From mboxrd@z Thu Jan 1 00:00:00 1970 Return-Path: Received: from mp1 ([2001:41d0:2:4a6f::]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) by ms0.migadu.com with LMTPS id 2AhiJs5zXGB5BAEAgWs5BA (envelope-from ) for ; Thu, 25 Mar 2021 12:28:14 +0100 Received: from aspmx1.migadu.com ([2001:41d0:2:4a6f::]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)) by mp1 with LMTPS id 2IboIc5zXGBJVAAAbx9fmQ (envelope-from ) for ; Thu, 25 Mar 2021 11:28:14 +0000 Received: from lists.gnu.org (lists.gnu.org [209.51.188.17]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by aspmx1.migadu.com (Postfix) with ESMTPS id EC64EA750 for ; Thu, 25 Mar 2021 12:28:13 +0100 (CET) Received: from localhost ([::1]:39114 helo=lists1p.gnu.org) by lists.gnu.org with esmtp (Exim 4.90_1) (envelope-from ) id 1lPO9s-0002yD-RQ for larch@yhetil.org; Thu, 25 Mar 2021 07:28:12 -0400 Received: from eggs.gnu.org ([2001:470:142:3::10]:33648) by lists.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_256_GCM_SHA384:256) (Exim 4.90_1) (envelope-from ) id 1lPO9j-0002xW-0a for bug-guix@gnu.org; Thu, 25 Mar 2021 07:28:03 -0400 Received: from debbugs.gnu.org ([209.51.188.43]:54046) by eggs.gnu.org with esmtps (TLS1.2:ECDHE_RSA_AES_128_GCM_SHA256:128) (Exim 4.90_1) (envelope-from ) id 1lPO9i-0005cr-PP for bug-guix@gnu.org; Thu, 25 Mar 2021 07:28:02 -0400 Received: from Debian-debbugs by debbugs.gnu.org with local (Exim 4.84_2) (envelope-from ) id 1lPO9i-0002A2-MA for bug-guix@gnu.org; Thu, 25 Mar 2021 07:28:02 -0400 X-Loop: help-debbugs@gnu.org Subject: bug#47231: sqlite package is vulnerable to CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358 and CVE-2020-9327 Resent-From: Tobias Geerinckx-Rice Original-Sender: "Debbugs-submit" Resent-CC: bug-guix@gnu.org Resent-Date: Thu, 25 Mar 2021 11:28:02 +0000 Resent-Message-ID: Resent-Sender: help-debbugs@gnu.org X-GNU-PR-Message: followup 47231 X-GNU-PR-Package: guix X-GNU-PR-Keywords: security To: =?UTF-8?Q?L=C3=A9o?= Le Bouter , Ludovic =?UTF-8?Q?Court=C3=A8s?= Cc: 47231@debbugs.gnu.org X-Debbugs-Original-Cc: 47231@debbugs.gnu.org, bug-guix@gnu.org Received: via spool by 47231-submit@debbugs.gnu.org id=B47231.16166716528227 (code B ref 47231); Thu, 25 Mar 2021 11:28:02 +0000 Received: (at 47231) by debbugs.gnu.org; 25 Mar 2021 11:27:32 +0000 Received: from localhost ([127.0.0.1]:37354 helo=debbugs.gnu.org) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPO9D-00028d-OX for submit@debbugs.gnu.org; Thu, 25 Mar 2021 07:27:31 -0400 Received: from tobias.gr ([80.241.217.52]:35458) by debbugs.gnu.org with esmtp (Exim 4.84_2) (envelope-from ) id 1lPO9B-00028U-T5 for 47231@debbugs.gnu.org; Thu, 25 Mar 2021 07:27:31 -0400 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=tobias.gr; s=2018; bh=kGFuTIW+GMtgV/ntf4stIx4+E0QzmrC+Ep28MXz0RCI=; h=date:in-reply-to: subject:cc:to:from:references; b=a2Jk635QP5vs9hlhsQiQoZp9ht8LHJWmTUFXO LonzyVNMBB/4Q/ZvKG7waP9bn6fcf3LlkAIajBcMeaeSc08zpeyfyh1UcAfXfI0946tc66 7ObJJp8igBxQRHl4KSV3MH+9wmf0AJnrS1uDYO0z83sDXcznyuqzgucK1oNrs2k2Q69Ite