An insufficient data validation flaw was found in the SQLite component of the Chromium browser.
Created chromium tracking bugs for this issue:
Affects: epel-7 [bug 1782013]
Affects: fedora-all [bug 1782012]
This issue has been addressed in the following products:
Red Hat Enterprise Linux 6 Supplementary
Via RHSA-2019:4238 https://access.redhat.com/errata/RHSA-2019:4238
This bug is now closed. Further updates for individual products will be reflected on the CVE page(s):
While the chromium bug is not public yet, its id leads us to this:
which further leads us to upstream commit:
There is no released sqlite version with the fix yet.
The defensive mode affected by this issue was introduced upstream in version 3.26.0:
This issue should not be applicable to earlier versions.
Created mingw-sqlite tracking bugs for this issue:
Affects: fedora-all [bug 1786515]
Created sqlite tracking bugs for this issue:
Affects: fedora-all [bug 1786514]