Package: sqlite3 / 3.27.2-3+deb10u1

Metadata

Package Version Patches format
sqlite3 3.27.2-3+deb10u1 3.0 (quilt)

Patch series

view the series file
Patch File delta Description
10 520466 libsqlite3 depends on libdl.patch | (download)

configure.ac | 32 32 + 0 - 0 !
1 file changed, 32 insertions(+)

 
---
10 520478 squash bad deps.patch | (download)

Makefile.in | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 
---
20 hurd locking style.patch | (download)

src/os_unix.c | 10 6 + 4 - 0 !
1 file changed, 6 insertions(+), 4 deletions(-)

 
---
30 cross.patch | (download)

Makefile.in | 25 19 + 6 - 0 !
1 file changed, 19 insertions(+), 6 deletions(-)

 
---
10 665363 disable malloc usable size.patch | (download)

configure.ac | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 disable malloc_usable_size
 Disable code introduced in sqlite 3.7.10 using malloc_usable_size, as it caused
 a regression on 64-bit platforms.
31 increase_SQLITE_MAX_DEFAULT_PAGE_SIZE_to_32k.patch | (download)

src/sqliteLimit.h | 2 1 + 1 - 0 !
1 file changed, 1 insertion(+), 1 deletion(-)

 
 increase the maximum possible value of the page size
 Firefox/Iceweasel uses a page size of 32k, but sqlite won't allow it
 because the maximum it allows by default is 8k (through the
 SQLITE_MAX_DEFAULT_PAGE_SIZE define). This patch increases this limit.
 .
02 use packaged lempar.c.patch | (download)

tool/lemon.c | 2 2 + 0 - 0 !
1 file changed, 2 insertions(+)

 
 use packaged lempar.c
 Look for lempar.c under the package directory.
40 use_unsigned_integers_to_count_the_number_of_pages.patch | (download)

src/btree.c | 6 3 + 3 - 0 !
1 file changed, 3 insertions(+), 3 deletions(-)

 
---
41 fix_a_crash_that_could_occur.patch | (download)

src/whereexpr.c | 6 6 + 0 - 0 !
test/window1.test | 27 27 + 0 - 0 !
2 files changed, 33 insertions(+)

 
---
42 ensure_that_ALTER_TABLE_commands_open_statement_transactions.patch | (download)

src/alter.c | 12 6 + 6 - 0 !
src/vdbeaux.c | 1 1 + 0 - 0 !
test/altertab3.test | 31 31 + 0 - 0 !
3 files changed, 38 insertions(+), 6 deletions(-)

 
---
43 fix_an_fts5_problem_with_interleaving.patch | (download)

ext/fts5/fts5Int.h | 3 2 + 1 - 0 !
ext/fts5/fts5_hash.c | 55 38 + 17 - 0 !
ext/fts5/fts5_index.c | 25 17 + 8 - 0 !
ext/fts5/test/fts5aa.test | 21 20 + 1 - 0 !
4 files changed, 77 insertions(+), 27 deletions(-)

 
---
44 fix_a_buffer_overread_when_running_fts5_prefix_queries.patch | (download)

ext/fts5/fts5_hash.c | 4 3 + 1 - 0 !
ext/fts5/test/fts5aa.test | 13 13 + 0 - 0 !
2 files changed, 16 insertions(+), 1 deletion(-)

 
---
45 CVE 2019 8457.patch | (download)

ext/rtree/rtree.c | 36 16 + 20 - 0 !
1 file changed, 16 insertions(+), 20 deletions(-)

 
---
46 probably_CVE 2019 5018.patch | (download)

src/resolve.c | 21 16 + 5 - 0 !
src/sqliteInt.h | 2 2 + 0 - 0 !
2 files changed, 18 insertions(+), 5 deletions(-)

 
---
47 probably_CVE 2019 5827_part1.patch | (download)

src/build.c | 8 4 + 4 - 0 !
src/expr.c | 2 1 + 1 - 0 !
src/main.c | 2 1 + 1 - 0 !
src/test_fs.c | 2 1 + 1 - 0 !
src/util.c | 2 1 + 1 - 0 !
src/vdbeaux.c | 8 5 + 3 - 0 !
src/vdbesort.c | 4 2 + 2 - 0 !
src/vtab.c | 25 15 + 10 - 0 !
8 files changed, 30 insertions(+), 23 deletions(-)

 
---
48 probably_CVE 2019 5827_part2.patch | (download)

ext/fts3/fts3_snippet.c | 7 4 + 3 - 0 !
ext/fts3/fts3_test.c | 6 3 + 3 - 0 !
ext/fts3/fts3_tokenize_vtab.c | 2 1 + 1 - 0 !
ext/fts3/fts3_tokenizer.c | 4 2 + 2 - 0 !
ext/fts3/fts3_write.c | 19 10 + 9 - 0 !
ext/fts5/fts5_tokenize.c | 2 1 + 1 - 0 !
ext/rtree/geopoly.c | 20 10 + 10 - 0 !
7 files changed, 31 insertions(+), 29 deletions(-)

 
---
CVE 2019 19923.patch | (download)

src/select.c | 8 6 + 2 - 0 !
test/join.test | 13 13 + 0 - 0 !
2 files changed, 19 insertions(+), 2 deletions(-)

 
 [patch] continue to back away from the left join optimization of
 check-in [41c27bc0ff1d3135] by disallowing query flattening if the outer
 query is DISTINCT.  Without this fix, if an index scan is run on the table
 within the view on the right-hand side of the LEFT JOIN, stale result
 registers might be accessed yielding incorrect results, and/or an
 OP_IfNullRow opcode might be invoked on the un-opened table, resulting in a
 NULL-pointer dereference.  This problem was found by the Yongheng and Rui
 fuzzer.

