Synopsis:
sqlite security updateSummary:
An update for sqlite is now available for openEuler-24.03-LTS-SP2Description:
SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications that people use every day.It also include lemon and sqlite3_analyzer and tcl tools.
Security Fix(es):
An information disclosure issue in the zipfileInflate function in the zipfile extension in SQLite v3.51.1 and earlier allows attackers to obtain heap memory via supplying a crafted ZIP file.(CVE-2025-70873)Topic:
An update for sqlite is now available for openEuler-24.03-LTS-SP2.
openEuler Security has rated this update as having a security impact of high. A Common Vunlnerability Scoring System(CVSS)base score,which gives a detailed severity rating, is available for each vulnerability from the CVElink(s) in the References section.Severity:
HighAffected Component:
sqlite
3.42.0-5.oe2403sp23.42.0-5.oe2403sp23.42.0-5.oe2403sp23.42.0-5.oe2403sp23.42.0-5.oe2403sp2Exploitability
AV:NAC:LPR:NUI:NScope
S:UImpact
C:HI:NA:N7.5/CVSS:3.1/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:N/A:N