Compare commits
4 Commits
Author | SHA1 | Date |
---|---|---|
|
1f33d78350 | |
|
2bdc595044 | |
|
9d50aaf262 | |
|
0249449d35 |
6
sources
6
sources
|
@ -1,3 +1,3 @@
|
|||
SHA512 (sqlite-src-3190300.zip) = 514c3de6346bdea359036a79c880133f0eeed4cdfc9e811d662dc343f91ea43edda0f9760405a48e7f61ea1dd3478980cc7d3b5409ef27adcb5311a06e36297e
|
||||
SHA512 (sqlite-doc-3190300.zip) = 4f99b6797f76dab1859eaf4596c42d6b10a80a1ad9dcb33b82fcc4ef80a8e8299ac24c0d2a0f41debf9e82d43c9ecf9675547eb6163756f29afe847613ef75f3
|
||||
SHA512 (sqlite-autoconf-3190300.tar.gz) = 7896c99726da75818f1027d5675b24724bc89c738874c868868e60c09d4509ad5a6da93f54cfcecb3a1052e4f164f7cb864ede333b9ccfb4f6b811b052ca1d3d
|
||||
SHA512 (sqlite-doc-3200100.zip) = 518ca59644cecfcd67f511268112e421c5d7bbd77ef1e33304bf306ef110becf1e2a7fe37c506ec6892edb9d5c6ee77657b374c2e061f49890d18af062dea2b3
|
||||
SHA512 (sqlite-autoconf-3200100.tar.gz) = 56e3d326ea2225cadc628c3518d46d9f7c4bafa0e3612f2b7ab0dc0d79fcbb7e095f6d84a9a48e1c6d83adcdc8706ad5ac4404f0f622c7fe38cfde3a7e7e69f0
|
||||
SHA512 (sqlite-src-3200100.zip) = 845a0d64c9356aadf178c04dd716bbd37a7353526b06cfa8e8f65653cf6a1893a5c5e8c78d20b43910c34d9167272cf517749c91ed0ba7686977e3d0327e8939
|
||||
|
|
|
@ -0,0 +1,51 @@
|
|||
Index: src/build.c
|
||||
==================================================================
|
||||
--- src/build.c
|
||||
+++ src/build.c
|
||||
@@ -1868,12 +1868,10 @@
|
||||
}
|
||||
assert( !db->mallocFailed );
|
||||
p = pParse->pNewTable;
|
||||
if( p==0 ) return;
|
||||
|
||||
- assert( !db->init.busy || !pSelect );
