summaryrefslogtreecommitdiffstats
path: root/meta/recipes-support/sqlite
AgeCommit message (Collapse)Author
2024-02-24meta: Remove some not needed CVE_STATUSSimone Weiß
CVE_STATUS was set for those components, but meanwhile databases are updated with corrected information, so setting the CVE_STATUS is not needed anymore. Signed-off-by: Simone Weiß <simone.p.weiss@posteo.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2024-02-17sqlite3: upgrade 3.44.2 -> 3.45.1Anuj Mittal
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-12-20sqlite3: upgrade 3.44.0 -> 3.44.2Anuj Mittal
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-11-23sqlite3: upgrade 3.43.2 -> 3.44.0Anuj Mittal
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2023-10-19sqlite3: upgrade 3.43.1 -> 3.43.2Wang Mingyu
Changelog: ============ -Add support for Contentless-Delete FTS5 Indexes. -Enhancements to the date and time functions: -Added the octet_length(X) SQL function. -Added the sqlite3_stmt_explain() API. -Query planner enhancements: -Enhancements to the decimal extension: -If X is a floating-point value, then the decimal(X) function now does a full expansion of that value into its exact decimal equivalent. -Performance enhancements to JSON processing results in a 2x performance improvement for some kinds of processing on large JSON strings. -New makefile target "verify-source" checks to ensure that there are no unintentional changes in the source tree. -Added the SQLITE_USE_SEH compile-time option that enables Structured Exception Handling on Windows while working with the memory-mapped shm file that is part of WAL mode processing. This option is enabled by default when building on Windows using Makefile.msc. -The VFS for unix now assumes that the nanosleep() system call is available unless compiled with -DHAVE_NANOSLEEP=0. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2023-09-26sqlite3: upgrade 3.43.0 -> 3.43.1Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-09-04sqlite3: set CVE_STATUS for CVE-2023-36191Changqing Li
The error is a bug. It has been fixed upstream. But it is not a vulnerability. You may safely ignore the CVE. Refer: [1] https://www.sqlite.org/forum/forumpost/19f55ef73b Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-09-02sqlite3: upgrade 3.42.0 -> 3.43.0Wang Mingyu
Changelog: ========== -Add support for Contentless-Delete FTS5 Indexes. -Enhancements to the date and time functions: -Added the octet_length(X) SQL function. -Added the sqlite3_stmt_explain() API. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2023-07-21cve_check: convert CVE_CHECK_IGNORE to CVE_STATUSAndrej Valek
- Try to add convert and apply statuses for old CVEs - Drop some obsolete ignores, while they are not relevant for current version Signed-off-by: Andrej Valek <andrej.valek@siemens.com> Reviewed-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2023-07-10sqlite3: upgrade 3.41.2 -> 3.42.0Anuj Mittal
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-05-30Revert "sqlite3: Whitelist CVE-2022-21227"Richard Purdie
This reverts commit cfc42fdabb3f12eb4ac5069a549ba5699385dfdc.
2023-05-29sqlite3: Whitelist CVE-2022-21227Sanjay Chitroda
This CVE is applicable to "SQLite3 bindings for Node.js" only. References: https://nvd.nist.gov/vuln/detail/CVE-2022-21227 Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-05-29Revert "sqlite3: update CVE_PRODUCT"schitrod=cisco.com@lists.openembedded.org
This reverts commit 8800976e79d65956218ab462d9644d0661579301. As per NVD database "ghost:sqlite3" product is specific to "node.js" CVEs reported against above products are not applicable to us. Signed-off-by: Sanjay Chitroda <schitrod@cisco.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2023-05-10sqlite3: update CVE_PRODUCTChen Qi
Both 'sqlite' and 'sqlite3' are used in NVD database. Signed-off-by: Chen Qi <Qi.Chen@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2023-04-13sqlite3: upgrade 3.41.0 -> 3.41.2Wang Mingyu
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2023-03-11sqlite3: update 3.40.1 -> 3.41.0Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2023-01-06sqlite3: upgrade 3.40.0 -> 3.40.1Changqing Li
Signed-off-by: Changqing Li <changqing.li@windriver.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-12-06sqlite3: upgrade 3.39.4 -> 3.40.0Wang Mingyu
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2022-10-26sqlite3: upgrade 3.39.3 -> 3.39.4wangmy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2022-09-17sqlite3: upgrade 3.39.2 -> 3.39.3Richard Purdie
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-08-10sqlite3: upgrade 3.39.1 -> 3.39.2Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-23sqlite3: upgrade 3.39.0 -> 3.39.1Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-07-01sqlite3: upgrade 3.38.5 -> 3.39.0wangmy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-05-20sqlite3: upgrade 3.38.3 -> 3.38.5Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-05-05sqlite3: upgrade 3.38.2 -> 3.38.3Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-29sqlite3: upgrade 3.38.1 -> 3.38.2wangmy
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-20sqlite3: upgrade 3.38.0 -> 3.38.1Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-03-02sqlite3: upgrade 3.37.2 -> 3.38.0wangmy
