sqlite: fix numerous CVEs

Fix the following CVEs: - CVE-2019-19244 - CVE-2019-19923 - CVE-2019-19924 - CVE-2019-19925 - CVE-2019-19926 - CVE-2019-19959 - CVE-2019-20218 (From OE-Core rev: feb8982ac6670af3bcb1243b51054bba9b027c83) Signed-off-by: Ross Burton <ross.burton@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> [ removed the CVE-2019-19880 fix that did not apply cleanly ] Signed-off-by: Adrian Bunk <bunk@stusta.de> Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
author: Ross Burton <ross.burton@intel.com> 2020-03-11 11:49:19 +0200
committer: Richard Purdie <richard.purdie@linuxfoundation.org> 2020-03-19 09:57:50 +0000
commit: 61210237a7d304a0e2eeef9f9f224a9cf337cdb9 (patch)
tree: 81002208fae0bea7b89479207acd84aa5a9547e0 /meta/recipes-support/sqlite/sqlite3_3.29.0.bb
parent: 983a51fd1d8b8fe97f4486c58713a1af39cdfc56 (diff)
download: poky-61210237a7d304a0e2eeef9f9f224a9cf337cdb9.tar.gz
1 files changed, 9 insertions, 1 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
index 34066fbe89..cf3b179845 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
@@ -4,6 +4,14 @@ LICENSE = "PD"
 LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
 SRC_URI = "http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz \
-           file://0001-Fix-CVE-2019-16168.patch"
+           file://0001-Fix-CVE-2019-16168.patch \
+           file://CVE-2019-19244.patch \
+           file://CVE-2019-19923.patch \
+           file://CVE-2019-19924.patch \
+           file://CVE-2019-19925.patch \
+           file://CVE-2019-19926.patch \
+           file://CVE-2019-19959.patch \
+           file://CVE-2019-20218.patch \
+"
 SRC_URI[md5sum] = "8f3dfe83387e62ecb91c7c5c09c688dc"
 SRC_URI[sha256sum] = "8e7c1e2950b5b04c5944a981cb31fffbf9d2ddda939d536838ebc854481afd5b"
author	Ross Burton <ross.burton@intel.com>	2020-03-11 11:49:19 +0200
committer	Richard Purdie <richard.purdie@linuxfoundation.org>	2020-03-19 09:57:50 +0000
commit	61210237a7d304a0e2eeef9f9f224a9cf337cdb9 (patch)
tree	81002208fae0bea7b89479207acd84aa5a9547e0 /meta/recipes-support/sqlite/sqlite3_3.29.0.bb
parent	983a51fd1d8b8fe97f4486c58713a1af39cdfc56 (diff)
download	poky-61210237a7d304a0e2eeef9f9f224a9cf337cdb9.tar.gz

diff --git a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb index 34066fbe89..cf3b179845 100644 --- a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb +++ b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
@@ -4,6 +4,14 @@ LICENSE = "PD"
4	LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"	4	LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
5		5
6	SRC_URI = "http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz \	6	SRC_URI = "http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz \
7	file://0001-Fix-CVE-2019-16168.patch"	7	file://0001-Fix-CVE-2019-16168.patch \
		8	file://CVE-2019-19244.patch \
		9	file://CVE-2019-19923.patch \
		10	file://CVE-2019-19924.patch \
		11	file://CVE-2019-19925.patch \
		12	file://CVE-2019-19926.patch \
		13	file://CVE-2019-19959.patch \
		14	file://CVE-2019-20218.patch \
		15	"
8	SRC_URI[md5sum] = "8f3dfe83387e62ecb91c7c5c09c688dc"	16	SRC_URI[md5sum] = "8f3dfe83387e62ecb91c7c5c09c688dc"
9	SRC_URI[sha256sum] = "8e7c1e2950b5b04c5944a981cb31fffbf9d2ddda939d536838ebc854481afd5b"	17	SRC_URI[sha256sum] = "8e7c1e2950b5b04c5944a981cb31fffbf9d2ddda939d536838ebc854481afd5b"