application/pgp-signature; name="signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="signature.asc"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAl8e91oACgkQZWnYVadE
vpMUmw/+MoAQkqpy6/LSxvJS33+APKbB7XRv3arvxMWQCEvO/NYw4LaliCgfvnEy
kTN7peab860l7kmLTxWQVUFl6pK1AEZFLpcOyrRCVGPiou4PtNQ/ll2YBHbQq9lI
yLTGcvOSUAp3r7xn7iX+a5Rp/TNVljpD7kn2kr0pW82nLS9SN1chyfk35veczHJI
V0dV9um9WeAIDSdcA5wOw6c2sg9TFn4zaqfHGwvsj1SFk/Sox+t07YHOIkp2M1eh
Ua0yeDMg3UkmhO7B1K4AFMiXUc8bb0hzFGDacgyxu+3P1beea79V0s/sa2rlE3LV
Vb81ZrCRLyMfHq1lfwbeLSWEwSfbxshuRO0aS7UiayyoQ/exMrP/XpohvFEn1zpX
/y9Zx7hrOlAMpyYNbFu0tR6JTTgTQvjsDeHcTAGTFwQqaYvq/eXd1tobZcb32oih
cNV28E6s/qT0RnB9uXH/7yRv5WhN9Le9gOyNRvnVAcXYqYc7Gr4yezhgaQVc0zDU
ZkpwPl8KsIwJ8yIGzAQ2qGRfR5aIOUJGdcpSOtm53QiKLO3EIyt+WfRFmnmtZW6t
eyG0NDhFYMn6ZAHnEK9V2xHQniEO32E941oVA/ln3CQYpw6Tu3LhR4ZddAn+djG6
Q/INOcfqi7zc+4NyVsxJ+EZ9KAZdzmkn0aXwqq70rNH1MVHD3YU=
=yQkR
-----END PGP SIGNATURE-----
--Zv4B5HXpHVLXENd0m4lCKtz5dajeR8BBu--
--===============1583148136502115798==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK
--===============1583148136502115798==--
|
|
|
|
