%bcond_without check %global extver 3240000 %global tcl_version 8.6 %global tcl_sitearch %{_libdir}/tcl%{tcl_version} Name: sqlite Version: 3.24.0 Release: 12 Summary: Embeded SQL database License: Public Domain URL: http://www.sqlite.org/ Source0: http://www.sqlite.org/2018/sqlite-src-%{extver}.zip Source1: http://www.sqlite.org/2018/sqlite-doc-%{extver}.zip Source2: https://www.sqlite.org/2018/sqlite-autoconf-%{extver}.tar.gz Patch0: 0000-sqlite-no-malloc-usable-size.patch Patch1: 0001-sqlite-CVE-2018-20346.patch Patch2: 0002-remove-fail-testcase-in-no-free-fd-situation.patch Patch3: 0003-Fix-the-sqlite3BeginTrans-calls-within-the-snapshot-.patch Patch4: 0004-Change-a-comma-into-a-logically-equivalent-but-seman.patch Patch5: 0005-Fix-a-typo-in-the-amalgamation-autoconf-file.patch Patch6: 0006-Fix-typo-in-the-normalize-extension.patch Patch7: 0007-Fix-a-minor-problem-in-the-code-for-determining-whet.patch Patch8: 0008-Quick-patch-to-the-Lemon-parser-template-to-avoid-an.patch Patch9: 0009-Fix-typo-in-the-Win32-specific-code-for-the-fileio-e.patch Patch10: 0010-Fix-a-problem-causing-ENABLE_CURSOR_HINTS-builds-to-.patch Patch11: 0011-Fix-a-potential-crash-that-can-occur-while-reading-a.patch Patch12: 0012-In-the-CLI-fix-a-file-descriptor-leak-following-OOM-.patch Patch13: 0013-Take-steps-to-avoid-a-potential-integer-overflow-in-.patch Patch14: 0014-Fix-minor-memory-leak-in-the-dbstat-extension-that-c.patch Patch15: 0015-Fix-a-failing-assert-in-sqlite3ResetAllSchemasOfConn.patch Patch16: 0016-Fix-a-parser-bug-in-the-use-of-parentheses-around-ta.patch Patch17: 0017-Fix-possible-integer-overflow-while-running-PRAGMA-i.patch Patch18: 0018-Fix-a-segfault-caused-by-using-the-RAISE-function-in.patch Patch19: 0019-Fix-another-problem-with-corrupt-database-handling-i.patch Patch20: 0020-Fix-a-buffer-overwrite-in-fts5-triggered-by-a-corrup.patch Patch21: 0021-Fix-another-case-in-fts5-where-a-corrupt-database-co.patch Patch22: 0022-Fix-another-potential-buffer-overread-in-fts5.patch Patch23: 0023-Fix-a-possible-memory-leak-when-trying-to-UPDATE-a-c.patch Patch24: 0024-Fix-an-out-of-bounds-read-in-SQL-function-fts5_decod.patch Patch25: 0025-Fix-a-segfault-in-fts3-prompted-by-a-corrupted-datab.patch Patch26: 0026-Prevent-unsigned-32-bit-integer-overflow-from-leadin.patch Patch27: 0027-Fix-a-problem-causing-a-crash-if-an-fts5vocab-table-.patch Patch28: 0028-Fix-a-harmless-memory-leak-in-the-Lemon-parser-gener.patch Patch29: 0029-Handle-SQL-NULL-values-without-crashing-in-the-fts5-.patch Patch30: 0030-Fix-a-memory-leak-that-could-occur-in-fts3-when-hand.patch Patch31: 0031-Fix-a-buffer-overwrite-that-could-occur-when-running.patch Patch32: 0032-Fix-another-corruption-related-crash-in-fts5.patch Patch33: 0033-Avoid-integer-overflow-when-computing-the-array-of-a.patch Patch34: 0034-Fix-another-segfault-caused-by-a-corrupt-fts3-databa.patch Patch35: 0035-Fix-a-buffer-overrun-that-could-occur-in-fts5-if-a-p.patch Patch36: 0036-Fix-another-fts5-crash-that-can-occur-if-the-databas.patch Patch37: 0037-Fix-an-assert-in-vdbemem.c-that-could-fire-if-the-da.patch Patch38: 0038-Fix-a-potential-problem-with-INSERT-INTO-.