kumquat-buildroot/package/sqlcipher/sqlcipher.mk
Fabrice Fontaine f38893f8dd package/sqlcipher: security bump to version 4.4.2
Fix CVE-2020-27207: Zetetic SQLCipher 4.x before 4.4.1 has a
use-after-free, related to sqlcipher_codec_pragma and sqlite3Strlen30 in
sqlite3.c. A remote denial of service attack can be performed. For
example, a SQL injection can be used to execute the crafted SQL command
sequence. After that, some unexpected RAM data is read.

https://www.zetetic.net/blog/2020/11/25/sqlcipher-442-release

Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
2020-12-14 15:44:02 +01:00

43 lines
1.2 KiB
Makefile

################################################################################
#
# sqlcipher
#
################################################################################
SQLCIPHER_VERSION = 4.4.2
SQLCIPHER_SITE = $(call github,sqlcipher,sqlcipher,v$(SQLCIPHER_VERSION))
SQLCIPHER_LICENSE = BSD-3-Clause
SQLCIPHER_LICENSE_FILES = LICENSE
SQLCIPHER_DEPENDENCIES = host-pkgconf openssl host-tcl
SQLCIPHER_INSTALL_STAGING = YES
SQLCIPHER_CONF_ENV = \
CFLAGS="$(TARGET_CFLAGS) $(SQLCIPHER_CFLAGS)" \
TCLSH_CMD=$(HOST_DIR)/bin/tclsh$(TCL_VERSION_MAJOR)
SQLCIPHER_CONF_OPTS = \
--enable-threadsafe \
--disable-tcl
SQLCIPHER_CFLAGS += -DSQLITE_HAS_CODEC # Required according to the README
SQLCIPHER_CONF_ENV += LIBS=`$(PKG_CONFIG_HOST_BINARY) --libs openssl`
ifeq ($(BR2_PACKAGE_SQLCIPHER_STAT3),y)
SQLCIPHER_CFLAGS += -DSQLITE_ENABLE_STAT3
endif
ifeq ($(BR2_PACKAGE_SQLCIPHER_READLINE),y)
SQLCIPHER_DEPENDENCIES += ncurses readline
SQLCIPHER_CONF_OPTS += --with-readline-inc="-I$(STAGING_DIR)/usr/include"
else
SQLCIPHER_CONF_OPTS += --disable-readline
endif
ifeq ($(BR2_STATIC_LIBS),y)
SQLCIPHER_CONF_OPTS += --disable-load-extension
else
SQLCIPHER_CONF_OPTS += --enable-load-extension
endif
$(eval $(autotools-package))