mirrors/poky
1
0
Fork 0
mirror of https://git.yoctoproject.org/poky synced 2026-02-21 08:59:41 +01:00
Code Issues Packages Projects Releases Wiki Activity
75,582 Commits 38 Branches 617 Tags
e6bfeed8f3e72c577820e3d01f7d697c4d3fc5d4
Commit Graph

15 Commits

Author SHA1 Message Date
Hugo SIMELIERE
49e4da8b0a sqlite3: patch CVE-2025-7709 
Pick commit used in debian patch https://git.launchpad.net/ubuntu/+source/sqlite3/commit/?id=9a309a50fa99e3b69623894bfd7d1f84d9fab33c
Upstream-Status: Backport [192d0ff8cc]

(From OE-Core rev: baaf28f6f2eac600f7caf53660a0b75f0329e86a)

Signed-off-by: Bruno VERNAY <bruno.vernay@se.com>
Signed-off-by: Hugo SIMELIERE <hsimeliere.opensource@witekio.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-11-26 07:50:35 -08:00
Roland Kovacs
d5613f0d2e sqlite3: fix CVE-2025-6965 
There exists a vulnerability in SQLite versions before 3.50.2 where the
number of aggregate terms could exceed the number of columns available.
This could lead to a memory corruption issue.

(From OE-Core rev: 52499a5ea3b4ba145914aca873844ab718953289)

Signed-off-by: Roland Kovacs <roland.kovacs@est.tech>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-07-29 07:59:52 -07:00
Peter Marko
5d362ec2d7 sqlite3: mark CVE-2025-29087 as patched 
Description of CVE-2025-29087 and CVE-2025-3277 are very similar.
There is no lonk from NVD, but [1] and [2] from Debian mark these two
CVEs as duplicates with the same link for patch.

[1] https://security-tracker.debian.org/tracker/CVE-2025-29087
[2] https://security-tracker.debian.org/tracker/CVE-2025-3277

(From OE-Core rev: 3f951941c758b6982a3cd30d085460756b7fefd9)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-05-08 13:37:29 -07:00
Peter Marko
f8ca40f3d1 sqlite3: patch CVE-2025-29088 
Pick commit [1] mentioned in [2].

[1] 56d2fd008b
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-29088

(From OE-Core rev: 6a65833a53487571b1ed0831dcc0b1fb04946557)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-04-28 08:18:53 -07:00
Peter Marko
72bb9edc9a sqlite3: patch CVE-2025-3277 
Pick commit [1] mentioned in [2].

[1] https://sqlite.org/src/info/498e3f1cf57f164f
[2] https://nvd.nist.gov/vuln/detail/CVE-2025-3277

(From OE-Core rev: 2f800295919ac337f038e1678f4c0abb2a6e7f95)

Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
 2025-04-28 08:18:53 -07:00
Anuj Mittal
73333dd4b8 sqlite3: upgrade 3.30.1 -> 3.31.1 
(From OE-Core rev: 621ea68239763ce8740731e745c5002c956d4c67)

Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2020-02-05 12:00:34 +00:00
Ross Burton
8dd90ff82e sqlite: fix numerous CVEs 
Fix the following CVEs:

- CVE-2019-19244
- CVE-2019-19880
- CVE-2019-19923
- CVE-2019-19924
- CVE-2019-19925
- CVE-2019-19926
- CVE-2019-19959
- CVE-2019-20218

(From OE-Core rev: f3ebf3f8dd0b4d144db451a8fcb352762f7fbd75)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2020-01-16 22:33:09 +00:00
Oleksandr Kravchuk
fe5b1ceb41 sqlite3: update to 3.28.0 
(From OE-Core rev: 9be07e8c8eea8565df73405775ec2ffb60659118)

Signed-off-by: Oleksandr Kravchuk <open.source@oleksandr-kravchuk.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-05-08 23:00:32 +01:00
Ross Burton
f7db0478d2 sqlite3: fix CVE-2019-9936 and CVE-2019-9937 
(From OE-Core rev: 4ec161ea684b305b303f32e96ce23f472c82e1a1)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2019-04-01 14:48:44 +01:00
Maxin B. John
cc5e129492 sqlite3: upgrade to 3.12.2 
3.11.0 -> 3.12.2

Remove upstreamed patch:
1. fix-disable-static-shell.patch

(From OE-Core rev: 1b0628f86aaebcd786f1646a8f6f41de7fb80acc)

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-05-11 10:33:39 +01:00
Andre McCurdy
012460d4ff sqlite3: update 3.10.2 -> 3.11.0 
http://www.sqlite.org/releaselog/3_11_0.html

(From OE-Core rev: f92465c02ea6aef59f5e65a9eb70ebc6a5c92617)

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-02-18 07:39:30 +00:00
Andre McCurdy
939de8d520 sqlite3: fix the parallel build fix patch 
The previous parallel.patch broke dynamically linking sqlite3 with
libsqlite3.so (ie using the --disable-static-shell configure option).

(From OE-Core rev: c6f91029a05f41cba31702b88316ea66a719e866)

Signed-off-by: Andre McCurdy <armccurdy@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-01-25 12:44:12 +00:00
Maxin B. John
f9974f2a61 sqlite3: upgrade to version 3.10.0 
3.9.2 -> 3.10.0

1. Fixed a parallel build problem
2. Added a PACKAGECONFIG for readline

(From OE-Core rev: ed46ac71846845ffc41efcd55a36e27883d9980a)

Signed-off-by: Maxin B. John <maxin.john@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2016-01-18 11:47:07 +00:00
Yu Ke
03439a38e3 sqlite: upgrade from 3.7.5 to 3.7.6.2 
- also remove the libtool.patch since it is already in the release version
- update the LIC_FILES_CHKSUM, the license is not changed, just use
  sqlite3.h as more appropriate license file. the original sqlite3.c
  is actually not point to license content.

(From OE-Core rev: 195d907986f19131d8f545b7473a676553c96028)

Signed-off-by: Yu Ke <ke.yu@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
 2011-05-11 16:41:53 +01:00
Richard Purdie
d62ee7eaf2 packages: Separate out most of the remaining packages into recipes 
Signed-off-by: Richard Purdie <rpurdie@linux.intel.com>
 2010-09-01 19:09:57 +01:00