An insufficient data validation flaw was found in the SQLite component of the Chromium browser. Upstream bug(s): https://code.google.com/p/chromium/issues/detail?id=1025464 External References: https://chromereleases.googleblog.com/2019/12/stable-channel-update-for-desktop.html
Created chromium tracking bugs for this issue: Affects: epel-7 [bug 1782013] Affects: fedora-all [bug 1782012]
This issue has been addressed in the following products: Red Hat Enterprise Linux 6 Supplementary Via RHSA-2019:4238 https://access.redhat.com/errata/RHSA-2019:4238
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s): https://access.redhat.com/security/cve/cve-2019-13750
While the chromium bug is not public yet, its id leads us to this: https://chromium.googlesource.com/chromium/src/third_party/sqlite/+/47bd97d715260127c995d92dde8dd8adb669b6b3 https://chromium.googlesource.com/chromium/src/third_party/sqlite/+/47bd97d715260127c995d92dde8dd8adb669b6b3/patches/0001-Don-t-allow-shadow-tables-to-be-dropped-in-defensive.patch which further leads us to upstream commit: https://www.sqlite.org/src/info/70390bbca49e7066 https://github.com/sqlite/sqlite/commit/c72f2fb7feff582444b8ffdc6c900c69847ce8a9 There is no released sqlite version with the fix yet.
The defensive mode affected by this issue was introduced upstream in version 3.26.0: https://www.sqlite.org/releaselog/3_26_0.html https://www.sqlite.org/c3ref/c_dbconfig_defensive.html#sqlitedbconfigdefensive https://github.com/sqlite/sqlite/commit/a296cda016dfcf81674b04c041637fa0a4f426ac This issue should not be applicable to earlier versions.
Created mingw-sqlite tracking bugs for this issue: Affects: fedora-all [bug 1786515] Created sqlite tracking bugs for this issue: Affects: fedora-all [bug 1786514]
This issue has been addressed in the following products: Red Hat Enterprise Linux 8 Via RHSA-2021:4396 https://access.redhat.com/errata/RHSA-2021:4396