FreeBSD Mail Archives

Date:      Mon, 17 Dec 2018 08:06:50 -0800 (PST)
From:      Roger Marquis <marquis@roble.com>
To:        Kubilay Kocak <koobs@FreeBSD.org>
Cc:        Brooks Davis <brooks@freebsd.org>, freebsd-security@freebsd.org,  ports-secteam@FreeBSD.org
Subject:   Re: SQLite vulnerability
Message-ID:  <nycvar.OFS.7.76.444.1812170758000.59073@mx.roble.com>
In-Reply-To: <14b152b6-b994-2b1a-c1ac-0fc2f606149a@FreeBSD.org>
References:  <nycvar.OFS.7.76.444.1812160753280.5993@mx.roble.com> <20181217084435.GC4757@spindle.one-eyed-alien.net> <14b152b6-b994-2b1a-c1ac-0fc2f606149a@FreeBSD.org>

On Mon, 17 Dec 2018, Kubilay Kocak wrote:
> Pretty close :)
> Original source/announcement:
> https://www.tenable.com/blog/magellan-remote-code-execution-vulnerability-in-sqlite-disclosed 
> [December 14th, 2018]

Not original though Tenable may have based their announcement on:

   https://meterpreter.org/sqlite-remote-code-execution-vulnerability-alert/
   [December 11th, 2014]

> I've already re-opened Issue #233712 [1], which was our databases/sqlite3 
> port update to 3.26.0 and requested a merge to quarterly.

Thank you Kubila and thanks to pavelivolkov@gmail.com who updated the sqlite3
port on December 4th.

Roger Marquis

Want to link to this message? Use this URL: <https://mail-archive.FreeBSD.org/cgi/mid.cgi?nycvar.OFS.7.76.444.1812170758000.59073>

Header And Logo

Peripheral Links

Site Navigation

Header And Logo

Peripheral Links

Search

Site Navigation