Easytrieve for Windows, release 11.1

SQLite was introduced in the 11.1 SP2 release as a replacement for the bundled "ctree" database, which is no longer included with Easytrieve.

SQLite serves as the emulation of VSAM on Easytrieve for Windows.

Those using Easytrieve for Windows <= 11.1SP1 or those not utilizing indexed files in their Easytrieve programs do not need to be concerned.

Even those with Easytrieve for Windows >= 11.1SP2 are not technically impacted by this vulnerability, as the CVE-2025-6965 depends on the attacker being able to execute arbitrary SQL statements - this is not the case with the Easytrieve for Windows 11.1SP2, as the SQL statements are hardcoded and transparent to the customer (the customer codes only normal Easytrieve statements for indexed files).

Whether you have Easytrieve for Windows 11.1 SP1 or SP2, this vulnerability will not be relevant for you.