https://www.sqlite.org/releaselog/3_49_2.html
* Addresses CVE-2025-29088 and CVE-2025-3277 https://www.sqlite.org/cves.html * Adjust build options, disabled JSON support * Install missing symlink libsqlite3.so -> libsqlite3.so.3.49.2 in the targetinstall stage. Signed-off-by: Roman Schnider <[email protected]> --- v2: - Bump to 3.49.2 since just released yesterday - Since 3.49.0, the shared library is named using the package version, e.g. libsqlite3.so.3.49.2 The install_lib macro does create a libsqlite3.so.0 symlink, but the libsqlite3.so one is missing. Create it manually. rules/sqlite.make | 11 +++++++---- 1 file changed, 7 insertions(+), 4 deletions(-) diff --git a/rules/sqlite.make b/rules/sqlite.make index f75edfbd5..3eb011062 100644 --- a/rules/sqlite.make +++ b/rules/sqlite.make @@ -29,8 +29,8 @@ endef # # Paths and names # -SQLITE_VERSION := 3.48.0 -SQLITE_MD5 := ab4e0652b6dedb075faf7a2781ba2c20 +SQLITE_VERSION := 3.49.2 +SQLITE_MD5 := 46ef8fec4c97ec77ab27659ad27b28b0 SQLITE := sqlite-autoconf-$(call sqlite/file-version,$(SQLITE_VERSION)) SQLITE_SUFFIX := tar.gz SQLITE_URL := https://www.sqlite.org/2025/$(SQLITE).$(SQLITE_SUFFIX) @@ -67,8 +67,9 @@ SQLITE_CONF_OPT := \ --disable-editline \ --$(call ptx/endis,PTXCONF_SQLITE_READLINE)-readline \ --$(call ptx/endis,PTXCONF_SQLITE_THREADSAFE)-threadsafe \ - --$(call ptx/endis,PTXCONF_SQLITE_LOAD_EXTENSION)-dynamic-extensions \ + --$(call ptx/endis,PTXCONF_SQLITE_LOAD_EXTENSION)-load-extension \ --disable-math \ + --disable-json \ --enable-fts4 \ --enable-fts3 \ --disable-fts5 \ @@ -90,7 +91,9 @@ $(STATEDIR)/sqlite.targetinstall: @$(call install_fixup, sqlite,AUTHOR,"Ladislav Michl <[email protected]>") @$(call install_fixup, sqlite,DESCRIPTION,missing) - @$(call install_lib, sqlite, 0, 0, 0644, libsqlite3) + @$(call install_lib, sqlite, 0, 0, 0644, libsqlite3) + @$(call install_link, sqlite, libsqlite3.so.$(SQLITE_VERSION), \ + /usr/lib/libsqlite3.so) ifdef PTXCONF_SQLITE_TOOL @$(call install_copy, sqlite, 0, 0, 0755, -, /usr/bin/sqlite3) -- 2.43.0
