Release date:
2026-06-15 22:13:44 UTC
Description:
* SECURITY UPDATE: heap buffer overflow in FTS5 corrupt-record handling
- debian/patches/CVE-2026-11822-and-11824.patch: reject leaf pages with
szLeaf < 4 in fts5LeafRead() in ext/fts5/fts5_index.c, closing the
out-of-bounds read / heap buffer overflow paths in fts5ChunkIterate()
and fts5LeafSeek().
- CVE-2026-11822
- CVE-2026-11824
Updated packages:
-
lemon_3.31.1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:a6e2661f3288658cb4ae5b89a1cc4527f8e1c484
-
libsqlite3-0_3.31.1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:d7e39e0b0cf052d10355eec76aa236c93b363b20
-
libsqlite3-dev_3.31.1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:3280709bcd663d65ace5981c4253e82ad8895806
-
libsqlite3-tcl_3.31.1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:37bee208ca00ad6ee4f47ea9c11378d0810e7210
-
sqlite3_3.31.1-4ubuntu0.7+tuxcare.els2_amd64.deb
sha:f3b6da3104dffa5e97b344fb26332425833b71de
-
sqlite3-doc_3.31.1-4ubuntu0.7+tuxcare.els2_all.deb
sha:ebe4b69a129ff07190f8cb516ec198bad12acf43
Notes:
This page is generated automatically and has not been checked for errors. For clarification or
corrections please contact the
CloudLinux Packaging Team.