[3.7] sqlite: Multiple vulnerabilities (CVE-2019-5018, CVE-2019-8457)

CVE-2019-5018: use-after-free in window function leading to remote code execution

An exploitable use after free vulnerability exists in the window function functionality of Sqlite3 3.26.0. A specially crafted SQL command can cause a use
after free vulnerability, potentially resulting in remote code execution. An attacker can send a malicious SQL command to trigger this vulnerability.

References:

https://www.talosintelligence.com/vulnerability\_reports/TALOS-2019-0777
https://nvd.nist.gov/vuln/detail/CVE-2019-5018

CVE-2019-8457: heap out-of-bound read in function rtreenode()

SQLite3 from 3.6.0 to and including 3.27.2 is vulnerable to heap out-of-bound
read in the rtreenode() function when handling invalid rtree tables.

References:

https://www.sqlite.org/releaselog/3\_28\_0.html
https://nvd.nist.gov/vuln/detail/CVE-2019-8457

Patch:

https://www.sqlite.org/src/info/90acdbfce9c08858

(from redmine: issue id 10540, created on 2019-06-05)

Relations:
- parent #10537

To upload designs, you'll need to enable LFS and have an admin enable hashed storage. More information