rpms/sqlite
7
0
Fork 0
Code Issues Pull Requests Releases Activity

import sqlite-3.34.1-6.el9_1

Browse Source
This commit is contained in:
CentOS Sources 2023-03-28 09:28:31 +00:00 committed by Stepan Oksanichenko
parent 8d3fbc99e8
commit d80c35f6be
2 changed files with 38 additions and 1 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

31
SOURCES/sqlite-3.26.0-CVE-2022-35737.patch Normal file
View File

@ -0,0 +1,31 @@
From 077e17b59a98eb8839ecfef661e7305fdb3e898d Mon Sep 17 00:00:00 2001
From: drh <>
Date: Mon, 18 Jul 2022 15:02:00 +0000
Subject: [PATCH] Increase the size of loop variables in the printf()
implementation to avoid harmless compiler warnings.
FossilOrigin-Name: aab790a16e1bdff78759f9c9ae87a2559ba82dd34ef3dedfb66035a0db7067a7
---
manifest | 12 ++++++------
manifest.uuid | 2 +-
src/printf.c | 4 ++--
1 files changed, 2 insertions(+), 2 deletions(-)
diff --git a/src/printf.c b/src/printf.c
index f0bfa5327..3602e1fcb 100644
--- a/src/printf.c
+++ b/src/printf.c
@@ -803,8 +803,8 @@ void sqlite3_str_vappendf(
case etSQLESCAPE: /* %q: Escape ' characters */
case etSQLESCAPE2: /* %Q: Escape ' and enclose in '...' */
case etSQLESCAPE3: { /* %w: Escape " characters */
- int i, j, k, n, isnull;
- int needQuote;
+ i64 i, j, k, n;
+ int needQuote, isnull;
char ch;
char q = ((xtype==etSQLESCAPE3)?'"':'\''); /* Quote character */
char *escarg;
--
2.38.1

8
SPECS/sqlite.spec
View File

@ -12,7 +12,7 @@
Summary: Library that implements an embeddable SQL database engine Summary: Library that implements an embeddable SQL database engine
Name: sqlite Name: sqlite
Version: %{rpmver} Version: %{rpmver}
Release: 5%{?dist} Release: 6%{?dist}
License: Public Domain License: Public Domain
URL: http://www.sqlite.org/ URL: http://www.sqlite.org/
@ -33,6 +33,8 @@ Patch4: sqlite-3.16-datetest-2.2c.patch
Patch5: sqlite-3.18.0-sync2-dirsync.patch Patch5: sqlite-3.18.0-sync2-dirsync.patch
# Fixed covscan issues for rhel-9 # Fixed covscan issues for rhel-9
Patch6: sqlite-3.34.1-covscan-rhel-9.patch Patch6: sqlite-3.34.1-covscan-rhel-9.patch
# Fixed CVE-2022-35737
Patch7: sqlite-3.26.0-CVE-2022-35737.patch
BuildRequires: make BuildRequires: make
BuildRequires: gcc BuildRequires: gcc
@ -142,6 +144,7 @@ This package contains the analysis program for %{name}.
%endif %endif
%patch5 -p1 %patch5 -p1
%patch6 -p1 %patch6 -p1
%patch7 -p1
# Remove backup-file # Remove backup-file
rm -f %{name}-doc-%{docver}/sqlite.css~ || : rm -f %{name}-doc-%{docver}/sqlite.css~ || :
@ -259,6 +262,9 @@ make test
%endif %endif
%changelog %changelog
* Fri Nov 18 2022 Zuzana Miklankova <zmiklank@redhat.com> - 3.34.1-6
- Fixes CVE-2022-35737
* Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.34.1-5 * Tue Aug 10 2021 Mohan Boddu <mboddu@redhat.com> - 3.34.1-5
- Rebuilt for IMA sigs, glibc 2.34, aarch64 flags - Rebuilt for IMA sigs, glibc 2.34, aarch64 flags
Related: rhbz#1991688 Related: rhbz#1991688