rpms/sqlite
7
0
Fork 0
Code Issues Pull Requests Releases Activity

Auto sync2gitlab import of sqlite-3.26.0-17.el8_7.src.rpm

Browse Source
This commit is contained in:
CentOS Sources 2022-11-25 06:11:17 +00:00
parent 4af6d3a315
commit 5fdd599eab
2 changed files with 39 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
sqlite-3.26.0-CVE-2022-35737.patch Normal file
View File

@ -0,0 +1,31 @@
From 077e17b59a98eb8839ecfef661e7305fdb3e898d Mon Sep 17 00:00:00 2001
From: drh <>
Date: Mon, 18 Jul 2022 15:02:00 +0000
Subject: [PATCH] Increase the size of loop variables in the printf()
implementation to avoid harmless compiler warnings.
FossilOrigin-Name: aab790a16e1bdff78759f9c9ae87a2559ba82dd34ef3dedfb66035a0db7067a7
---
manifest | 12 ++++++------
manifest.uuid | 2 +-
src/printf.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/printf.c b/src/printf.c
index f0bfa5327..3602e1fcb 100644
--- a/src/printf.c
+++ b/src/printf.c
@@ -803,8 +803,8 @@ void sqlite3_str_vappendf(
case etSQLESCAPE: /* %q: Escape ' characters */
case etSQLESCAPE2: /* %Q: Escape ' and enclose in '...' */
case etSQLESCAPE3: { /* %w: Escape " characters */
- int i, j, k, n, isnull;
- int needQuote;
+ i64 i, j, k, n;
+ int needQuote, isnull;
char ch;
char q = ((xtype==etSQLESCAPE3)?'"':'\''); /* Quote character */
char *escarg;
--
2.38.1

9
sqlite.spec
View File

@ -10,7 +10,7 @@
Summary: Library that implements an embeddable SQL database engine Summary: Library that implements an embeddable SQL database engine
Name: sqlite Name: sqlite
Version: %{rpmver} Version: %{rpmver}
Release: 16%{?dist} Release: 17%{?dist}
License: Public Domain License: Public Domain
Group: Applications/Databases Group: Applications/Databases
URL: http://www.sqlite.org/ URL: http://www.sqlite.org/
@ -98,6 +98,9 @@ Patch35: sqlite-3.26.0-CVE-2020-35527.patch
# Fix for CVE-2020-35525 # Fix for CVE-2020-35525
# https://www.sqlite.org/src/info/a67cf5b7d37d5b14 # https://www.sqlite.org/src/info/a67cf5b7d37d5b14
Patch36: sqlite-3.26.0-CVE-2020-35525.patch Patch36: sqlite-3.26.0-CVE-2020-35525.patch
# Fix for CVE-2022-35737
# https://www.sqlite.org/src/info/26db4fc22fe66658
Patch37: sqlite-3.26.0-CVE-2022-35737.patch
BuildRequires: ncurses-devel readline-devel glibc-devel BuildRequires: ncurses-devel readline-devel glibc-devel
BuildRequires: autoconf BuildRequires: autoconf
@ -229,6 +232,7 @@ This package contains the analysis program for %{name}.
%patch34 -p1 %patch34 -p1
%patch35 -p1 %patch35 -p1
%patch36 -p1 %patch36 -p1
%patch37 -p1
# Remove backup-file # Remove backup-file
@ -330,6 +334,9 @@ make test
%endif %endif
%changelog %changelog
* Tue Nov 15 2022 Zuzana Miklankova <zmiklank@redhat.com> - 3.26.0-17
- Fixed CVE-2022-35737
* Mon Sep 05 2022 Zuzana Miklankova <zmiklank@redhat.com> - 3.26.0-16 * Mon Sep 05 2022 Zuzana Miklankova <zmiklank@redhat.com> - 3.26.0-16
- Fixed CVE-2020-35527 - Fixed CVE-2020-35527
- Fixed CVE-2020-35525 - Fixed CVE-2020-35525