sqlite3: CVE-2019-9937

Debian Bug report logs - #925290
sqlite3: CVE-2019-9937

Toggle useless messages

Message #5 received at submit@bugs.debian.org (full text, mbox, reply):

From: Salvatore Bonaccorso <carnil@debian.org>

To: Debian Bug Tracking System <submit@bugs.debian.org>

Subject: sqlite3: CVE-2019-9937

Date: Fri, 22 Mar 2019 15:08:22 +0100

Source: sqlite3
Version: 3.27.2-1
Severity: important
Tags: security upstream

Hi,

The following vulnerability was published for sqlite3.

CVE-2019-9937[0]:
| In SQLite 3.27.2, interleaving reads and writes in a single
| transaction with an fts5 virtual table will lead to a NULL Pointer
| Dereference in fts5ChunkIterate in sqlite3.c. This is related to
| ext/fts5/fts5_hash.c and ext/fts5/fts5_index.c.

Issue can be verified with an ASAN build and the provided POC.

If you fix the vulnerability please also make sure to include the
CVE (Common Vulnerabilities & Exposures) id in your changelog entry.

For further information see:

[0] https://security-tracker.debian.org/tracker/CVE-2019-9937
    https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2019-9937
[1] https://sqlite.org/src/info/45c73deb440496e8
[2] https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg114383.html

Please adjust the affected versions in the BTS as needed.

Regards,
Salvatore

Message #10 received at 925290-close@bugs.debian.org (full text, mbox, reply):

From: Laszlo Boszormenyi (GCS) <gcs@debian.org>

To: 925290-close@bugs.debian.org

Subject: Bug#925290: fixed in sqlite3 3.27.2-2

Date: Fri, 22 Mar 2019 16:34:23 +0000

Source: sqlite3
Source-Version: 3.27.2-2

We believe that the bug you reported is fixed in the latest version of
sqlite3, which is due to be installed in the Debian FTP archive.

A summary of the changes between this version and the previous one is
attached.

Thank you for reporting the bug, which will now be closed.  If you
have further comments please address them to 925290@bugs.debian.org,
and the maintainer will reopen the bug report if appropriate.

Debian distribution maintenance software
pp.
Laszlo Boszormenyi (GCS) <gcs@debian.org> (supplier of updated sqlite3 package)

(This message was generated automatically at their request; if you
believe that there is a problem with it please contact the archive
administrators by mailing ftpmaster@ftp-master.debian.org)


-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 19 Mar 2019 17:46:39 +0000
Source: sqlite3
Architecture: source
Version: 3.27.2-2
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Closes: 925289 925290
Changes:
 sqlite3 (3.27.2-2) unstable; urgency=high
 .
   * Backport security related patches:
     - use unsigned integers to count the number of pages in a freelist
       during an integrity_check, to avoid any possibility of a signed integer
       overflow,
     - fix a crash that could occur if the RHS of an IN expression is a
       correlated sub-query that refers to the outer query from within a
       window frame definition only,
     - ensure that ALTER TABLE commands open statement transactions,
     - CVE-2019-9937: fix an fts5 problem with interleaving reads and writes
       in a single transaction (closes: #925290),
     - CVE-2019-9936: fix a buffer overread that could occur when running fts5
       prefix queries inside a transaction (closes: #925289).
Checksums-Sha1:
 acfb8928116981d5c05d4e5100ab5edadfe5296b 2398 sqlite3_3.27.2-2.dsc
 b8f511833e7d2d606877225cc4932abf9d67887d 23192 sqlite3_3.27.2-2.debian.tar.xz
 cf6504091ebf3bd94bd267d371e9faac885597a5 9070 sqlite3_3.27.2-2_amd64.buildinfo
Checksums-Sha256:
 ee9a1932a6fda86403d7a67ed825036a37a79e16200eb7435e664c2325ae2435 2398 sqlite3_3.27.2-2.dsc
 547a96eaf1609460f25a163fdb1724320586a2a1ce5df2abae846ba59dea8b0f 23192 sqlite3_3.27.2-2.debian.tar.xz
 430dfcfea65fdedbdb31c3034dede4111a4b547263ed536f3c20778d31c76ac0 9070 sqlite3_3.27.2-2_amd64.buildinfo
Files:
 46039e9cb7b61e24358e541fd68291c8 2398 devel optional sqlite3_3.27.2-2.dsc
 dcd0c03d6d25e79e0c51528332c4a6fa 23192 devel optional sqlite3_3.27.2-2.debian.tar.xz
 b2385aa195c211dafed2f5d1ac51a394 9070 devel optional sqlite3_3.27.2-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlyVCTIACgkQ3OMQ54ZM
yL9JFQ/+Jq6xceFvG2+uq2JTdOfpz8dC6zmeaHJXDTVGOYPodtWlbgwtc1wBBsAT
5klgyyTbUncA5rGK0lUoYcxNsh8l9vnHw0CECCSY/gwadHo+hslM7k59kdr75ylA
8HIfS3Mk2QYjXf7UCcM8BvkMa0mx2wDiM25tixLnSgh4PwnkGnb5RbV36UZ6FlcU
26TFUe7Mf3kkk1kMoqGOpETj+wQEfc30Uf4QDfxHJna4Lw9sGfA9YlFVDoE5Ot5f
ogVm74vaClf/W0yjQI+i4lZ3oe+gdNqulcv2kRz65RQdt8lHLgqSRL0BnTtK8Kdz
ujoe6S+29xlRhZzAWO76AHtJebZePbO3V1DThpjrk5eB24kZB3/0EoMgFKzGKmiU
ZU5CGOdHW4GFHzjDXwRp6/WC7BiKmLjjMqxPn7nO+zuCIzN61fiPCCkuh4AIAQr3
vd7NbNM+XkCF6i0dnJDkAG6YNHb2egM9EED33hBXcVN9y/DRB07LU+e4C5cPQXJm
2BKd8PlwB2g50w2HB3shHjWehAu2VsPidW8yleLGksvwVImSI3yO8CDwUl2TwBDL
XmZNVK7pbtiS5271/EVOJH+MVTDgVMITzkLp/HvHC5iPZyJbGPIqdx3N5IaVl5cC
F6onTwYVdRhhMePBiejh7v0CycRhF4vA89MNcjDxAI49bEVuu0c=
=72le
-----END PGP SIGNATURE-----

Send a report that this bug log contains spam.