| Package | sqlite3 |
|---|---|
| Version | 3.8.7.1-1+deb8u7 (jessie) |
| Related CVEs | CVE-2019-16168 CVE-2019-20218 |
Multiple fixes for vulnerabilities were backported from Debian stretch to Debian jessie. The two fixed vulnerabilities could result in crashes when working with BTree indexes, and in unexpected behaviour after parsing errors in WITH clauses.
Debian 9 stretch is not affected, the changes have been delivered there before.
For Debian 8 jessie, these problems have been fixed in version 3.8.7.1-1+deb8u7.
We recommend that you upgrade your sqlite3 packages.
Further information about Extended LTS security advisories can be found in the dedicated section of our website.