|
||||
-
|
||||
/* If the db->init.busy is 1 it means we are reading the SQL off the
|
||||
** "sqlite_master" or "sqlite_temp_master" table on the disk.
|
||||
** So do not write to the disk again. Extract the root page number
|
||||
** for the table from the db->init.newTnum field. (The page number
|
||||
** should have been put there by the sqliteOpenCb routine.)
|
||||
@@ -1880,10 +1878,14 @@
|
||||
**
|
||||
** If the root page number is 1, that means this is the sqlite_master
|
||||
** table itself. So mark it read-only.
|
||||
*/
|
||||
if( db->init.busy ){
|
||||
+ if( pSelect ){
|
||||
+ sqlite3ErrorMsg(pParse, "");
|
||||
+ return;
|
||||
+ }
|
||||
p->tnum = db->init.newTnum;
|
||||
if( p->tnum==1 ) p->tabFlags |= TF_Readonly;
|
||||
}
|
||||
|
||||
/* Special processing for WITHOUT ROWID Tables */
|
||||
|
||||
Index: src/prepare.c
|
||||
==================================================================
|
||||
--- src/prepare.c
|
||||
+++ src/prepare.c
|
||||
@@ -27,11 +27,11 @@
|
||||
sqlite3 *db = pData->db;
|
||||
if( !db->mallocFailed && (db->flags & SQLITE_WriteSchema)==0 ){
|
||||
char *z;
|
||||
if( zObj==0 ) zObj = "?";
|
||||
z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj);
|
||||
- if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
|
||||
+ if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra);
|
||||
sqlite3DbFree(db, *pData->pzErrMsg);
|
||||
*pData->pzErrMsg = z;
|
||||
}
|
||||
pData->rc = db->mallocFailed ? SQLITE_NOMEM_BKPT : SQLITE_CORRUPT_BKPT;
|
||||
}
|
||||
|
28
sqlite.spec
28
sqlite.spec
|
@ -3,14 +3,14 @@
|
|||
%bcond_with static
|
||||
%bcond_without check
|
||||
|
||||
%define realver 3190300
|
||||
%define docver 3190300
|
||||
%define rpmver 3.19.3
|
||||
%define realver 3200100
|
||||
%define docver 3200100
|
||||
%define rpmver 3.20.1
|
||||
|
||||
Summary: Library that implements an embeddable SQL database engine
|
||||
Name: sqlite
|
||||
Version: %{rpmver}
|
||||
Release: 1%{?dist}
|
||||
Release: 2%{?dist}
|
||||
License: Public Domain
|
||||
Group: Applications/Databases
|
||||
URL: http://www.sqlite.org/
|
||||
|
@ -34,10 +34,8 @@ Patch6: sqlite-3.8.10.1-tcl-regress-tests.patch
|
|||
Patch7: sqlite-3.16-datetest-2.2c.patch
|
||||
# Modify sync2.test to pass with DIRSYNC turned off
|
||||
Patch8: sqlite-3.18.0-sync2-dirsync.patch
|
||||
# Upstream patch for CVE-2017-10989: Heap-buffer overflow in the getNodeSize function
|
||||
# This has been fixed since 3.17, the patch additionally provides earlier detection
|
||||
# https://sqlite.org/src/info/66de6f4a
|
||||
Patch9: sqlite-3.19.3-CVE-2017-10989.patch
|
||||
# Upstream: https://www.sqlite.org/cgi/src/timeline?r=corrupt-schema
|
||||
Patch9: sqlite-3.22.0-corrupt-schema.patch
|
||||
|
||||
BuildRequires: ncurses-devel readline-devel glibc-devel
|
||||
BuildRequires: autoconf
|
||||
|
@ -153,6 +151,7 @@ export CFLAGS="$RPM_OPT_FLAGS -DSQLITE_ENABLE_COLUMN_METADATA=1 \
|
|||
-DSQLITE_ENABLE_FTS3_PARENTHESIS=1 -DSQLITE_ENABLE_JSON1=1 \
|
||||
-Wall -fno-strict-aliasing"
|
||||
%configure %{!?with_tcl:--disable-tcl} \
|
||||
--enable-fts5 \
|
||||
--enable-threadsafe \
|
||||
--enable-threads-override-locks \
|
||||
--enable-load-extension \
|
||||
|
@ -244,6 +243,19 @@ make test
|
|||
%endif
|
||||
|
||||
%changelog
|
||||
* Wed Mar 21 2018 Petr Kubat <pkubat@redhat.com> - 3.20.1-2
|
||||
- Fixed CVE-2018-8740 (#1558809)
|
||||
|
||||
* Mon Aug 28 2017 Petr Kubat <pkubat@redhat.com> - 3.20.1-1
|
||||
- Updated to version 3.20.1 (https://sqlite.org/releaselog/3_20_1.html)
|
||||
|
||||
* Tue Aug 22 2017 Kalev Lember <klember@redhat.com> - 3.20.0-2
|
||||
- Build with --enable-fts5
|
||||
|
||||
* Wed Aug 02 2017 Petr Kubat <pkubat@redhat.com> - 3.20.0-1
|
||||
- Updated to version 3.20.0 (https://sqlite.org/releaselog/3_20_0.html)
|
||||
- Fixes CVE-2017-7000 (#1478785)
|
||||
|
||||
* Wed Jul 12 2017 Petr Kubat <pkubat@redhat.com> - 3.19.3-1
|
||||
- Updated to version 3.19.3 (https://sqlite.org/releaselog/3_19_3.html)
|
||||
- Better detection of CVE-2017-10989 (#1469673)
|
||||
|
|
Loading…
Reference in New Issue