diff --git a/.gitignore b/.gitignore new file mode 100644 index 0000000..f00481c --- /dev/null +++ b/.gitignore @@ -0,0 +1,3 @@ +SOURCES/sqlite-autoconf-3260000.tar.gz +SOURCES/sqlite-doc-3260000.zip +SOURCES/sqlite-src-3260000.zip diff --git a/.sqlite.metadata b/.sqlite.metadata new file mode 100644 index 0000000..7d87cd8 --- /dev/null +++ b/.sqlite.metadata @@ -0,0 +1,3 @@ +9af2df1a6da5db6e2ecf3f463625f16740e036e9 SOURCES/sqlite-autoconf-3260000.tar.gz +13c48e0396d15f3f4978214e144445031a23d509 SOURCES/sqlite-doc-3260000.zip +a05429d6a8337d60ddc7c6381b49941059a55f68 SOURCES/sqlite-src-3260000.zip diff --git a/SOURCES/sqlite-3.12.2-no-malloc-usable-size.patch b/SOURCES/sqlite-3.12.2-no-malloc-usable-size.patch new file mode 100644 index 0000000..b983bd3 --- /dev/null +++ b/SOURCES/sqlite-3.12.2-no-malloc-usable-size.patch @@ -0,0 +1,24 @@ +diff -up sqlite-src-3120200/configure.ac.malloc_usable_size sqlite-src-3120200/configure.ac +--- sqlite-src-3120200/configure.ac.malloc_usable_size 2016-04-25 09:46:48.134690570 +0200 ++++ sqlite-src-3120200/configure.ac 2016-04-25 09:48:41.622637181 +0200 +@@ -108,7 +108,7 @@ AC_CHECK_HEADERS([sys/types.h stdlib.h s + ######### + # Figure out whether or not we have these functions + # +-AC_CHECK_FUNCS([fdatasync gmtime_r isnan localtime_r localtime_s malloc_usable_size strchrnul usleep utime pread pread64 pwrite pwrite64]) ++AC_CHECK_FUNCS([fdatasync gmtime_r isnan localtime_r localtime_s strchrnul usleep utime pread pread64 pwrite pwrite64]) + + ######### + # By default, we use the amalgamation (this may be changed below...) +diff -up sqlite-src-3120200/configure.malloc_usable_size sqlite-src-3120200/configure +--- sqlite-src-3120200/configure.malloc_usable_size 2016-04-25 09:47:12.594679063 +0200 ++++ sqlite-src-3120200/configure 2016-04-25 09:49:28.684615042 +0200 +@@ -10275,7 +10275,7 @@ done + ######### + # Figure out whether or not we have these functions + # +-for ac_func in fdatasync gmtime_r isnan localtime_r localtime_s malloc_usable_size strchrnul usleep utime pread pread64 pwrite pwrite64 ++for ac_func in fdatasync gmtime_r isnan localtime_r localtime_s strchrnul usleep utime pread pread64 pwrite pwrite64 + do : + as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh` + ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var" diff --git a/SOURCES/sqlite-3.16-datetest-2.2c.patch b/SOURCES/sqlite-3.16-datetest-2.2c.patch new file mode 100644 index 0000000..63857db --- /dev/null +++ b/SOURCES/sqlite-3.16-datetest-2.2c.patch @@ -0,0 +1,14 @@ +--- sqlite-src-3160100/test/date.test.orig 2017-01-04 14:48:46.113737093 +0100 ++++ sqlite-src-3160100/test/date.test 2017-01-04 14:49:11.144833563 +0100 +@@ -76,11 +76,6 @@ datetest 2.1c datetime(0,'unixepochx') N + datetest 2.1d datetime('2003-10-22','unixepoch') NULL + datetest 2.2 datetime(946684800,'unixepoch') {2000-01-01 00:00:00} + datetest 2.2b datetime('946684800','unixepoch') {2000-01-01 00:00:00} +-for {set i 0} {$i<1000} {incr i} { +- set sql [format {strftime('%%H:%%M:%%f',1237962480.%03d,'unixepoch')} $i] +- set res [format {06:28:00.%03d} $i] +- datetest 2.2c-$i $sql $res +-} + datetest 2.3 {date('2003-10-22','weekday 0')} 2003-10-26 + datetest 2.4 {date('2003-10-22','weekday 1')} 2003-10-27 + datetest 2.4a {date('2003-10-22','weekday 1')} 2003-10-27 diff --git a/SOURCES/sqlite-3.18.0-sync2-dirsync.patch b/SOURCES/sqlite-3.18.0-sync2-dirsync.patch new file mode 100644 index 0000000..0c7d0a5 --- /dev/null +++ b/SOURCES/sqlite-3.18.0-sync2-dirsync.patch @@ -0,0 +1,90 @@ +--- sqlite-src-3180000/test/sync2.test.sync2-dirsync 2017-03-30 21:26:42.000000000 +0200 ++++ sqlite-src-3180000/test/sync2.test 2017-04-03 13:16:14.422329691 +0200 +@@ -44,6 +44,15 @@ + uplevel [list do_test $tn [list execsql_sync $sql] [list {*}$res]] + } + ++# Wrapper over the expected sync count, takes DIRSYNC into consideration ++proc expected_sync_count {sync_count} { ++ ifcapable dirsync { ++ return $sync_count ++ } else { ++ return [ incr sync_count -1 ] ++ } ++} ++ + #----------------------------------------------------------------------- + # Tests for journal mode. + # +@@ -53,13 +62,13 @@ + INSERT INTO t1 VALUES(1, 2); + } + +-do_execsql_sync_test 1.1 { INSERT INTO t1 VALUES(3, 4) } 4 ++do_execsql_sync_test 1.1 { INSERT INTO t1 VALUES(3, 4) } [ expected_sync_count 4 ] + + # synchronous=normal. So, 1 sync on the directory, 1 on the journal, 1 + # on the db file. 3 in total. + do_execsql_test 1.2.1 { PRAGMA main.synchronous = NORMAL } + do_execsql_test 1.2.2 { PRAGMA main.synchronous } 1 +-do_execsql_sync_test 1.2.3 { INSERT INTO t1 VALUES(5, 6) } 3 ++do_execsql_sync_test 1.2.3 { INSERT INTO t1 VALUES(5, 6) } [ expected_sync_count 3 ] + + # synchronous=off. No syncs. + do_execsql_test 1.3.1 { PRAGMA main.synchronous = OFF } +@@ -70,7 +79,7 @@ + # 2 on the journal, 1 on the db file. 4 in total. + do_execsql_test 1.4.1 { PRAGMA main.synchronous = FULL } + do_execsql_test 1.4.2 { PRAGMA main.synchronous } 2 +-do_execsql_sync_test 1.4.3 { INSERT INTO t1 VALUES(9, 10) } 4 ++do_execsql_sync_test 1.4.3 { INSERT INTO t1 VALUES(9, 10) } [ expected_sync_count 4 ] + + #----------------------------------------------------------------------- + # Tests for wal mode. +@@ -79,7 +88,7 @@ + + # sync=full, journal_mode=wal. One sync on the directory, two on the + # wal file. +-do_execsql_sync_test 1.6 { INSERT INTO t1 VALUES(11, 12) } 3 ++do_execsql_sync_test 1.6 { INSERT INTO t1 VALUES(11, 12) } [ expected_sync_count 3 ] + + # One sync on the wal file. + do_execsql_sync_test 1.7 { INSERT INTO t1 VALUES(13, 14) } 1 +@@ -112,7 +121,7 @@ + + # Wal mode, sync=normal. The first transaction does one sync on directory, + # one on the wal file. The second does no syncs. +- do_execsql_sync_test 1.11.1 { INSERT INTO t1 VALUES(19, 20) } 2 ++ do_execsql_sync_test 1.11.1 { INSERT INTO t1 VALUES(19, 20) } [ expected_sync_count 2 ] + do_execsql_sync_test 1.11.2 { INSERT INTO t1 VALUES(21, 22) } 0 + do_execsql_test 1.11.3 { PRAGMA main.synchronous } 1 + +@@ -129,14 +138,14 @@ + # Delete mode, sync=full. The first transaction does one sync on + # directory, two on the journal file, one on the db. The second does + # the same. +- do_execsql_sync_test 1.15.1 { INSERT INTO t1 VALUES(26, 27) } 4 +- do_execsql_sync_test 1.15.2 { INSERT INTO t1 VALUES(28, 29) } 4 ++ do_execsql_sync_test 1.15.1 { INSERT INTO t1 VALUES(26, 27) } [ expected_sync_count 4 ] ++ do_execsql_sync_test 1.15.2 { INSERT INTO t1 VALUES(28, 29) } [ expected_sync_count 4 ] + do_execsql_test 1.15.3 { PRAGMA main.synchronous } 2 + + # Switch back to wal mode. + do_execsql_test 1.16 { PRAGMA journal_mode = wal } {wal} + +- do_execsql_sync_test 1.17.1 { INSERT INTO t1 VALUES(30, 31) } 2 ++ do_execsql_sync_test 1.17.1 { INSERT INTO t1 VALUES(30, 31) } [ expected_sync_count 2 ] + do_execsql_sync_test 1.17.2 { INSERT INTO t1 VALUES(32, 33) } 0 + do_execsql_test 1.17.3 { PRAGMA main.synchronous } 1 + +@@ -152,8 +161,8 @@ + # Close and reopen the db. Back to synchronous=normal. + db close + sqlite3 db test.db +- do_execsql_sync_test 1.20.1 { INSERT INTO t1 VALUES(38, 39) } 4 +- do_execsql_sync_test 1.20.2 { INSERT INTO t1 VALUES(40, 41) } 4 ++ do_execsql_sync_test 1.20.1 { INSERT INTO t1 VALUES(38, 39) } [ expected_sync_count 4 ] ++ do_execsql_sync_test 1.20.2 { INSERT INTO t1 VALUES(40, 41) } [ expected_sync_count 4 ] + do_execsql_test 1.20.3 { PRAGMA main.synchronous } 2 + } + diff --git a/SOURCES/sqlite-3.26-CVE-2019-13752.patch b/SOURCES/sqlite-3.26-CVE-2019-13752.patch new file mode 100644 index 0000000..b298a21 --- /dev/null +++ b/SOURCES/sqlite-3.26-CVE-2019-13752.patch @@ -0,0 +1,149 @@ +From 92b243715eea17997ed9707540757d0667ad9eb2 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Thu, 2 Jan 2020 09:54:41 +0100 +Subject: [PATCH] Improved detection of corrupt shadow tables in FTS3. Enable + the debugging special-inserts for FTS3 for both SQLITE_DEBUG and SQLITE_TEST. + +Resolves: CVE-2019-13752 +--- + ext/fts3/fts3.c | 2 +- + ext/fts3/fts3Int.h | 2 +- + ext/fts3/fts3_write.c | 42 +++++++++++++++++++++++++++--------------- + 3 files changed, 29 insertions(+), 17 deletions(-) + +diff --git a/ext/fts3/fts3.c b/ext/fts3/fts3.c +index f6fb931..6d6bd46 100644 +--- a/ext/fts3/fts3.c ++++ b/ext/fts3/fts3.c +@@ -4304,7 +4304,7 @@ static int fts3EvalPhraseStart(Fts3Cursor *pCsr, int bOptOk, Fts3Phrase *p){ + int bIncrOk = (bOptOk + && pCsr->bDesc==pTab->bDescIdx + && p->nToken<=MAX_INCR_PHRASE_TOKENS && p->nToken>0 +-#ifdef SQLITE_TEST ++#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST) + && pTab->bNoIncrDoclist==0 + #endif + ); +diff --git a/ext/fts3/fts3Int.h b/ext/fts3/fts3Int.h +index 077bad7..6f5a7a0 100644 +--- a/ext/fts3/fts3Int.h ++++ b/ext/fts3/fts3Int.h +@@ -283,7 +283,7 @@ struct Fts3Table { + int mxSavepoint; /* Largest valid xSavepoint integer */ + #endif + +-#ifdef SQLITE_TEST ++#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST) + /* True to disable the incremental doclist optimization. This is controled + ** by special insert command 'test-no-incr-doclist'. */ + int bNoIncrDoclist; +diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c +index 8fc6589..ee668aa 100644 +--- a/ext/fts3/fts3_write.c ++++ b/ext/fts3/fts3_write.c +@@ -23,7 +23,7 @@ + #include + #include + #include +- ++#include + + #define FTS_MAX_APPENDABLE_HEIGHT 16 + +@@ -2021,6 +2021,11 @@ static int fts3NodeAddTerm( + nPrefix = fts3PrefixCompress(pTree->zTerm, pTree->nTerm, zTerm, nTerm); + nSuffix = nTerm-nPrefix; + ++ /* If nSuffix is zero or less, then zTerm/nTerm must be a prefix of ++ ** pWriter->zTerm/pWriter->nTerm. i.e. must be equal to or less than when ++ ** compared with BINARY collation. This indicates corruption. */ ++ if( nSuffix<=0 ) return FTS_CORRUPT_VTAB; ++ + nReq += sqlite3Fts3VarintLen(nPrefix)+sqlite3Fts3VarintLen(nSuffix)+nSuffix; + if( nReq<=p->nNodeSize || !pTree->zTerm ){ + +@@ -2309,9 +2314,11 @@ static int fts3SegWriterAdd( + /* Append the prefix-compressed term and doclist to the buffer. */ + nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nPrefix); + nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nSuffix); ++ assert( nSuffix>0 ); + memcpy(&pWriter->aData[nData], &zTerm[nPrefix], nSuffix); + nData += nSuffix; + nData += sqlite3Fts3PutVarint(&pWriter->aData[nData], nDoclist); ++ assert( nDoclist>0 ); + memcpy(&pWriter->aData[nData], aDoclist, nDoclist); + pWriter->nData = nData + nDoclist; + +@@ -2331,6 +2338,7 @@ static int fts3SegWriterAdd( + pWriter->zTerm = zNew; + } + assert( pWriter->zTerm==pWriter->zMalloc ); ++ assert( nTerm>0 ); + memcpy(pWriter->zTerm, zTerm, nTerm); + }else{ + pWriter->zTerm = (char *)zTerm; +@@ -2639,6 +2647,7 @@ static int fts3MsrBufferData( + pMsr->aBuffer = pNew; + } + ++ assert( nList>0 ); + memcpy(pMsr->aBuffer, pList, nList); + return SQLITE_OK; + } +@@ -3821,6 +3830,7 @@ static int fts3IncrmergePush( + ** be added to. */ + nPrefix = fts3PrefixCompress(pNode->key.a, pNode->key.n, zTerm, nTerm); + nSuffix = nTerm - nPrefix; ++ if( NEVER(nSuffix<=0) ) return FTS_CORRUPT_VTAB; + nSpace = sqlite3Fts3VarintLen(nPrefix); + nSpace += sqlite3Fts3VarintLen(nSuffix) + nSuffix; + +@@ -5300,7 +5310,7 @@ static int fts3DoIntegrityCheck( + ** meaningful value to insert is the text 'optimize'. + */ + static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){ +- int rc; /* Return Code */ ++ int rc = SQLITE_ERROR; /* Return Code */ + const char *zVal = (const char *)sqlite3_value_text(pVal); + int nVal = sqlite3_value_bytes(pVal); + +@@ -5316,21 +5326,23 @@ static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){ + rc = fts3DoIncrmerge(p, &zVal[6]); + }else if( nVal>10 && 0==sqlite3_strnicmp(zVal, "automerge=", 10) ){ + rc = fts3DoAutoincrmerge(p, &zVal[10]); +-#ifdef SQLITE_TEST +- }else if( nVal>9 && 0==sqlite3_strnicmp(zVal, "nodesize=", 9) ){ +- p->nNodeSize = atoi(&zVal[9]); +- rc = SQLITE_OK; +- }else if( nVal>11 && 0==sqlite3_strnicmp(zVal, "maxpending=", 9) ){ +- p->nMaxPendingData = atoi(&zVal[11]); +- rc = SQLITE_OK; +- }else if( nVal>21 && 0==sqlite3_strnicmp(zVal, "test-no-incr-doclist=", 21) ){ +- p->bNoIncrDoclist = atoi(&zVal[21]); +- rc = SQLITE_OK; +-#endif ++#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST) + }else{ +- rc = SQLITE_ERROR; ++ int v; ++ if( nVal>9 && 0==sqlite3_strnicmp(zVal, "nodesize=", 9) ){ ++ v = atoi(&zVal[9]); ++ if( v>=24 && v<=p->nPgsz-35 ) p->nNodeSize = v; ++ rc = SQLITE_OK; ++ }else if( nVal>11 && 0==sqlite3_strnicmp(zVal, "maxpending=", 9) ){ ++ v = atoi(&zVal[11]); ++ if( v>=64 && v<=FTS3_MAX_PENDING_DATA ) p->nMaxPendingData = v; ++ rc = SQLITE_OK; ++ }else if( nVal>21 && 0==sqlite3_strnicmp(zVal,"test-no-incr-doclist=",21) ){ ++ p->bNoIncrDoclist = atoi(&zVal[21]); ++ rc = SQLITE_OK; ++ } ++#endif + } +- + return rc; + } + +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.26-CVE-2019-13753.patch b/SOURCES/sqlite-3.26-CVE-2019-13753.patch new file mode 100644 index 0000000..cc21b6d --- /dev/null +++ b/SOURCES/sqlite-3.26-CVE-2019-13753.patch @@ -0,0 +1,25 @@ +From 0b3ba64a9c7f785f6b3f1c1c15c5b0f1e41e0461 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Thu, 2 Jan 2020 10:25:58 +0100 +Subject: [PATCH] Remove a reachable NEVER() in FTS3. + +--- + ext/fts3/fts3_write.c | 2 +- + 1 file changed, 1 insertion(+), 1 deletion(-) + +diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c +index ee668aa..8624329 100644 +--- a/ext/fts3/fts3_write.c ++++ b/ext/fts3/fts3_write.c +@@ -3830,7 +3830,7 @@ static int fts3IncrmergePush( + ** be added to. */ + nPrefix = fts3PrefixCompress(pNode->key.a, pNode->key.n, zTerm, nTerm); + nSuffix = nTerm - nPrefix; +- if( NEVER(nSuffix<=0) ) return FTS_CORRUPT_VTAB; ++ if(nSuffix<=0 ) return FTS_CORRUPT_VTAB; + nSpace = sqlite3Fts3VarintLen(nPrefix); + nSpace += sqlite3Fts3VarintLen(nSuffix) + nSuffix; + +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.26.0-CVE-2019-13734.patch b/SOURCES/sqlite-3.26.0-CVE-2019-13734.patch new file mode 100644 index 0000000..9cb8e4c --- /dev/null +++ b/SOURCES/sqlite-3.26.0-CVE-2019-13734.patch @@ -0,0 +1,107 @@ +From 5f4ce30babee8085fc36680c6103d9a06be49ef7 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Thu, 2 Jan 2020 11:58:39 +0100 +Subject: [PATCH] More improvements to shadow table corruption detection in + FTS3. + +--- + ext/fts3/fts3.c | 4 ++++ + ext/fts3/fts3Int.h | 10 ++++++++++ + ext/fts3/fts3_write.c | 14 +++++++++++--- + 3 files changed, 25 insertions(+), 3 deletions(-) + +diff --git a/ext/fts3/fts3.c b/ext/fts3/fts3.c +index 6d6bd46..84fc8a5 100644 +--- a/ext/fts3/fts3.c ++++ b/ext/fts3/fts3.c +@@ -1460,6 +1460,10 @@ static int fts3InitVtab( + fts3DatabasePageSize(&rc, p); + p->nNodeSize = p->nPgsz-35; + ++#if defined(SQLITE_DEBUG)||defined(SQLITE_TEST) ++ p->nMergeCount = FTS3_MERGE_COUNT; ++#endif ++ + /* Declare the table schema to SQLite. */ + fts3DeclareVtab(&rc, p); + +diff --git a/ext/fts3/fts3Int.h b/ext/fts3/fts3Int.h +index 6f5a7a0..0d1b491 100644 +--- a/ext/fts3/fts3Int.h ++++ b/ext/fts3/fts3Int.h +@@ -287,9 +287,19 @@ struct Fts3Table { + /* True to disable the incremental doclist optimization. This is controled + ** by special insert command 'test-no-incr-doclist'. */ + int bNoIncrDoclist; ++ ++ /* Number of segments in a level */ ++ int nMergeCount; + #endif + }; + ++/* Macro to find the number of segments to merge */ ++#if defined(SQLITE_DEBUG) || defined(SQLITE_TEST) ++# define MergeCount(P) ((P)->nMergeCount) ++#else ++# define MergeCount(P) FTS3_MERGE_COUNT ++#endif ++ + /* + ** When the core wants to read from the virtual table, it creates a + ** virtual table cursor (an instance of the following structure) using +diff --git a/ext/fts3/fts3_write.c b/ext/fts3/fts3_write.c +index 8624329..d57d265 100644 +--- a/ext/fts3/fts3_write.c ++++ b/ext/fts3/fts3_write.c +@@ -1152,7 +1152,7 @@ static int fts3AllocateSegdirIdx( + ** segment and allocate (newly freed) index 0 at level iLevel. Otherwise, + ** if iNext is less than FTS3_MERGE_COUNT, allocate index iNext. + */ +- if( iNext>=FTS3_MERGE_COUNT ){ ++ if( iNext>=MergeCount(p) ){ + fts3LogMerge(16, getAbsoluteLevel(p, iLangid, iIndex, iLevel)); + rc = fts3SegmentMerge(p, iLangid, iIndex, iLevel); + *piIdx = 0; +@@ -4259,6 +4259,10 @@ static int fts3IncrmergeLoad( + int i; + int nHeight = (int)aRoot[0]; + NodeWriter *pNode; ++ if( nHeight<1 || nHeight>FTS_MAX_APPENDABLE_HEIGHT ){ ++ sqlite3_reset(pSelect); ++ return FTS_CORRUPT_VTAB; ++ } + + pWriter->nLeafEst = (int)((iEnd - iStart) + 1)/FTS_MAX_APPENDABLE_HEIGHT; + pWriter->iStart = iStart; +@@ -5007,7 +5011,7 @@ static int fts3DoIncrmerge( + const char *zParam /* Nul-terminated string containing "A,B" */ + ){ + int rc; +- int nMin = (FTS3_MERGE_COUNT / 2); ++ int nMin = (MergeCount(p) / 2); + int nMerge = 0; + const char *z = zParam; + +@@ -5052,7 +5056,7 @@ static int fts3DoAutoincrmerge( + int rc = SQLITE_OK; + sqlite3_stmt *pStmt = 0; + p->nAutoincrmerge = fts3Getint(&zParam); +- if( p->nAutoincrmerge==1 || p->nAutoincrmerge>FTS3_MERGE_COUNT ){ ++ if( p->nAutoincrmerge==1 || p->nAutoincrmerge>MergeCount(p) ){ + p->nAutoincrmerge = 8; + } + if( !p->bHasStat ){ +@@ -5340,6 +5344,10 @@ static int fts3SpecialInsert(Fts3Table *p, sqlite3_value *pVal){ + }else if( nVal>21 && 0==sqlite3_strnicmp(zVal,"test-no-incr-doclist=",21) ){ + p->bNoIncrDoclist = atoi(&zVal[21]); + rc = SQLITE_OK; ++ }else if( nVal>11 && 0==sqlite3_strnicmp(zVal,"mergecount=",11) ){ ++ v = atoi(&zVal[11]); ++ if( v>=4 && v<=FTS3_MERGE_COUNT && (v&1)==0 ) p->nMergeCount = v; ++ rc = SQLITE_OK; + } + #endif + } +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.26.0-CVE-2019-19923.patch b/SOURCES/sqlite-3.26.0-CVE-2019-19923.patch new file mode 100644 index 0000000..ea95b19 --- /dev/null +++ b/SOURCES/sqlite-3.26.0-CVE-2019-19923.patch @@ -0,0 +1,67 @@ +From 7d47517d579601bb6e59e33bf0896f0ed36aa0aa Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Mon, 20 Jan 2020 09:34:41 +0100 +Subject: [PATCH] Continue to back away from the LEFT JOIN optimization of + check-in + +by disallowing query flattening if the outer query is DISTINCT. Without this fix, +if an index scan is run on the table within the view on the right-hand side of the +LEFT JOIN, stale result registers might be accessed yielding incorrect results, +and/or an OP_IfNullRow opcode might be invoked on the un-opened table, resulting +in a NULL-pointer dereference. This problem was found by the Yongheng and Rui fuzzer. +--- + src/select.c | 8 ++++++-- + test/join.test | 13 +++++++++++++ + 2 files changed, 19 insertions(+), 2 deletions(-) + +diff --git a/src/select.c b/src/select.c +index c60ff27..0205a08 100644 +--- a/src/select.c ++++ b/src/select.c +@@ -3569,6 +3569,7 @@ static void substSelect( + ** (3b) the FROM clause of the subquery may not contain a virtual + ** table and + ** (3c) the outer query may not be an aggregate. ++** (3d) the outer query may not be DISTINCT. + ** + ** (4) The subquery can not be DISTINCT. + ** +@@ -3765,8 +3766,11 @@ static int flattenSubquery( + */ + if( (pSubitem->fg.jointype & JT_OUTER)!=0 ){ + isLeftJoin = 1; +- if( pSubSrc->nSrc>1 || isAgg || IsVirtual(pSubSrc->a[0].pTab) ){ +- /* (3a) (3c) (3b) */ ++ if( pSubSrc->nSrc>1 /* (3a) */ ++ || isAgg /* (3b) */ ++ || IsVirtual(pSubSrc->a[0].pTab) /* (3c) */ ++ || (p->selFlags & SF_Distinct)!=0 /* (3d) */ ++ ){ + return 0; + } + } +diff --git a/test/join.test b/test/join.test +index 8c6f463..8c6a53d 100644 +--- a/test/join.test ++++ b/test/join.test +@@ -844,4 +844,17 @@ do_execsql_test join-15.110 { + ORDER BY a1, a2, a3, a4, a5; + } {1 {} {} {} {} 1 11 {} {} {} 1 12 {} {} {} 1 12 121 {} {} 1 13 {} {} {}} + ++# 2019-12-18 problem with a LEFT JOIN where the RHS is a view. ++# Detected by Yongheng and Rui. ++# Follows from the optimization attempt of check-in 41c27bc0ff1d3135 ++# on 2017-04-18 ++# ++reset_db ++do_execsql_test join-22.10 { ++ CREATE TABLE t0(a, b); ++ CREATE INDEX t0a ON t0(a); ++ INSERT INTO t0 VALUES(10,10),(10,11),(10,12); ++ SELECT DISTINCT c FROM t0 LEFT JOIN (SELECT a+1 AS c FROM t0) ORDER BY c ; ++} {11} ++ + finish_test +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.26.0-CVE-2019-19924.patch b/SOURCES/sqlite-3.26.0-CVE-2019-19924.patch new file mode 100644 index 0000000..df29238 --- /dev/null +++ b/SOURCES/sqlite-3.26.0-CVE-2019-19924.patch @@ -0,0 +1,60 @@ +From 6b06304c2a46e17a6dc4402eadc75ccac24da893 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Fri, 17 Jan 2020 13:03:54 +0100 +Subject: [PATCH] When an error occurs while rewriting the parser tree for + window functions in the sqlite3WindowRewrite() routine, make sure that + pParse->nErr is set, and make sure that this shuts down any subsequent code + generation that might depend on the transformations that were implemented. + This fixes a problem discovered by the Yongheng and Rui fuzzer. + +--- + src/expr.c | 1 + + src/vdbeaux.c | 3 ++- + src/window.c | 5 +++++ + 3 files changed, 8 insertions(+), 1 deletion(-) + +diff --git a/src/expr.c b/src/expr.c +index d4eb9de..b081ca2 100644 +--- a/src/expr.c ++++ b/src/expr.c +@@ -344,6 +344,7 @@ static int codeCompare( + int addr; + CollSeq *p4; + ++ if( pParse->nErr ) return 0; + p4 = sqlite3BinaryCompareCollSeq(pParse, pLeft, pRight); + p5 = binaryCompareP5(pLeft, pRight, jumpIfNull); + addr = sqlite3VdbeAddOp4(pParse->pVdbe, opcode, in2, dest, in1, +diff --git a/src/vdbeaux.c b/src/vdbeaux.c +index f1496a3..b74141b 100644 +--- a/src/vdbeaux.c ++++ b/src/vdbeaux.c +@@ -1160,7 +1160,8 @@ void sqlite3VdbeSetP4KeyInfo(Parse *pParse, Index *pIdx){ + */ + static void vdbeVComment(Vdbe *p, const char *zFormat, va_list ap){ + assert( p->nOp>0 || p->aOp==0 ); +- assert( p->aOp==0 || p->aOp[p->nOp-1].zComment==0 || p->db->mallocFailed ); ++ assert( p->aOp==0 || p->aOp[p->nOp-1].zComment==0 || p->db->mallocFailed ++ || p->pParse->nErr>0 ); + if( p->nOp ){ + assert( p->aOp ); + sqlite3DbFree(p->db, p->aOp[p->nOp-1].zComment); +diff --git a/src/window.c b/src/window.c +index f5deae9..56c0145 100644 +--- a/src/window.c ++++ b/src/window.c +@@ -843,6 +843,11 @@ int sqlite3WindowRewrite(Parse *pParse, Select *p){ + if( db->mallocFailed ) rc = SQLITE_NOMEM; + } + ++ if( rc && pParse->nErr==0 ){ ++ assert( pParse->db->mallocFailed ); ++ return SQLITE_NOMEM; ++ } ++ + return rc; + } + +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.26.0-CVE-2019-19925.patch b/SOURCES/sqlite-3.26.0-CVE-2019-19925.patch new file mode 100644 index 0000000..bed5060 --- /dev/null +++ b/SOURCES/sqlite-3.26.0-CVE-2019-19925.patch @@ -0,0 +1,50 @@ +From 1986c6384122947b10804cbc5c4d7af85e097404 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Mon, 20 Jan 2020 10:09:55 +0100 +Subject: [PATCH] Fix the zipfile extension so that INSERT works even if the + pathname of + +the file being inserted is a NULL. Bug discovered by the +Yongheng and Rui fuzzer. +--- + ext/misc/zipfile.c | 1 + + test/zipfile.test | 13 +++++++++++++ + 2 files changed, 14 insertions(+) + +diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c +index e57dc38..6f48d0f 100644 +--- a/ext/misc/zipfile.c ++++ b/ext/misc/zipfile.c +@@ -1618,6 +1618,7 @@ static int zipfileUpdate( + + if( rc==SQLITE_OK ){ + zPath = (const char*)sqlite3_value_text(apVal[2]); ++ if( zPath==0 ) zPath = ""; + nPath = (int)strlen(zPath); + mTime = zipfileGetTime(apVal[4]); + } +diff --git a/test/zipfile.test b/test/zipfile.test +index 2bab066..5bca10b 100644 +--- a/test/zipfile.test ++++ b/test/zipfile.test +@@ -795,4 +795,17 @@ if {$tcl_platform(platform)!="windows"} { + } {. ./x1.txt ./x2.txt} + } + ++# 2019-12-18 Yongheng and Rui fuzzer ++# ++do_execsql_test 13.10 { ++ DROP TABLE IF EXISTS t0; ++ DROP TABLE IF EXISTS t1; ++ CREATE TABLE t0(a,b,c,d,e,f,g); ++ REPLACE INTO t0(c,b,f) VALUES(10,10,10); ++ CREATE VIRTUAL TABLE t1 USING zipfile('h.zip'); ++ REPLACE INTO t1 SELECT * FROM t0; ++ SELECT quote(name),quote(mode),quote(mtime),quote(sz),quote(rawdata), ++ quote(data),quote(method) FROM t1; ++} {'' 10 10 2 X'3130' X'3130' 0} ++ + finish_test +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.26.0-CVE-2019-19959.patch b/SOURCES/sqlite-3.26.0-CVE-2019-19959.patch new file mode 100644 index 0000000..ec1965c --- /dev/null +++ b/SOURCES/sqlite-3.26.0-CVE-2019-19959.patch @@ -0,0 +1,63 @@ +From 16c5290d72cb8059e9dfe545613183b850fc44e4 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Mon, 20 Jan 2020 10:26:35 +0100 +Subject: [PATCH] Fix the zipfile() function in the zipfile extension so that + it is able to + +deal with goofy filenames that contain embedded zeros. +--- + ext/misc/zipfile.c | 4 ++-- + test/zipfile.test | 13 +++++++++++++ + 2 files changed, 15 insertions(+), 2 deletions(-) + +diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c +index 6f48d0f..e6141ef 100644 +--- a/ext/misc/zipfile.c ++++ b/ext/misc/zipfile.c +@@ -1632,7 +1632,7 @@ static int zipfileUpdate( + zFree = sqlite3_mprintf("%s/", zPath); + if( zFree==0 ){ rc = SQLITE_NOMEM; } + zPath = (const char*)zFree; +- nPath++; ++ nPath = (int)strlen(zPath); + } + } + +@@ -2033,11 +2033,11 @@ void zipfileStep(sqlite3_context *pCtx, int nVal, sqlite3_value **apVal){ + }else{ + if( zName[nName-1]!