I suppose that Thunderbird was making use of the fts3_tokenizer()
interface, which has be removed from standard builds due to security
concerns, as of version 3.11.0. You can reenable that feature at
compile-time by building with -DSQLITE_ENABLE_FTS3_TOKENIZER. See the
last bullet (the only bullet under the "Backwards Compability"
heading) of the release notes at
https://www.sqlite.org/releaselog/3_11_0.html for links to further
information.
At this time, you basically have two options:
(1) Compile your system sqlite3.so library using
SQLITE_ENABLE_FTS3_TOKENIZER and hope that none of the applications
that link against this library use it in such a way that the
fts3_tokenizer() could present a security vulnerability.
(2) Statically link against a version of SQLite that you compile
yourself. SQlite is a single file of C code ("sqlite3.c") so making
it a part of the project source tree is not a big deal.
Option (2) seems like the best choice to me since that guarantees that
Thunderbird will continue to operate regardless of what historical
version of sqlite3.so happens to be installed (or not installed) on
the system and regardless of the compile-time options used to create
that sqlite3.so. (For example, what if somebody installs a new
sqlite3.so that omits full-text search?) Static linking removes a
dependency and makes Thunderbird more robust.
On 2/26/16, Steven Haigh <netwiz at crc.id.au> wrote:
> Dear sqlite-users list,
>
> I'd like to try and get some pointers on the following issue as
> documented on the following included BZ issues.
>
> Please CC me as I'm not subscribed to this list.
>
>
> -------- Forwarded Message --------
> Subject: Re: SQLite and Thunderbird
> Date: Fri, 26 Feb 2016 10:06:25 +0100
> From: Jan Stan?k <jstanek at redhat.com>
> Organization: Red Hat
> To: Steven Haigh <netwiz at crc.id.au>
> CC: nils at redhat.com, stransky at redhat.com
>
> Hi,
> I presume thet this is general thunderbird issue, not Fedora specific
> one. If so, I would suggest asking at
> sqlite-users at mailinglists.sqlite.org, they are usually quite helpful.
>
> Regards,
> Jan
>
> Dne 26.2.2016 v 07:10 Steven Haigh napsal(a):
>> Re:
>> https://bugzilla.redhat.com/show_bug.cgi?id=1310864
>> https://bugzilla.redhat.com/show_bug.cgi?id=1311032
>>
>> Hi all,
>>
>> Just trying to open a channel of communication regarding these bugs.
>>
>> While I believe thunderbird uses a format of call that is depreciated in
>> the newer SQLite packages, it is not ideal to statically compile
>> thunderbird against sqlite to make it work (which I believe is the
>> current fix).
>>
>> Any suggestions on a long-term fix?
>>
>
>
> --
> Jan Stanek - Red Hat Associate Developer Engineer - Databases Team
>
>
>
> --
> Steven Haigh
>
> Email: netwiz at crc.id.au
> Web: https://www.crc.id.au
> Phone: (03) 9001 6090 - 0412 935 897
>
>
>
>
--
D. Richard Hipp
drh at sqlite.org
