Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

update sqlite.c to current version 3.47.2 since security issue #5525

Open
1 task done
aln8 opened this issue Dec 24, 2024 · 2 comments
Open
1 task done

update sqlite.c to current version 3.47.2 since security issue #5525

aln8 opened this issue Dec 24, 2024 · 2 comments
Labels
high-priority

Comments

@aln8
Copy link

aln8 commented Dec 24, 2024

Is there an already existing issue for this?

  • I have searched the existing issues

Expected behavior

current sqlite.c version 3.36.0 has 3 high CVE reports
CVE-2021-36690
CVE-2022-35737
CVE-2023-7104

Current behavior

as above

Steps to reproduce

as above

Fast DDS version/commit

master

Platform/Architecture

Other. Please specify in Additional context section.

Transport layer

Default configuration, UDPv4 & SHM

Additional context

No response

XML configuration file

No response

Relevant log output

No response

Network traffic capture

No response
@aln8 aln8 added the triage Issue pending classification label Dec 24, 2024
@aln8
Copy link
Author

aln8 commented Dec 24, 2024

if you are willing, I can send a PR.

@EugenioCollado EugenioCollado added high-priority and removed triage Issue pending classification labels Dec 24, 2024
@EugenioCollado
Copy link
Contributor

Hi @aln8 ,

Thank you for pointing out these CVEs. We will review the reported vulnerabilities and plan the next steps.

In the meantime, feel free to open a pull request to address the issue. You can refer to our contribution guidelines here.

We appreciate your support!

@aln8 aln8 mentioned this issue Dec 25, 2024
Open
7 tasks
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
high-priority
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@aln8 @EugenioCollado