[ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability

To: bugtraq@xxxxxxxxxxxxxxxxx
Subject: [ MDKSA-2007:091 ] - Updated sqlite packages fix vulnerability
From: security@xxxxxxxxxxxx
Date: Thu, 19 Apr 2007 00:20:57 -0600
List-help: <mailto:bugtraq-help@securityfocus.com>
List-id: <bugtraq.list-id.securityfocus.com>
List-post: <mailto:bugtraq@securityfocus.com>
List-subscribe: <mailto:bugtraq-subscribe@securityfocus.com>
List-unsubscribe: <mailto:bugtraq-unsubscribe@securityfocus.com>
Mailing-list: contact bugtraq-help@xxxxxxxxxxxxxxxxx; run by ezmlm
Reply-to: <xsecurity@xxxxxxxxxxxx>
Sender: QA Team <qateam@xxxxxxxxxxxxxxxxx>

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

 _______________________________________________________________________
 
 Mandriva Linux Security Advisory                         MDKSA-2007:091
 http://www.mandriva.com/security/
 _______________________________________________________________________
 
 Package : sqlite
 Date    : April 18, 2007
 Affected: 2007.0, 2007.1, Corporate 3.0, Corporate 4.0
 _______________________________________________________________________
 
 Problem Description:
 
 A buffer overflow in sqlite could allow context-dependent attackers
 to execute arbitrary code via an empty value of the 'in' parameter.
 
 Updated packages have been patched to correct this issue.
 _______________________________________________________________________

 References:
 
 http://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2007-1888
 _______________________________________________________________________
 
 Updated Packages:
 
 Mandriva Linux 2007.0:
 2e406be8ce05a67e481b0100791d1c27  
2007.0/i586/libsqlite0-2.8.17-5.1mdv2007.0.i586.rpm
 1a028c248b42f429d32d2ae6dacfac85  
2007.0/i586/libsqlite0-devel-2.8.17-5.1mdv2007.0.i586.rpm
 43fb4503583f6f7eef72c7318e80368d  
2007.0/i586/libsqlite0-static-devel-2.8.17-5.1mdv2007.0.i586.rpm
 327064ab9c808db9ab413fbe3beb6a6f  
2007.0/i586/sqlite-tools-2.8.17-5.1mdv2007.0.i586.rpm 
 5df9576e9e320a86dc22426fe47a1b85  
2007.0/SRPMS/sqlite-2.8.17-5.1mdv2007.0.src.rpm

 Mandriva Linux 2007.0/X86_64:
 70703690ed3dbbc678ab7e0c0831de46  
2007.0/x86_64/lib64sqlite0-2.8.17-5.1mdv2007.0.x86_64.rpm
 e9d133f9bed317abe5862b10050ad06d  
2007.0/x86_64/lib64sqlite0-devel-2.8.17-5.1mdv2007.0.x86_64.rpm
 497f82c060fd2e7c1b3dbaf862cb3371  
2007.0/x86_64/lib64sqlite0-static-devel-2.8.17-5.1mdv2007.0.x86_64.rpm
 8c3a909b462cac73e5287a97a61e48d1  
2007.0/x86_64/sqlite-tools-2.8.17-5.1mdv2007.0.x86_64.rpm 
 5df9576e9e320a86dc22426fe47a1b85  
2007.0/SRPMS/sqlite-2.8.17-5.1mdv2007.0.src.rpm

 Mandriva Linux 2007.1:
 ef3a736cb35778d7ba62f09d16fbdeb6  
2007.1/i586/libsqlite0-2.8.17-5.1mdv2007.1.i586.rpm
 3f925f2ffb3b824783418d48e05c1a08  
2007.1/i586/libsqlite0-devel-2.8.17-5.1mdv2007.1.i586.rpm
 ca2b601fcd4d03b200aa1d57344503db  
2007.1/i586/libsqlite0-static-devel-2.8.17-5.1mdv2007.1.i586.rpm
 ac72680762722065321b4e1b5526b42a  
2007.1/i586/sqlite-tools-2.8.17-5.1mdv2007.1.i586.rpm 
 41181d8d5767577a7aadf6847d0e6001  
2007.1/SRPMS/sqlite-2.8.17-5.1mdv2007.1.src.rpm

 Mandriva Linux 2007.1/X86_64:
 c3325217fc33dd3e9d934777db30fdd2  
2007.1/x86_64/lib64sqlite0-2.8.17-5.1mdv2007.1.x86_64.rpm
 3cfd8765924887ab082ed902b09a5577  
2007.1/x86_64/lib64sqlite0-devel-2.8.17-5.1mdv2007.1.x86_64.rpm
 64ec9faa0b6d1f31d118b188984bfebf  
2007.1/x86_64/lib64sqlite0-static-devel-2.8.17-5.1mdv2007.1.x86_64.rpm
 6391fdadf99aca86ad746b86a5724cf1  
2007.1/x86_64/sqlite-tools-2.8.17-5.1mdv2007.1.x86_64.rpm 
 41181d8d5767577a7aadf6847d0e6001  
2007.1/SRPMS/sqlite-2.8.17-5.1mdv2007.1.src.rpm

