gnu: sqlite: Update to 3.32.3 [security fixes].

Fixes CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435,
CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358 and
CVE-2020-9327.

* gnu/packages/sqlite.scm (sqlite/fixed): New variable.
(sqlite)[replacement]: Graft.
This commit is contained in:
Léo Le Bouter 2021-03-18 07:09:10 +01:00
parent 52c8d07a4f
commit 6e7ba45357
No known key found for this signature in database
GPG Key ID: 45A8B1E86BCD10A6

View File

@ -65,6 +65,7 @@
(sha256
(base32
"1bj936svd8i5g25xd1bj52hj4zca01fgl3sqkj86z9q5pkz4wa32"))))
(replacement sqlite/fixed)
(build-system gnu-build-system)
(inputs `(("readline" ,readline)))
(native-inputs (if (hurd-target?)
@ -122,6 +123,27 @@ widely deployed SQL database engine in the world. The source code for SQLite
is in the public domain.")
(license license:public-domain)))
(define-public sqlite/fixed
(package
(inherit sqlite)
(version "3.32.3")
(source (origin
(method url-fetch)
(uri (let ((numeric-version
(match (string-split version #\.)
((first-digit other-digits ...)
(string-append first-digit
(string-pad-right
(string-concatenate
(map (cut string-pad <> 2 #\0)
other-digits))
6 #\0))))))
(string-append "https://sqlite.org/2020/sqlite-autoconf-"
numeric-version ".tar.gz")))
(sha256
(base32
"0rlbaq177gcgk5dswd3akbhv2nvvzljrbhgy18hklbhw7h90f5d3"))))))
;; Column metadata support was added to the regular 'sqlite' package with
;; commit fad5b1a6d8d9c36bea5785ae4fbc1beb37e644d7.
(define-public sqlite-with-column-metadata