svn commit: r465275 - in head/databases/sqlite3: . files
Adam Weinberger
adamw at adamw.org
Thu Mar 22 14:30:54 UTC 2018
> On 22 Mar, 2018, at 2:52, Yuri Victorovich <yuri at FreeBSD.org> wrote:
>
> Author: yuri
> Date: Thu Mar 22 08:52:58 2018
> New Revision: 465275
> URL: https://svnweb.freebsd.org/changeset/ports/465275
>
> Log:
> databases/sqlite3: Patch for CVE-2018-8740
>
> Detect databases whose schema is corrupted using
> a CREATE TABLE AS statement and issue an appropriate error message.
>
> CVE-2018-8740 will be entered into VuXML when SQLite will make
> a release, because CVE-2018-8740 says that versions up to and including
> the current version 3.22.0 are vulnerable.
>
> Submitted by: Pavel Volkov <pavelivolkov at gmail.com> (maintainer)
> Reported by: tj <tj at mrsk.me>
Hi Yuri,
To be on the safe side, it might be better to create a VuXML entry now, and
set it to <lt>3.22.0_1</lt>. It’d make sure people upgrade right away.
Also this needs an MFH, no?
# Adam
--
Adam Weinberger
adamw at adamw.org
http://www.adamw.org
More information about the svn-ports-all
mailing list