mirrors/poky - poky - zepto initiative

mirror of https://git.yoctoproject.org/poky synced 2026-03-31 02:02:25 +02:00

Author	SHA1	Message	Date
Shubham Agrawal	6d5867a94c	sqlite3: Security fix for CVE-2019-8457 (From OE-Core rev: c0c66d213b4b6deb0a5e9a688810d2e9674d3ecf) Signed-off-by: Shubham Agrawal <shuagr@microsoft.com> [Cleaned up patch] Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-10-10 16:52:30 +01:00
Armin Kuster	015bfc5971	sqlite3: Security fixes for CVE-2018-20505 & 20506 Source: sqlite.org MR: 97484, 97490 Type: Security Fix Disposition: Backport from sqilte.org ChangeID: c6105b5d3ce4fb2c0f38c3cab745b769d2df38f5 Description: Affects < 3.26.0 fixes: CVE-2018-20505 CVE-2018-20506 (From OE-Core rev: e2f9efdc93068bce00b07021aa447f0b8786f69d) Signed-off-by: Armin Kuster <akuster@mvista.com> Signed-off-by: Armin Kuster <akuster808@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2019-07-27 18:05:18 +01:00
Maxin B. John	266694886e	sqlite3: upgrade to 3.21.0 Remove upstreamed patch: 1. sqlite3-fix-CVE-2017-13685.patch (From OE-Core rev: 483711e676cd063a873179bdb2daedf56de0aa75) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-11-21 13:06:11 +00:00
Wenzong Fan	55db269ae9	sqlite3: fix CVE-2017-13685 The dump_callback function in SQLite 3.20.0 allows remote attackers to cause a denial of service (EXC_BAD_ACCESS and application crash) via a crafted file. Backport patch to fix the issue. Some references: https://sqlite.org/src/info/02f0f4c54f2819b3 http://www.mail-archive.com/sqlite-users%40mailinglists.sqlite.org/msg105314.html (From OE-Core rev: 9b9f566d2042f2b393de88506d2da964bc4d17b0) Signed-off-by: Wenzong Fan <wenzong.fan@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-10-16 23:52:44 +01:00
Maxin B. John	6c4e5e0ffb	sqlite3: upgrade to 3.16.2 3.15.2 -> 3.16.2 1. Updated the SRC_URI for releases in 2017 2. Removed the following revert patch as the fix is present in this release: a) 0001-revert-ad601c7962-that-brings-2-increase-of-build-ti.patch [YOCTO #10695] (From OE-Core rev: 05317fe9f11565d40b84ad71300b39c990a53f6d) Signed-off-by: Maxin B. John <maxin.john@intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2017-01-16 18:05:13 +00:00
Jianxun Zhang	7052400cea	sqlite3: Revert ad601c7962 from 3.14.1 amalgamation package It turns out this change between 3.12.2 and 3.13 introduces a 2% increase of build time based on statistic data in bz10367. The added patch is forged by diffing the new sqlite3.c generated from reverting the change in raw source of sqlite3 project, and then manually migrate the delta to a sqlite3.c from the 3.14.1 tarball package because what recipes reference is actually a generated C code (amalgamation) release package and we cannot apply the real change to 3.14.1 cleanly due to so many changes happened. Fixes [YOCTO #10367] (From OE-Core rev: dda0c80019b181a5e323a82d346f86c6fffb6756) Signed-off-by: Jianxun Zhang <jianxun.zhang@linux.intel.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2016-10-15 10:01:43 +01:00
Kai Kang	351c69a022	sqlite: 3.8.10.2 -> 3.9.0 Upgrade sqlite from 3.8.10.2 to 3.9.0. * update python function to get right SRC_URI * drop 0001-using-the-dynamic-library.patch which use dynamic library that it is done that way in new version (From OE-Core rev: a23ddbd2e197cfa1ebc829e0d83b8997dc24cec7) Signed-off-by: Kai Kang <kai.kang@windriver.com> Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2015-11-16 11:39:32 +00:00
Roy Li	b5ba70b47f	sqlite3: upgrade to 3.8.10 upgrade to include CVE fixes: CVE-2015-3414 CVE-2015-3415 CVE-2015-3416 (From OE-Core rev: 346505144a18b738846b9d5bc6f146426d3572ba) Signed-off-by: Roy Li <rongqing.li@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>	2015-05-20 21:41:10 +01:00

8 Commits