Joined: 12 May 2004
|Posted: Wed Mar 31, 2021 3:26 pm Post subject: [ GLSA 202103-04 ] SQLite
|Gentoo Linux Security Advisory
Title: SQLite: Remote code execution (GLSA 202103-04)
Exploitable: local, remote
A vulnerability in SQLite could lead to remote code execution.
SQLite is a C library that implements an SQL database engine.
Vulnerable: < 3.34.1
Unaffected: >= 3.34.1
Architectures: All supported architectures
It was discovered that SQLite incorrectly handled certain sub-queries.
A remote attacker could possibly execute arbitrary code with the
privileges of the process, or cause a Denial of Service condition.
There is no known workaround at this time.
All SQLite users should upgrade to the latest version:
|# emerge --sync
# emerge --ask --oneshot --verbose ">=dev-db/sqlite-3.34.1"