Debian Package Tracker

From: Laszlo Boszormenyi (GCS) <gcs@debian.org>
To: <debian-devel-changes@lists.debian.org>
Subject: Accepted sqlite3 3.27.2-2 (source) into unstable
Date: Fri, 22 Mar 2019 16:34:23 +0000
Signed by: Laszlo Boszormenyi <gcs@gcs.org.hu>
-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA256

Format: 1.8
Date: Tue, 19 Mar 2019 17:46:39 +0000
Source: sqlite3
Architecture: source
Version: 3.27.2-2
Distribution: unstable
Urgency: high
Maintainer: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Changed-By: Laszlo Boszormenyi (GCS) <gcs@debian.org>
Closes: 925289 925290
Changes:
 sqlite3 (3.27.2-2) unstable; urgency=high
 .
   * Backport security related patches:
     - use unsigned integers to count the number of pages in a freelist
       during an integrity_check, to avoid any possibility of a signed integer
       overflow,
     - fix a crash that could occur if the RHS of an IN expression is a
       correlated sub-query that refers to the outer query from within a
       window frame definition only,
     - ensure that ALTER TABLE commands open statement transactions,
     - CVE-2019-9937: fix an fts5 problem with interleaving reads and writes
       in a single transaction (closes: #925290),
     - CVE-2019-9936: fix a buffer overread that could occur when running fts5
       prefix queries inside a transaction (closes: #925289).
Checksums-Sha1:
 acfb8928116981d5c05d4e5100ab5edadfe5296b 2398 sqlite3_3.27.2-2.dsc
 b8f511833e7d2d606877225cc4932abf9d67887d 23192 sqlite3_3.27.2-2.debian.tar.xz
 cf6504091ebf3bd94bd267d371e9faac885597a5 9070 sqlite3_3.27.2-2_amd64.buildinfo
Checksums-Sha256:
 ee9a1932a6fda86403d7a67ed825036a37a79e16200eb7435e664c2325ae2435 2398 sqlite3_3.27.2-2.dsc
 547a96eaf1609460f25a163fdb1724320586a2a1ce5df2abae846ba59dea8b0f 23192 sqlite3_3.27.2-2.debian.tar.xz
 430dfcfea65fdedbdb31c3034dede4111a4b547263ed536f3c20778d31c76ac0 9070 sqlite3_3.27.2-2_amd64.buildinfo
Files:
 46039e9cb7b61e24358e541fd68291c8 2398 devel optional sqlite3_3.27.2-2.dsc
 dcd0c03d6d25e79e0c51528332c4a6fa 23192 devel optional sqlite3_3.27.2-2.debian.tar.xz
 b2385aa195c211dafed2f5d1ac51a394 9070 devel optional sqlite3_3.27.2-2_amd64.buildinfo

-----BEGIN PGP SIGNATURE-----

iQIzBAEBCAAdFiEEfYh9yLp7u6e4NeO63OMQ54ZMyL8FAlyVCTIACgkQ3OMQ54ZM
yL9JFQ/+Jq6xceFvG2+uq2JTdOfpz8dC6zmeaHJXDTVGOYPodtWlbgwtc1wBBsAT
5klgyyTbUncA5rGK0lUoYcxNsh8l9vnHw0CECCSY/gwadHo+hslM7k59kdr75ylA
8HIfS3Mk2QYjXf7UCcM8BvkMa0mx2wDiM25tixLnSgh2PwnkGnb5RbV36UZ6FlcU
26TFUe7Mf3kkk1kMoqGOpETj+wQEfc30Uf4QDfxHJna4Lw9sGfA9YlFVDoE5Ot5f
ogVm74vaClf/W0yjQI+i4lZ3oe+gdNqulcv2kRz65RQdt8lHLgqSRL0BnTtK8Kdz
ujoe6S+29xlRhZzAWO76AHtJebZePbO3V1DThpjrk5eB24kZB3/0EoMgFKzGKmiU
ZU5CGOdHW4GFHzjDXwRp6/WC7BiKmLjjMqxPn7nO+zuCIzN61fiPCCkuh1AIAQr3
vd7NbNM+XkCF6i0dnJDkAG6YNHb2egM9EED33hBXcVN9y/DRB07LU+e4C5cPQXJm
2BKd8PlwB2g50w2HB3shHjWehAu2VsPidW8yleLGksvwVImSI3yO8CDwUl2TwBDL
XmZNVK7pbtiS5271/EVOJH+MVTDgVMITzkLp/HvHC5iPZyJbGPIqdx3N5IaVl5cC
F6onTwYVdRhhMePBiejh7v0CycRhF4vA89MNcjDxAI49bEVuu0c=
=72le
-----END PGP SIGNATURE-----
News for package sqlite3
