[3.7] sqlite: NULL Pointer Dereference (CVE-2018-8740)
In SQLite through 3.22.0, databases whose schema is corrupted using a
CREATE TABLE AS statement
could cause a NULL pointer dereference, related to build.c and
prepare.c.
References:
http://openwall.com/lists/oss-security/2018/03/17/1
https://nvd.nist.gov/vuln/detail/CVE-2018-8740
Patch:
https://www.sqlite.org/cgi/src/vdiff?from=1774f1c3baf0bc3d&to=d75e67654aa9620b
(from redmine: issue id 8682, created on 2018-03-19, closed on 2018-07-30)
- Relations:
- copied_to #8680 (closed)
- parent #8680 (closed)
To upload designs, you'll need to enable LFS and have admin enable hashed storage. More information