Control: tags -1 + pending On Sun, 2017-10-29 at 18:27 +0000, Adam D. Barratt wrote: > Control: tags -1 + confirmed > > On Tue, 2017-10-03 at 19:23 +0200, Laszlo Boszormenyi (GCS) wrote: > > I'd like to fix CVE-2017-10989 in SQLite3 for Stretch, which is a > > heap-based buffer over-read via undersized RTree blobs. > > It's considered remotely exploitable, still marked as no-DSA by the > > Security Team. Still, worth fixing via the point update, proposed > > patch is attached. > > > > Please go ahead.
Uploaded and flagged for acceptance. Regards, Adam
