openembedded-core.git/meta/recipes-support/sqlite, branch thud Mirror of openembedded-core sqlite3: Merge/simplify CFLAGS 2018-06-18T09:59:33+00:00 Richard Purdie richard.purdie@linuxfoundation.org 2018-06-16T11:36:09+00:00 604777acfc54d285f315b622bd147ed02d55d6fd An earlier version of a change was merged from S. Lockwood-Childs <sjl@vctlabs.com> which made the CFLAGS consistent across native, nativesdk and target cases. This syncs with a later verison of the patch to remove duplicate CFLAGS settings and simplify the recipe. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
An earlier version of a change was merged from S. Lockwood-Childs
<sjl@vctlabs.com> which made the CFLAGS consistent across native,
nativesdk and target cases. This syncs with a later verison of the
patch to remove duplicate CFLAGS settings and simplify the recipe.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sqlite3: consistent set of features for nativesdk 2018-06-15T09:58:55+00:00 S. Lockwood-Childs sjl@vctlabs.com 2018-06-15T07:56:18+00:00 7c8b85e1c3d852975cd5961a297aa939bf4c7fe7 Enable use of pread() and enable column metadata API for nativesdk builds. This brings nativesdk in line with target and native builds. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
Enable use of pread() and enable column metadata API for nativesdk builds.
This brings nativesdk in line with target and native builds.

Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sqlite3: upgrade 3.23.0 -> 3.23.1 2018-05-22T12:09:02+00:00 Marko, Peter peter.marko@siemens.com 2018-05-14T11:01:18+00:00 6a90852e7e8fd6d17308d78966e700f17f567898 Signed-off-by: Marko Peter <peter.marko@siemens.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Signed-off-by: Marko Peter <peter.marko@siemens.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
sqlite3: upgrade to version 3.23.0 2018-05-04T08:54:55+00:00 Maxin B. John maxin.john@intel.com 2018-04-04T15:32:25+00:00 b478af4cd9c1cb0cab35b0160f7df3f31ca7358b 3.22.0 -> 3.23.0 Includes optimizations and fixes for issues detected by OSSFuzz Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
3.22.0 -> 3.23.0

Includes optimizations and fixes for issues detected by OSSFuzz

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sqlite3: upgrade to version 3.22.0 2018-01-26T13:07:21+00:00 Maxin B. John maxin.john@intel.com 2018-01-23T14:05:47+00:00 fff2409587e8a253c1f79a3d3c78907440402188 Update SRC_URI for releases in 2018. Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Update SRC_URI for releases in 2018.

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
sqlite3: upgrade to 3.21.0 2017-11-21T12:56:24+00:00 Maxin B. John maxin.john@intel.com 2017-11-10T12:00:27+00:00 483711e676cd063a873179bdb2daedf56de0aa75 Remove upstreamed patch: 1. sqlite3-fix-CVE-2017-13685.patch Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
Remove upstreamed patch:
        1. sqlite3-fix-CVE-2017-13685.patch

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
sqlite3: fix CVE-2017-13685 2017-10-16T22:52:04+00:00 Wenzong Fan wenzong.fan@windriver.com 2017-10-16T09:31:32+00:00 9b9f566d2042f2b393de88506d2da964bc4d17b0 The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. Backport patch to fix the issue. Some references: https://sqlite.org/src/info/02f0f4c54f2819b3 http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
The dump_callback function in SQLite 3.20.0 allows remote attackers to
cause a denial of service (EXC_BAD_ACCESS and application crash) via a
crafted file.

Backport patch to fix the issue. Some references:
https://sqlite.org/src/info/02f0f4c54f2819b3
http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
sqlite3: upgrade to 3.2.0 2017-08-18T09:40:08+00:00 Wenzong Fan wenzong.fan@windriver.com 2017-08-16T05:58:36+00:00 95b802bfe74ac6a3f6dc05edb52c87ef90600f40 * Uprev from 3.19.3 to 3.2.0 for fixing CVE-2017-10989: The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3, as used in GDAL and other products, mishandles undersized RTree blobs in a crafted database, leading to a heap-based buffer over-read or possibly unspecified other impact. https://nvd.nist.gov/vuln/detail/CVE-2017-10989 * LIC_FILES_CHKSUM updated for below changes: -** 2001 September 15 +** 2001-09-15 Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 
* Uprev from 3.19.3 to 3.2.0 for fixing CVE-2017-10989:

The getNodeSize function in ext/rtree/rtree.c in SQLite through 3.19.3,
as used in GDAL and other products, mishandles undersized RTree blobs
in a crafted database, leading to a heap-based buffer over-read or
possibly unspecified other impact.

https://nvd.nist.gov/vuln/detail/CVE-2017-10989

* LIC_FILES_CHKSUM updated for below changes:

  -** 2001 September 15
  +** 2001-09-15

Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sqlite3.inc: set CVE_PRODUCT to sqlite 2017-07-24T08:12:27+00:00 Mikko Rapeli mikko.rapeli@bmw.de 2017-07-20T13:23:07+00:00 cec6f26f4d2f16c9a58fac5a6344e3d43b36ed09 It is used in NVD for CVE's like: https://nvd.nist.gov/vuln/detail/CVE-2016-6153 Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de> Signed-off-by: Ross Burton <ross.burton@intel.com> 
It is used in NVD for CVE's like:

https://nvd.nist.gov/vuln/detail/CVE-2016-6153

Signed-off-by: Mikko Rapeli <mikko.rapeli@bmw.de>
Signed-off-by: Ross Burton <ross.burton@intel.com>
sqlite3: upgrade to 3.19.3 2017-07-21T21:45:21+00:00 Maxin B. John maxin.john@intel.com 2017-07-19T15:01:24+00:00 2635067901c932888a998ea0fbb45f5d4d3c7c24 3.19.2 -> 3.19.3 Fixes a bug associated with auto_vacuum that can lead to database corruption. Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> 
3.19.2 -> 3.19.3

Fixes a bug associated with auto_vacuum that can lead to database
corruption.

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>