 Corporate 3.0:
 884a85d61c019447a996d2dc5e74f831  
corporate/3.0/i586/libsqlite0-2.8.6-1.1.C30mdk.i586.rpm
 2b7ebd04232c8dd1f16c15ae9e3ca246  
corporate/3.0/i586/libsqlite0-devel-2.8.6-1.1.C30mdk.i586.rpm
 6ff596f03bf586a8a1817b5879219ef6  
corporate/3.0/i586/libsqlite0-static-devel-2.8.6-1.1.C30mdk.i586.rpm
 cbb31f524ca0dc532241a70f643f260d  
corporate/3.0/i586/sqlite-tools-2.8.6-1.1.C30mdk.i586.rpm 
 591320e6f66d0e11462691b504538c75  
corporate/3.0/SRPMS/sqlite-2.8.6-1.1.C30mdk.src.rpm

 Corporate 3.0/X86_64:
 e44aecce58d89d6e9c572bb1b54d21bb  
corporate/3.0/x86_64/lib64sqlite0-2.8.6-1.1.C30mdk.x86_64.rpm
 6eb545a83235f228d6c6ff7f64a9e31d  
corporate/3.0/x86_64/lib64sqlite0-devel-2.8.6-1.1.C30mdk.x86_64.rpm
 46bad07156a3b7b00e6d90e7e39c226e  
corporate/3.0/x86_64/lib64sqlite0-static-devel-2.8.6-1.1.C30mdk.x86_64.rpm
 f84a83b0c7c59e9a23344ef25acc39bc  
corporate/3.0/x86_64/sqlite-tools-2.8.6-1.1.C30mdk.x86_64.rpm 
 591320e6f66d0e11462691b504538c75  
corporate/3.0/SRPMS/sqlite-2.8.6-1.1.C30mdk.src.rpm

 Corporate 4.0:
 d0f9f18d41cf8ec6c0dca0843d540f36  
corporate/4.0/i586/libsqlite0-2.8.16-1.1.20060mlcs4.i586.rpm
 daa4deabc744564029f7e6c1fb41f8f8  
corporate/4.0/i586/libsqlite0-devel-2.8.16-1.1.20060mlcs4.i586.rpm
 8ec49fe224ac080833dde12d785a4100  
corporate/4.0/i586/libsqlite0-static-devel-2.8.16-1.1.20060mlcs4.i586.rpm
 fb5c6833f75cd5038817a5e392f29fa0  
corporate/4.0/i586/sqlite-tools-2.8.16-1.1.20060mlcs4.i586.rpm 
 36684a0c204b9bb2a9fadd2fa3bf9623  
corporate/4.0/SRPMS/sqlite-2.8.16-1.1.20060mlcs4.src.rpm

 Corporate 4.0/X86_64:
 bc4ffea8cb466d25735875e6623580c1  
corporate/4.0/x86_64/lib64sqlite0-2.8.16-1.1.20060mlcs4.x86_64.rpm
 1b145271b1a30cdfe07b3c01026b95ee  
corporate/4.0/x86_64/lib64sqlite0-devel-2.8.16-1.1.20060mlcs4.x86_64.rpm
 3a3418515f799275748feab6e7bf3c0e  
corporate/4.0/x86_64/lib64sqlite0-static-devel-2.8.16-1.1.20060mlcs4.x86_64.rpm
 43d492190968a3cfd4903670944d6156  
corporate/4.0/x86_64/sqlite-tools-2.8.16-1.1.20060mlcs4.x86_64.rpm 
 36684a0c204b9bb2a9fadd2fa3bf9623  
corporate/4.0/SRPMS/sqlite-2.8.16-1.1.20060mlcs4.src.rpm
 _______________________________________________________________________

 To upgrade automatically use MandrivaUpdate or urpmi.  The verification
 of md5 checksums and GPG signatures is performed automatically for you.

 All packages are signed by Mandriva for security.  You can obtain the
 GPG public key of the Mandriva Security Team by executing:

  gpg --recv-keys --keyserver pgp.mit.edu 0x22458A98

 You can view other update advisories for Mandriva Linux at:

  http://www.mandriva.com/security/advisories

 If you want to report vulnerabilities, please contact

  security_(at)_mandriva.com
 _______________________________________________________________________

 Type Bits/KeyID     Date       User ID
 pub  1024D/22458A98 2000-07-10 Mandriva Security Team
  <security*mandriva.com>
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.4.7 (GNU/Linux)

iD8DBQFGJt70mqjQ0CJFipgRAimNAJ0Ww+tU3ol8WRVzZn+YXfOrpmOFvQCgmbJw
INyPPbd8fuFsrVj7FtNIlio=
=s+p3
-----END PGP SIGNATURE-----

Prev by Date: [ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities
Next by Date: [security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022
Previous by thread: [ MDKSA-2007:090 ] - Updated php packages fix multiple vulnerabilities
Next by thread: [security bulletin] HPSBST02208 SSRT071365 rev.1 - Storage Management Appliance (SMA), Microsoft Patch Applicability MS07-018 to MS07-022
Index(es):
- Date
- Thread