{"schema_version": "1.7.0", "id": "RLSA-2021:1968", "modified": "2026-01-07T09:02:59.916090Z", "published": "2026-01-07T09:02:16.167403Z", "upstream": ["CVE-2019-16168", "CVE-2020-13434", "CVE-2020-13630", "CVE-2020-13631", "CVE-2020-13632"], "summary": "Moderate: mingw packages security and bug fix update", "details": "MinGW is a free and open source software development environment to create Microsoft Windows applications.\n\nThe following packages have been upgraded to a later upstream version: mingw-sqlite (3.26.0.0). (BZ#1845475)\n\nSecurity Fix(es):\n\n* sqlite: Division by zero in whereLoopAddBtreeIndex in sqlite3.c (CVE-2019-16168)\n\n* sqlite: Integer overflow in sqlite3_str_vappendf function in printf.c (CVE-2020-13434)\n\n* sqlite: Use-after-free in fts3EvalNextRow in ext/fts3/fts3.c (CVE-2020-13630)\n\n* sqlite: Virtual table can be renamed into the name of one of its shadow tables (CVE-2020-13631)\n\n* sqlite: NULL pointer dereference in ext/fts3/fts3_snippet.c via a crafted matchinfo() query (CVE-2020-13632)\n\nFor more details about the security issue(s), including the impact, a CVSS score, acknowledgments, and other related information, refer to the CVE page(s) listed in the References section.\n\nAdditional Changes:\n\nFor detailed information on changes in this release, see the Rocky Linux 8.4 Release Notes linked from the References section.", "severity": [{"type": "CVSS_V3", "score": "CVSS:3.1/AV:L/AC:H/PR:L/UI:N/S:U/C:H/I:H/A:H"}], "affected": [{"package": {"ecosystem": "Rocky Linux:8", "name": "mingw-binutils", "purl": "pkg:rpm/rocky-linux/mingw-binutils?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:2.30-3.el8"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "mingw-bzip2", "purl": "pkg:rpm/rocky-linux/mingw-bzip2?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:1.0.6-14.el8"}], "database_specific": {"yum_repository": "PowerTools"}}]}, {"package": {"ecosystem": "Rocky Linux:8", "name": "mingw-sqlite", "purl": "pkg:rpm/rocky-linux/mingw-sqlite?distro=rocky-linux-8&epoch=0"}, "ranges": [{"type": "ECOSYSTEM", "events": [{"introduced": "0"}, {"fixed": "0:3.26.0.0-1.el8"}], "database_specific": {"yum_repository": "PowerTools"}}]}], "references": [{"type": "ADVISORY", "url": "https://errata.rockylinux.org/RLSA-2021:1968"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1768986"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841223"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841562"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841568"}, {"type": "REPORT", "url": "https://bugzilla.redhat.com/show_bug.cgi?id=1841574"}], "credits": [{"name": "Rocky Enterprise Software Foundation"}, {"name": "Red Hat"}]}