Release date:
2026-06-22 16:02:08 UTC
Description:
* SECURITY UPDATE: memory corruption in FTS5 full-text search extension
- debian/patches/CVE-2026-11822-and-11824.patch: tighten leaf-page
validation in fts5LeafRead() to reject pages with szLeaf < 4. Closes
both the OOB read in fts5LeafSeek() (CVE-2026-11822) and the heap
buffer overflow via integer underflow in fts5ChunkIterate()
(CVE-2026-11824) at a single chokepoint.
- CVE-2026-11822
- CVE-2026-11824
Updated packages:
-
lemon_3.22.0-1ubuntu0.7+tuxcare.els4_amd64.deb
sha:e7ed1b8fab1f768a07204e1aee1e209e4a66c27e
-
libsqlite3-0_3.22.0-1ubuntu0.7+tuxcare.els4_amd64.deb
sha:c5dbc405ffc3239ade23f8aad6cadf6892f4ac79
-
libsqlite3-dev_3.22.0-1ubuntu0.7+tuxcare.els4_amd64.deb
sha:b1dc449dde0b26384fdbef50a136bafb73651d7f
-
libsqlite3-tcl_3.22.0-1ubuntu0.7+tuxcare.els4_amd64.deb
sha:65c55c600d2eccb0e6ca9268a9066ad119e64527
-
sqlite3_3.22.0-1ubuntu0.7+tuxcare.els4_amd64.deb
sha:7c3b241033d6f9096b5e0d5df0656a5b4f5b3db6
-
sqlite3-doc_3.22.0-1ubuntu0.7+tuxcare.els4_all.deb
sha:627df802ad030a328236589c994442c094414556
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.