import sqlite-3.26.0-16.el8_6
This commit is contained in:
CentOS Sources
Stepan Oksanichenko
parent
2e53f76822
commit
2ff7522950
26
SOURCES/sqlite-3.26.0-CVE-2020-35525.patch
Normal file
26
SOURCES/sqlite-3.26.0-CVE-2020-35525.patch
Normal file
@ -0,0 +1,26 @@
|
||||
From 5f69512404cd2e5153ddf90ea277fbba6dd58ab7 Mon Sep 17 00:00:00 2001
|
||||
From: drh <drh@noemail.net>
|
||||
Date: Thu, 20 Feb 2020 14:08:51 +0000
|
||||
Subject: [PATCH] Early-out on the INTERSECT query processing following an
|
||||
error.
|
||||
|
||||
FossilOrigin-Name: a67cf5b7d37d5b1484be32092635faafd8f76e5881898cd9435517c4b287d663
|
||||
---
|
||||
src/select.c | 1 +
|
||||
1 files changed, 1 insertions(+), 0 deletions(-)
|
||||
|
||||
diff --git a/src/select.c b/src/select.c
|
||||
index c60ff2700..b3ae9f415 100644
|
||||
--- a/src/select.c
|
||||
+++ b/src/select.c
|
||||
@@ -2775,6 +2775,7 @@ static int multiSelect(
|
||||
/* Generate code to take the intersection of the two temporary
|
||||
** tables.
|
||||
*/
|
||||
+ if( rc ) break;
|
||||
assert( p->pEList );
|
||||
iBreak = sqlite3VdbeMakeLabel(v);
|
||||
iCont = sqlite3VdbeMakeLabel(v);
|
||||
--
|
||||
2.37.3
|
||||
|
||||
55
SOURCES/sqlite-3.26.0-CVE-2020-35527.patch
Normal file
55
SOURCES/sqlite-3.26.0-CVE-2020-35527.patch
Normal file
@ -0,0 +1,55 @@
|
||||
From 0990c415f65d2556a5e4122cbe5727d500411aeb Mon Sep 17 00:00:00 2001
|
||||
From: drh <drh@noemail.net>
|
||||
Date: Sun, 23 Feb 2020 17:34:45 +0000
|
||||
Subject: [PATCH] Fix a problem with ALTER TABLE for views that have a nested
|
||||
FROM clause. Ticket [f50af3e8a565776b].
|
||||
|
||||
FossilOrigin-Name: c431b3fd8fd0f6a6974bba3e9366b0430ec003d570e7ce70ceefbcff5fe4b6fa
|
||||
---
|
||||
src/select.c | 2 +-
|
||||
test/altertab.test | 17 +++++++++++++++++
|
||||
4 files changed, 18 insertions(+), 1 deletions(-)
|
||||
|
||||
diff --git a/src/select.c b/src/select.c
|
||||
index c60ff2700..fe0229ca8 100644
|
||||
--- a/src/select.c
|
||||
+++ b/src/select.c
|
||||
@@ -5046,7 +5046,7 @@ static int selectExpander(Walker *pWalker, Select *p){
|
||||
pNew = sqlite3ExprListAppend(pParse, pNew, pExpr);
|
||||
sqlite3TokenInit(&sColname, zColname);
|
||||
sqlite3ExprListSetName(pParse, pNew, &sColname, 0);
|
||||
- if( pNew && (p->selFlags & SF_NestedFrom)!=0 ){
|
||||
+ if( pNew && (p->selFlags & SF_NestedFrom)!=0 && !IN_RENAME_OBJECT){
|
||||
struct ExprList_item *pX = &pNew->a[pNew->nExpr-1];
|
||||
if( pSub ){
|
||||
pX->zSpan = sqlite3DbStrDup(db, pSub->pEList->a[j].zSpan);
|
||||
|
||||
diff --git a/test/altertab.test b/test/altertab.test
|
||||
index a3642070e..520502c3d 100644
|
||||
--- a/test/altertab.test
|
||||
+++ b/test/altertab.test
|
||||
@@ -578,5 +578,21 @@ ifcapable fts3 {
|
||||
SELECT * FROM z1_segments;
|
||||
}
|
||||
}
|
||||
+# 2020-02-23 ticket f50af3e8a565776b
|
||||
+reset_db
|
||||
+do_execsql_test 19.100 {
|
||||
+ CREATE TABLE t1(x);
|
||||
+ CREATE VIEW t2 AS SELECT 1 FROM t1, (t1 AS a0, t1);
|
||||
+ ALTER TABLE t1 RENAME TO t3;
|
||||
+ SELECT sql FROM sqlite_master;
|
||||
+} {{CREATE TABLE "t3"(x)} {CREATE VIEW t2 AS SELECT 1 FROM "t3", ("t3" AS a0, "t3")}}
|
||||
+do_execsql_test 19.110 {
|
||||
+ INSERT INTO t3(x) VALUES(123);
|
||||
+ SELECT * FROM t2;
|
||||
+} {1}
|
||||
+do_execsql_test 19.120 {
|
||||
+ INSERT INTO t3(x) VALUES('xyz');
|
||||
+ SELECT * FROM t2;
|
||||
+} {1 1 1 1 1 1 1 1}
|
||||
|
||||
finish_test
|
||||
--
|
||||
2.37.3
|
||||
|
||||
@ -10,7 +10,7 @@
|
||||
Summary: Library that implements an embeddable SQL database engine
|
||||
Name: sqlite
|
||||
Version: %{rpmver}
|
||||
Release: 15%{?dist}
|
||||
Release: 16%{?dist}
|
||||
License: Public Domain
|
||||
Group: Applications/Databases
|
||||
URL: http://www.sqlite.org/
|
||||
@ -92,6 +92,12 @@ Patch31: sqlite-3.26.0-CVE-2019-19603.patch
|
||||
# Fix for CVE-2020-13435
|
||||
# https://www.sqlite.org/src/info/ad7bb70af9bb68d1
|
||||
Patch34: sqlite-3.26.0-CVE-2020-13435.patch
|
||||
# Fix for CVE-2020-35527
|
||||
# https://www.sqlite.org/src/info/c431b3fd8fd0f6a6
|
||||
Patch35: sqlite-3.26.0-CVE-2020-35527.patch
|
||||
# Fix for CVE-2020-35525
|
||||
# https://www.sqlite.org/src/info/a67cf5b7d37d5b14
|
||||
Patch36: sqlite-3.26.0-CVE-2020-35525.patch
|
||||
|
||||
BuildRequires: ncurses-devel readline-devel glibc-devel
|
||||
BuildRequires: autoconf
|
||||
@ -221,6 +227,8 @@ This package contains the analysis program for %{name}.
|
||||
%patch30 -p1
|
||||
%patch31 -p1
|
||||
%patch34 -p1
|
||||
%patch35 -p1
|
||||
%patch36 -p1
|
||||
|
||||
|
||||
# Remove backup-file
|
||||
@ -322,6 +330,10 @@ make test
|
||||
%endif
|
||||
|
||||
%changelog
|
||||
* Mon Sep 05 2022 Zuzana Miklankova <zmiklank@redhat.com> - 3.26.0-16
|
||||
- Fixed CVE-2020-35527
|
||||
- Fixed CVE-2020-35525
|
||||
|
||||
* Tue May 18 2021 Petr Kubat <pkubat@redhat.com> - 3.26.0-15
|
||||
- Removing fix for CVE-2019-19645 (unaffected)
|
||||
- Removing fix for CVE-2019-19880 (unaffected)
|
||||
|
||||
Loading…
Reference in New Issue
Block a user