Control: tags -1 + confirmed On Tue, 2017-10-03 at 19:23 +0200, Laszlo Boszormenyi (GCS) wrote: > I'd like to fix CVE-2017-10989 in SQLite3 for Jessie, which is a > heap-based buffer over-read via undersized RTree blobs. > It's considered remotely exploitable, still marked as no-DSA by the > Security Team. Still, worth fixing via the point update, proposed > patch > is attached. >
Please go ahead. Regards, Adam
