GLSA-201904-21 : SQLite: Remote code execution
Medium Nessus Plugin ID 124226
SynopsisThe remote Gentoo host is missing one or more security-related patches.
DescriptionThe remote host is affected by the vulnerability described in GLSA-201904-21 (SQLite: Remote code execution)
An integer overflow was discovered in SQLite’s FTS3 extension.
A remote attacker could, by executing arbitrary SQL statements against a vulnerable host, execute arbitrary code.
There is no known workaround at this time.
SolutionAll SQLite users should upgrade to the latest version:
# emerge --sync # emerge --ask --oneshot --verbose '>=dev-db/sqlite-3.25.3'