Hash: SHA256

Package        : sqlite3
Version        : 3.7.13-1+deb7u4
CVE ID         : CVE-2017-10989
Debian Bug     : #867618

It was discovered that there was a heap-based buffer over-read vulnerability in
SQLite, a lightweight database engine. The getNodeSize function in
ext/rtree/rtree.c mishandled undersized RTree blobs in a specially-crafted
database,

For Debian 7 "Wheezy", this issue has been fixed in sqlite3 version
3.7.13-1+deb7u4.

We recommend that you upgrade your sqlite3 packages.


Regards,

- -- 
      ,''`.
     : :'  :     Chris Lamb, Debian Project Leader
     `. `'`      [email protected] / chris-lamb.co.uk
       `-