[CLSA-2026:1782142957] sqlite: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-22 15:42:53 UTC
Description:
- CVE-2026-11822: fix memory corruption in FTS5 fts5LeafRead() by rejecting leaf pages with szLeaf < 4, blocking the OOB read in fts5LeafSeek() - CVE-2026-11824: fix heap-based buffer overflow via integer underflow in fts5ChunkIterate() when szLeaf < 4 (same root cause; closed by the same fts5LeafRead validation tightening)
Updated packages:
  • lemon-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:f2226de30b9c5db0c5133b7560dd04428b76dde8d4d599bee2ac471b94b7ae70
  • sqlite-3.26.0-15.el8.tuxcare.els8.i686.rpm
    sha:98f802280c2b7f9bc048208ea7904a25f512e892a75597768502130f129f6cdc
  • sqlite-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:806221714131104e81a0f139a18845177f31f2a2c6d96547b97db76f4a465f57
  • sqlite-analyzer-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:7fb282165ce94d326327886ec18d882ec2a25a5e52096c1441dac38ce5b3a0ce
  • sqlite-devel-3.26.0-15.el8.tuxcare.els8.i686.rpm
    sha:db8e94b340cd9f64ff4c08375c7a843b6be7e23df3c4cb69198069a1d3076c10
  • sqlite-devel-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:973f9cdf8c988e151790c77862d1bfd4d728ca624f4aadac24f86adeb639626b
  • sqlite-doc-3.26.0-15.el8.tuxcare.els8.noarch.rpm
    sha:6aa94b9a132c021bf7b27565447ad10146edaf545538e986e28498bca9d788f5
  • sqlite-libs-3.26.0-15.el8.tuxcare.els8.i686.rpm
    sha:8c099beeb744886dd6910be0b2c7f553eab2948c91ea9b559652e4f8d9a79408
  • sqlite-libs-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:73456e83ce76f46a94e342b46733b52525b8616ace8a94f8e0da1074b133917a
  • sqlite-tcl-3.26.0-15.el8.tuxcare.els8.x86_64.rpm
    sha:ca5aef2b4eb764e965526de88fa41eaece582552359f6c6622cb963c003dd64b
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.