subject:"Bug#1026293\: sqlite3\: CVE\-2022\-46908"

Bug#1026293: sqlite3: CVE-2022-46908

2022-12-18 Thread Salvatore Bonaccorso

Hi László On Sun, Dec 18, 2022 at 10:24:50AM +0100, László Böszörményi (GCS) wrote: > Hi Salvatore, > > On Sat, Dec 17, 2022 at 9:42 PM Salvatore Bonaccorso > wrote: > > CVE-2022-46908[0]: > > | SQLite through 3.40.0, when relying on --safe for execution of an > > | untrusted CLI script, does n

Bug#1026293: sqlite3: CVE-2022-46908

2022-12-18 Thread GCS

Hi Salvatore, On Sat, Dec 17, 2022 at 9:42 PM Salvatore Bonaccorso wrote: > CVE-2022-46908[0]: > | SQLite through 3.40.0, when relying on --safe for execution of an > | untrusted CLI script, does not properly implement the > | azProhibitedFunctions protection mechanism, and instead allows UDF > |

Bug#1026293: sqlite3: CVE-2022-46908

2022-12-17 Thread Salvatore Bonaccorso

Source: sqlite3 Version: 3.40.0-1 Severity: important Tags: security upstream Forwarded: https://sqlite.org/forum/forumpost/07beac8056151b2f X-Debbugs-Cc: car...@debian.org, Debian Security Team Hi, The following vulnerability was published for sqlite3. CVE-2022-46908[0]: | SQLite through 3.40.