Hello community, here is the log from the commit of package sqlite3 for openSUSE:Factory checked in at 2019-06-12 13:01:29 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/sqlite3 (Old) and /work/SRC/openSUSE:Factory/.sqlite3.new.4811 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "sqlite3" Wed Jun 12 13:01:29 2019 rev:113 rq:706065 version:3.28.0 Changes: -------- --- /work/SRC/openSUSE:Factory/sqlite3/sqlite3.changes 2019-03-14 14:51:52.215792209 +0100 +++ /work/SRC/openSUSE:Factory/.sqlite3.new.4811/sqlite3.changes 2019-06-12 13:01:34.477297003 +0200 @@ -1,0 +2,17 @@ +Thu Apr 18 13:52:28 UTC 2019 - Reinhard Max <[email protected]> + +- Upgrade to 3.28.0: + * CVE-2019-9936, bsc#1130326: running fts5 prefix queries inside + a transaction could trigger a heap-based buffer over-read. + * CVE-2019-9937, bsc#1130325: interleaving reads and writes in a + single transaction with an fts5 virtual table will lead to a + NULL Pointer Dereference. + * Enhanced window functions + * Enhanced VACUUM INTO so that it works for read-only databases. + * New query optimizations. + * Added the sqlite3_value_frombind() API for determining if the + argument to an SQL function is from a bound parameter. + * Security and compatibilities enhancements to fts3_tokenizer(). + * Improved robustness against corrupt database files. + +------------------------------------------------------------------- Old: ---- sqlite-doc-3270200.zip sqlite-src-3270200.zip New: ---- sqlite-doc-3280000.zip sqlite-src-3280000.zip ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ sqlite3.spec ++++++ --- /var/tmp/diff_new_pack.imusEw/_old 2019-06-12 13:01:36.233296613 +0200 +++ /var/tmp/diff_new_pack.imusEw/_new 2019-06-12 13:01:36.241296611 +0200 @@ -17,9 +17,9 @@ %define oname sqlite -%define tarversion 3270200 +%define tarversion 3280000 Name: sqlite3 -Version: 3.27.2 +Version: 3.28.0 Release: 0 Summary: Embeddable SQL Database Engine License: SUSE-Public-Domain