FossilOrigin-Name: 862974312edf00e9d1068115d1a39b7235b7db68b6d86b81d38a12f025a4748e
CVE 2019 19925.patch | (download)

ext/misc/zipfile.c | 1 1 + 0 - 0 !
test/zipfile.test | 14 14 + 0 - 0 !
2 files changed, 15 insertions(+)

 
 [patch] fix the zipfile extension so that insert works even if the
 pathname of the file being inserted is a NULL.  Bug discovered by the
 Yongheng and Rui fuzzer.

FossilOrigin-Name: a80f84b511231204658304226de3e075a55afc2e3f39ac063716f7a57f585c06
CVE 2019 19959.patch | (download)

ext/misc/zipfile.c | 4 2 + 2 - 0 !
test/zipfile.test | 12 12 + 0 - 0 !
2 files changed, 14 insertions(+), 2 deletions(-)

 
 [patch] test case for the zipfile-extension bug fix of the previous
 check-in.

FossilOrigin-Name: bc8bfc7fcdf33f6855584e10e9260073430517ff3268cf0c7988dcc4cd785391
CVE 2019 20218.patch | (download)

src/select.c | 5 4 + 1 - 0 !
src/util.c | 1 1 + 0 - 0 !
test/altertab3.test | 22 22 + 0 - 0 !
test/with3.test | 10 9 + 1 - 0 !
4 files changed, 36 insertions(+), 2 deletions(-)

 
 [patch] make sure the with stack in the parse object is disabled
 following an error.
CVE 2020 13434.patch | (download)

src/printf.c | 12 12 + 0 - 0 !
test/printf.test | 7 7 + 0 - 0 !
2 files changed, 19 insertions(+)

 
 [patch] limit the "precision" of floating-point to text conversions
 in the printf() function to 100,000,000.  Fix for ticket [23439ea582241138].

FossilOrigin-Name: d08d3405878d394e08e5d3af281246edfbd81ca74cc8d16458808591512fb93d
CVE 2020 13435.patch | (download)

src/expr.c | 23 10 + 13 - 0 !
src/resolve.c | 2 2 + 0 - 0 !
src/select.c | 23 0 + 23 - 0 !
src/sqliteInt.h | 3 3 + 0 - 0 !
src/walker.c | 37 37 + 0 - 0 !
src/window.c | 23 23 + 0 - 0 !
6 files changed, 75 insertions(+), 36 deletions(-)

 
 [patch] move some utility walker callbacks into the walker.c source
 file, as they seem to belong there better.

FossilOrigin-Name: dac438236f7c5419d4e7e094e8b3f19f83cd3b1a18bc8acb14aee90d4514fa3c
CVE 2020 13630.patch | (download)

ext/fts3/fts3.c | 1 1 + 0 - 0 !
1 file changed, 1 insertion(+)

 
 [patch] fix a use-after-free bug in the fts3 snippet() function.

FossilOrigin-Name: 0d69f76f0865f9626078bee087a22fb826407279e78cf9d5382e1c985c9f64a9
CVE 2020 13632.patch | (download)

ext/fts3/fts3_snippet.c | 2 1 + 1 - 0 !
test/fts3matchinfo2.test | 35 35 + 0 - 0 !
2 files changed, 36 insertions(+), 1 deletion(-)

 
 [patch] fix a null pointer deference that can occur on a strange
 matchinfo() query.

FossilOrigin-Name: a4dd148928ea65bd4e1654dfacc3d8057d1f85b8c9939416991d50722e5a720e
CVE 2020 15358.patch | (download)

src/select.c | 7 3 + 4 - 0 !
src/sqliteInt.h | 1 1 + 0 - 0 !
test/selectA.test | 21 21 + 0 - 0 !
3 files changed, 25 insertions(+), 4 deletions(-)

 
 [patch] fix a defect in the query-flattener optimization identified
 by ticket [8f157e8010b22af0].

FossilOrigin-Name: 10fa79d00f8091e5748c245f4cae5b5f499a5f8db20da741c130e05a21ede443
CVE 2019 16168.patch | (download)

src/analyze.c | 4 3 + 1 - 0 !
src/where.c | 1 1 + 0 - 0 !
test/analyzeC.test | 14 14 + 0 - 0 !
3 files changed, 18 insertions(+), 1 deletion(-)

 
 [patch] ensure that the optional "sz=n" parameter that can be
 manually added to the end of an sqlite_stat1 entry does not have an N value
 that is too small. Ticket [e4598ecbdd18bd82]

FossilOrigin-Name: 98357d8c1263920b33a3648ef9214a63c99728bafa7a8d3dd6a1241b2303fd42