Updated to version 3.20.0

Fixes CVE-2017-7000 Resolves: #1478785
2017-08-02 08:06:40 +02:00 · 2017-08-02 08:06:40 +02:00 · 0249449d35
parent a9f2f8dd0f
commit 0249449d35
2 changed files with 10 additions and 11 deletions
--- a/6
+++ b/6
@ -1,3 +1,3 @@
-SHA512 (sqlite-src-3190300.zip) = 514c3de6346bdea359036a79c880133f0eeed4cdfc9e811d662dc343f91ea43edda0f9760405a48e7f61ea1dd3478980cc7d3b5409ef27adcb5311a06e36297e
-SHA512 (sqlite-doc-3190300.zip) = 4f99b6797f76dab1859eaf4596c42d6b10a80a1ad9dcb33b82fcc4ef80a8e8299ac24c0d2a0f41debf9e82d43c9ecf9675547eb6163756f29afe847613ef75f3
-SHA512 (sqlite-autoconf-3190300.tar.gz) = 7896c99726da75818f1027d5675b24724bc89c738874c868868e60c09d4509ad5a6da93f54cfcecb3a1052e4f164f7cb864ede333b9ccfb4f6b811b052ca1d3d
+SHA512 (sqlite-src-3200000.zip) = 40fe7972902d041f012c7739c8712aa40069aebc7be680fde8f43b33fed885bfc42331bfb7200651486484edb71cbdd77ddb9c119d0847bdfb0e92063090f029
+SHA512 (sqlite-doc-3200000.zip) = 0dfa9487c5e4084a9c17e8bf83a92b9a2cd53642efeff0b12051ecdeaf11e3896031f1b4d59021354a293b8acc8c6fcab827961721fda7a5de8415460d3bd280
+SHA512 (sqlite-autoconf-3200000.tar.gz) = f5b0ffcc27adeed5b27b29962d03defa167151868f2281c5642a8ddfa10ac8971aff22081a5b46bd36bcf664bd271975e80249ec403b73656658b33af084ec94
--- a/sqlite.spec
+++ b/sqlite.spec
@ -3,9 +3,9 @@
 %bcond_with static
 %bcond_without check

-%define realver 3190300
-%define docver 3190300
-%define rpmver 3.19.3
+%define realver 3200000
+%define docver 3200000
+%define rpmver 3.20.0

 Summary: Library that implements an embeddable SQL database engine
 Name: sqlite
@ -34,10 +34,6 @@ Patch6: sqlite-3.8.10.1-tcl-regress-tests.patch
 Patch7: sqlite-3.16-datetest-2.2c.patch
 # Modify sync2.test to pass with DIRSYNC turned off
 Patch8: sqlite-3.18.0-sync2-dirsync.patch
-# Upstream patch for CVE-2017-10989: Heap-buffer overflow in the getNodeSize function
-# This has been fixed since 3.17, the patch additionally provides earlier detection
-# https://sqlite.org/src/info/66de6f4a
-Patch9: sqlite-3.19.3-CVE-2017-10989.patch

 BuildRequires: ncurses-devel readline-devel glibc-devel
 BuildRequires: autoconf
@ -141,7 +137,6 @@ This package contains the analysis program for %{name}.
 %patch7 -p1
 %endif
 %patch8 -p1
-%patch9 -p0

 autoconf # Rerun with new autoconf to add support for aarm64

@ -244,6 +239,10 @@ make test
 %endif

 %changelog
+* Wed Aug 02 2017 Petr Kubat <pkubat@redhat.com> - 3.20.0-1
+- Updated to version 3.20.0 (https://sqlite.org/releaselog/3_20_0.html)
+- Fixes CVE-2017-7000 (#1478785)
+
 * Wed Jul 12 2017 Petr Kubat <pkubat@redhat.com> - 3.19.3-1
 - Updated to version 3.19.3 (https://sqlite.org/releaselog/3_19_3.html)
 - Better detection of CVE-2017-10989 (#1469673)