diff options
author | Ross Burton <ross.burton@intel.com> | 2020-03-11 11:49:19 +0200 |
---|---|---|
committer | Anuj Mittal <anuj.mittal@intel.com> | 2020-03-16 07:04:05 +0800 |
commit | feb8982ac6670af3bcb1243b51054bba9b027c83 (patch) | |
tree | 65672dda29049cd5c439ad048ba6cf6ebbf6ff86 /meta/recipes-support/sqlite/sqlite3/CVE-2019-20218.patch | |
parent | 8ec7a51da26f07fd43b5e6787b15c8636009b183 (diff) | |
download | openembedded-core-contrib-feb8982ac6670af3bcb1243b51054bba9b027c83.tar.gz |
sqlite: fix numerous CVEs
Fix the following CVEs:
- CVE-2019-19244
- CVE-2019-19923
- CVE-2019-19924
- CVE-2019-19925
- CVE-2019-19926
- CVE-2019-19959
- CVE-2019-20218
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ removed the CVE-2019-19880 fix that did not apply cleanly ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Diffstat (limited to 'meta/recipes-support/sqlite/sqlite3/CVE-2019-20218.patch')
-rw-r--r-- | meta/recipes-support/sqlite/sqlite3/CVE-2019-20218.patch | 31 |
1 files changed, 31 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2019-20218.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2019-20218.patch new file mode 100644 index 0000000000..fb6cd6df2d --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2019-20218.patch @@ -0,0 +1,31 @@ +CVE: CVE-2019-20218 +Upstream-Status: Backport +Signed-off-by: Ross Burton <ross.burton@intel.com> + +From 6bbd76d34f29f61483791231f2ce579dcadab8a5 Mon Sep 17 00:00:00 2001 +From: Dan Kennedy <danielk1977@gmail.com> +Date: Fri, 27 Dec 2019 20:54:42 +0000 +Subject: [PATCH] Do not attempt to unwind the WITH stack in the Parse object + following an error. This fixes a separate case to [de6e6d68]. + +FossilOrigin-Name: d29edef93451cc67a5d69c1cce1b1832d9ca8fff1f600afdd51338b74d077b92 +--- + sqlite3.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/sqlite3.c b/sqlite3.c +index 5bc06c8..408ec4c 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -130570,7 +130570,7 @@ static int selectExpander(Walker *pWalker, Select *p){ + + /* Process NATURAL keywords, and ON and USING clauses of joins. + */ +- if( db->mallocFailed || sqliteProcessJoin(pParse, p) ){ ++ if( pParse->nErr || db->mallocFailed || sqliteProcessJoin(pParse, p) ){ + return WRC_Abort; + } + +-- +2.24.1 + |