blob: 5aceef16fdfa8f2f5204bd35eff862a625bd0158 [file] [log] [blame]
<?xml version="1.0" encoding="UTF-8"?>
<glsa id="201507-05">
<title>SQLite: Multiple vulnerabilities</title>
<synopsis>Multiple vulnerabilities have been found in SQLite, allowing
context-dependent attackers to cause a Denial of Service condition.
<product type="ebuild">sqlite</product>
<announced>July 07, 2015</announced>
<revised>July 07, 2015: 1</revised>
<access>local, remote</access>
<package name="dev-db/sqlite" auto="yes" arch="*">
<unaffected range="ge">3.8.9</unaffected>
<vulnerable range="lt">3.8.9</vulnerable>
<p>SQLite is a C library that implements an SQL database engine.</p>
<p>Multiple vulnerabilities have been discovered in SQLite. Please review
the CVE identifiers referenced below for details.
<impact type="normal">
<p>A context-dependent attacker could possibly cause a Denial of Service
<p>There is no known workaround at this time.</p>
<p>All SQLite users should upgrade to the latest version:</p>
# emerge --sync
# emerge --ask --oneshot --verbose "&gt;=dev-db/sqlite-3.8.9"
<uri link="">CVE-2015-3414</uri>
<uri link="">CVE-2015-3415</uri>
<uri link="">CVE-2015-3416</uri>
<metadata tag="requester" timestamp="Thu, 28 May 2015 22:11:40 +0000">
<metadata tag="submitter" timestamp="Tue, 07 Jul 2015 06:59:20 +0000">Zlogene</metadata>