{"id":"MGASA-2024-0073","summary":"Updated sqlite3 packages fix security vulnerabilities","details":"The updated packages fix security vulnerabilities:\nHeap buffer overflow in sqlite. (CVE-2023-2137)\nA vulnerability was found in SQLite SQLite3 up to 3.43.0 and classified\nas critical. This issue affects the function sessionReadRecord of the\nfile ext/session/sqlite3session.c of the component make alltest Handler.\nThe manipulation leads to heap-based buffer overflow. (CVE-2023-7104)\n","modified":"2026-01-31T14:07:24.281618Z","published":"2024-03-20T03:35:18Z","related":["CVE-2023-2137","CVE-2023-7104"],"references":[{"type":"ADVISORY","url":"https://advisories.mageia.org/MGASA-2024-0073.html"},{"type":"REPORT","url":"https://bugs.mageia.org/show_bug.cgi?id=31868"},{"type":"REPORT","url":"https://chromereleases.googleblog.com/2023/04/stable-channel-update-for-desktop_18.html"},{"type":"REPORT","url":"https://ubuntu.com/security/notices/USN-6566-1"}],"affected":[{"package":{"name":"sqlite3","ecosystem":"Mageia:9","purl":"pkg:rpm/mageia/sqlite3?arch=source&distro=mageia-9"},"ranges":[{"type":"ECOSYSTEM","events":[{"introduced":"0"},{"fixed":"3.40.1-1.1.mga9"}]}],"ecosystem_specific":{"section":"core"},"database_specific":{"source":"https://advisories.mageia.org/MGASA-2024-0073.json"}}],"schema_version":"1.7.3","credits":[{"name":"Mageia","contact":["https://wiki.mageia.org/en/Packages_Security_Team"],"type":"COORDINATOR"}]}