#
369951 |
|
06-Jun-2021 |
cy |
sqlite3: import sqlite3 3.35.5
Merge commit '0511e356f5e2106928ee352ee974d1470c860a9a' into new_merge
Changes at https://www.sqlite.org/releaselog/3_35_5.html.
MFC after: 1 month
(cherry picked from commit ce9de47260d4edc963a94140789e4a52642c28e6)
Git Hash: d9d03b5409f32668a71468975d944ac1015e878b Git Author: cy@FreeBSD.org
|
#
369950 |
|
06-Jun-2021 |
cy |
Import sqlite 3.34.1 (3340100).
(cherry picked from commit 25cdacf79b06356c929e59d5074d26c9dac41bdf)
Git Hash: dad031410fa7144120627416491ace77a424879f Git Author: cy@FreeBSD.org
|
#
366076 |
|
23-Sep-2020 |
cy |
MFC r364720:
Update sqlite to 3.33.0 (3330000).
Release announcement at https://www.sqlite.org/releaselog/3_33_0.html.
|
#
363179 |
|
14-Jul-2020 |
cy |
MFC r362997:
Update sqlite to 3.32.3 (3320300).
Release Announcement: https://www.sqlite.org/releaselog/3_32_3.html See also: ports r541414
PR: 247819 Reported by: Pavel Volkov <pavelivolkov at gmail.com>
|
#
362190 |
|
15-Jun-2020 |
cy |
MFC r362095, r362145
r362095: MFV r362082:
Update sqlite3 3.31.1 --> 3.32.0.
PR: 247149 Reported by: spam123@bitbert.com Reminded by: emaste Security: CVE-2020-11655, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632
r362145: MFV r362143:
Update sqlite3 to 3.32.2 (3320200).
CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
CVE-2020-13434: SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
CVE-2020-13435: SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
CVE-2020-13630: ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature
CVE-2020-13631: SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
CVE-2020-13632: ext/fts3/fts3_snippet.c in SQLite before 3.32.0 ha s a NULL pointer dereference via a crafted matchinfo() query.
PR: 247149 Reported by: spam123@bitbert.com Security: vuxml: c4ac9c79-ab37-11ea-8b5e-b42e99a1b9c3 https://nvd.nist.gov/vuln/detail/CVE-2020-11655 https://nvd.nist.gov/vuln/detail/CVE-2020-13434 https://nvd.nist.gov/vuln/detail/CVE-2020-13435 https://nvd.nist.gov/vuln/detail/CVE-2020-13630 https://nvd.nist.gov/vuln/detail/CVE-2020-13631 https://nvd.nist.gov/vuln/detail/CVE-2020-13632
|
#
361456 |
|
25-May-2020 |
cy |
MFC r360221-r360223
r360221: In preparation for update to sqlite3-3.31.1 (3310100), recommit r357201: MFV r357163, which was reverted by r357522 due to segfault under PowerPc.
Update sqlite3-3.30.1 (3300100) --> sqlite3-3.31.0 (3310000)
r360222: MFV r360158:
Update sqlite3-3.31.0 (3310000) --> sqlite3-3.31.1 (3310100)
Tested by: Mark Millard <marklmi at yahoo.com> With to be committed PowerPC patch
r360223: Fix PowerPC segfault.
The segfault fix was originally developed by our upstream, sqlite.org, to address S/390 and Sparc segfaults, both of which are big endian. Our PowerPC is also big endian, which this patch also fixes.
Reported by: Mark Millard <marklmi at yahoo.com> Tested by: Mark Millard <marklmi at yahoo.com> Obtained from: https://www.sqlite.org/src/vinfo/04885763c4cd00cb?diff=1 https://sqlite.org/forum/forumpost/672291a5b2
|
#
355326 |
|
03-Dec-2019 |
cy |
MFC r354269:
MFV r354257:
Update sqlite3-3.29.0 (3290000) --> sqlite3-3.30.1 (3300100)
|
#
351633 |
|
31-Aug-2019 |
cy |
MFC r350103:
MFV r350080:
Update sqlite3-3.28.0 (3280000) --> sqlite3-3.29.0 (3290000)
|
#
347347 |
|
08-May-2019 |
cy |
MFC r347139:
MFV r347136: Update sqlite3-3.27.2 (3270200) --> sqlite3-3.28.0 (3280000)
Security: CVE-2019-9937, CVE-2019-9936
|
#
346983 |
|
01-May-2019 |
cy |
MFC r346459:
MFV r346450:
Update sqlite3-3.27.1 (3270100) --> sqlite3-3.27.2 (3270200)
|
#
346442 |
|
20-Apr-2019 |
cy |
MFC r345996:
Update sqlite3-3.26.0 (3260000) --> sqlite3-3.27.1 (3270100)
|
#
342292 |
|
21-Dec-2018 |
cy |
MFC r333352 & r342183:
r333352: Update private sqlite from sqlite3-3.20.0 to sqlite3-3.23.1 r342183: Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000)
PR: 234113 Security: https://blade.tencent.com/magellan/index_en.html No known CVE was apparently registered.
