package/sqlite: security bump to version 3.40.1

Fixes the following security issues: CVE-2022-46908: SQLite through 3.40.0, when relying on --safe for execution of an untrusted CLI script, does not properly implement the azProhibitedFunctions protection mechanism, and instead allows UDF functions such as WRITEFILE. Release notes: https://sqlite.org/releaselog/3_40_1.html Signed-off-by: Bernd Kuhls <bernd.kuhls@t-online.de> [Peter: mark as security bump] Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2023-01-02 22:18:54 +01:00 · 2023-01-02 22:18:54 +01:00 · 99b3ea4429
commit 99b3ea4429
parent 34f28a9399
2 changed files with 3 additions and 3 deletions
--- a/package/sqlite/sqlite.hash
+++ b/package/sqlite/sqlite.hash
@ -1,3 +1,3 @@
 # Locally computed
-sha256  0333552076d2700c75352256e91c78bf5cd62491589ba0c69aed0a81868980e7  sqlite-autoconf-3400000.tar.gz
+sha256  2c5dea207fa508d765af1ef620b637dcb06572afa6f01f0815bd5bbf864b33d9  sqlite-autoconf-3400100.tar.gz
 sha256  66e056b6e8687f32af30d5187611b98b12a8f46f07aaf62f43585f276e8f0ac9  tea/license.terms
--- a/package/sqlite/sqlite.mk
+++ b/package/sqlite/sqlite.mk
@ -4,8 +4,8 @@
 #
 ################################################################################

-SQLITE_VERSION = 3.40.0
-SQLITE_TAR_VERSION = 3400000
+SQLITE_VERSION = 3.40.1
+SQLITE_TAR_VERSION = 3400100
 SQLITE_SOURCE = sqlite-autoconf-$(SQLITE_TAR_VERSION).tar.gz
 SQLITE_SITE = https://www.sqlite.org/2022
 SQLITE_LICENSE = Public domain