Remove invalid PACKAGECONFIG : json1 Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-02-21meta/scripts: Automated conversion of OE renamed variablesRichard Purdie
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-01-20sqlite: update 3.37.1 -> 3.37.2Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2022-01-05sqlite3: upgrade 3.37.0 -> 3.37.1Otavio Salvador
Signed-off-by: Otavio Salvador <otavio@ossystems.com.br> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-12-01sqlite3: upgrade 3.36.0 -> 3.37.0wangmy
Changelog: 1.STRICT tables provide a prescriptive style of data type management, for developers who prefer that kind of thing. 2.When adding columns that contain a CHECK constraint or a generated column containing a NOT NULL constraint, the ALTER TABLE ADD COLUMN now checks new constraints against preexisting rows in the database and will only proceed if no constraints are violated. 3.Added the PRAGMA table_list statement. 4.CLI enhancements: a.Add the .connection command, allowing the CLI to keep multiple database connections open at the same time. b.Add the --safe command-line option that disables dot-commands and SQL statements that might cause side-effects that extend beyond the single database file named on the command-line. c.Performance improvements when reading SQL statements that span many lines. 5.Added the sqlite3_autovacuum_pages() interface. 6.The sqlite3_deserialize() does not and has never worked for the TEMP database. That limitation is now noted in the documentation. 7.The query planner now omits ORDER BY clauses on subqueries and views if removing those clauses does not change the semantics of the query. 8.The generate_series table-valued function extension is modified so that the first parameter ("START") is now required. This is done as a way to demonstrate how to write table-valued functions with required parameters. The legacy behavior is available using the -DZERO_ARGUMENT_GENERATE_SERIES compile-time option. 9.Added new sqlite3_changes64() and sqlite3_total_changes64() interfaces. 10.Added the SQLITE_OPEN_EXRESCODE flag option to sqlite3_open_v2(). 11.Use less memory to hold the database schema. Signed-off-by: Wang Mingyu <wangmy@fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-09-21sqlite3: Exclude CVE-2021-36690 from cve checksRichard Purdie
Issue is in an experimental extension we don't have/use. Could also be windows only. Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-07-30Convert to new override syntaxRichard Purdie
This is the result of automated script conversion: scripts/contrib/convert-overrides.py <oe-core directory> converting the metadata to use ":" as the override character instead of "_". Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-06-26sqlite3: upgrade 3.35.5 -> 3.36.0Alexander Kanavin
(From OE-Core rev: 118564912d65135e971778eac16667a40fd062b4) Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
2021-05-18sqlite3: upgrade 3.35.3 -> 3.35.5Richard Purdie
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-04-18sqlite3: upgrade 3.35.0 -> 3.35.3Randy MacLeod
Signed-off-by: Randy MacLeod <Randy.MacLeod@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-03-16sqlite3: upgrade 3.34.1 -> 3.35.0Richard Purdie
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-03-02recipes-support: Add missing HOMEPAGE and DESCRIPTION for recipesMeh Mbeh Ida Delphine
Fixes: [YOCTO #13471] Signed-off-by: Ida Delphine <idadelm@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2021-02-08sqlite3: upgrade 3.34.0 -> 3.34.1zhengruoqin
Signed-off-by: Zheng Ruoqin <zhengrq.fnst@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-12-30sqlite3: upgrade 3.33.0 -> 3.34.0Alexander Kanavin
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-11-24sqlite3: add CVE-2015-3717 to whitelistRoss Burton
As per https://groups.google.com/g/sqlite-dev/c/U7OjAbZO6LA this issue is believed to be either iOS specific, or fixed in 3.8.9. Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-08-19sqlite3: upgrade 3.32.3 -> 3.33.0Anuj Mittal
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-06-24sqlite3: upgrade 3.32.2 -> 3.32.3Andreas Müller
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-06-06sqlite3: upgrade 3.32.1 -> 3.32.2Andreas Müller
Signed-off-by: Andreas Müller <schnitzeltony@gmail.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-06-04sqlite: upgrade 3.31.1 -> 3.32.1Wang Mingyu
CVE-2020-11655.patch CVE-2020-11656.patch CVE-2020-9327.patch removed since they are included in 3.32.1 Signed-off-by: Wang Mingyu <wangmy@cn.fujitsu.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-05-03sqlite: backport CVE fixesSakib Sajal
Fixes CVE-2020-11655 and CVE-2020-11656 Signed-off-by: Sakib Sajal <sakib.sajal@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-03-10sqlite3: fix CVE-2020-9327Anuj Mittal
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-02-05sqlite3: upgrade 3.30.1 -> 3.31.1Anuj Mittal
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
2020-01-16sqlite: fix numerous CVEsRoss Burton
Fix the following CVEs: - CVE-2019-19244 - CVE-2019-19880 - CVE-2019-19923 - CVE-2019-19924 - CVE-2019-19925 - CVE-2019-19926 - CVE-2019-19959 - CVE-2019-20218 Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
generated by cgit 1.2.3-korg (git 2.39.0) at 2024-04-19 18:59:07 +0000