Also, I've just spotted the following (** characters surround the changes):
1)
On the same page under " 2.1. Upping The Threat Level", the fourth paragraph
starts:
Because the pointer is passed in the t1.t1 column...
I think this is meant to be:
Because the pointer is passed in the ** t1.cx ** column...
2)
On the same page under " 2.1. Upping The Threat Level", the first bullet under
the sixth paragraph starts:
The WebSQL interface to webkit allowed any webpage to to run arbitrary SQL
in the browser for Chrome and Safari. That arbitrary SQL was suppose to be run
inside a sandbox where it could do not harm even if exploited
I thin this is meant to say:
The WebSQL interface to webkit allowed any webpage to to run arbitrary SQL
in the browser for Chrome and Safari. That arbitrary SQL was suppose to be run
inside a sandbox where it could do ** no ** harm even if exploited
3)
On the same page under " 2.3. Pointer Leaks"
The second sentence of the first para says:
In other words, subtypes on pointer values prevents attacks using SQL
statements like this:
I think it should say:
In other words, subtypes on pointer values ** prevent ** attacks using SQL
statements like this:
Or possibly:
In other words, ** using ** subtypes on pointer values prevents attacks
using SQL statements like this:
4)
On the same page, under " 5. Summary"
The second sentence of key take-awy #3 starts:
Instead, use the interfaces designed to facility secure pointer passing:
I think it should be:
Instead, use the interfaces designed to facilitate secure pointer passing:
Cheers,
Dave
Ward Analytics Ltd - information in motion
Tel: +44 (0) 118 9740191
Fax: +44 (0) 118 9740192
www: http://www.ward-analytics.com
Registered office address: The Oriel, Sydenham Road, Guildford, Surrey, United
Kingdom, GU1 3SR
Registered company number: 3917021 Registered in England and Wales.
-----Original Message-----
From: sqlite-users [mailto:[email protected]] On
Behalf Of David Wellman
Sent: 25 July 2017 16:31
To: 'SQLite mailing list'
Subject: Re: [sqlite] Version 3.20.0 release candidate 2
Hi,
Minor doc error at https://sqlite.org/draft/bindptr.html
The first paragraph under "2. A Brief History Of Pointer Passing In SQLite"
starts with:
It is sometimes convenient for SQLite extensions to communicatin non-SQL
values...
I'm not sure what it is meant to say, but probably not that :-) Possibly
something like:
It is sometimes convenient for SQLite extensions to communicate non-SQL
values...
Cheers,
Dave
Ward Analytics Ltd - information in motion
Tel: +44 (0) 118 9740191
Fax: +44 (0) 118 9740192
www: http://www.ward-analytics.com
Registered office address: The Oriel, Sydenham Road, Guildford, Surrey, United
Kingdom, GU1 3SR
Registered company number: 3917021 Registered in England and Wales.
-----Original Message-----
From: sqlite-users [mailto:[email protected]] On
Behalf Of Richard Hipp
Sent: 25 July 2017 16:23
To: General Discussion of SQLite Database; sqlite-dev
Subject: [sqlite] Version 3.20.0 release candidate 2
We are restarting the test process for SQLite 3.20.0. There is a new
release candidate on the website at https://sqlite.org/download.html
and on the newly reopened branch-3.20 of the source tree at
https://sqlite.org/src/timeline?r=branch-3.20
A new draft change log is at https://sqlite.org/draft/releaselog/3_20_0.html
Changes in the release candidate since the previous release attempt include:
* Improved documentation for the new pointer-passing interface
* Date/time functions can now be used in CHECK constraints and indexes
* Added the UNION virtual table extension
The target release date is one week from today. If you have concerns
with anything in this release, please raise them now.
The checklist at https://sqlite.org/checklists/3200000/index has been
reset. The release will occur when that checklist goes all-green.
--
D. Richard Hipp
[email protected]
_______________________________________________
sqlite-users mailing list
[email protected]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
_______________________________________________
sqlite-users mailing list
[email protected]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
_______________________________________________
sqlite-users mailing list
[email protected]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
