CVSROOT: /cvs
Module name: ports
Changes by: [email protected] 2017/08/10 10:00:23
Modified files:
databases/sqlite3: Makefile distinfo
Log message:
Update to sqlite3 3.20.0.
Fixes CVE-2017-10989 ('The getNodeSize function in ext/rtree/rtree.c in
SQLite through 3.19.3, as used in GDAL and other products, mishandles
undersized RTree blobs in a crafted database, leading to a heap-based
buffer over-read or possibly unspecified other impact.')
The standalone fix itself is at
https://sqlite.org/src/vpatch?from=0db20efe201736b3&to=66de6f4a9504ec26
Pass -DSQLITE_ENABLE_FTS3 via CFLAGS, as it apparently fixes build
issues with mozilla (from FreeBSD r447626 via naddy@)
