1 files changed, 29 insertions, 0 deletions
diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
new file mode 100644
index 0000000000..b8225b5069
--- /dev/null
+++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
@@ -0,0 +1,29 @@
+From d7f45414935e4ef6e3361f02a22876f1ee7a04aa Mon Sep 17 00:00:00 2001
+From: drh <>
+Date: Sun, 16 Feb 2025 10:57:25 +0000
+Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the
+ concat_ws() function with an enormous separator values and many arguments.
+FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5
+CVE: CVE-2025-3277
+CVE: CVE-2025-29087
+Upstream-Status: Backport [https://sqlite.org/src/info/498e3f1cf57f164f]
+Signed-off-by: Peter Marko <peter.marko@siemens.com>
+---
+ sqlite3.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/sqlite3.c b/sqlite3.c
+index 08c593e55c..24d0d954d9 100644
+--- a/sqlite3.c
+++ b/sqlite3.c
+@@ -129594,7 +129594,7 @@ static void concatFuncCore(
+   for(i=0; i<argc; i++){
+     n += sqlite3_value_bytes(argv[i]);
+   }
+-  n += (argc-1)*nSep;
+  n += (argc-1)*(i64)nSep;
+   z = sqlite3_malloc64(n+1);
+   if( z==0 ){
+     sqlite3_result_error_nomem(context);

diff --git a/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch new file mode 100644 index 0000000000..b8225b5069 --- /dev/null +++ b/meta/recipes-support/sqlite/sqlite3/CVE-2025-3277.patch
@@ -0,0 +1,29 @@
	1	From d7f45414935e4ef6e3361f02a22876f1ee7a04aa Mon Sep 17 00:00:00 2001
	2	From: drh <>
	3	Date: Sun, 16 Feb 2025 10:57:25 +0000
	4	Subject: [PATCH] Add a typecast to avoid 32-bit integer overflow in the
	5	concat_ws() function with an enormous separator values and many arguments.
	6
	7	FossilOrigin-Name: 498e3f1cf57f164fbd8380e92bf91b9f26d6aa05d092fcd135d754abf1e5b1b5
	8
	9	CVE: CVE-2025-3277
	10	CVE: CVE-2025-29087
	11	Upstream-Status: Backport [https://sqlite.org/src/info/498e3f1cf57f164f]
	12	Signed-off-by: Peter Marko <peter.marko@siemens.com>
	13	---
	14	sqlite3.c \| 2 +-
	15	1 file changed, 1 insertion(+), 1 deletion(-)
	16
	17	diff --git a/sqlite3.c b/sqlite3.c
	18	index 08c593e55c..24d0d954d9 100644
	19	--- a/sqlite3.c
	20	+++ b/sqlite3.c
	21	@@ -129594,7 +129594,7 @@ static void concatFuncCore(
	22	for(i=0; i<argc; i++){
	23	n += sqlite3_value_bytes(argv[i]);
	24	}
	25	- n += (argc-1)*nSep;
	26	+ n += (argc-1)*(i64)nSep;
	27	z = sqlite3_malloc64(n+1);
	28	if( z==0 ){
	29	sqlite3_result_error_nomem(context);