='/' ){ + zName = zFree = sqlite3_mprintf("%s/", zName); +- nName++; + if( zName==0 ){ + rc = SQLITE_NOMEM; + goto zipfile_step_out; + } ++ nName = (int)strlen(zName); + }else{ + while( nName>1 && zName[nName-2]=='/' ) nName--; + } +diff --git a/test/zipfile.test b/test/zipfile.test +index 5bca10b..e4b8088 100644 +--- a/test/zipfile.test ++++ b/test/zipfile.test +@@ -808,4 +808,17 @@ do_execsql_test 13.10 { + quote(data),quote(method) FROM t1; + } {'' 10 10 2 X'3130' X'3130' 0} + ++# 2019-12-23 Yongheng and Rui fuzzer ++# Run using valgrind to see the problem. ++# ++do_execsql_test 14.10 { ++ DROP TABLE t1; ++ CREATE TABLE t1(x char); ++ INSERT INTO t1(x) VALUES('1'); ++ INSERT INTO t1(x) SELECT zipfile(x, 'xyz') FROM t1; ++ INSERT INTO t1(x) SELECT zipfile(x, 'uvw') FROM t1; ++ SELECT count(*) FROM t1; ++ PRAGMA integrity_check; ++} {3 ok} ++ + finish_test +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.26.0-out-of-bounds-read.patch b/SOURCES/sqlite-3.26.0-out-of-bounds-read.patch new file mode 100644 index 0000000..1edc762 --- /dev/null +++ b/SOURCES/sqlite-3.26.0-out-of-bounds-read.patch @@ -0,0 +1,89 @@ +From eca47c8481b0c2f09a7818ed2bce0ad27b1dae27 Mon Sep 17 00:00:00 2001 +From: Ondrej Dubaj +Date: Wed, 26 Jun 2019 12:25:10 +0200 +Subject: [PATCH] Fixed out of bounds heap read in function rtreenode() + + Enhance the rtreenode() function of rtree (used for + testing) so that it uses the newer sqlite3_str object + for better performance and improved error reporting. + Test cases added to TH3. + + Resolves: #1723338 + Version: 3.26.0-4 +--- + ext/rtree/rtree.c | 35 ++++++++++++++++------------------- + 1 file changed, 16 insertions(+), 19 deletions(-) + +diff --git a/ext/rtree/rtree.c b/ext/rtree/rtree.c +index 4b044cb..87d0de0 100644 +--- a/ext/rtree/rtree.c ++++ b/ext/rtree/rtree.c +@@ -3711,49 +3711,46 @@ rtreeInit_fail: + ** *2 coordinates. + */ + static void rtreenode(sqlite3_context *ctx, int nArg, sqlite3_value **apArg){ +- char *zText = 0; + RtreeNode node; + Rtree tree; + int ii; ++ int nData; ++ int errCode; ++ sqlite3_str *pOut; + + UNUSED_PARAMETER(nArg); + memset(&node, 0, sizeof(RtreeNode)); + memset(&tree, 0, sizeof(Rtree)); + tree.nDim = (u8)sqlite3_value_int(apArg[0]); ++ if( tree.nDim<1 || tree.nDim>5 ) return; + tree.nDim2 = tree.nDim*2; + tree.nBytesPerCell = 8 + 8 * tree.nDim; + node.zData = (u8 *)sqlite3_value_blob(apArg[1]); ++ nData = sqlite3_value_bytes(apArg[1]); ++ if( nData<4 ) return; ++ if( nData0 ) sqlite3_str_append(pOut, " ", 1); ++ sqlite3_str_appendf(pOut, "{%lld", cell.iRowid); + for(jj=0; jj +Date: Thu, 23 Jan 2020 15:08:13 +0100 +Subject: [PATCH] Fix buffer underflows in the zipfile extension associated + with zero-length or NULL filename in the ZIP archive. But report on the + mailing list by Yongheng and Rui. + +--- + ext/misc/zipfile.c | 14 +++++++++----- + test/zipfile.test | 13 +++++++++++++ + 2 files changed, 22 insertions(+), 5 deletions(-) + +diff --git a/ext/misc/zipfile.c b/ext/misc/zipfile.c +index e6141ef..7fd4074 100644 +--- a/ext/misc/zipfile.c ++++ b/ext/misc/zipfile.c +@@ -1433,8 +1433,8 @@ static int zipfileGetMode( + ** identical, ignoring any trailing '/' character in either path. */ + static int zipfileComparePath(const char *zA, const char *zB, int nB){ + int nA = (int)strlen(zA); +- if( zA[nA-1]=='/' ) nA--; +- if( zB[nB-1]=='/' ) nB--; ++ if( nA>0 && zA[nA-1]=='/' ) nA--; ++ if( nB>0 && zB[nB-1]=='/' ) nB--; + if( nA==nB && memcmp(zA, zB, nA)==0 ) return 0; + return 1; + } +@@ -1628,11 +1628,15 @@ static int zipfileUpdate( + ** '/'. This appears to be required for compatibility with info-zip + ** (the unzip command on unix). It does not create directories + ** otherwise. */ +- if( zPath[nPath-1]!='/' ){ ++ if( nPath<=0 || zPath[nPath-1]!='/' ){ + zFree = sqlite3_mprintf("%s/", zPath); +- if( zFree==0 ){ rc = SQLITE_NOMEM; } + zPath = (const char*)zFree; +- nPath = (int)strlen(zPath); ++ if( zFree==0 ){ ++ rc = SQLITE_NOMEM; ++ nPath = 0; ++ }else{ ++ nPath = (int)strlen(zPath); ++ } + } + } + +diff --git a/test/zipfile.test b/test/zipfile.test +index e4b8088..9f07c0a 100644 +--- a/test/zipfile.test ++++ b/test/zipfile.test +@@ -821,4 +821,17 @@ do_execsql_test 14.10 { + PRAGMA integrity_check; + } {3 ok} + ++# 2019-12-26 More problems in zipfile from the Yongheng and Rui fuzzer ++# ++do_execsql_test 15.10 { ++ DROP TABLE IF EXISTS t1; ++ CREATE VIRTUAL TABLE t1 USING zipfile(null); ++ REPLACE INTO t1 VALUES(null,null,0,null,null,null,null); ++} {} ++do_execsql_test 15.20 { ++ DROP TABLE IF EXISTS t2; ++ CREATE VIRTUAL TABLE t2 USING zipfile(null); ++ REPLACE INTO t2 values(null,null,null,null,null,10,null); ++} {} ++ + finish_test +-- +2.19.1 + diff --git a/SOURCES/sqlite-3.6.23-lemon-system-template.patch b/SOURCES/sqlite-3.6.23-lemon-system-template.patch new file mode 100644 index 0000000..3d3b0aa --- /dev/null +++ b/SOURCES/sqlite-3.6.23-lemon-system-template.patch @@ -0,0 +1,21 @@ +diff -up sqlite-3.6.23/tool/lemon.c.system-template sqlite-3.6.23/tool/lemon.c +--- sqlite-3.6.23/tool/lemon.c.system-template 2010-03-10 16:40:35.000000000 +0200 ++++ sqlite-3.6.23/tool/lemon.c 2010-03-10 16:40:39.000000000 +0200 +@@ -3363,6 +3363,8 @@ PRIVATE FILE *tplt_open(struct lemon *le + tpltname = buf; + }else if( access(templatename,004)==0 ){ + tpltname = templatename; ++ }else if( access("/usr/share/lemon/lempar.c", R_OK)==0){ ++ tpltname = "/usr/share/lemon/lempar.c"; + }else{ + tpltname = pathsearch(lemp->argv0,templatename,0); + } +@@ -3374,7 +3376,7 @@ PRIVATE FILE *tplt_open(struct lemon *le + } + in = fopen(tpltname,"rb"); + if( in==0 ){ +- fprintf(stderr,"Can't open the template file \"%s\".\n",templatename); ++ fprintf(stderr,"Can't open the template file \"%s\".\n",tpltname); + lemp->errorcnt++; + return 0; + } diff --git a/SOURCES/sqlite-3.7.7.1-stupid-openfiles-test.patch b/SOURCES/sqlite-3.7.7.1-stupid-openfiles-test.patch new file mode 100644 index 0000000..101f0d4 --- /dev/null +++ b/SOURCES/sqlite-3.7.7.1-stupid-openfiles-test.patch @@ -0,0 +1,37 @@ +--- sqlite-src-3240000/test/oserror.test.old 2018-06-05 08:40:35.656122573 +0200 ++++ sqlite-src-3240000/test/oserror.test 2018-06-05 08:40:45.614935197 +0200 +@@ -51,20 +51,20 @@ + # a call to getcwd() may fail if there are no free file descriptors. So + # an error may be reported for either open() or getcwd() here. + # +-if {![clang_sanitize_address]} { +- do_test 1.1.1 { +- set ::log [list] +- list [catch { +- for {set i 0} {$i < 20000} {incr i} { sqlite3 dbh_$i test.db -readonly 1 } +- } msg] $msg +- } {1 {unable to open database file}} +- do_test 1.1.2 { +- catch { for {set i 0} {$i < 20000} {incr i} { dbh_$i close } } +- } {1} +- do_re_test 1.1.3 { +- lindex $::log 0 +- } {^os_unix.c:\d+: \(\d+\) (open|getcwd)\(.*test.db\) - } +-} ++#if {![clang_sanitize_address]} { ++# do_test 1.1.1 { ++# set ::log [list] ++# list [catch { ++# for {set i 0} {$i < 20000} {incr i} { sqlite3 dbh_$i test.db -readonly 1 } ++# } msg] $msg ++# } {1 {unable to open database file}} ++# do_test 1.1.2 { ++# catch { for {set i 0} {$i < 20000} {incr i} { dbh_$i close } } ++# } {1} ++# do_re_test 1.1.3 { ++# lindex $::log 0 ++# } {^os_unix.c:\d+: \(\d+\) (open|getcwd)\(.*test.db\) - } ++#} + + + # Test a failure in open() due to the path being a directory. diff --git a/SOURCES/sqlite-3.8.0-percentile-test.patch b/SOURCES/sqlite-3.8.0-percentile-test.patch new file mode 100644 index 0000000..f828fa5 --- /dev/null +++ b/SOURCES/sqlite-3.8.0-percentile-test.patch @@ -0,0 +1,15 @@ +# On i686 arch the removed test fails with result 2749999.50004681 instead of expected +# 2749999.5. This patch is temporary workaround and should be dropped as soon as a valid +# fix is found. + +diff -up sqlite-src-3080002/test/percentile.test.broken sqlite-src-3080002/test/percentile.test +--- sqlite-src-3080002/test/percentile.test.broken 2013-09-16 13:19:53.406004041 +0200 ++++ sqlite-src-3080002/test/percentile.test 2013-09-16 13:20:00.079024945 +0200 +@@ -195,7 +195,6 @@ ifcapable vtab { + foreach {in out} { + 0 0.0 + 100 9999990.0 +- 50 2749999.5 + 10 99999.9 + } { + do_test percentile-2.1.