Mageia 8: MGASA-2023-0094 Moderate: sqlite3 Execution Risk

mageia

March 18, 2023

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allo...

Summary

SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. (CVE-2022-46908)

References

- https://bugs.mageia.org/show_bug.cgi?id=31312

- https://lists.suse.com/pipermail/sle-security-updates/2022-December/013303.html

- https://www.cve.org/CVERecord?id=CVE-2022-46908

Topics Covered

security advisory execution risk sqlite Mageia UDF functions

Resolution

SRPMS

- 8/core/sqlite3-3.39.2-1.1.mga8

Publication date: 18 Mar 2023

URL: https://advisories.mageia.org/MGASA-2023-0094.html

Type: security

CVE: CVE-2022-46908

Topics Covered

security advisory execution risk sqlite Mageia UDF functions

Get the latest News and Insights

Get the latest Linux and open source security news straight to your inbox.

Mageia 8: MGASA-2023-0094 Moderate: sqlite3 Execution Risk

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!

Mageia 8: MGASA-2023-0094 Moderate: sqlite3 Execution Risk

Summary

References

Topics Covered

Resolution

SRPMS

Topics Covered

Get the latest News and Insights

Related Articles

Powered By

Linux Security - Your source for Top Linux News, Advisories, HOWTOs and Feature Releases

QUICK LINKS

subscribe to newsletters!