|
#
322444 |
|
12-Aug-2017 |
peter |
MFC: r322386 Update private sqlite3-3.14.1 to sqlite3-3.20.0.
|
#
305002 |
|
29-Aug-2016 |
cy |
MFC r304747:
Update from sqlite3-3.12.1 (3120100) to sqlite3-3.14.1 (3140100).
This commit addresses the tmpdir selection vulnerability fixed in sqlite3-1.13.0. See VuXML entry 546deeea-3fc6-11e6-a671-60a44ce6887b.
Security: VuXML 546deeea-3fc6-11e6-a671-60a44ce6887b Security: CVE-2016-6153
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
298161 |
|
17-Apr-2016 |
bapt |
Import sqlite3 3.12.1
|
#
286510 |
|
09-Aug-2015 |
peter |
Update the private sqlite3 from 3.8.9 to 3.8.11.1 (used by svnlite and kerberos)
|
#
282328 |
|
01-May-2015 |
bapt |
Import sqlite3 3.8.9
|
#
274884 |
|
22-Nov-2014 |
bapt |
Update sqlite3 to 3.8.7.2
|
#
269851 |
|
12-Aug-2014 |
peter |
Update sqlite-3.7.17 -> 3.8.5
|
#
251886 |
|
18-Jun-2013 |
peter |
Introduce svnlite so that we can check out our source code again.
This is actually a fully functional build except: * All internal shared libraries are static linked to make sure there is no interference with ports (and to reduce build time). * It does not have the python/perl/etc plugin or API support. * By default, it installs as "svnlite" rather than "svn". * If WITH_SVN added in make.conf, you get "svn". * If WITHOUT_SVNLITE is in make.conf, this is completely disabled.
To be absolutely clear, this is not intended for any use other than checking out freebsd source and committing, like we once did with cvs.
It should be usable for small scale local repositories that don't need the python/perl plugin architecture.
|
#
251883 |
|
18-Jun-2013 |
peter |
Import sqlite-3071700
|
#
302408 |
|
07-Jul-2016 |
gjb |
Copy head@r302406 to stable/11 as part of the 11.0-RELEASE cycle. Prune svn:mergeinfo from the new branch, as nothing has been merged here.
Additional commits post-branch will follow.
Approved by: re (implicit) Sponsored by: The FreeBSD Foundation |
#
298161 |
|
17-Apr-2016 |
bapt |
Import sqlite3 3.12.1
|
#
286510 |
|
09-Aug-2015 |
peter |
Update the private sqlite3 from 3.8.9 to 3.8.11.1 (used by svnlite and kerberos)
|
#
282328 |
|
01-May-2015 |
bapt |
Import sqlite3 3.8.9
|
#
274884 |
|
22-Nov-2014 |
bapt |
Update sqlite3 to 3.8.7.2
|
#
269851 |
|
12-Aug-2014 |
peter |
Update sqlite-3.7.17 -> 3.8.5
|
#
251886 |
|
18-Jun-2013 |
peter |
Introduce svnlite so that we can check out our source code again.
This is actually a fully functional build except: * All internal shared libraries are static linked to make sure there is no interference with ports (and to reduce build time). * It does not have the python/perl/etc plugin or API support. * By default, it installs as "svnlite" rather than "svn". * If WITH_SVN added in make.conf, you get "svn". * If WITHOUT_SVNLITE is in make.conf, this is completely disabled.
To be absolutely clear, this is not intended for any use other than checking out freebsd source and committing, like we once did with cvs.
It should be usable for small scale local repositories that don't need the python/perl plugin architecture.
|
#
251883 |
|
18-Jun-2013 |
peter |
Import sqlite-3071700
|