[CLSA-2026:1782143653] sqlite: Fix of 2 CVEs
Type:
security
Severity:
Important
Release date:
2026-06-22 15:54:30 UTC
Description:
- CVE-2026-11822: fix memory corruption in FTS5 fts5LeafRead() by rejecting leaf pages with szLeaf < 4, blocking the OOB read in fts5LeafSeek() - CVE-2026-11824: fix heap-based buffer overflow via integer underflow in fts5ChunkIterate() when szLeaf < 4 (same root cause; closed by the same fts5LeafRead validation tightening)
Updated packages:
  • lemon-3.34.1-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:6802f0af17307b37d801312273c86d47087234c2a2c2869449db291c1868f3a7
  • sqlite-3.34.1-8.el9_6.tuxcare.els1.i686.rpm
    sha:62afea424f5cad7000697892715c3862343e11dc9989ef25163adb9fbeed8089
  • sqlite-3.34.1-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:628115f4b3ed3b37389eac25a98c4450d63d8c0810613ff158a94bb6499db140
  • sqlite-analyzer-3.34.1-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:238bc0ae5024815f9f94923100fcb266b343c95da4eb2dae33cf18e5f0d58e7d
  • sqlite-devel-3.34.1-8.el9_6.tuxcare.els1.i686.rpm
    sha:80ea189c208a864630ca2e5a72fc6a03c2213a019977c8f0da853a9e4a43ec4a
  • sqlite-devel-3.34.1-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:7c412bd603f75302809cdb054ff0040bc9ea3d664ee7cc398294633a76f1701d
  • sqlite-doc-3.34.1-8.el9_6.tuxcare.els1.noarch.rpm
    sha:85c95787fdad599e993f992163869c189acabb6e2acee41c347590911b5661a9
  • sqlite-libs-3.34.1-8.el9_6.tuxcare.els1.i686.rpm
    sha:7ab5caad9a31782436715d1b73d9a57c45dfe72991b12688507f0ec4c5042056
  • sqlite-libs-3.34.1-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:8e6b33c3227300d0b555ac391d3e1d7da5e9a62315681f2ab5091dcf8b13167b
  • sqlite-tcl-3.34.1-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:389798845a7124c7cd57f6f9d3f906bb210e826af0ad8a2866d195cbd4924e42
  • sqlite-tools-3.34.1-8.el9_6.tuxcare.els1.x86_64.rpm
    sha:c32015bf7c5bffca09563751d877e74483dd51e5d0f135bdd040557c72f238d8
Notes:
This page is generated automatically and has not been checked for errors. For clarification or corrections please contact the CloudLinux Packaging Team.