ALSA-2021:1968

[ALSA-2021:1968] Moderate: mingw packages security and bug fix update

Type:

security

Severity:

moderate

Release date:

2021-08-11

Description:

MinGW is a free and open source software development environment to create Microsoft Windows applications.

The following packages have been upgraded to a later upstream version: mingw-sqlite (3.26.0.0). (BZ#1845475)

Security Fix(es):

* sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c (CVE-2019-16168)

* sqlite: Integer overflow in sqlite3_str_vappendf function in printf.c (CVE-2020-13434)

* sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c (CVE-2020-13630)

* sqlite: Virtual table can be renamed into the name of one of its shadow tables (CVE-2020-13631)

* sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query (CVE-2020-13632)

For more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.

Additional Changes:

For detailed information on changes in this release, see the AlmaLinux Release Notes linked from the References section.

References:

Updated packages listed below:

Architecture	Package	Checksum
aarch64	mingw32-binutils-2.30-3.el8.aarch64.rpm	42a2587e8f44f1d195c35a798c7e903943b5bcef129d63cdc1c9c6511ddb1ea8
aarch64	mingw-binutils-generic-2.30-3.el8.aarch64.rpm	835910046fc1d6620dac15651e0e32a44636088ffb22ebdb6b684fdc279a491c
aarch64	mingw64-binutils-2.30-3.el8.aarch64.rpm	bb69ae77e561ed8b5245cf05cf18150d8e9b7eea86d9baf7ea9429845ca31d71
noarch	mingw32-sqlite-static-3.26.0.0-1.el8.noarch.rpm	35e6013c5508afd841454c97effa0f29159773a8535ab71d53a722c8733dc905
noarch	mingw64-filesystem-104-2.el8.noarch.rpm	38f6f73b1264786cf8ceec2cb28c884d1131a48111253107328ec51ec770e439
noarch	mingw32-bzip2-static-1.0.6-14.el8.noarch.rpm	5ead7341f4fb765581cdd6ed8c8723c66ff788c5da29668d64725f534c683cab
noarch	mingw32-sqlite-3.26.0.0-1.el8.noarch.rpm	65f32ec0f6e867edfd68bb7ac3fd821d0fcedd524af472842e626a3bc360c7a2
noarch	mingw-filesystem-base-104-2.el8.noarch.rpm	8b13e0c940af1e9dee09a98b88f965e0cb204f907d006436b2d21bc3d8a5736e
noarch	mingw64-sqlite-3.26.0.0-1.el8.noarch.rpm	946945c5351083959ac0f55d6f3f0ef0eb505e7494d920cf630a32b68faff352
noarch	mingw64-sqlite-static-3.26.0.0-1.el8.noarch.rpm	b51047f448ee5b19af3f75e4276808dfeeabf9f4fd1a23710d93bfec49580e8a
noarch	mingw64-bzip2-1.0.6-14.el8.noarch.rpm	d559a1e5bfcb89b17e2a95ee8b6ba9dc47de5cdb53829f6d20753747dc593be8
noarch	mingw32-bzip2-1.0.6-14.el8.noarch.rpm	d786e38669ae3888d4218f9eedeccc74180dc03d1241c6dfbe785284264a221c
noarch	mingw64-bzip2-static-1.0.6-14.el8.noarch.rpm	defcfa4844146febc70e056d73cbd2cf0722d9a0812c5d4685526f3ba0978b28
noarch	mingw32-filesystem-104-2.el8.noarch.rpm	f38cbadb0f2be95dfa1d8d39406f47b8189ee2c9a6dcb5fb9f7d94af8b8ab8ff
ppc64le	mingw-binutils-generic-2.30-3.el8.ppc64le.rpm	426a6f74a84a4ff312fb8479d1c8d5134709dae605aa19d44e13d21ee8f49fdf
ppc64le	mingw64-binutils-2.30-3.el8.ppc64le.rpm	7e5d35fb07632a912573e4515a199bd00f5cede6d17fb16dc4d40256a5f27aa7
ppc64le	mingw32-binutils-2.30-3.el8.ppc64le.rpm	819bc47084e124a4f5650dee578f10fea190d1183adcb8349f135e0770d09c7a
x86_64	mingw32-binutils-2.30-3.el8.x86_64.rpm	bd46328106c3173bd255701447eb54e602ecf66de27fda6c9a4b0a94a4065a8c
x86_64	mingw64-binutils-2.30-3.el8.x86_64.rpm	e69659adc97e487b5dc5ce0e7b1dd8e1d3b8e11859d08b6fea1a9dac5a10e8e7
x86_64	mingw-binutils-generic-2.30-3.el8.x86_64.rpm	ff69aa8fbbfef22dc1f95a94ee8e39b3e6e39b6c6fe58a4b70de9eb72a2bd3d3

Notes:

This page is generated automatically from Red Hat security data and has not been checked for errors. For clarification or corrections please contact the AlmaLinux Packaging Team.