369951 |
06-Jun-2021 |
cy |
sqlite3: import sqlite3 3.35.5
Merge commit '0511e356f5e2106928ee352ee974d1470c860a9a' into new_merge
Changes at https://www.sqlite.org/releaselog/3_35_5.html.
MFC after: 1 month
(cherry picked from commit ce9de47260d4edc963a94140789e4a52642c28e6)
Git Hash: d9d03b5409f32668a71468975d944ac1015e878b Git Author: cy@FreeBSD.org |
369950 |
06-Jun-2021 |
cy |
Import sqlite 3.34.1 (3340100).
(cherry picked from commit 25cdacf79b06356c929e59d5074d26c9dac41bdf)
Git Hash: dad031410fa7144120627416491ace77a424879f Git Author: cy@FreeBSD.org |
366076 |
23-Sep-2020 |
cy |
MFC r364720:
Update sqlite to 3.33.0 (3330000).
Release announcement at https://www.sqlite.org/releaselog/3_33_0.html. |
363179 |
14-Jul-2020 |
cy |
MFC r362997:
Update sqlite to 3.32.3 (3320300).
Release Announcement: https://www.sqlite.org/releaselog/3_32_3.html See also: ports r541414
PR: 247819 Reported by: Pavel Volkov <pavelivolkov at gmail.com> |
362190 |
15-Jun-2020 |
cy |
MFC r362095, r362145
r362095: MFV r362082:
Update sqlite3 3.31.1 --> 3.32.0.
PR: 247149 Reported by: spam123@bitbert.com Reminded by: emaste Security: CVE-2020-11655, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632
r362145: MFV r362143:
Update sqlite3 to 3.32.2 (3320200).
CVE-2020-11655: SQLite through 3.31.1 allows attackers to cause a denial of service (segmentation fault) via a malformed window-function query because the AggInfo object's initialization is mishandled.
CVE-2020-13434: SQLite through 3.32.0 has an integer overflow in sqlite3_str_vappendf in printf.c.
CVE-2020-13435: SQLite through 3.32.0 has a segmentation fault in sqlite3ExprCodeTarget in expr.c.
CVE-2020-13630: ext/fts3/fts3.c in SQLite before 3.32.0 has a use-after-free in fts3EvalNextRow, related to the snippet feature
CVE-2020-13631: SQLite before 3.32.0 allows a virtual table to be renamed to the name of one of its shadow tables, related to alter.c and build.c.
CVE-2020-13632: ext/fts3/fts3_snippet.c in SQLite before 3.32.0 ha s a NULL pointer dereference via a crafted matchinfo() query.
PR: 247149 Reported by: spam123@bitbert.com Security: vuxml: c4ac9c79-ab37-11ea-8b5e-b42e99a1b9c3 https://nvd.nist.gov/vuln/detail/CVE-2020-11655 https://nvd.nist.gov/vuln/detail/CVE-2020-13434 https://nvd.nist.gov/vuln/detail/CVE-2020-13435 https://nvd.nist.gov/vuln/detail/CVE-2020-13630 https://nvd.nist.gov/vuln/detail/CVE-2020-13631 https://nvd.nist.gov/vuln/detail/CVE-2020-13632 |
361456 |
25-May-2020 |
cy |
MFC r360221-r360223
r360221: In preparation for update to sqlite3-3.31.1 (3310100), recommit r357201: MFV r357163, which was reverted by r357522 due to segfault under PowerPc.
Update sqlite3-3.30.1 (3300100) --> sqlite3-3.31.0 (3310000)
r360222: MFV r360158:
Update sqlite3-3.31.0 (3310000) --> sqlite3-3.31.1 (3310100)
Tested by: Mark Millard <marklmi at yahoo.com> With to be committed PowerPC patch
r360223: Fix PowerPC segfault.
The segfault fix was originally developed by our upstream, sqlite.org, to address S/390 and Sparc segfaults, both of which are big endian. Our PowerPC is also big endian, which this patch also fixes.
Reported by: Mark Millard <marklmi at yahoo.com> Tested by: Mark Millard <marklmi at yahoo.com> Obtained from: https://www.sqlite.org/src/vinfo/04885763c4cd00cb?diff=1 https://sqlite.org/forum/forumpost/672291a5b2 |
355326 |
03-Dec-2019 |
cy |
MFC r354269:
MFV r354257:
Update sqlite3-3.29.0 (3290000) --> sqlite3-3.30.1 (3300100) |
351633 |
31-Aug-2019 |
cy |
MFC r350103:
MFV r350080:
Update sqlite3-3.28.0 (3280000) --> sqlite3-3.29.0 (3290000) |
347347 |
08-May-2019 |
cy |
MFC r347139:
MFV r347136: Update sqlite3-3.27.2 (3270200) --> sqlite3-3.28.0 (3280000)
Security: CVE-2019-9937, CVE-2019-9936 |
346983 |
01-May-2019 |
cy |
MFC r346459:
MFV r346450:
Update sqlite3-3.27.1 (3270100) --> sqlite3-3.27.2 (3270200) |
346442 |
20-Apr-2019 |
cy |
MFC r345996:
Update sqlite3-3.26.0 (3260000) --> sqlite3-3.27.1 (3270100) |
342292 |
21-Dec-2018 |
cy |
MFC r333352 & r342183:
r333352: Update private sqlite from sqlite3-3.20.0 to sqlite3-3.23.1 r342183: Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000)
PR: 234113 Security: https://blade.tencent.com/magellan/index_en.html No known CVE was apparently registered. |
342183 |
18-Dec-2018 |
cy |
MFV r342175:
Update sqlite3-3.23.1 --> sqlite3-3.26.0 (3260000)
MFC after: 3 days Security: https://blade.tencent.com/magellan/index_en.html No known CVE was apparently registered.
|
342175 |
17-Dec-2018 |
cy |
Import sqlite3-3.26.0 (3260000)
Obtained from: https://www.sqlite.org/2018/sqlite-autoconf-3260000.tar.gz
|