libsqlite3-0-3.39.3-2.1 on GA media SUSE Patch security@suse.de SUSE Security Team openSUSE-SU-2024:12347 Final 1 1 2024-06-17T21:45:33Z current 2024-06-17T21:45:33Z 2024-06-17T21:45:33Z cve-database/bin/generate-cvrf.pl 2017-02-24T01:00:00Z libsqlite3-0-3.39.3-2.1 on GA media These are all security issues fixed in the libsqlite3-0-3.39.3-2.1 package on the GA media of openSUSE Tumbleweed. The CVRF data is provided by SUSE under the Creative Commons License 4.0 with Attribution (CC-BY-4.0). openSUSE-Tumbleweed-2024-12347 Copyright SUSE LLC under the Creative Commons License 4.0 with Attribution (CC-BY-4.0) E-Mail link for openSUSE-SU-2024:12347 https://www.suse.com/support/security/rating/ SUSE Security Ratings https://www.suse.com/security/cve/CVE-2021-36690/ SUSE CVE CVE-2021-36690 page openSUSE Tumbleweed libsqlite3-0-3.39.3-2.1 libsqlite3-0-32bit-3.39.3-2.1 sqlite3-3.39.3-2.1 sqlite3-devel-3.39.3-2.1 sqlite3-doc-3.39.3-2.1 sqlite3-tcl-3.39.3-2.1 libsqlite3-0-3.39.3-2.1 as a component of openSUSE Tumbleweed libsqlite3-0-32bit-3.39.3-2.1 as a component of openSUSE Tumbleweed sqlite3-3.39.3-2.1 as a component of openSUSE Tumbleweed sqlite3-devel-3.39.3-2.1 as a component of openSUSE Tumbleweed sqlite3-doc-3.39.3-2.1 as a component of openSUSE Tumbleweed sqlite3-tcl-3.39.3-2.1 as a component of openSUSE Tumbleweed ** DISPUTED ** A segmentation fault can occur in the sqlite3.exe command-line component of SQLite 3.36.0 via the idxGetTableInfo function when there is a crafted SQL query. NOTE: the vendor disputes the relevance of this report because a sqlite3.exe user already has full privileges (e.g., is intentionally allowed to execute commands). This report does NOT imply any problem in the SQLite library. CVE-2021-36690 openSUSE Tumbleweed:libsqlite3-0-3.39.3-2.1 openSUSE Tumbleweed:libsqlite3-0-32bit-3.39.3-2.1 openSUSE Tumbleweed:sqlite3-3.39.3-2.1 openSUSE Tumbleweed:sqlite3-devel-3.39.3-2.1 openSUSE Tumbleweed:sqlite3-doc-3.39.3-2.1 openSUSE Tumbleweed:sqlite3-tcl-3.39.3-2.1 moderate To install this SUSE Security Update use the SUSE recommended installation methods like YaST online_update or "zypper patch". https://www.suse.com/security/cve/CVE-2021-36690.html CVE-2021-36690 https://bugzilla.suse.com/1189802 SUSE Bug 1189802 https://bugzilla.suse.com/1211963 SUSE Bug 1211963