Hi,
CVE-2019-20218 isn't fixed in Stretch/LTS. Running the reproducer:
CREATE TABLE v0 (a);
CREATE VIEW v2 (v3) AS WITH x1 AS (SELECT * FROM v2) SELECT v3 AS x, v3 AS y
FROM v2;
SELECT * FROM v2;
Hi Moritz,
> CVE-2019-20218 isn't fixed in Stretch/LTS. Running the reproducer:
Thanks for this. With my FD hat on, I've just re-added it to
dla-needed.txt, and here is the relevant debian/changelog entry (lines
17-18):
1 sqlite3 (3.16.2-5+deb9u2) stretch-security; urgency=high
2
3 *
Hi Moritz & Chris,
On Tue, Dec 08, 2020 at 02:37:14PM +, Chris Lamb wrote:
> Hi Moritz,
>
> > CVE-2019-20218 isn't fixed in Stretch/LTS. Running the reproducer:
>
Thanks for reporting this. It seems I overlooked something in my
update. I should have taken greater care.
>
> Roberto, can
