Date: Thu, 1 Jun 2017 00:24:10 +0200 From: Andreas Stieger <astieger@...e.com> To: oss-security@...ts.openwall.com Subject: Re: Information on recent sqlite3 issues? Hello, On 05/31/2017 10:30 PM, Moritz Muehlenhoff wrote: > one of the latest Apple advisories mentions several vulnerabilities in sqlite: > https://support.apple.com/en-us/HT207798 > > CVE-2017-2513: found by OSS-Fuzz > CVE-2017-2518: found by OSS-Fuzz > CVE-2017-2520: found by OSS-Fuzz > CVE-2017-2519: found by OSS-Fuzz > CVE-2017-6983: Chaitin Security Research Lab (@...itinTech) working with Trend Micro's Zero Day Initiative > CVE-2017-6991: Chaitin Security Research Lab (@...itinTech) working with Trend Micro's Zero Day Initiative > > Does anyone have additional information on those and whether that > applies to the standard sqlite releases or Apple-specific changes? SUSE has asked Apple, but has not yet received an answer as far as I am aware. Andreas -- Andreas Stieger <astieger@...e.com> Project Manager Security SUSE Linux GmbH, GF: Felix Imendörffer, Jane Smithard, Graham Norton, HRB 21284 (AG Nürnberg)
Powered by blists - more mailing lists
Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.
Powered by Openwall GNU/*/Linux - Powered by OpenVZ