From 61210237a7d304a0e2eeef9f9f224a9cf337cdb9 Mon Sep 17 00:00:00 2001
From: Ross Burton <ross.burton@intel.com>
Date: Wed, 11 Mar 2020 11:49:19 +0200
Subject: sqlite: fix numerous CVEs

Fix the following CVEs:

- CVE-2019-19244
- CVE-2019-19923
- CVE-2019-19924
- CVE-2019-19925
- CVE-2019-19926
- CVE-2019-19959
- CVE-2019-20218

(From OE-Core rev: feb8982ac6670af3bcb1243b51054bba9b027c83)

Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[ removed the CVE-2019-19880 fix that did not apply cleanly ]
Signed-off-by: Adrian Bunk <bunk@stusta.de>
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
---
 meta/recipes-support/sqlite/sqlite3_3.29.0.bb | 10 +++++++++-
 1 file changed, 9 insertions(+), 1 deletion(-)

(limited to 'meta/recipes-support/sqlite/sqlite3_3.29.0.bb')

diff --git a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
index 34066fbe89..cf3b179845 100644
--- a/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
+++ b/meta/recipes-support/sqlite/sqlite3_3.29.0.bb
@@ -4,6 +4,14 @@ LICENSE = "PD"
 LIC_FILES_CHKSUM = "file://sqlite3.h;endline=11;md5=786d3dc581eff03f4fd9e4a77ed00c66"
 
 SRC_URI = "http://www.sqlite.org/2019/sqlite-autoconf-${SQLITE_PV}.tar.gz \
-           file://0001-Fix-CVE-2019-16168.patch"
+           file://0001-Fix-CVE-2019-16168.patch \
+           file://CVE-2019-19244.patch \
+           file://CVE-2019-19923.patch \
+           file://CVE-2019-19924.patch \
+           file://CVE-2019-19925.patch \
+           file://CVE-2019-19926.patch \
+           file://CVE-2019-19959.patch \
+           file://CVE-2019-20218.patch \
+"
 SRC_URI[md5sum] = "8f3dfe83387e62ecb91c7c5c09c688dc"
 SRC_URI[sha256sum] = "8e7c1e2950b5b04c5944a981cb31fffbf9d2ddda939d536838ebc854481afd5b"
-- 
cgit v1.2.3-54-g00ecf