mirror of
https://git.busybox.net/buildroot.git
synced 2024-11-23 13:33:28 +08:00
6bc04208ab
Fix CVE-2021-3119: Zetetic SQLCipher 4.x before 4.4.3 has a NULL pointer
dereferencing issue related to sqlcipher_export in crypto.c and
sqlite3StrICmp in sqlite3.c. This may allow an attacker to perform a
remote denial of service attack. For example, an SQL injection can be
used to execute the crafted SQL command sequence, which causes a
segmentation fault.
https://github.com/sqlcipher/sqlcipher/blob/v4.4.3/CHANGELOG.md
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
(cherry picked from commit
|
||
|---|---|---|
| .. | ||
| Config.in | ||
| sqlcipher.hash | ||
| sqlcipher.mk | ||