Openwall GNU/*/Linux - a small security-enhanced Linux distro for servers
[<prev] [next>] [<thread-prev] [thread-next>] [day] [month] [year] [list]
Date: Thu, 1 Jun 2017 00:24:10 +0200
From: Andreas Stieger <astieger@...e.com>
To: oss-security@...ts.openwall.com
Subject: Re: Information on recent sqlite3 issues?

Hello,


On 05/31/2017 10:30 PM, Moritz Muehlenhoff wrote:
> one of the latest Apple advisories mentions several vulnerabilities in sqlite:
> https://support.apple.com/en-us/HT207798
>
> CVE-2017-2513: found by OSS-Fuzz
> CVE-2017-2518: found by OSS-Fuzz
> CVE-2017-2520: found by OSS-Fuzz
> CVE-2017-2519: found by OSS-Fuzz
> CVE-2017-6983: Chaitin Security Research Lab (@...itinTech) working with Trend Micro's Zero Day Initiative
> CVE-2017-6991: Chaitin Security Research Lab (@...itinTech) working with Trend Micro's Zero Day Initiative
>
> Does anyone have additional information on those and whether that
> applies to the standard sqlite releases or Apple-specific changes?

SUSE has asked Apple, but has not yet received an answer as far as I am
aware.

Andreas

-- 
Andreas Stieger <astieger@...e.com>
Project Manager Security
SUSE Linux GmbH, GF: Felix Imend├Ârffer, Jane Smithard, Graham Norton,
HRB 21284 (AG N├╝rnberg)

Powered by blists - more mailing lists

Your e-mail address:

Please check out the Open Source Software Security Wiki, which is counterpart to this mailing list.

Powered by Openwall GNU/*/Linux - Powered by OpenVZ