Source | Text Version

QSN-4004-1: db5.3 vulnerability

June 4, 2019

Summary

Berkeley DB could be made to expose sensitive information.

Details

It was discovered that Berkeley DB incorrectly handled certain inputs. An attacker could possibly use this issue to read sensitive information.

References

https://usn.ubuntu.com/usn/usn-4004-1

http://people.canonical.com/~ubuntu-security/cve/CVE-2019-8457

Update

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l db5.3-sql-util

If the current version you have is before 5.3.28-11ubuntu0.2, run the following:

$ sudo apt-get update
$ sudo apt-get install db5.3-sql-util

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l db5.3-util

If the current version you have is before 5.3.28-11ubuntu0.2, run the following:

$ sudo apt-get update
$ sudo apt-get install db5.3-util

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l libdb5.3

If the current version you have is before 5.3.28-11ubuntu0.2, run the following:

$ sudo apt-get update
$ sudo apt-get install libdb5.3

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l libdb5.3-sql

If the current version you have is before 5.3.28-11ubuntu0.2, run the following:

$ sudo apt-get update
$ sudo apt-get install libdb5.3-sql

A general update will usually fix all issues, but to make sure, you can check your current version with:

$ dpkg -l libdb5.3-sql-dev

If the current version you have is before 5.3.28-11ubuntu0.2, run the following:

$ sudo apt-get update
$ sudo apt-get install libdb5.3-sql-dev

Copyright © 2010-2015, OSNEXUS Corporation. All rights reserved.