CVSROOT:        /cvs
Module name:    ports
Changes by:  2017/08/10 10:00:23

Modified files:
        databases/sqlite3: Makefile distinfo 

Log message:
Update to sqlite3 3.20.0.

Fixes CVE-2017-10989 ('The getNodeSize function in ext/rtree/rtree.c in
SQLite through 3.19.3, as used in GDAL and other products, mishandles
undersized RTree blobs in a crafted database, leading to a heap-based
buffer over-read or possibly unspecified other impact.')

The standalone fix itself is at

Pass -DSQLITE_ENABLE_FTS3 via CFLAGS, as it apparently fixes build
issues with mozilla (from FreeBSD r447626 via naddy@)

Reply via email to