[SECURITY] Fedora 20 Update: sqlite-3.8.9-1.fc20

updates at fedoraproject.org updates at fedoraproject.org
Sun Apr 26 12:56:58 UTC 2015


--------------------------------------------------------------------------------
Fedora Update Notification
FEDORA-2015-6349
2015-04-18 05:42:55
--------------------------------------------------------------------------------

Name        : sqlite
Product     : Fedora 20
Version     : 3.8.9
Release     : 1.fc20
URL         : http://www.sqlite.org/
Summary     : Library that implements an embeddable SQL database engine
Description :
SQLite is a C library that implements an SQL database engine. A large
subset of SQL92 is supported. A complete database is stored in a
single disk file. The API is designed for convenience and ease of use.
Applications that link against SQLite can enjoy the power and
flexibility of an SQL database without the administrative hassles of
supporting a separate database server.  Version 2 and version 3 binaries
are named to permit each to be installed on a single host

--------------------------------------------------------------------------------
Update Information:

Update of sqlite to latest upstream version, with spatialite-tools rebuild.
--------------------------------------------------------------------------------
ChangeLog:

* Tue Apr 14 2015 Jan Stanek <jstanek at redhat.com> - 3.8.9-1
- Updated to version 3.8.9 (https://www.sqlite.org/releaselog/3_8_9.html)
* Thu Feb 26 2015 Jan Stanek <jstanek at redhat.com> - 3.8.8.3-1
- Updated to version 3.8.8.3 (https://sqlite.org/releaselog/3_8_8_3.html)
* Sat Feb 21 2015 Till Maas <opensource at till.name> - 3.8.8-3
- Rebuilt for Fedora 23 Change
  https://fedoraproject.org/wiki/Changes/Harden_all_packages_with_position-independent_code
* Tue Feb  3 2015 Jan Stanek <jstanek at redhat.com> - 3.8.8-2
- Fixed out-of-date source URLs (rhbz#1188092)
* Tue Jan 20 2015 Jan Stanek <jstanek at redhat.com> - 3.8.8-1
- Updated to version 3.8.8 (https://sqlite.org/releaselog/3_8_8.html)
- Recreated patches to work on current version.
* Fri Dec 12 2014 Jan Stanek <jstanek at redhat.com> - 3.8.7.4-1
- Updated to version 3.8.7.4 (http://www.sqlite.org/releaselog/3_8_7_4.html)
* Tue Nov 25 2014 Jan Stanek <jstanek at redhat.com> - 3.8.7.2-1
- Updated to version 3.8.7.2 (http://sqlite.org/releaselog/3_8_7_2.html)
* Tue Oct 21 2014 Jan Stanek <jstanek at redhat.com> - 3.8.7-1
- Updated to version 3.8.7 (http://sqlite.org/releaselog/3_8_7.html)
- Dropped patch for problem fixed upstream
* Tue Aug 19 2014 Jan Stanek <jstanek at redhat.com> - 3.8.6-2
- Added auto-selection of Tcl version based on Fedora version
* Tue Aug 19 2014 Jan Stanek <jstanek at redhat.com> - 3.8.6-1
- Updated to version 3.8.6 (http://www.sqlite.org/releaselog/3_8_6.html)
* Mon Aug 18 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.8.5-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
* Wed Jun 11 2014 Peter Robinson <pbrobinson at fedoraproject.org> 3.8.5-2
- Re-enable tests on aarch64 now they pass again
* Tue Jun 10 2014 Jan Stanek <jstanek at redhat.com> - 3.8.5-1
- Update to version 3.8.5 (http://www.sqlite.org/releaselog/3_8_5.html)
- Dropped patch already included upstream
* Sun Jun  8 2014 Fedora Release Engineering <rel-eng at lists.fedoraproject.org> - 3.8.4.3-5
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
* Thu Jun  5 2014 Peter Robinson <pbrobinson at fedoraproject.org> 3.8.4.3-4
- Don't make tests fail the build on aarch64 like some of the other arches
* Wed May 28 2014 Jan Stanek <jstanek at redhat.com> - 3.8.4.3-3
- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86 with correct tcl_version
* Wed May 21 2014 Jaroslav Škarvada <jskarvad at redhat.com> - 3.8.4.3-2
- Rebuilt for https://fedoraproject.org/wiki/Changes/f21tcl86
* Tue Apr 29 2014 Jan Stanek <jstanek at redhat.com> - 3.8.4.3-1
- Update to version 3.8.4.3 (http://www.sqlite.org/releaselog/3_8_4_3.html)
- Changed patch for rhbz#1075889 to upstream version
  Related: #1075889
* Fri Apr 25 2014 Honza Horak <hhorak at redhat.com> - 3.8.4.2-3
- Revert part of the upstream commit dca1945aeb3fb005, since it causes
  nautilus to crash
  Related: #1075889
* Wed Apr  2 2014 Jan Stanek <jstanek at redhat.com> 3.8.4.2-2
- Added building and shipping of sqlite3_analyzer (#1007159)
* Fri Mar 28 2014 Jan Stanek <jstanek at redhat.com> 3.8.4.2-1
- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4_2.html)
* Tue Mar 11 2014 Jan Stanek <jstanek at redhat.com> 3.8.4-1
- Update to 3.8.4 (http://www.sqlite.org/releaselog/3_8_4.html)
* Sun Feb 23 2014 Peter Robinson <pbrobinson at fedoraproject.org> 3.8.3-2
- Re-enable check on ARM/aarch64 as failing test fixed upstream for non x86 arches
- Modernise spec
* Tue Feb 11 2014 Jan Stanek <jstanek at redhat.com> 3.8.3-1
- Update to 3.8.3 (http://www.sqlite.org/releaselog/3_8_3.html)
- Dropped man-page patch - included upstream
* Mon Jan  6 2014 Peter Robinson <pbrobinson at fedoraproject.org> 3.8.2-2
- Add aarch64 to all the other arch excludes for tests
* Tue Dec 10 2013 Jan Stanek <jstanek at redhat.com> - 3.8.2-1
- Update to 3.8.2 (http://www.sqlite.org/releaselog/3_8_2.html)
--------------------------------------------------------------------------------
References:

  [ 1 ] Bug #1212353 - sqlite: use of uninitialized memory when parsing collation sequences in src/where.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1212353
  [ 2 ] Bug #1212356 - sqlite: invalid free() in src/vdbe.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1212356
  [ 3 ] Bug #1212357 - sqlite: stack buffer overflow in src/printf.c
        https://bugzilla.redhat.com/show_bug.cgi?id=1212357
--------------------------------------------------------------------------------

This update can be installed with the "yum" update program.  Use
su -c 'yum update sqlite' at the command line.
For more information, refer to "Managing Software with yum",
available at http://docs.fedoraproject.org/yum/.

All packages are signed with the Fedora Project GPG key.  More details on the
GPG keys used by the Fedora Project can be found at
https://fedoraproject.org/keys
--------------------------------------------------------------------------------


More information about the package-announce mailing list