Created attachment 172028 [details] Add SQLite3 vuln entry (CVE-2016-6153) SQLite3 prior to 3.13.0 (eg. the one in 2016Q2) has a tempdir selection vulnerability. Attached is the VuXML entry patch. * Reported: https://www.korelogic.com/Resources/Advisories/KL-001-2016-003.txt * CVE assignment: http://openwall.com/lists/oss-security/2016/07/01/2
A commit references this bug: Author: junovitch Date: Sun Jul 3 18:44:40 UTC 2016 New revision: 417989 URL: https://svnweb.freebsd.org/changeset/ports/417989 Log: Document SQLite3 tempdir selection vulnerability PR: 210751 Submitted by: Vladimir Krstulja <vlad-fbsd@acheronmedia.com> Security: CVE-2016-6153 Security: https://vuxml.FreeBSD.org/freebsd/546deeea-3fc6-11e6-a671-60a44ce6887b.html Changes: head/security/vuxml/vuln.xml
Committed. Thank you! The 3.13.0 update was committed a month ago (see bug 209827) before the public release of the CVE on 1 July 2016. 2016Q3 already contains this and no further actions are needed here.