[OE-core][nanbield][PATCH 1/2] sqlite3: upgrade 3.43.1 -> 3.43.2

public inbox for openembedded-core@lists.openembedded.org
 help / color / mirror / Atom feed

* [OE-core][nanbield][PATCH 1/2] sqlite3: upgrade 3.43.1 -> 3.43.2
@ 2024-01-28 16:57 Peter Marko
  2024-01-28 16:57 ` [OE-core][nanbield][PATCH 2/2] sqlite: drop obsolete CVE ignore Peter Marko
  0 siblings, 1 reply; 2+ messages in thread
From: Peter Marko @ 2024-01-28 16:57 UTC (permalink / raw)
  To: openembedded-core; +Cc: Peter Marko

From: Peter Marko <peter.marko@siemens.com>

This fixes CVE-2024-0232

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 .../sqlite/{sqlite3_3.43.1.bb => sqlite3_3.43.2.bb}             | 2 +-
 1 file changed, 1 insertion(+), 1 deletion(-)
 rename meta/recipes-support/sqlite/{sqlite3_3.43.1.bb => sqlite3_3.43.2.bb} (78%)

diff --git a/meta/recipes-support/sqlite/sqlite3_3.43.1.bb b/meta/recipes-support/sqlite/sqlite3_3.43.2.bb
similarity index 78%
rename from meta/recipes-support/sqlite/sqlite3_3.43.1.bb
rename to meta/recipes-support/sqlite/sqlite3_3.43.2.bb
index 93146358c7..64c1013625 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.43.1.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.43.2.bb
@@ -4,7 +4,7 @@ LICENSE = "PD"
 LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
 
 SRC_URI = "http://www.sqlite.org/2023/sqlite-autoconf-${SQLITE_PV}.tar.gz"
-SRC_URI[sha256sum] = "39116c94e76630f22d54cd82c3cea308565f1715f716d1b2527f1c9c969ba4d9"
+SRC_URI[sha256sum] = "6d422b6f62c4de2ca80d61860e3a3fb693554d2f75bb1aaca743ccc4d6f609f0"
 
 CVE_STATUS[CVE-2023-36191] = "disputed: The error is a bug. It has been fixed upstream. But it is not a vulnerability"
 
-- 
2.30.2



^ permalink raw reply related	[flat|nested] 2+ messages in thread

* [OE-core][nanbield][PATCH 2/2] sqlite: drop obsolete CVE ignore
  2024-01-28 16:57 [OE-core][nanbield][PATCH 1/2] sqlite3: upgrade 3.43.1 -> 3.43.2 Peter Marko
@ 2024-01-28 16:57 ` Peter Marko
  0 siblings, 0 replies; 2+ messages in thread
From: Peter Marko @ 2024-01-28 16:57 UTC (permalink / raw)
  To: openembedded-core; +Cc: Peter Marko

From: Peter Marko <peter.marko@siemens.com>

CVE-2023-36191 is now rejected in NVD DB so it won't shoup up in
cve-check report anymore.

Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
 meta/recipes-support/sqlite/sqlite3_3.43.2.bb | 3 ---
 1 file changed, 3 deletions(-)

diff --git a/meta/recipes-support/sqlite/sqlite3_3.43.2.bb b/meta/recipes-support/sqlite/sqlite3_3.43.2.bb
index 64c1013625..66d6255ac0 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.43.2.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.43.2.bb
@@ -5,6 +5,3 @@ LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed0
 
 SRC_URI = "http://www.sqlite.org/2023/sqlite-autoconf-${SQLITE_PV}.tar.gz"
 SRC_URI[sha256sum] = "6d422b6f62c4de2ca80d61860e3a3fb693554d2f75bb1aaca743ccc4d6f609f0"
-
-CVE_STATUS[CVE-2023-36191] = "disputed: The error is a bug. It has been fixed upstream. But it is not a vulnerability"
-
-- 
2.30.2



^ permalink raw reply related	[flat|nested] 2+ messages in thread

end of thread, other threads:[~2024-01-28 16:58 UTC | newest]

Thread overview: 2+ messages (download: mbox.gz follow: Atom feed
-- links below jump to the message on this page --
2024-01-28 16:57 [OE-core][nanbield][PATCH 1/2] sqlite3: upgrade 3.43.1 -> 3.43.2 Peter Marko
2024-01-28 16:57 ` [OE-core][nanbield][PATCH 2/2] sqlite: drop obsolete CVE ignore Peter Marko

This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox