drucken bookmarks versenden konfigurieren admin pdf Sicherheit: Ausführen beliebiger Kommandos in SQLite
| Name: |
Ausführen beliebiger Kommandos in SQLite |
|
| ID: |
USN-4732-1 |
|
| Distribution: |
Ubuntu |
|
| Plattformen: |
Ubuntu 20.10 |
|
| Datum: |
Do, 11. Februar 2021, 16:37 |
|
| Referenzen: |
https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-20227 |
|
| Applikationen: |
SQLite |
|
Originalnachricht |
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--===============3261961079809586924==
Content-Type: multipart/signed; micalg=pgp-sha256;
protocol="application/pgp-signature";
boundary="5rmuwrv96ZMou3QpquceCXvyjLRcgaf4F"
This is an OpenPGP/MIME signed message (RFC 4880 and 3156)
--5rmuwrv96ZMou3QpquceCXvyjLRcgaf4F
Content-Type: multipart/mixed;
boundary="nxeDewZE9WxjLlTrzbPiCdJ4M9RFCcNzl";
protected-headers="v1"
From: Marc Deslauriers <marc.deslauriers@canonical.com>
To: "ubuntu-security-announce@lists.ubuntu.com"
<ubuntu-security-announce@lists.ubuntu.com>
Message-ID: <86f02784-515a-7d25-689b-27338959b1ed@canonical.com>
Subject: [USN-4732-1] SQLite vulnerability
--nxeDewZE9WxjLlTrzbPiCdJ4M9RFCcNzl
Content-Type: text/plain; charset=utf-8
Content-Language: en-C
Content-Transfer-Encoding: quoted-printable
==========================================================================
Ubuntu Security Notice USN-4732-1
February 11, 2021
sqlite3 vulnerability
==========================================================================
A security issue affects these releases of Ubuntu and its derivatives:
- Ubuntu 20.10
Summary:
SQLite could be made to crash or run programs if it processed a specially
crafted query.
Software Description:
- sqlite3: C library that implements an SQL database engine
Details:
It was discovered that SQLite incorrectly handled certain sub-queries. An
attacker could use this issue to cause SQLite to crash, resulting in a
denial of service, or possibly execute arbitrary code.
Update instructions:
The problem can be corrected by updating your system to the following
package versions:
Ubuntu 20.10:
libsqlite3-0 3.33.0-1ubuntu0.1
sqlite3 3.33.0-1ubuntu0.1
In general, a standard system update will make all the necessary changes.
References:
https://usn.ubuntu.com/4732-1
CVE-2021-20227
Package Information:
https://launchpad.net/ubuntu/+source/sqlite3/3.33.0-1ubuntu0.1
--nxeDewZE9WxjLlTrzbPiCdJ4M9RFCcNzl--
--5rmuwrv96ZMou3QpquceCXvyjLRcgaf4F
Content-Type: application/pgp-signature; name="OpenPGP_signature.asc"
Content-Description: OpenPGP digital signature
Content-Disposition: attachment; filename="OpenPGP_signature"
-----BEGIN PGP SIGNATURE-----
iQIzBAEBCgAdFiEEUMSg3c8x5FLOsZtRZWnYVadEvpMFAmAlLykACgkQZWnYVadE
vpNV3xAArfnuD7e/9oHXCKeH2Jbbe7xe4pYOCEpepQS8H3dZFVl3+bjnnx2s5EWb
oQGn3lngct2si+zTHeulDrvGaPkxUY+vvNn92qrOBwPBqswBrtxEdSFrKrItCI+S
WE2Fp3jdV0RtXtA6MOnqlYQjjvCH9QJ7BH5ajsZizsviu1FDESNnwazfsXfGjULE
suvC/jgF2tMeVb+Ptl11GBMb/QalYdp6utkajG6VT1iW99YSCOwaj5G8pV8iBjC0
LGOfBVNf4++HwMAyFBBrejFrxQSZTLBu0xLrf0cmAKzxbRNfLzmbf7kIns+JjXnP
GF+1RgoVba7FrQNug5vIffxoPS/bZyDcIsYO4W9nvED5Ana8yGWVbq2D3IAXnH5r
fy++SZgujjecSUVSmx/avLl8xRuCSwJb9YDKqsTSPJheNomrNC7ZgWzMu1FBaaFT
Ym2ThPxsyrH/rbGxb3EF9izfDkUnc5E0LWMh1TScldTg4F6xWZvfh6hIdw7LOphc
bQQ3jwUdo4SoYJFnqT/4H3TMxH6CrC/hct0X2kmQxYGtB01OjvsYkNi0uljC6OHo
TGFR1Lhl0AWlpapUSPitNjyIuqftPGeGXw4OGcfC63qNwsRP6OlYWXEBh5GxUlcT
DQl4LFqdGihXf3Jl6LBrAPs0XXKAUopyi4QJpEl2/JbnPY978YQ=
=0YGR
-----END PGP SIGNATURE-----
--5rmuwrv96ZMou3QpquceCXvyjLRcgaf4F--
--===============3261961079809586924==
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: base64
Content-Disposition: inline
LS0gCnVidW50dS1zZWN1cml0eS1hbm5vdW5jZSBtYWlsaW5nIGxpc3QKdWJ1bnR1LXNlY3VyaXR5
LWFubm91bmNlQGxpc3RzLnVidW50dS5jb20KTW9kaWZ5IHNldHRpbmdzIG9yIHVuc3Vic2NyaWJl
IGF0OiBodHRwczovL2xpc3RzLnVidW50dS5jb20vbWFpbG1hbi9saXN0aW5mby91YnVudHUtc2Vj
dXJpdHktYW5ub3VuY2UK
--===============3261961079809586924==--
|
|
|
|