-SELECT-FR.patch Patch39: 0039-Fix-a-segfault-that-could-follow-an-OOM-when-queryin.patch Patch40: 0040-Fix-a-buffer-overread-in-fts3-that-could-occur-when-.patch Patch41: 0041-Fix-a-buffer-overrun-triggered-by-a-merge-operation-.patch Patch42: 0042-Fix-another-buffer-overread-in-fts5-that-may-occur-w.patch Patch43: 0043-Fix-another-buffer-overrun-that-could-occur-when-que.patch Patch44: 0044-Fix-another-segfault-that-could-occur-in-fts5-with-a.patch Patch45: 0045-Fix-a-potential-memory-leak-in-RBU-if-the-rbu_fossil.patch Patch46: 0046-Fix-a-potential-32-bit-integer-overflow-in-the-showd.patch Patch47: 0047-sqlite-CVE-2019-8457-out-of-bounds-read.patch Patch48: 0048-sqlite-CVE-2019-16168.patch Patch49: 0049-Fix-CVE-2019-19646.patch Patch50: 0050-Fix-CVE-2019-9936.patch Patch51: 0051-Fix-CVE-2019-9937.patch Patch52: 0052-Fix-CVE-2019-19923-Continue-to-back-away-from-the-LEFT-JOIN-optimizatio.patch Patch53: 0053-Fix-CVE-2019-19924-When-an-error-occurs-while-rewriting-the-parser-tree.patch Patch54: 0054-Fix-CVE-2019-19925-Fix-the-zipfile-extension-so-that-INSERT-works-even-.patch Patch55: 0055-Fix-CVE-2019-19926-Continuation-of-e2bddcd4c55ba3cb-Add-another-spot-wh.patch Patch56: 0056-Fix-CVE-2019-20218-Do-not-attempt-to-unwind-the-WITH-stack-in-the-Parse.patch Patch57: 0057-Fix-the-zipfile-function-in-the-zipfile-extension-so.patch Patch58: 0058-Fix-CVE-2018-20505.patch Patch59: 0059-Fix-CVE-2020-9327.patch Patch60: 0060-Fix-CVE-2020-11655.patch Patch61: 0061-Fix-CVE-2020-13434.patch Patch62: 0062-Fix-CVE-2020-13435.patch Patch63: 0063-Fix-CVE-2020-13630.patch Patch64: 0064-Fix-CVE-2020-13632.patch BuildRequires: gcc autoconf tcl tcl-devel BuildRequires: ncurses-devel readline-devel glibc-devel Provides: %{name}-libs Obsoletes: %{name}-libs Provides: lemon Obsoletes: lemon Provides: %{name}-analyzer Obsoletes: %{name}-analyzer Provides: %{name}-tcl Obsoletes: %{name}-tcl %description SQLite is a C-language library that implements a small, fast, self-contained, high-reliability, full-featured, SQL database engine. SQLite is the most used database engine in the world. SQLite is built into all mobile phones and most computers and comes bundled inside countless other applications that people use every day.It also include lemon and sqlite3_analyzer and tcl tools. %package devel Summary: Including header files and library for the developing of sqlite Requires: %{name}%{?_isa} = %{version}-%{release} Requires: pkgconfig %description devel This contains dynamic libraries and header files for the developing of sqlite. %package help Summary: Man file and documentation for sqlite BuildArch: noarch Provides: %{name}-doc Obsoletes: %{name}-doc %description help This contains man files and HTML files for the using of sqlite. %prep #autosetup will fail because of 2 zip files %setup -q -a1 -n %{name}-src-%{extver} %patch0 -p1 %patch1 -p0 %patch2 -p1 %patch3 -p1 %patch4 -p1 %patch5 -p1 %patch6 -p1 %patch7 -p1 %patch8 -p1 %patch9 -p1 %patch10 -p1 %patch11 -p1 %patch12 -p1 %patch13 -p1 %patch14 -p1 %patch15 -p1 %patch16 -p1 %patch17 -p1 %patch18 -p1 %patch19 -p1 %patch20 -p1 %patch21 -p1 %patch22 -p1 %patch23 -p1 %patch24 -p1 %patch25 -p1 %patch26 -p1 %patch27 -p1 %patch28 -p1 %patch29 -p1 %patch30 -p1 %patch31 -p1 %patch32 -p1 %patch33 -p1 %patch34 -p1 %patch35 -p1 %patch36 -p1 %patch37 -p1 %patch38 -p1 %patch39 -p1 %patch40 -p1 %patch41 -p1 %patch42 -p1 %patch43 -p1 %patch44 -p1 %patch45 -p1 %patch46 -p1 %patch47 -p1 %patch48 -p1 %patch49 -p1 %patch50 -p1 %patch51 -p1 %patch52 -p1 %patch53 -p1 %patch54 -p1 %patch55 -p1 %patch56 -p1 %patch57 -p1 %patch58 -p1 %patch59 -p1 %patch60 -p1 %patch61 -p1 %patch62 -p1 %patch63 -p1 %patch64 -p1 rm -f %{name}-doc-%{extver}/sqlite.css~ || : autoconf %build export CFLAGS="$RPM_OPT_FLAGS $RPM_LD_FLAGS -DSQLITE_ENABLE_COLUMN_METADATA=1 \ -DSQLITE_DISABLE_DIRSYNC=1 -DSQLITE_ENABLE_FTS3=3 \ -DSQLITE_ENABLE_RTREE=1 -DSQLITE_SECURE_DELETE=1 \ -DSQLITE_ENABLE_UNLOCK_NOTIFY=1 -DSQLITE_ENABLE_DBSTAT_VTAB=1 \ -DSQLITE_ENABLE_FTS3_PARENTHESIS=1 -DSQLITE_ENABLE_JSON1=1 \ -Wall -fno-strict-aliasing" %configure --enable-fts5 \ --enable-threadsafe \ --enable-threads-override-locks \ --enable-load-extension \ TCLLIBDIR=%{tcl_sitearch}/sqlite3 # rpath removal sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool %make_build %make_build sqlite3_analyzer %install make DESTDIR=${RPM_BUILD_ROOT} install install -D -m 755 lemon %{buildroot}%{_bindir}/lemon install -D -m 644 tool/lempar.c %{buildroot}%{_datadir}/lemon/lempar.c install -D -m 644 sqlite3.1 %{buildroot}%{_mandir}/man1/sqlite3.1 install -D -m 755 sqlite3_analyzer %{buildroot}%{_bindir}/sqlite3_analyzer chmod 755 %{buildroot}/%{tcl_sitearch}/sqlite3/*.so %if %{with check} %check export LD_LIBRARY_PATH=`pwd`/.libs export MALLOC_CHECK_=3 %ifarch x86_64 %{ix86} %else rm test/csv01.test %endif make test %endif # with check %ldconfig_scriptlets %files %doc README.md %{_bindir}/{sqlite3,lemon,sqlite3_analyzer} %{_libdir}/*.so.* %{_datadir}/lemon %{tcl_sitearch}/sqlite3 %exclude %{_libdir}/*.{la,a} %files devel %{_includedir}/*.h %{_libdir}/*.so %{_libdir}/pkgconfig/*.pc %files help %doc %{name}-doc-%{extver}/* %{_mandir}/man*/* %changelog * Tue Jun 30 2020 volcanodragon - 3.24.0-12 - Type:enhancement - ID:NA - SUG:NA - DESC:rename patches * Tue Jun 23 2020 yanglongkang - 3.24.0-11 - Type:cves - ID:CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13632 - SUG:NA - DESC:fix CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13632 * Sun Apr 19 2020 ethan848 - Type:enhancement - ID:NA - SUG:NA - DESC:CVE-2020-11655 fixed * Tue Mar 10 2020 steven - 3.24.0-9 - Type:enhancement - ID:NA - SUG:NA - DESC:CVE-2018-20505, CVE-2020-9327 fixed * Wed Jan 11 2020 openEuler Buildteam - 3.24.0-8 - Type:enhancement - ID:NA - SUG:NA - DESC:CVE-2019-19959 fixed * Wed Jan 11 2020 openEuler Buildteam - 3.24.0-7 - Type:enhancement - ID:NA - SUG:NA - DESC:Fix CVE-2019-19923 CVE-2019-19924 CVE-2019-19925 CVE-2019-19926 CVE-2019-20218 * Fri Jan 3 2020 openEuler Buildteam - 3.24.0-6 - Type:cves - ID:CVE-2019-9936,CVE-2019-9937 - SUG:NA - DESC:fix cve * Sat Dec 21 2019 openEuler Buildteam - 3.24.0-5 - Type:bugfix - ID:NA - SUG:NA - DESC:fix CVE bug * Wed Sep 11 2019 openEuler Buildteam - 3.24.0-4 - Type:enhancemnet - ID:NA - SUG:NA - DESC:remove debuginfo * Wed Aug 28 2019 openEuler Buildteam - 3.24.0-3 - Type:enhancemnet - ID:NA - SUG:restart - DESC:openEuler Debranding * Tue Aug 20 2019 wubo - 3.24.0-2.h4 - Type: - ID: - SUG:NA - DESC:rename patch * Thu Aug 15 2019 wubo - 3.24.0-2.h3 - Type:bugfix - ID:CVE-2019-8457 - SUG:NA - DESC:heap out-of-bound read in function rtreenode() * Sat Mar 23 2019 Xiaoqi Guo - 3.24.0-2.h2 - Type:bugfix - ID:NA - SUG:NA - DESC:backport patch from community * Sat Mar 23 2019 luochunsheng - 3.24.0-2.h1 - Type:cves - ID:CVE-2018-20346 - SUG:NA - DESC:CVE-2018-20346 - Package init