package/sqlite: security bump to version 3.25.3
Fixes CVE-2018-20346: SQLite before 3.25.3, when the FTS3 extension is
enabled, encounters an integer overflow (and resultant buffer overflow) for
FTS3 queries that occur after crafted changes to FTS3 shadow tables,
allowing remote attackers to execute arbitrary code by leveraging the
ability to run arbitrary SQL statements (such as in certain WebSQL use
cases), aka Magellan.
For more details, see:
https://blade.tencent.com/magellan/index_en.html
https://www.sqlite.org/releaselog/3_25_3.html
https://www.mail-archive.com/sqlite-users@mailinglists.sqlite.org/msg113218.html
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Signed-off-by: Thomas Petazzoni <thomas.petazzoni@bootlin.com>
projects / buildroot.git / commit