git: 5b98d506ed03 - main - databases/sqlite3: security update to 3.50.4
- Go to: [ bottom of page ] [ top of archives ] [ this month ]
Date: Fri, 07 Nov 2025 17:11:58 UTC
The branch main has been updated by mandree:
URL: https://cgit.FreeBSD.org/ports/commit/?id=5b98d506ed03da39038bbf77ab508295d6f0cf94
commit 5b98d506ed03da39038bbf77ab508295d6f0cf94
Author: Matthias Andree <mandree@FreeBSD.org>
AuthorDate: 2025-11-07 16:44:51 +0000
Commit: Matthias Andree <mandree@FreeBSD.org>
CommitDate: 2025-11-07 17:11:52 +0000
databases/sqlite3: security update to 3.50.4
Changes per <https://sqlite.org/changes.html>:
2025-07-30 (3.50.4)
1 Fix two long-standings cases of the use of uninitialized variables
in obscure circumstances.
2025-07-17 (3.50.3)
1 Fix a possible memory error that can occur if a query is made
against against FTS5 index that has been deliberately corrupted in a
very specific way.
2 Fix the parser so that it ignored SQL comments in all places of a
CREATE TRIGGER statement. This resolves a problem that was introduced by
the introduction of the SQLITE_DBCONFIG_ENABLE_COMMENTS feature in
version 3.49.0.
3 Fix an incorrect answer due to over-optimization of an AND operator.
Forum post f4878de3e.
4 Fix minor makefile issues and documentation typos.
While here, install sqlite_cfg.h
The 3.51.0 update is left for the maintainer or other interested parties;
3.51.0 was released earlier this week, on 2025-11-04.
Security: c5889223-b4e1-11f0-ae9b-b42e991fc52e
Security: CVE-2025-7709
Approved by: ports-secteam@ (implicit)
MFH: 2025Q4
PR: 290588
---
databases/sqlite3/Makefile | 3 ++-
databases/sqlite3/distinfo | 6 +++---
databases/sqlite3/pkg-plist | 1 +
3 files changed, 6 insertions(+), 4 deletions(-)
diff --git a/databases/sqlite3/Makefile b/databases/sqlite3/Makefile
index e39b6d4525d3..b771b380ea6a 100644
--- a/databases/sqlite3/Makefile
+++ b/databases/sqlite3/Makefile
@@ -1,5 +1,5 @@
PORTNAME= sqlite3
-DISTVERSION= 3.50.2
+DISTVERSION= 3.50.4
# SECURITY WARNING: when updating this port, also file vuxml entry
# for ports/databases/linux-c7-sqlite3 (but mind it has a different EPOCH)
# and coordinate with ports/emulators/linux_base which also ships sqlite3.
@@ -279,6 +279,7 @@ post-configure:
post-install:
.if !defined(TEA)
+ ${INSTALL_DATA} ${WRKSRC}/sqlite_cfg.h ${STAGEDIR}${PREFIX}/include
${INSTALL_MAN} "${WRKSRC}/${PORTNAME}.1" "${STAGEDIR}${PREFIX}/share/man/man1"
${RM} "${STAGEDIR}${PREFIX}/include/msvc.h"
${SETENV} LD_LIBMAP_DISABLE=1 ldd -a "${STAGEDIR}${PREFIX}/bin/${PORTNAME}" "${STAGEDIR}${PREFIX}/lib/lib${PORTNAME}.so"
diff --git a/databases/sqlite3/distinfo b/databases/sqlite3/distinfo
index 7740e0943b59..6969e2ddc2f1 100644
--- a/databases/sqlite3/distinfo
+++ b/databases/sqlite3/distinfo
@@ -1,3 +1,3 @@
-TIMESTAMP = 1751267280
-SHA256 (sqlite-src-3500200.zip) = 091eeec3ae2ccb91aac21d0e9a4a58944fb2cb112fa67bffc3e08c2eca2d85c8
-SIZE (sqlite-src-3500200.zip) = 14392422
+TIMESTAMP = 1762533612
+SHA256 (sqlite-src-3500400.zip) = b7b4dc060f36053902fb65b344bbbed592e64b2291a26ac06fe77eec097850e9
+SIZE (sqlite-src-3500400.zip) = 14393367
diff --git a/databases/sqlite3/pkg-plist b/databases/sqlite3/pkg-plist
index f3908cbf7adf..f41befab4069 100644
--- a/databases/sqlite3/pkg-plist
+++ b/databases/sqlite3/pkg-plist
@@ -1,6 +1,7 @@
%%NO_TEA%%bin/sqlite3
%%NO_TEA%%bin/sqldiff
%%TCL%%bin/sqlite3_analyzer
+%%NO_TEA%%include/sqlite_cfg.h
%%NO_TEA%%include/sqlite3.h
%%NO_TEA%%include/sqlite3ext.h
%%NO_TEA%%%%STATIC%%lib/libsqlite3.a