[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]
bug#33751: SQLite "Magellan" vulnerability
From: |
Ricardo Wurmus |
Subject: |
bug#33751: SQLite "Magellan" vulnerability |
Date: |
Sat, 15 Dec 2018 11:47:07 +0100 |
User-agent: |
mu4e 1.0; emacs 26.1 |
Marius Bakke <address@hidden> writes:
> Marius Bakke <address@hidden> writes:
>
>> Hello!
>>
>> There is allegedly a remote code execution bug in all versions of SQLite
>> prior to 3.26.0: <https://blade.tencent.com/magellan/index_en.html>.
>>
>> I think it is safe to graft 3.26.0 in-place:
>>
>> $ abidiff
>> /gnu/store/pba3xzrkq2k4wgh3arif4xpkblr5qz2n-sqlite-3.24.0/lib/libsqlite3.so
>> /gnu/store/r0krlfg010d9zj935gxx0p24pcs0kv9s-sqlite-3.26.0/lib/libsqlite3.so
>> Functions changes summary: 0 Removed, 0 Changed, 0 Added function
>>
>> Variables changes summary: 0 Removed, 0 Changed, 0 Added variable
>>
>> Function symbols changes summary: 0 Removed, 1 Added function symbol not
>> referenced by debug info
>> Variable symbols changes summary: 0 Removed, 0 Added variable symbol not
>> referenced by debug info
>>
>> 1 Added function symbol not referenced by debug info:
>>
>>
>> sqlite3_create_window_function
>>
>> ...but I have not tested this. It's difficult to tell which patches to
>> apply without knowing more details of the vulnerability.
>>
>> I am currently building a branch that adds a "static" output for
>> SQLite in order to catch users of libsqlite3.a. Can we start this on
>> Berlin concurrently? Patches attached.
>
> Perhaps it's better to start over 'staging' with the new SQLite in the
> mean time? Hydra didn't get too far yet.
>
> It does not add a lot to the current rebuild count.
Sounds good to me. Thank you!
--
Ricardo