$in { diff --git a/SOURCES/sqlite-3.8.10.1-tcl-regress-tests.patch b/SOURCES/sqlite-3.8.10.1-tcl-regress-tests.patch new file mode 100644 index 0000000..bdeb6da --- /dev/null +++ b/SOURCES/sqlite-3.8.10.1-tcl-regress-tests.patch @@ -0,0 +1,137 @@ +This patch disables a test which caused failed assertion in tcl 8.6.3. +According to sqlite upstream[1], this should be fixed in tcl 8.6.5. + +[1] http://mailinglists.sqlite.org/cgi-bin/mailman/private/sqlite-users/2015-May/059518.html + +diff -up sqlite-src-3130000/test/shell1.test.orig sqlite-src-3130000/test/shell1.test +--- sqlite-src-3140100/test/shell1.test.orig 2016-08-12 02:17:02.000000000 +0200 ++++ sqlite-src-3140100/test/shell1.test 2016-08-15 15:00:59.869664051 +0200 +@@ -855,67 +855,67 @@ do_test shell1-4.6 { + + # Test using arbitrary byte data with the shell via standard input/output. + # +-do_test shell1-5.0 { +- # +- # NOTE: Skip NUL byte because it appears to be incompatible with command +- # shell argument parsing. +- # +- for {set i 1} {$i < 256} {incr i} { +- # +- # NOTE: Due to how the Tcl [exec] command works (i.e. where it treats +- # command channels opened for it as textual ones), the carriage +- # return character (and on Windows, the end-of-file character) +- # cannot be used here. +- # +- if {$i==0x0D || ($tcl_platform(platform)=="windows" && $i==0x1A)} { +- continue +- } +- if {$i>=0xE0 && $tcl_platform(os)=="OpenBSD"} continue +- if {$i>=0xE0 && $i<=0xEF && $tcl_platform(os)=="Linux"} continue +- set hex [format %02X $i] +- set char [subst \\x$hex]; set oldChar $char +- set escapes [list] +- if {$tcl_platform(platform)=="windows"} { +- # +- # NOTE: On Windows, we need to escape all the whitespace characters, +- # the alarm (\a) character, and those with special meaning to +- # the SQLite shell itself. +- # +- set escapes [list \ +- \a \\a \b \\b \t \\t \n \\n \v \\v \f \\f \r \\r \ +- " " "\" \"" \" \\\" ' \"'\" \\ \\\\] +- } else { +- # +- # NOTE: On Unix, we need to escape most of the whitespace characters +- # and those with special meaning to the SQLite shell itself. +- # The alarm (\a), backspace (\b), and carriage-return (\r) +- # characters do not appear to require escaping on Unix. For +- # the alarm and backspace characters, this is probably due to +- # differences in the command shell. For the carriage-return, +- # it is probably due to differences in how Tcl handles command +- # channel end-of-line translations. +- # +- set escapes [list \ +- \t \\t \n \\n \v \\v \f \\f \ +- " " "\" \"" \" \\\" ' \"'\" \\ \\\\] +- } +- set char [string map $escapes $char] +- set x [catchcmdex test.db ".print $char\n"] +- set code [lindex $x 0] +- set res [lindex $x 1] +- if {$code ne "0"} { +- error "failed with error: $res" +- } +- if {$res ne "$oldChar\n"} { +- if {[llength $res] > 0} { +- set got [format %02X [scan $res %c]] +- } else { +- set got +- } +- error "failed with byte $hex mismatch, got $got" +- } +- } +-} {} ++#do_test shell1-5.0 { ++# # ++# # NOTE: Skip NUL byte because it appears to be incompatible with command ++# # shell argument parsing. ++# # ++# for {set i 1} {$i < 256} {incr i} { ++# # ++# # NOTE: Due to how the Tcl [exec] command works (i.e. where it treats ++# # command channels opened for it as textual ones), the carriage ++# # return character (and on Windows, the end-of-file character) ++# # cannot be used here. ++# # ++# if {$i==0x0D || ($tcl_platform(platform)=="windows" && $i==0x1A)} { ++# continue ++# } ++# if {$i>=0xE0 && $tcl_platform(os)=="OpenBSD"} continue ++# if {$i>=0xE0 && $i<=0xEF && $tcl_platform(os)=="Linux"} continue ++# set hex [format %02X $i] ++# set char [subst \\x$hex]; set oldChar $char ++# set escapes [list] ++# if {$tcl_platform(platform)=="windows"} { ++# # ++# # NOTE: On Windows, we need to escape all the whitespace characters, ++# # the alarm (\a) character, and those with special meaning to ++# # the SQLite shell itself. ++# # ++# set escapes [list \ ++# \a \\a \b \\b \t \\t \n \\n \v \\v \f \\f \r \\r \ ++# " " "\" \"" \" \\\" ' \"'\" \\ \\\\] ++# } else { ++# # ++# # NOTE: On Unix, we need to escape most of the whitespace characters ++# # and those with special meaning to the SQLite shell itself. ++# # The alarm (\a), backspace (\b), and carriage-return (\r) ++# # characters do not appear to require escaping on Unix. For ++# # the alarm and backspace characters, this is probably due to ++# # differences in the command shell. For the carriage-return, ++# # it is probably due to differences in how Tcl handles command ++# # channel end-of-line translations. ++# # ++# set escapes [list \ ++# \t \\t \n \\n \v \\v \f \\f \ ++# " " "\" \"" \" \\\" ' \"'\" \\ \\\\] ++# } ++# set char [string map $escapes $char] ++# set x [catchcmdex test.db ".print $char\n"] ++# set code [lindex $x 0] ++# set res [lindex $x 1] ++# if {$code ne "0"} { ++# error "failed with error: $res" ++# } ++# if {$res ne "$oldChar\n"} { ++# if {[llength $res] > 0} { ++# set got [format %02X [scan $res %c]] ++# } else { ++# set got ++# } ++# error "failed with byte $hex mismatch, got $got" ++# } ++# } ++#} {} + + # These test cases do not work on MinGW + if 0 { diff --git a/SPECS/sqlite.spec b/SPECS/sqlite.spec new file mode 100644 index 0000000..fb381f2 --- /dev/null +++ b/SPECS/sqlite.spec @@ -0,0 +1,872 @@ +# bcond default logic is nicely backwards... +%bcond_without tcl +%bcond_with static +%bcond_without check + +%define realver 3260000 +%define docver 3260000 +%define rpmver 3.26.0 + +Summary: Library that implements an embeddable SQL database engine +Name: sqlite +Version: %{rpmver} +Release: 6%{?dist} +License: Public Domain +Group: Applications/Databases +URL: http://www.sqlite.org/ + +Source0: http://www.sqlite.org/2017/sqlite-src-%{realver}.zip +Source1: http://www.sqlite.org/2017/sqlite-doc-%{docver}.zip +Source2: http://www.sqlite.org/2017/sqlite-autoconf-%{realver}.tar.gz +# Support a system-wide lemon template +Patch1: sqlite-3.6.23-lemon-system-template.patch +# Shut up stupid tests depending on system settings of allowed open fd's +Patch2: sqlite-3.7.7.1-stupid-openfiles-test.patch +# sqlite >= 3.7.10 is buggy if malloc_usable_size() is detected, disable it: +# https://bugzilla.redhat.com/show_bug.cgi?id=801981 +# http://bugs.debian.org/cgi-bin/bugreport.cgi?bug=665363 +Patch3: sqlite-3.12.2-no-malloc-usable-size.patch +# Temporary workaround for failed percentile test, see patch for details +Patch4: sqlite-3.8.0-percentile-test.patch +# Disable test failing due to tcl regression. Details in patch file. +Patch6: sqlite-3.8.10.1-tcl-regress-tests.patch +# Disable test date-2.2c on i686 +Patch7: sqlite-3.16-datetest-2.2c.patch +# Modify sync2.test to pass with DIRSYNC turned off +Patch8: sqlite-3.18.0-sync2-dirsync.patch +# Fix for CVE-2019-8457 (rhbz#1723338) +# https://www.sqlite.org/src/info/90acdbfce9c08858 +Patch9: sqlite-3.26.0-out-of-bounds-read.patch +# Fix for CVE-2019-13752 +Patch10: sqlite-3.26-CVE-2019-13752.patch +# Fix for CVE-2019-13753 +Patch11: sqlite-3.26-CVE-2019-13753.patch +# Fix for CVE-2019-13734 +Patch12: sqlite-3.26.0-CVE-2019-13734.patch +# Fix for CVE-2019-19924 +Patch13: sqlite-3.26.0-CVE-2019-19924.patch +# Fix for CVE-2019-19923 +Patch14: sqlite-3.26.0-CVE-2019-19923.patch +# Fix for CVE-2019-19925 +Patch15: sqlite-3.26.0-CVE-2019-19925.patch +# Fix for CVE-2019-19959 +Patch16: sqlite-3.26.0-CVE-2019-19959.patch +# Fix fr issues found by covscan +Patch17: sqlite-3.26.0-zPath-covscan.patch + +BuildRequires: ncurses-devel readline-devel glibc-devel +BuildRequires: autoconf +%if %{with tcl} +BuildRequires: /usr/bin/tclsh +BuildRequires: tcl-devel +%{!?tcl_version: %global tcl_version 8.6} +%{!?tcl_sitearch: %global tcl_sitearch %{_libdir}/tcl%{tcl_version}} +%endif + +Requires: %{name}-libs = %{version}-%{release} + +# Ensure updates from pre-split work on multi-lib systems +Obsoletes: %{name} < 3.11.0-1 +Conflicts: %{name} < 3.11.0-1 + +%description +SQLite is a C library that implements an SQL database engine. A large +subset of SQL92 is supported. A complete database is stored in a +single disk file. The API is designed for convenience and ease of use. +Applications that link against SQLite can enjoy the power and +flexibility of an SQL database without the administrative hassles of +supporting a separate database server. Version 2 and version 3 binaries +are named to permit each to be installed on a single host + +%package devel +Summary: Development tools for the sqlite3 embeddable SQL database engine +Group: Development/Libraries +Requires: %{name}%{?_isa} = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} +Requires: pkgconfig + +%description devel +This package contains the header files and development documentation +for %{name}. If you like to develop programs using %{name}, you will need +to install %{name}-devel. + +%package libs +Summary: Shared library for the sqlite3 embeddable SQL database engine. +Group: Development/Libraries + +# Ensure updates from pre-split work on multi-lib systems +Obsoletes: %{name} < 3.11.0-1 +Conflicts: %{name} < 3.11.0-1 + +%description libs +This package contains the shared library for %{name}. + +%package doc +Summary: Documentation for sqlite +Group: Documentation +BuildArch: noarch + +%description doc +This package contains most of the static HTML files that comprise the +www.sqlite.org website, including all of the SQL Syntax and the +C/C++ interface specs and other miscellaneous documentation. + +%package -n lemon +Summary: A parser generator +Group: Development/Tools + +%description -n lemon +Lemon is an LALR(1) parser generator for C or C++. It does the same +job as bison and yacc. But lemon is not another bison or yacc +clone. It uses a different grammar syntax which is designed to reduce +the number of coding errors. Lemon also uses a more sophisticated +parsing engine that is faster than yacc and bison and which is both +reentrant and thread-safe. Furthermore, Lemon implements features +that can be used to eliminate resource leaks, making is suitable for +use in long-running programs such as graphical user interfaces or +embedded controllers. + +%if %{with tcl} +%package tcl +Summary: Tcl module for the sqlite3 embeddable SQL database engine +Group: Development/Languages +Requires: %{name} = %{version}-%{release} +Requires: %{name}-libs = %{version}-%{release} +Requires: tcl(abi) = %{tcl_version} + +%description tcl +This package contains the tcl modules for %{name}. + +%package analyzer +Summary: An analysis program for sqlite3 database files +Group: Development/Tools +Requires: %{name} = %{version}-%{release} +Requires: tcl(abi) = %{tcl_version} + +%description analyzer +This package contains the analysis program for %{name}. +%endif + +%prep +%setup -q -a1 -n %{name}-src-%{realver} +%patch1 -p1 +%patch2 -p1 +%patch3 -p1 +%patch4 -p1 +%patch6 -p1 +%ifarch %{ix86} +%patch7 -p1 +%endif +%patch8 -p1 +%patch9 -p1 +%patch10 -p1 +%patch11 -p1 +%patch12 -p1 +%patch13 -p1 +%patch14 -p1 +%patch15 -p1 +%patch16 -p1 +%patch17 -p1 + +# Remove backup-file +rm -f %{name}-doc-%{docver}/sqlite.css~ || : + +autoconf # Rerun with new autoconf to add support for aarm64 + +%build +export CFLAGS="$RPM_OPT_FLAGS $RPM_LD_FLAGS -DSQLITE_ENABLE_COLUMN_METADATA=1 \ + -DSQLITE_DISABLE_DIRSYNC=1 -DSQLITE_ENABLE_FTS3=3 \ + -DSQLITE_ENABLE_RTREE=1 -DSQLITE_SECURE_DELETE=1 \ + -DSQLITE_ENABLE_UNLOCK_NOTIFY=1 -DSQLITE_ENABLE_DBSTAT_VTAB=1 \ + -DSQLITE_ENABLE_FTS3_PARENTHESIS=1 -DSQLITE_ENABLE_JSON1=1 \ + -Wall -fno-strict-aliasing" +%configure %{!?with_tcl:--disable-tcl} \ + --enable-fts5 \ + --enable-threadsafe \ + --enable-threads-override-locks \ + --enable-load-extension \ + %{?with_tcl:TCLLIBDIR=%{tcl_sitearch}/sqlite3} + +# rpath removal +sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool +sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool + +make %{?_smp_mflags} + +# Build sqlite3_analyzer +# depends on tcl +%if %{with tcl} +make %{?_smp_mflags} sqlite3_analyzer +%endif + +%install +make DESTDIR=${RPM_BUILD_ROOT} install + +install -D -m0644 sqlite3.1 $RPM_BUILD_ROOT/%{_mandir}/man1/sqlite3.1 +install -D -m0755 lemon $RPM_BUILD_ROOT/%{_bindir}/lemon +install -D -m0644 tool/lempar.c $RPM_BUILD_ROOT/%{_datadir}/lemon/lempar.c + +%if %{with tcl} +# fix up permissions to enable dep extraction +chmod 0755 ${RPM_BUILD_ROOT}/%{tcl_sitearch}/sqlite3/*.so +# Install sqlite3_analyzer +install -D -m0755 sqlite3_analyzer $RPM_BUILD_ROOT/%{_bindir}/sqlite3_analyzer +%endif + +%if ! %{with static} +rm -f $RPM_BUILD_ROOT/%{_libdir}/*.{la,a} +%endif + +%if %{with check} +%check +# XXX shell tests are broken due to loading system libsqlite3, work around... +export LD_LIBRARY_PATH=`pwd`/.libs +export MALLOC_CHECK_=3 + +# csv01 hangs on all non-intel archs i've tried +%ifarch x86_64 %{ix86} +%else +rm test/csv01.test +%endif + +%ifarch s390x ppc64 +rm test/fts3conf.test +%endif + +make test +%endif # with check + +%ldconfig_scriptlets libs + +%files +%{_bindir}/sqlite3 +%{_mandir}/man?/* + +%files libs +%doc README.md +%{_libdir}/*.so.* + +%files devel +%{_includedir}/*.h +%{_libdir}/*.so +%{_libdir}/pkgconfig/*.pc +%if %{with static} +%{_libdir}/*.a +%exclude %{_libdir}/*.la +%endif + +%files doc +%doc %{name}-doc-%{docver}/* + +%files -n lemon +%{_bindir}/lemon +%{_datadir}/lemon + +%if %{with tcl} +%files tcl +%{tcl_sitearch}/sqlite3 + +%files analyzer +%{_bindir}/sqlite3_analyzer +%endif + +%changelog +* Thu Jan 23 2020 Ondrej Dubaj - 3.26.0-6 +- Fixed issues found by covscan + +* Thu Jan 02 2020 Ondrej Dubaj - 3.26.0-5 +- Fixed CVE-2019-13752 (#1786529) +- Fixed CVE-2019-13753 (#1786535) +- Fixed CVE-2019-13734 (#1786509) +- Fixed CVE-2019-19924 (#1789776) +- Fixed CVE-2019-19923 (#1789812) +- Fixed CVE-2019-19925 (#1789808) +- Fixed CVE-2019-19959 (#1789823) + +* Wed Jun 26 2019 Ondrej Dubaj - 3.26.0-4 +- Fixed CVE-2019-8457 (#1723338) + +* Thu Jan 03 2019 Petr Kubat - 3.26.0-3 +- Rebuild to pick up latest test sources by the CI + +* Thu Jan 03 2019 Petr Kubat - 3.26.0-2 +- Add explicit sqlite-libs requires to tcl and devel subpackages + +* Mon Dec 17 2018 Petr Kubat - 3.26.0-1 +- Updated to version 3.26.0 (https://sqlite.org/releaselog/3_26_0.html) + Fixes fts3/4 corrupt database exploit (#1659684) + +* Tue Jun 05 2018 Petr Kubat - 3.24.0-1 +- Updated to version 3.24.0 (https://sqlite.org/releaselog/3_24_0.html) + +* Wed Apr 11 2018 Petr Kubat - 3.23.1-1 +- Updated to version 3.23.1 (https://sqlite.org/releaselog/3_23_1.html) + +* Tue Apr 03 2018 Petr Kubat - 3.23.0-1 +- Updated to version 3.23.0 (https://sqlite.org/releaselog/3_23_0.html) + +* Wed Mar 21 2018 Petr Kubat - 3.22.0-4 +- Fixed CVE-2018-8740 (#1558809) + +* Fri Feb 9 2018 Florian Weimer - 3.22.0-3 +- Use LDFLAGS from redhat-rpm-config for building lemon, too + +* Mon Feb 05 2018 Petr Kubat - 3.22.0-2 +- Fixed issue with some walro2 tests failing on ppc64 + +* Sat Feb 03 2018 Igor Gnatenko - 3.22.0-2 +- Switch to %%ldconfig_scriptlets + +* Thu Jan 25 2018 Petr Kubat - 3.22.0-1 +- Fixed issue with some e_expr tests failing i686 +- Fixed issue with a fts3rank test failing on big-endian systems + +* Tue Jan 23 2018 Petr Kubat - 3.22.0-1 +- Updated to version 3.22.0 (https://sqlite.org/releaselog/3_22_0.html) + +* Wed Nov 01 2017 Petr Kubat - 3.21.0-1 +- Updated to version 3.21.0 (https://sqlite.org/releaselog/3_21_0.html) + +* Mon Aug 28 2017 Petr Kubat - 3.20.1-1 +- Updated to version 3.20.1 (https://sqlite.org/releaselog/3_20_1.html) + +* Tue Aug 22 2017 Kalev Lember - 3.20.0-2 +- Build with --enable-fts5 + +* Wed Aug 02 2017 Petr Kubat - 3.20.0-1 +- Updated to version 3.20.0 (https://sqlite.org/releaselog/3_20_0.html) + +* Thu Jul 27 2017 Fedora Release Engineering - 3.19.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_27_Mass_Rebuild + +* Wed Jul 12 2017 Petr Kubat - 3.19.3-1 +- Updated to version 3.19.3 (https://sqlite.org/releaselog/3_19_3.html) +- Better detection of CVE-2017-10989 (#1469673) + +* Thu May 25 2017 Petr Kubat - 3.19.1-1 +- Updated to version 3.19.1 (https://sqlite.org/releaselog/3_19_1.html) + +* Mon Apr 03 2017 Petr Kubat - 3.18.0-1 +- Updated to version 3.18.0 (https://sqlite.org/releaselog/3_18_0.html) +- Modify sync2.test to pass with DIRSYNC turned off + +* Thu Mar 02 2017 Petr Kubat - 3.17.0-2 +- Rebuild using newest gcc (#1428286) + +* Tue Feb 21 2017 Petr Kubat - 3.17.0-1 +- Updated to version 3.17.0 (https://sqlite.org/releaselog/3_17_0.html) + +* Sat Feb 11 2017 Fedora Release Engineering - 3.16.2-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_26_Mass_Rebuild + +* Thu Jan 12 2017 Igor Gnatenko - 3.16.2-2 +- Rebuild for readline 7.x + +* Sat Jan 7 2017 Jakub Dorňák - 3.16.2-1 +- Updated to version 3.16.2 (https://sqlite.org/releaselog/3_16_2.html) + +* Wed Jan 4 2017 Jakub Dorňák - 3.16.1-1 +- Updated to version 3.16.1 (https://sqlite.org/releaselog/3_16_1.html) + +* Tue Jan 3 2017 Jakub Dorňák - 3.16.0-1 +- Updated to version 3.16.0 (https://sqlite.org/releaselog/3_16_0.html) + +* Wed Sep 21 2016 Jakub Dorňák - 3.14.2-1 +- Updated to version 3.14.2 (https://sqlite.org/releaselog/3_14_2.html) + +* Mon Aug 15 2016 Jakub Dorňák - 3.14.1-1 +- Updated to version 3.14.1 (https://sqlite.org/releaselog/3_14_1.html) + +* Tue May 24 2016 Jakub Dorňák - 3.13.0-1 +- Updated to version 3.13.0 (https://sqlite.org/releaselog/3_13_0.html) + +* Mon Apr 25 2016 Jakub Dorňák - 3.12.2-1 +- Updated to version 3.12.2 (https://sqlite.org/releaselog/3_12_2.html) + +* Wed Mar 02 2016 Jan Stanek - 3.11.0-3 +- Release bump for #1312506 + +* Tue Feb 23 2016 Nils Philippsen - 3.11.0-2 +- add obsoletes/conflicts to make updates on multi-lib systems work (#1310441) +- make -devel package depend on arch-specific -libs (not main) package + +* Wed Feb 17 2016 Jan Stanek - 3.11.0-1 +- Updated to version 3.11.0 (https://sqlite.org/releaselog/3_11_0.html) + +* Mon Feb 08 2016 Jan Stanek - 3.10.2-3 +- Split the shared libraries to standalone subpackage + +* Fri Feb 05 2016 Fedora Release Engineering - 3.10.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_24_Mass_Rebuild + +* Fri Jan 22 2016 Jan Stanek - 3.10.2-1 +- Updated to version 3.10.2 (http://sqlite.org/releaselog/3_10_2.html) +- Enabled JSON1 Extension (rhbz#1277387) +- Made test failure nonfatal on MIPS (rhbz#1294888) + +* Wed Jan 13 2016 Jan Stanek - 3.10.0-1 +- Updated to version 3.10.0 (http://sqlite.org/releaselog/3_10_0.html) + +* Mon Dec 21 2015 Jan Stanek - 3.9.2-1 +- Updated to version 3.9.2 (http://sqlite.org/releaselog/3_9_2.html) + +* Thu Dec 10 2015 Jan Stanek - 3.9.0-2 +- Add autoconf amalgamation for stage2 builds. + +* Thu Oct 15 2015 Jan Stanek - 3.9.0-1 +- Updated to version 3.9.0 (https://sqlite.org/releaselog/3_9_0.html) + +* Tue Sep 22 2015 Jan Stanek - 3.8.11.1-1 +- Updated to version 3.8.11.1 + +* Tue Jul 28 2015 Jan Stanek - 3.8.11-1 +- Updated to version 3.8.11 (https://sqlite.org/releaselog/3_8_11.html) + +* Fri Jun 19 2015 Jan Stanek - 3.8.10.2-3 +- Enabled SQLITE_ENABLE_FTS3_PARENTHESIS extension (rhbz#1232301) + +* Fri Jun 19 2015 Fedora Release Engineering - 3.8.10.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_23_Mass_Rebuild + +* Fri May 29 2015 Jan Stanek - 3.8.10.2-1 +- Updated to version 3.8.10.2 (https://sqlite.org/releaselog/3_8_10_2.html) + +* Mon May 18 2015 Jan Stanek - 3.8.10.1-1 +- Updated to version 3.8.10.1 (https://www.sqlite.org/releaselog/3_8_10_1.html) + +* Tue Apr 14 2015 Jan Stanek - 3.8.9-1 +- Updated to version 3.8.9 (https://www.sqlite.org/releaselog/3_8_9.html) + +* Thu Feb 26 2015 Jan Stanek - 3.8.8.3-1 +- Updated to version 3.8.8.3 (https://sqlite.org/releaselog/3_8_8_3.html) + +* Sat Feb 21 2015 Till Maas - 3.8.8-3 +- Rebuilt for Fedora 23 Change + https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code + +* Tue Feb 03 2015 Jan Stanek - 3.8.8-2 +- Fixed out-of-date source URLs (rhbz#1188092) + +* Tue Jan 20 2015 Jan Stanek - 3.8.8-1 +- Updated to version 3.8.8 (https://sqlite.org/releaselog/3_8_8.html) +- Recreated patches to work on current version. + +* Fri Dec 12 2014 Jan Stanek - 3.8.7.4-1 +- Updated to version 3.8.7.4 (http://www.sqlite.org/releaselog/3_8_7_4.html) + +* Tue Nov 25 2014 Jan Stanek - 3.8.7.2-1 +- Updated to version 3.8.7.2 (http://sqlite.org/releaselog/3_8_7_2.html) + +* Tue Oct 21 2014 Jan Stanek - 3.8.7-1 +- Updated to version 3.8.7 (http://sqlite.org/releaselog/3_8_7.html) +- Dropped patch for problem fixed upstream + +* Tue Aug 19 2014 Jan Stanek - 3.8.6-2 +- Added auto-selection of Tcl version based on Fedora version + +* Tue Aug 19 2014 Jan Stanek - 3.8.6-1 +- Updated to version 3.8.6 (http://www.sqlite.org/releaselog/3_8_6.html) + +* Mon Aug 18 2014 Fedora Release Engineering - 3.8.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild + +* Wed Jun 11 2014 Peter Robinson 3.8.5-2 +- Re-enable tests on aarch64 now they pass again + +* Tue Jun 10 2014 Jan Stanek - 3.8.5-1 +- Update to version 3.8.5 (http://www.sqlite.org/releaselog/3_8_5.html) +- Dropped patch already included upstream + +* Sun Jun 08 2014 Fedora Release Engineering - 3.8.4.3-5 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild + +* Thu Jun 5 2014 Peter Robinson 3.8.4.3-4 +- Don't make tests fail the build on aarch64 like some of the other arches + +* Wed May 28 2014 Jan Stanek - 3.8.4.3-3 +- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86 with correct tcl_version + +* Wed May 21 2014 Jaroslav Škarvada - 3.8.4.3-2 +- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86 + +* Tue Apr 29 2014 Jan Stanek - 3.8.4.3-1 +- Update to version 3.8.4.3 (http://www.sqlite.org/releaselog/3_8_4_3.html) +- Changed patch for rhbz#1075889 to upstream version + Related: #1075889 + +* Fri Apr 25 2014 Honza Horak - 3.8.4.2-3 +- Revert part of the upstream commit dca1945aeb3fb005, since it causes + nautilus to crash + Related: #1075889 + +* Wed Apr 02 2014 Jan Stanek 3.8.4.2-2 +- Added building and shipping of sqlite3_analyzer (#1007159) + +* Fri Mar 28 2014 Jan Stanek 3.8.4.2-1 +- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4_2.html) + +* Tue Mar 11 2014 Jan Stanek 3.8.4-1 +- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4.html) + +* Sun Feb 23 2014 Peter Robinson 3.8.3-2 +- Re-enable check on ARM/aarch64 as failing test fixed upstream for non x86 arches +- Modernise spec + +* Tue Feb 11 2014 Jan Stanek 3.8.3-1 +- Update to 3.8.3 (http://www.sqlite.org/releaselog/3_8_3.html) +- Dropped man-page patch - included upstream + +* Mon Jan 6 2014 Peter Robinson 3.8.2-2 +- Add aarch64 to all the other arch excludes for tests + +* Tue Dec 10 2013 Jan Stanek - 3.8.2-1 +- Update to 3.8.2 (http://www.sqlite.org/releaselog/3_8_2.html) + +* Tue Nov 26 2013 Debarshi Ray - 3.8.1-2 +- Do not use transitive WHERE-clause constraints on LEFT JOINs (#1034714) + +* Tue Oct 22 2013 Jan Stanek - 3.8.1-1 +- Update to 3.8.1 (http://www.sqlite.org/releaselog/3_8_1.html) + +* Thu Sep 26 2013 Jan Stanek - 3.8.0.2-4 +- Removed fullversioned provides and start using full version for rpm version + +* Mon Sep 23 2013 Jan Stanek - 3.8.0-3 +- Added fullversioned Provides to fix broken dependency + +* Mon Sep 16 2013 Jan Stanek - 3.8.0-2 +- Dropped problematic percentile-2.1.50 test + +* Thu Sep 05 2013 Jan Stanek - 3.8.0-1 +- Update to 3.8.0.2 (http://sqlite.org/releaselog/3_8_0_2.html) + +* Sun Aug 04 2013 Fedora Release Engineering - 3.7.17-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_20_Mass_Rebuild + +* Wed May 22 2013 Jan Stanek - 3.7.17-1 +- Update to 3.7.17 (http://www.sqlite.org/releaselog/3_7_17.html) + +* Thu May 16 2013 Jan Stanek - 3.7.16.2-2 +- Added missing options to man page (#948862) + +* Mon Apr 29 2013 Jan Stanek - 3.7.16.2-1 +- update to 3.7.16.2 (http://www.sqlite.org/releaselog/3_7_16_2.html) +- add support for aarch64 (rerunning autoconf) (#926568) + +* Sun Mar 31 2013 Panu Matilainen - 3.7.16.1-1 +- update to 3.7.16.1 (https://www.sqlite.org/releaselog/3_7_16_1.html) + +* Wed Mar 20 2013 Panu Matilainen - 3.7.16-1 +- update to 3.7.16 (http://www.sqlite.org/releaselog/3_7_16.html) + +* Fri Feb 15 2013 Fedora Release Engineering - 3.7.15.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild + +* Thu Jan 10 2013 Panu Matilainen - 3.7.15.2-1 +- update to 3.7.15.2 (http://www.sqlite.org/releaselog/3_7_15_2.html) + +* Thu Dec 13 2012 Panu Matilainen - 3.7.15-1 +- update to 3.7.15 (http://www.sqlite.org/releaselog/3_7_15.html) +- fix an old incorrect date in spec changelog + +* Tue Nov 06 2012 Panu Matilainen - 3.7.14.1-1 +- update to 3.7.14.1 (http://www.sqlite.org/releaselog/3_7_14_1.html) + +* Wed Oct 03 2012 Panu Matilainen - 3.7.14-1 +- update to 3.7.14 (http://www.sqlite.org/releaselog/3_7_14.html) + +* Sat Jul 21 2012 Fedora Release Engineering - 3.7.13-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild + +* Mon Jun 25 2012 Panu Matilainen - 3.7.13-1 +- update to 3.7.13 (http://www.sqlite.org/releaselog/3_7_13.html) +- drop no longer needed savepoint relase patch + +* Fri Jun 01 2012 Panu Matilainen - 3.7.11-3 +- don't abort pending queries on release of nested savepoint (#821642) + +* Wed Apr 25 2012 Panu Matilainen - 3.7.11-2 +- run test-suite with MALLOC_CHECK_=3 +- disable buggy malloc_usable_size code (#801981) + +* Mon Mar 26 2012 Panu Matilainen - 3.7.11-1 +- update to 3.7.11 (http://www.sqlite.org/releaselog/3_7_11.html) + +* Wed Mar 07 2012 Panu Matilainen - 3.7.10-1 +- update to 3.7.10 (http://www.sqlite.org/releaselog/3_7_10.html) + +* Sat Jan 14 2012 Fedora Release Engineering - 3.7.9-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild + +* Tue Nov 22 2011 Panu Matilainen - 3.7.9-1 +- update to 3.7.9 (http://www.sqlite.org/releaselog/3_7_9.html) + +* Fri Oct 28 2011 Panu Matilainen - 3.7.8-1 +- update to 3.7.8 (http://www.sqlite.org/releaselog/3_7_8.html) + +* Wed Jul 13 2011 Panu Matilainen - 3.7.7.1-1 +- update to 3.7.7.1 (http://www.sqlite.org/releaselog/3_7_7_1.html) +- autoconf no longer needed for build, libdl check finally upstreamed + +* Wed May 25 2011 Panu Matilainen - 3.7.6.3-1 +- update to 3.7.6.3 (http://www.sqlite.org/releaselog/3_7_6_3.html) + +* Sat May 21 2011 Peter Robinson - 3.7.6.2-3 +- add arm to the exclude from tests list + +* Fri Apr 29 2011 Panu Matilainen - 3.7.6.2-2 +- comment out stupid tests causing very bogus build failure on koji + +* Thu Apr 21 2011 Panu Matilainen - 3.7.6.2-1 +- update to 3.7.6.2 (http://www.sqlite.org/releaselog/3_7_6_2.html) + +* Fri Feb 25 2011 Dennis Gilmore - 3.7.5-4 +- build tests on sparc expecting failures same as the other big endian arches + +* Wed Feb 09 2011 Fedora Release Engineering - 3.7.5-3 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild + +* Wed Feb 2 2011 Panu Matilainen - 3.7.5-2 +- unwanted cgi-script in docs creating broken dependencies, remove it +- make doc sub-package noarch + +* Tue Feb 1 2011 Panu Matilainen - 3.7.5-1 +- update to 3.7.5 (http://www.sqlite.org/releaselog/3_7_5.html) + +* Thu Dec 9 2010 Panu Matilainen - 3.7.4-1 +- update to 3.7.4 (http://www.sqlite.org/releaselog/3_7_4.html) +- deal with upstream source naming, versioning and format changing +- fixup wal2-test expections wrt SQLITE_DISABLE_DIRSYNC use + +* Fri Nov 5 2010 Dan Horák - 3.7.3-2 +- expect test failures also on s390x + +* Mon Nov 1 2010 Panu Matilainen - 3.7.3-1 +- update to 3.7.3 (http://www.sqlite.org/releaselog/3_7_3.html) + +* Thu Sep 2 2010 Tom "spot" Callaway - 3.7.0.1-2 +- enable SQLITE_SECURE_DELETE, SQLITE_ENABLE_UNLOCK_NOTIFY for firefox 4 + +* Fri Aug 13 2010 Panu Matilainen - 3.7.0.1-1 +- update to 3.7.0.1 (http://www.sqlite.org/releaselog/3_7_0_1.html) + +* Sat Jul 3 2010 Dan Horák - 3.6.23.1-2 +- some tests are failing on s390 and ppc/ppc64 so don't fail the whole build there + +* Mon Apr 19 2010 Panu Matilainen - 3.6.23.1-1 +- update to 3.6.23.1 (http://www.sqlite.org/releaselog/3_6_23_1.html) + +* Wed Mar 10 2010 Panu Matilainen - 3.6.23-1 +- update to 3.6.23 (http://www.sqlite.org/releaselog/3_6_23.html) +- drop the lemon sprintf patch, upstream doesn't want it +- make test-suite errors fail build finally + +* Mon Jan 18 2010 Panu Matilainen - 3.6.22-1 +- update to 3.6.22 (http://www.sqlite.org/releaselog/3_6_22.html) + +* Tue Dec 08 2009 Panu Matilainen - 3.6.21-1 +- update to 3.6.21 (http://www.sqlite.org/releaselog/3_6_21.html) + +* Tue Nov 17 2009 Panu Matilainen - 3.6.20-1 +- update to 3.6.20 (http://www.sqlite.org/releaselog/3_6_20.html) + +* Tue Oct 06 2009 Panu Matilainen - 3.6.18-1 +- update to 3.6.18 (http://www.sqlite.org/releaselog/3_6_18.html) +- drop no longer needed test-disabler patches + +* Fri Aug 21 2009 Panu Matilainen - 3.6.17-1 +- update to 3.6.17 (http://www.sqlite.org/releaselog/3_6_17.html) +- disable to failing tests until upstream fixes + +* Sun Jul 26 2009 Fedora Release Engineering - 3.6.14.2-2 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_12_Mass_Rebuild + +* Fri Jun 12 2009 Panu Matilainen - 3.6.14.2-1 +- update to 3.6.14.2 (#505229) + +* Mon May 18 2009 Panu Matilainen - 3.6.14-2 +- disable rpath +- add -doc subpackage instead of patching out reference to it + +* Thu May 14 2009 Panu Matilainen - 3.6.14-1 +- update to 3.6.14 (http://www.sqlite.org/releaselog/3_6_14.html) +- merge-review cosmetics (#226429) + - drop ancient sqlite3 obsoletes + - fix tab vs space whitespace issues + - remove commas from summaries +- fixup io-test fsync expectations wrt SQLITE_DISABLE_DIRSYNC + +* Wed Apr 15 2009 Panu Matilainen - 3.6.13-1 +- update to 3.6.13 + +* Thu Apr 09 2009 Dennis Gilmore - 3.6.12-3 +- apply upstream patch for memory alignment issue (#494906) + +* Tue Apr 07 2009 Panu Matilainen - 3.6.12-2 +- disable strict aliasing to work around brokenness on 3.6.12 (#494266) +- run test-suite on build but let it fail for now + +* Fri Apr 03 2009 Panu Matilainen - 3.6.12-1 +- update to 3.6.12 (#492662) +- remove reference to non-existent sqlite-doc from manual (#488883) + +* Wed Feb 25 2009 Fedora Release Engineering - 3.6.10-4 +- Rebuilt for https://fedoraproject.org/wiki/Fedora_11_Mass_Rebuild + +* Wed Feb 04 2009 Panu Matilainen - 3.6.10-3 +- enable RTREE and FTS3 extensions (#481417) + +* Thu Jan 22 2009 Panu Matilainen - 3.6.10-2 +- upstream fix yum breakage caused by new keywords (#481189) + +* Thu Jan 22 2009 Panu Matilainen - 3.6.10-1 +- update to 3.6.10 + +* Wed Dec 31 2008 Panu Matilainen - 3.6.7-1 +- update to 3.6.7 +- avoid lemon ending up in main sqlite package too + +* Fri Dec 05 2008 Panu Matilainen - 3.6.6.2-4 +- add lemon subpackage + +* Thu Dec 4 2008 Matthias Clasen - 3.6.6.2-3 +- Rebuild for pkg-config provides + +* Tue Dec 02 2008 Panu Matilainen - 3.6.6.2-2 +- require tcl(abi) in sqlite-tcl subpackage (#474034) +- move tcl extensions to arch-specific location +- enable dependency extraction on the tcl dso +- require pkgconfig in sqlite-devel + +* Sat Nov 29 2008 Panu Matilainen - 3.6.6.2-1 +- update to 3.6.6.2 + +* Sat Nov 08 2008 Panu Matilainen - 3.6.4-1 +- update to 3.6.4 +- drop patches already upstream + +* Mon Sep 22 2008 Panu Matilainen - 3.5.9-2 +- Remove references to temporary registers from cache on release (#463061) +- Enable loading of external extensions (#457433) + +* Tue Jun 17 2008 Stepan Kasal - 3.5.9-1 +- update to 3.5.9 + +* Wed Apr 23 2008 Panu Matilainen - 3.5.8-1 +- update to 3.5.8 +- provide full version in pkg-config (#443692) + +* Mon Mar 31 2008 Panu Matilainen - 3.5.6-2 +- remove reference to static libs from -devel description (#439376) + +* Tue Feb 12 2008 Panu Matilainen - 3.5.6-1 +- update to 3.5.6 +- also fixes #432447 + +* Fri Jan 25 2008 Panu Matilainen - 3.5.4-3 +- enable column metadata API (#430258) + +* Tue Jan 08 2008 Panu Matilainen - 3.5.4-2 +- avoid packaging CVS directory as documentation (#427755) + +* Fri Dec 21 2007 Panu Matilainen - 3.5.4-1 +- Update to 3.5.4 (#413801) + +* Fri Sep 28 2007 Panu Matilainen - 3.4.2-3 +- Add another build conditional for enabling %%check + +* Fri Sep 28 2007 Panu Matilainen - 3.4.2-2 +- Use bconds for the spec build conditionals +- Enable -tcl subpackage again (#309041) + +* Wed Aug 15 2007 Paul Nasrat - 3.4.2-1 +- Update to 3.4.2 + +* Sat Jul 21 2007 Paul Nasrat - 3.4.1-1 +- Update to 3.4.1 + +* Sun Jun 24 2007 Paul Nasrat - 3.4.0-2 +- Disable load for now (#245486) + +* Tue Jun 19 2007 Paul Nasrat - 3.4.0-1 +- Update to 3.4.0 + +* Fri Jun 01 2007 Paul Nasrat - 3.3.17-2 +- Enable load +- Build fts1 and fts2 +- Don't sync on dirs (#237427) + +* Tue May 29 2007 Paul Nasrat - 3.3.17-1 +- Update to 3.3.17 + +* Mon Mar 19 2007 Paul Nasrat - 3.3.13-1 +- Update to 3.3.13 + +* Fri Aug 11 2006 Paul Nasrat - 3.3.6-2 +- Fix conditional typo (patch from Gareth Armstrong) + +* Wed Jul 12 2006 Jesse Keating - 3.3.6-1.1 +- rebuild + +* Mon Jun 26 2006 Paul Nasrat - 3.3.6-1 +- Update to 3.3.6 +- Fix typo (#189647) +- Enable threading fixes (#181298) +- Conditionalize static library + +* Mon Apr 17 2006 Paul Nasrat - 3.3.5-1 +- Update to 3.3.5 + +* Fri Feb 10 2006 Jesse Keating - 3.3.3-1.2 +- bump again for double-long bug on ppc(64) + +* Tue Feb 07 2006 Jesse Keating - 3.3.3-1.1 +- rebuilt for new gcc4.1 snapshot and glibc changes + +* Tue Jan 31 2006 Christopher Aillon - 3.3.3-1 +- Update to 3.3.3 + +* Tue Jan 31 2006 Christopher Aillon - 3.3.2-1 +- Update to 3.3.2 + +* Tue Jan 24 2006 Paul Nasrat - 3.2.8-1 +- Add --enable-threadsafe (Nicholas Miell) +- Update to 3.2.8 + +* Fri Dec 09 2005 Jesse Keating +- rebuilt + +* Tue Oct 4 2005 Jeremy Katz - 3.2.7-2 +- no more static file or libtool archive (#169874) + +* Wed Sep 28 2005 Florian La Roche +- Upgrade to 3.2.7 release. + +* Thu Sep 22 2005 Florian La Roche +- Upgrade to 3.2.6 release. + +* Sun Sep 11 2005 Florian La Roche +- Upgrade to 3.2.5 release. + +* Fri Jul 8 2005 Roland McGrath - 3.2.2-1 +- Upgrade to 3.2.2 release. + +* Sat Apr 9 2005 Warren Togami - 3.1.2-3 +- fix buildreqs (#154298) + +* Mon Apr 4 2005 Jeremy Katz - 3.1.2-2 +- disable tcl subpackage + +* Wed Mar 9 2005 Jeff Johnson 3.1.2-1 +- rename to "sqlite" from "sqlite3" (#149719, #150012). + +* Wed Feb 16 2005 Jeff Johnson 3.1.2-1 +- upgrade to 3.1.2. +- add sqlite3-tcl sub-package. + +* Sat Feb 5 2005 Jeff Johnson 3.0.8-3 +- repackage for fc4. + +* Mon Jan 17 2005 R P Herrold 3.0.8-2orc +- fix a man page nameing conflict when co-installed with sqlite-2, as + is permissible