SRC_URI include patch introduced in oe-core commit
fdc82b2314b580c0135c16b7278ebf8786311dec
(From OE-Core rev: f28dc527d4a3e3aa6ef2b446e863264c0e874fa1)
Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Increase the size of loop variables in the printf() implementation to avoid integer overflow on multi-gigabyte string arguments. CVE-2022-35737.
This bug fix refers to: CVE-2022-35737 and it's a backport of a fix added in sqlite 3.39.2 (2022-07-21).
(From OE-Core rev: fdc82b2314b580c0135c16b7278ebf8786311dec)
Signed-off-by: Ghassane Ben El Aattar <ghassaneb.aattar@huawei.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Additional changes in version 3.38.4 (2022-05-04):
Fix a byte-code problem in the Bloom filter pull-down optimization added by release 3.38.0 in which an error in the byte code causes the byte code engine to enter an infinite loop when the pull-down optimization encounters a NULL key. Forum thread 2482b32700384a0f.
Other minor patches. See the timeline for details.
Additional changes in version 3.38.5 (2022-05-06):
Fix a blunder in the CLI of the 3.38.4 release.
(From OE-Core rev: c762a5c97b61b4d560cda33ba4a7c329df0fc9f8)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit e1bd414792ae2576685b2a352a5cc93343f06985)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-04-27 - Version 3.38.3
Version 3.38.3 fixes a bug in the automatic-index and Bloom filter construction
logic that might cause SQLite to be overly aggressive in the use of ON clause
constraints, resulting in a incorret automatic-index or Bloom filter that excludes
some valid rows from output. The bug was introduced in version 3.38.0.
Other minor changes were tossed in to complete the patch.
(From OE-Core rev: c78ac7ef2d14a8b6167922a12e8c7f35c4b11bfb)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(cherry picked from commit 1efd89a4572bb2f39728fd53a1d4db944b06ff38)
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
1.STRICT tables provide a prescriptive style of data type management, for
developers who prefer that kind of thing.
2.When adding columns that contain a CHECK constraint or a generated column
containing a NOT NULL constraint, the ALTER TABLE ADD COLUMN now checks new
constraints against preexisting rows in the database and will only proceed if
no constraints are violated.
3.Added the PRAGMA table_list statement.
4.CLI enhancements:
a.Add the .connection command, allowing the CLI to keep multiple database
connections open at the same time.
b.Add the --safe command-line option that disables dot-commands and SQL
statements that might cause side-effects that extend beyond the single
database file named on the command-line.
c.Performance improvements when reading SQL statements that span many lines.
5.Added the sqlite3_autovacuum_pages() interface.
6.The sqlite3_deserialize() does not and has never worked for the TEMP database.
That limitation is now noted in the documentation.
7.The query planner now omits ORDER BY clauses on subqueries and views if
removing those clauses does not change the semantics of the query.
8.The generate_series table-valued function extension is modified so that the
first parameter ("START") is now required. This is done as a way to
demonstrate how to write table-valued functions with required parameters.
The legacy behavior is available using the -DZERO_ARGUMENT_GENERATE_SERIES
compile-time option.
9.Added new sqlite3_changes64() and sqlite3_total_changes64() interfaces.
10.Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2().
11.Use less memory to hold the database schema.
(From OE-Core rev: b1c6e95d075531998de5b73e7ec7073647d5a2d2)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Issue is in an experimental extension we don't have/use. Could also
be windows only.
(From OE-Core rev: 6f5770b49f06168e3d6914bd92f0594bd05f1f8f)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This is the result of automated script conversion:
scripts/contrib/convert-overrides.py <oe-core directory>
converting the metadata to use ":" as the override character instead of "_".
(From OE-Core rev: 42344347be29f0997cc2f7636d9603b1fe1875ae)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
CVE-2020-11655.patch
CVE-2020-11656.patch
CVE-2020-9327.patch
removed since they are included in 3.32.1
(From OE-Core rev: 7ee8501146ceccdbd07104903694a435b75c0606)
Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Unless SQLITE_BYTEORDER is predefined, the code falls back to build
time huristics - which are not always correct (e.g. in sqlite 3.28.0
big-endian ARM is mis-detected).
(From OE-Core rev: c0fc43c228acd44499d9a1c257ec5e4cf42ed050)
Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
sqlite3-native in particular was finding zlib from the host if zlib-devel
was installed. This could lead to races where pseudo-native may or may not
fail to build.
We don't need/use compressed page support with sqlite so disable the dependency
(it doesn't have a configure option so use a autoconf cache variable).
The target binaries were not previously building with zlib, so we will
leave the default being zlib turned off, while the host binaries were
building with it "occasionally", but not for anything at runtime.
(From OE-Core rev: 0af2c6af0d5c060666f7ee6f2ef428c1a414cb86)
Signed-off-by: Jason Wessel <jason.wessel@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Update SQLite3 from 3.25.2 to 3.25.3 to fix following issues:
* Disallow the use of window functions in the recursive part of a CTE.
* Fix the behavior of typeof() and length() on virtual tables.
* Strengthen defenses against deliberately corrupted database files.
* Fix a problem in the query planner that results when a row-value
expression is used with a PRIMARY KEY with redundant columns.
* Fix the query planner so that it works correctly for IS NOT NULL
operators in the ON clause of a LEFT JOIN with the
SQLITE_ENABLE_STAT4 compile-time option.
Also introduce PACKAGECONFIG tunables to enable/disable e.g. index
and search functions to allow shrinking the library for very small
targets.
(From OE-Core rev: d533ad9b93383a8d721b72b4030b112a3799d559)
Signed-off-by: Jens Rehsack <sno@netbsd.org>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
An earlier version of a change was merged from S. Lockwood-Childs
<sjl@vctlabs.com> which made the CFLAGS consistent across native,
nativesdk and target cases. This syncs with a later verison of the
patch to remove duplicate CFLAGS settings and simplify the recipe.
(From OE-Core rev: 604777acfc54d285f315b622bd147ed02d55d6fd)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Enable use of pread() and enable column metadata API for nativesdk builds.
This brings nativesdk in line with target and native builds.
(From OE-Core rev: 7c8b85e1c3d852975cd5961a297aa939bf4c7fe7)
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
3.22.0 -> 3.23.0
Includes optimizations and fixes for issues detected by OSSFuzz
(From OE-Core rev: b478af4cd9c1cb0cab35b0160f7df3f31ca7358b)
Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
