SQLite vulnerability
Kubilay Kocak
koobs at FreeBSD.org
Tue Dec 18 08:21:39 UTC 2018
On 18/12/2018 3:06 am, Roger Marquis wrote:
> On Mon, 17 Dec 2018, Kubilay Kocak wrote:
>> Pretty close :)
>> Original source/announcement:
>> https://www.tenable.com/blog/magellan-remote-code-execution-vulnerability-in-sqlite-disclosed
>> [December 14th, 2018]
>
> Not original though Tenable may have based their announcement on:
>
>
> https://meterpreter.org/sqlite-remote-code-execution-vulnerability-alert/
> [December 11th, 2014]
>
>> I've already re-opened Issue #233712 [1], which was our
>> databases/sqlite3 port update to 3.26.0 and requested a merge to
>> quarterly.
>
> Thank you Kubila and thanks to pavelivolkov at gmail.com who updated the
> sqlite3
> port on December 4th.
>
> Roger Marquis
Created a parent tracking bug linking the existing issues, and for any
other issues to be linked:
SQLite: Remote code execution vulnerability (Magellan)
https://bugs.freebsd.org/bugzilla/show_bug.cgi?id=234112
More information about the freebsd-security
mailing list