Test Kennung:	1.3.6.1.4.1.25623.1.1.10.2020.0070
Kategorie:	Mageia Linux Local Security Checks
Titel:	Mageia: Security Advisory (MGASA-2020-0070)
Zusammenfassung:	The remote host is missing an update for the 'sqlite3' package(s) announced via the MGASA-2020-0070 advisory.
Beschreibung:	Summary: The remote host is missing an update for the 'sqlite3' package(s) announced via the MGASA-2020-0070 advisory. Vulnerability Insight: Updated sqlite3 packages fix security vulnerabilities: An out of bounds write flaw (CVE-2019-13734), insufficient data validation flaw (CVE-2019-13750), uninitialized use flaw (CVE-2019-13751), and out of bounds read flaws (CVE-2019-13752, CVE-2019-13753) in SQLite before 3.31.0. It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to cause a denial of service (CVE-2019-16168). It was discovered that SQLite incorrectly handled certain schemas. An attacker could possibly use this issue to mishandles some expressions (CVE-2019-19242). It was discovered that SQLite incorrectly handled certain queries. An attacker could possibly use this issue to execute arbitrary code (CVE-2019-19244). exprListAppendList in window.c in SQLite 3.30.1 allows attackers to trigger an invalid pointer dereference because constant integer values in ORDER BY clauses of window definitions are mishandled (CVE-2019-19880). For other changes in this update, see the referenced releaaselogs. Affected Software/OS: 'sqlite3' package(s) on Mageia 7. Solution: Please install the updated package(s). CVSS Score: 6.8 CVSS Vector: AV:N/AC:M/Au:N/C:P/I:P/A:P
Querverweis:	Common Vulnerability Exposure (CVE) ID: CVE-2019-13734 Bugtraq: 20200120 [SECURITY] [DSA 4606-1] chromium security update (Google Search) https://seclists.org/bugtraq/2020/Jan/27 Debian Security Information: DSA-4606 (Google Search) https://www.debian.org/security/2020/dsa-4606 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/2Z5M4FPUMDNX2LDPHJKN5ZV5GIS2AKNU/ https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/N5CIQCVS6E3ULJCNU7YJXJPO2BLQZDTK/ https://security.gentoo.org/glsa/202003-08 https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html https://crbug.com/1025466 https://www.oracle.com/security-alerts/cpujan2022.html RedHat Security Advisories: RHSA-2019:4238 https://access.redhat.com/errata/RHSA-2019:4238 RedHat Security Advisories: RHSA-2020:0227 https://access.redhat.com/errata/RHSA-2020:0227 RedHat Security Advisories: RHSA-2020:0229 https://access.redhat.com/errata/RHSA-2020:0229 RedHat Security Advisories: RHSA-2020:0273 https://access.redhat.com/errata/RHSA-2020:0273 RedHat Security Advisories: RHSA-2020:0451 https://access.redhat.com/errata/RHSA-2020:0451 RedHat Security Advisories: RHSA-2020:0463 https://access.redhat.com/errata/RHSA-2020:0463 RedHat Security Advisories: RHSA-2020:0476 https://access.redhat.com/errata/RHSA-2020:0476 SuSE Security Announcement: openSUSE-SU-2019:2692 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00032.html SuSE Security Announcement: openSUSE-SU-2019:2694 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-12/msg00036.html https://usn.ubuntu.com/4298-1/ https://usn.ubuntu.com/4298-2/ Common Vulnerability Exposure (CVE) ID: CVE-2019-13750 https://crbug.com/1025464 Common Vulnerability Exposure (CVE) ID: CVE-2019-13751 https://crbug.com/1025465 Common Vulnerability Exposure (CVE) ID: CVE-2019-13752 https://crbug.com/1025470 Common Vulnerability Exposure (CVE) ID: CVE-2019-13753 https://crbug.com/1025471 Common Vulnerability Exposure (CVE) ID: CVE-2019-16168 https://lists.fedoraproject.org/archives/list/package-announce@lists.fedoraproject.org/message/XZARJHJJDBHI7CE5PZEBXS5HKK6HXKW2/ https://security.gentoo.org/glsa/202003-16 https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg116312.html https://www.oracle.com/security-alerts/cpuapr2020.html https://www.oracle.com/security-alerts/cpujan2020.html https://www.sqlite.org/src/info/e4598ecbdd18bd82945f6029013296690e719a62 https://www.sqlite.org/src/timeline?c=98357d8c1263920b https://lists.debian.org/debian-lts-announce/2020/08/msg00037.html SuSE Security Announcement: openSUSE-SU-2019:2298 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00032.html SuSE Security Announcement: openSUSE-SU-2019:2300 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2019-10/msg00033.html https://usn.ubuntu.com/4205-1/ Common Vulnerability Exposure (CVE) ID: CVE-2019-19242 https://github.com/sqlite/sqlite/commit/57f7ece78410a8aae86aa4625fb7556897db384c Common Vulnerability Exposure (CVE) ID: CVE-2019-19244 https://github.com/sqlite/sqlite/commit/e59c562b3f6894f84c715772c4b116d7b5c01348 Common Vulnerability Exposure (CVE) ID: CVE-2019-19880 Debian Security Information: DSA-4638 (Google Search) https://www.debian.org/security/2020/dsa-4638 https://github.com/sqlite/sqlite/commit/75e95e1fcd52d3ec8282edb75ac8cd0814095d54 RedHat Security Advisories: RHSA-2020:0514 https://access.redhat.com/errata/RHSA-2020:0514 SuSE Security Announcement: openSUSE-SU-2020:0189 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00010.html SuSE Security Announcement: openSUSE-SU-2020:0210 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00015.html SuSE Security Announcement: openSUSE-SU-2020:0233 (Google Search) http://lists.opensuse.org/opensuse-security-announce/2020-02/msg00025.html
Copyright	Copyright (C) 2022 Greenbone AG

Dies ist nur einer von 145615 Anfälligkeitstests in unserem Testpaket. Finden Sie mehr über unsere vollständigen Sicherheitsüberprüfungen heraus. Um einen gratis Test für diese Anfälligkeit auf Ihrem System durchlaufen zu lassen, registrieren Sie sich bitte unten.