mailarchive of the ptxdist mailing list
 help / color / mirror / Atom feed
* [ptxdist] [PATCH v3] sqlite: version bump 3.48.0 -> 3.49.2
@ 2025-05-12  8:03 Roman Schnider via ptxdist
  2025-05-14  6:08 ` [ptxdist] [APPLIED] " Michael Olbrich
  0 siblings, 1 reply; 2+ messages in thread
From: Roman Schnider via ptxdist @ 2025-05-12  8:03 UTC (permalink / raw)
  To: ptxdist; +Cc: Roman Schnider

https://www.sqlite.org/releaselog/3_49_2.html

* Addresses CVE-2025-29088 and CVE-2025-3277
https://www.sqlite.org/cves.html

* Since 3.49.0, the build does not create a shared library including the
  SONAME entry with 'libsqlite3.so.0' anymore. A binary linked against it
  will then include the default name 'libsqlite3.so' in its NEEDED entry.
  However, this symlink is not installed on the target.
  See also https://sqlite.org/src/forumpost/5a3b44f510df8ded
  To keep the old behaviour, configure the build using '--soname=legacy'.
* Adapated to renamed configure option

Signed-off-by: Roman Schnider <r.schnider@cab.de>
---
v3:
- use --soname=legacy to build shared lib using old naming convention
- removed --disable-json to keep JSON support by default
---
 rules/sqlite.make | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/rules/sqlite.make b/rules/sqlite.make
index f75edfbd5..cc855697c 100644
--- a/rules/sqlite.make
+++ b/rules/sqlite.make
@@ -29,8 +29,8 @@ endef
 #
 # Paths and names
 #
-SQLITE_VERSION	:= 3.48.0
-SQLITE_MD5	:= ab4e0652b6dedb075faf7a2781ba2c20
+SQLITE_VERSION	:= 3.49.2
+SQLITE_MD5	:= 46ef8fec4c97ec77ab27659ad27b28b0
 SQLITE		:= sqlite-autoconf-$(call sqlite/file-version,$(SQLITE_VERSION))
 SQLITE_SUFFIX	:= tar.gz
 SQLITE_URL	:= https://www.sqlite.org/2025/$(SQLITE).$(SQLITE_SUFFIX)
@@ -63,11 +63,12 @@ SQLITE_CONF_TOOL	:= autoconf
 SQLITE_CONF_OPT		:= \
 	$(CROSS_AUTOCONF_USR) \
 	$(GLOBAL_LARGE_FILE_OPTION) \
+	--soname=legacy \
 	--disable-static \
 	--disable-editline \
 	--$(call ptx/endis,PTXCONF_SQLITE_READLINE)-readline \
 	--$(call ptx/endis,PTXCONF_SQLITE_THREADSAFE)-threadsafe \
-	--$(call ptx/endis,PTXCONF_SQLITE_LOAD_EXTENSION)-dynamic-extensions \
+	--$(call ptx/endis,PTXCONF_SQLITE_LOAD_EXTENSION)-load-extension \
 	--disable-math \
 	--enable-fts4 \
 	--enable-fts3 \
-- 
2.43.0




^ permalink raw reply	[flat|nested] 2+ messages in thread
* Re: [ptxdist] [APPLIED] sqlite: version bump 3.48.0 -> 3.49.2
  2025-05-12  8:03 [ptxdist] [PATCH v3] sqlite: version bump 3.48.0 -> 3.49.2 Roman Schnider via ptxdist
@ 2025-05-14  6:08 ` Michael Olbrich
  0 siblings, 0 replies; 2+ messages in thread
From: Michael Olbrich @ 2025-05-14  6:08 UTC (permalink / raw)
  To: ptxdist; +Cc: Roman Schnider

Thanks, applied as 71c90f931a26e4075605ccfa7369e764f2716e4f.

Michael

[sent from post-receive hook]

On Wed, 14 May 2025 08:08:26 +0200, Roman Schnider <r.schnider@cab.de> wrote:
> https://www.sqlite.org/releaselog/3_49_2.html
> 
> * Addresses CVE-2025-29088 and CVE-2025-3277
> https://www.sqlite.org/cves.html
> 
> * Since 3.49.0, the build does not create a shared library including the
>   SONAME entry with 'libsqlite3.so.0' anymore. A binary linked against it
>   will then include the default name 'libsqlite3.so' in its NEEDED entry.
>   However, this symlink is not installed on the target.
>   See also https://sqlite.org/src/forumpost/5a3b44f510df8ded
>   To keep the old behaviour, configure the build using '--soname=legacy'.
> * Adapated to renamed configure option
> 
> Signed-off-by: Roman Schnider <r.schnider@cab.de>
> Message-Id: <20250512080526.113371-1-r.schnider@cab.de>
> Signed-off-by: Michael Olbrich <m.olbrich@pengutronix.de>
> 
> diff --git a/rules/sqlite.make b/rules/sqlite.make
> index f75edfbd514a..cc855697c784 100644
> --- a/rules/sqlite.make
> +++ b/rules/sqlite.make
> @@ -29,8 +29,8 @@ endef
>  #
>  # Paths and names
>  #
> -SQLITE_VERSION	:= 3.48.0
> -SQLITE_MD5	:= ab4e0652b6dedb075faf7a2781ba2c20
> +SQLITE_VERSION	:= 3.49.2
> +SQLITE_MD5	:= 46ef8fec4c97ec77ab27659ad27b28b0
>  SQLITE		:= sqlite-autoconf-$(call sqlite/file-version,$(SQLITE_VERSION))
>  SQLITE_SUFFIX	:= tar.gz
>  SQLITE_URL	:= https://www.sqlite.org/2025/$(SQLITE).$(SQLITE_SUFFIX)
> @@ -63,11 +63,12 @@ SQLITE_CONF_TOOL	:= autoconf
>  SQLITE_CONF_OPT		:= \
>  	$(CROSS_AUTOCONF_USR) \
>  	$(GLOBAL_LARGE_FILE_OPTION) \
> +	--soname=legacy \
>  	--disable-static \
>  	--disable-editline \
>  	--$(call ptx/endis,PTXCONF_SQLITE_READLINE)-readline \
>  	--$(call ptx/endis,PTXCONF_SQLITE_THREADSAFE)-threadsafe \
> -	--$(call ptx/endis,PTXCONF_SQLITE_LOAD_EXTENSION)-dynamic-extensions \
> +	--$(call ptx/endis,PTXCONF_SQLITE_LOAD_EXTENSION)-load-extension \
>  	--disable-math \
>  	--enable-fts4 \
>  	--enable-fts3 \



^ permalink raw reply	[flat|nested] 2+ messages in thread
end of thread, other threads:[~2025-05-14  6:15 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz / follow: Atom feed)
-- links below jump to the message on this page --
2025-05-12  8:03 [ptxdist] [PATCH v3] sqlite: version bump 3.48.0 -> 3.49.2 Roman Schnider via ptxdist
2025-05-14  6:08 ` [ptxdist] [APPLIED] " Michael Olbrich

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox