diff options
| author | Natanael Copa <ncopa@alpinelinux.org> | 2017-10-02 22:17:28 +0200 |
|---|---|---|
| committer | Natanael Copa <ncopa@alpinelinux.org> | 2017-10-03 20:17:12 +0200 |
| commit | fdb75990b02bc777508a5a27ce0a01f817a98630 (patch) | |
| tree | 5600d638964fe8830b44d7f2ac51009e39eb2765 | |
| parent | e2b7176ff9d902f7e8837d4a7ef0d560c903fc35 (diff) | |
| download | aports-fdb75990b02bc777508a5a27ce0a01f817a98630.tar.bz2 aports-fdb75990b02bc777508a5a27ce0a01f817a98630.tar.xz | |
main/sqlite: security fix for CVE-2017-10989
fixes #7953
| -rw-r--r-- | main/sqlite/APKBUILD | 10 | ||||
| -rw-r--r-- | main/sqlite/CVE-2017-10989.patch | 15 |
2 files changed, 24 insertions, 1 deletions
diff --git a/main/sqlite/APKBUILD b/main/sqlite/APKBUILD index 1a400c6c44..a1d9a35b23 100644 --- a/main/sqlite/APKBUILD +++ b/main/sqlite/APKBUILD @@ -17,7 +17,7 @@ esac [ $_d -lt 10 ] && _d=0$_d _ver=${_a}${_b}${_c}${_d} -pkgrel=0 +pkgrel=1 pkgdesc="A C library that implements an SQL database engine" url="http://www.sqlite.org/" arch="all" @@ -25,10 +25,15 @@ license="custom" depends="" makedepends="tcl readline-dev" source="http://www.sqlite.org/2015/$pkgname-autoconf-$_ver.tar.gz + CVE-2017-10989.patch license.txt" subpackages="$pkgname-doc $pkgname-dev $pkgname-libs" +# secfixes: +# 3.13.0-r1: +# - CVE-2017-10989 + _builddir="$srcdir"/$pkgname-autoconf-$_ver prepare() { cd "$_builddir" @@ -69,8 +74,11 @@ libs() { } md5sums="bc4eb5b3fc5cfcb6e059794306cac1ca sqlite-autoconf-3090200.tar.gz +fe95af610a7d640c1ff3dbebc6308216 CVE-2017-10989.patch c1cdbc5544034d9012e421e75a5e4890 license.txt" sha256sums="064c0abe9c9177534d4c770bca7a5902f9924b629ac886b4c08956be6dfbc36b sqlite-autoconf-3090200.tar.gz +a59bf7f38e52e9ffda920707ef9fb0ad2c5c97e09a440095edcbd6cde57aee89 CVE-2017-10989.patch 4e57d9ac979f1c9872e69799c2597eeef4c6ce7224f3ede0bf9dc8d217b1e65d license.txt" sha512sums="c4fdd7dee58e2e4c83091f2a98d8099c6403a66f566be46b54d465c5a58404555fdc1d08050ca60edb6366d220407cfc7409921c123915f78a04cd9930217fa7 sqlite-autoconf-3090200.tar.gz +74e5aa45e8189048a8efe4093b4b772e9f8e4457a89638fcb4e60a75e35213af6f9cd5b7be276b9e91109ebcad7c6b20bc3bd3d00102ca15e2c1e50606f310e4 CVE-2017-10989.patch 5bde14bec5bf18cc686b8b90a8b2324c8c6600bca1ae56431a795bb34b8b5ae85527143f3b5f0c845c776bce60eaa537624104cefc3a47b3820d43083f40c6e9 license.txt" diff --git a/main/sqlite/CVE-2017-10989.patch b/main/sqlite/CVE-2017-10989.patch new file mode 100644 index 0000000000..b58fd64a19 --- /dev/null +++ b/main/sqlite/CVE-2017-10989.patch @@ -0,0 +1,15 @@ +diff --git a/sqlite3.c b/sqlite3.c +index aaab200..dcaf732 100644 +--- a/sqlite3.c ++++ b/sqlite3.c +@@ -164546,6 +164546,10 @@ static int getNodeSize( + rc = getIntFromStmt(db, zSql, &pRtree->iNodeSize); + if( rc!=SQLITE_OK ){ + *pzErr = sqlite3_mprintf("%s", sqlite3_errmsg(db)); ++ }else if( pRtree->iNodeSize<(512-64) ){ ++ rc = SQLITE_CORRUPT; ++ *pzErr = sqlite3_mprintf("undersize RTree blobs in \"%q_node\"", ++ pRtree->zName); + } + } + |