t6mkvIBWcHzE/BoapvKqghPCulcKsTt9/QDQVshBXHJtFosdWXkbV/JMIwcQNtr4NWaQbU u8I1DpeuvuJ3QRO2oysi0eE54BJFYlk20ajIpMybD0FgTuaMu9mzXe/qpzPPFHr8sStp3v 4zdIPhRU+3LvpjVgcCOUHwXLw== Received: by submission.tobias.gr (OpenSMTPD) with ESMTPSA id 2062aee3 (TLSv1.2:ECDHE-ECDSA-AES256-GCM-SHA384:256:NO); Thu, 25 Mar 2021 11:28:33 +0000 (UTC) References: <0381641839f5d0e71cbb496b95b9947a2a2c2799.camel@zaclys.net> In-reply-to: BIMI-Selector: v=BIMI1; s=default; Message-ID: <87y2ebh3rz.fsf@nckx> Date: Thu, 25 Mar 2021 12:27:28 +0100 MIME-Version: 1.0 Content-Type: text/plain; format=flowed X-BeenThere: debbugs-submit@debbugs.gnu.org X-Mailman-Version: 2.1.18 Precedence: list X-BeenThere: bug-guix@gnu.org List-Id: Bug reports for GNU Guix List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: bug-guix-bounces+larch=yhetil.org@gnu.org Sender: "bug-Guix" Reply-to: Tobias Geerinckx-Rice From: Tobias Geerinckx-Rice via Bug reports for GNU Guix X-Migadu-Flow: FLOW_IN ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=yhetil.org; s=key1; t=1616671694; h=from:from:sender:sender:reply-to:reply-to:subject:subject:date:date: message-id:message-id:to:to:cc:cc:mime-version:mime-version: content-type:content-type:resent-cc:resent-from:resent-sender: resent-message-id:in-reply-to:in-reply-to:references:references: list-id:list-help:list-unsubscribe:list-subscribe:list-post: dkim-signature; bh=kGFuTIW+GMtgV/ntf4stIx4+E0QzmrC+Ep28MXz0RCI=; b=f7WrKCMDNmZwoy4Yam/wtKgqT9wEgDQhnvjOhI8qu+mdxhe0I6kOAYJcS5qCZNsDV5IwO6 1hfH8BjjcLlzV83vbe+u5+qRoclv46nXbb43NNN79Gix/ITzhyKM8ORLyrd3i9+Dm5Qx0D 2BoXWMWrxOBTm9z+xd2pdgqoP26qZot0kqE4q3vvn6UK8nIbhXsXtjk2gbdTMyKrbnLa8Y fua4AOkuumSpQBc2QhRTySqnr0RQX5dCpq/p/ZJIpHyPCoDGgob4K1PrpifaE5nEtgQ6ZV vYYfUo/UDPHpvONH3izwX3JIUMaEO47jbyqnyfNoNn7TZC8g7s6FM6iNQFZ52w== ARC-Seal: i=1; s=key1; d=yhetil.org; t=1616671694; a=rsa-sha256; cv=none; b=iyu1ygK5Dy6oFMx7eJSM0MQ87Q4oy3VdcGsj5M5Y0qEkk0o4s1/kObB5ZRxgeVxdIPD3s7 Zjh68j/n0NNTqRBMZ81YvN9S0RXcepazqOLSt54jX1krSnJ9xKubD05U7WndW3tEoaPVYM q2z9Oh1pGWrhKAzRfrlTBAfc0w8QgprmYSTjWEwQFf7t02ND1TRa3V4Qavt50d5b6VDC3J 88qpWkRWz5L2bUcWlKD6k44P9cIpIUaV8i8XGNQc1OUxsxHI6iHp8QZesQBPY1XshwS4YV 98hw0pgW2Mql7UsvGaWTUup/8Sk1Ky96sNUYIwBy0tmMVC87LWKciSsPu2gKZQ== ARC-Authentication-Results: i=1; aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=tobias.gr header.s=2018 header.b=a2Jk635Q; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Spam-Score: -2.96 Authentication-Results: aspmx1.migadu.com; dkim=fail ("headers rsa verify failed") header.d=tobias.gr header.s=2018 header.b=a2Jk635Q; dmarc=pass (policy=none) header.from=gnu.org; spf=pass (aspmx1.migadu.com: domain of bug-guix-bounces@gnu.org designates 209.51.188.17 as permitted sender) smtp.mailfrom=bug-guix-bounces@gnu.org X-Migadu-Queue-Id: EC64EA750 X-Spam-Score: -2.96 X-Migadu-Scanner: scn0.migadu.com X-TUID: eM7NDx7S2Lyw Thanks! I'm currently rebuilding IceCat with this change as an extra precaution, but that shouldn't take long. If that doesn't cause problems this LGTM for master. Ludo', do you think the Guix test described here is a good one? Kind regards, T G-R