| Package | sqlite3 |
|---|---|
| Version | 3.27.2-3+deb10u3 (buster) |
| Related CVEs | CVE-2019-19244 CVE-2021-36690 CVE-2023-7104 |
Multiple vulnerabilities have been fixed in the SQLite database.
CVE-2019-19244
Mishandling of sub-select that uses both DISTINCT and window functions, and also has certain ORDER BY usage
CVE-2021-36690
Expert extension segfault
CVE-2023-7104
Session extension buffer overread
For Debian 10 buster, these problems have been fixed in version 3.27.2-3+deb10u3.
We recommend that you upgrade your sqlite3 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.