344 lines
10 KiB
RPMSpec
344 lines
10 KiB
RPMSpec
%bcond_without check
|
|
|
|
%global extver 3240000
|
|
%global tcl_version 8.6
|
|
%global tcl_sitearch %{_libdir}/tcl%{tcl_version}
|
|
|
|
Name: sqlite
|
|
Version: 3.24.0
|
|
Release: 12
|
|
Summary: Embeded SQL database
|
|
License: Public Domain
|
|
URL: http://www.sqlite.org/
|
|
|
|
Source0: http://www.sqlite.org/2018/sqlite-src-%{extver}.zip
|
|
Source1: http://www.sqlite.org/2018/sqlite-doc-%{extver}.zip
|
|
Source2: https://www.sqlite.org/2018/sqlite-autoconf-%{extver}.tar.gz
|
|
|
|
Patch0: 0000-sqlite-no-malloc-usable-size.patch
|
|
Patch1: 0001-sqlite-CVE-2018-20346.patch
|
|
Patch2: 0002-remove-fail-testcase-in-no-free-fd-situation.patch
|
|
Patch3: 0003-Fix-the-sqlite3BeginTrans-calls-within-the-snapshot-.patch
|
|
Patch4: 0004-Change-a-comma-into-a-logically-equivalent-but-seman.patch
|
|
Patch5: 0005-Fix-a-typo-in-the-amalgamation-autoconf-file.patch
|
|
Patch6: 0006-Fix-typo-in-the-normalize-extension.patch
|
|
Patch7: 0007-Fix-a-minor-problem-in-the-code-for-determining-whet.patch
|
|
Patch8: 0008-Quick-patch-to-the-Lemon-parser-template-to-avoid-an.patch
|
|
Patch9: 0009-Fix-typo-in-the-Win32-specific-code-for-the-fileio-e.patch
|
|
Patch10: 0010-Fix-a-problem-causing-ENABLE_CURSOR_HINTS-builds-to-.patch
|
|
Patch11: 0011-Fix-a-potential-crash-that-can-occur-while-reading-a.patch
|
|
Patch12: 0012-In-the-CLI-fix-a-file-descriptor-leak-following-OOM-.patch
|
|
Patch13: 0013-Take-steps-to-avoid-a-potential-integer-overflow-in-.patch
|
|
Patch14: 0014-Fix-minor-memory-leak-in-the-dbstat-extension-that-c.patch
|
|
Patch15: 0015-Fix-a-failing-assert-in-sqlite3ResetAllSchemasOfConn.patch
|
|
Patch16: 0016-Fix-a-parser-bug-in-the-use-of-parentheses-around-ta.patch
|
|
Patch17: 0017-Fix-possible-integer-overflow-while-running-PRAGMA-i.patch
|
|
Patch18: 0018-Fix-a-segfault-caused-by-using-the-RAISE-function-in.patch
|
|
Patch19: 0019-Fix-another-problem-with-corrupt-database-handling-i.patch
|
|
Patch20: 0020-Fix-a-buffer-overwrite-in-fts5-triggered-by-a-corrup.patch
|
|
Patch21: 0021-Fix-another-case-in-fts5-where-a-corrupt-database-co.patch
|
|
Patch22: 0022-Fix-another-potential-buffer-overread-in-fts5.patch
|
|
Patch23: 0023-Fix-a-possible-memory-leak-when-trying-to-UPDATE-a-c.patch
|
|
Patch24: 0024-Fix-an-out-of-bounds-read-in-SQL-function-fts5_decod.patch
|
|
Patch25: 0025-Fix-a-segfault-in-fts3-prompted-by-a-corrupted-datab.patch
|
|
Patch26: 0026-Prevent-unsigned-32-bit-integer-overflow-from-leadin.patch
|
|
Patch27: 0027-Fix-a-problem-causing-a-crash-if-an-fts5vocab-table-.patch
|
|
Patch28: 0028-Fix-a-harmless-memory-leak-in-the-Lemon-parser-gener.patch
|
|
Patch29: 0029-Handle-SQL-NULL-values-without-crashing-in-the-fts5-.patch
|
|
Patch30: 0030-Fix-a-memory-leak-that-could-occur-in-fts3-when-hand.patch
|
|
Patch31: 0031-Fix-a-buffer-overwrite-that-could-occur-when-running.patch
|
|
Patch32: 0032-Fix-another-corruption-related-crash-in-fts5.patch
|
|
Patch33: 0033-Avoid-integer-overflow-when-computing-the-array-of-a.patch
|
|
Patch34: 0034-Fix-another-segfault-caused-by-a-corrupt-fts3-databa.patch
|
|
Patch35: 0035-Fix-a-buffer-overrun-that-could-occur-in-fts5-if-a-p.patch
|
|
Patch36: 0036-Fix-another-fts5-crash-that-can-occur-if-the-databas.patch
|
|
Patch37: 0037-Fix-an-assert-in-vdbemem.c-that-could-fire-if-the-da.patch
|
|
Patch38: 0038-Fix-a-potential-problem-with-INSERT-INTO-.-SELECT-FR.patch
|
|
Patch39: 0039-Fix-a-segfault-that-could-follow-an-OOM-when-queryin.patch
|
|
Patch40: 0040-Fix-a-buffer-overread-in-fts3-that-could-occur-when-.patch
|
|
Patch41: 0041-Fix-a-buffer-overrun-triggered-by-a-merge-operation-.patch
|
|
Patch42: 0042-Fix-another-buffer-overread-in-fts5-that-may-occur-w.patch
|
|
Patch43: 0043-Fix-another-buffer-overrun-that-could-occur-when-que.patch
|
|
Patch44: 0044-Fix-another-segfault-that-could-occur-in-fts5-with-a.patch
|
|
Patch45: 0045-Fix-a-potential-memory-leak-in-RBU-if-the-rbu_fossil.patch
|
|
Patch46: 0046-Fix-a-potential-32-bit-integer-overflow-in-the-showd.patch
|
|
Patch47: 0047-sqlite-CVE-2019-8457-out-of-bounds-read.patch
|
|
Patch48: 0048-sqlite-CVE-2019-16168.patch
|
|
Patch49: 0049-Fix-CVE-2019-19646.patch
|
|
Patch50: 0050-Fix-CVE-2019-9936.patch
|
|
Patch51: 0051-Fix-CVE-2019-9937.patch
|
|
Patch52: 0052-Fix-CVE-2019-19923-Continue-to-back-away-from-the-LEFT-JOIN-optimizatio.patch
|
|
Patch53: 0053-Fix-CVE-2019-19924-When-an-error-occurs-while-rewriting-the-parser-tree.patch
|
|
Patch54: 0054-Fix-CVE-2019-19925-Fix-the-zipfile-extension-so-that-INSERT-works-even-.patch
|
|
Patch55: 0055-Fix-CVE-2019-19926-Continuation-of-e2bddcd4c55ba3cb-Add-another-spot-wh.patch
|
|
Patch56: 0056-Fix-CVE-2019-20218-Do-not-attempt-to-unwind-the-WITH-stack-in-the-Parse.patch
|
|
Patch57: 0057-Fix-the-zipfile-function-in-the-zipfile-extension-so.patch
|
|
Patch58: 0058-Fix-CVE-2018-20505.patch
|
|
Patch59: 0059-Fix-CVE-2020-9327.patch
|
|
Patch60: 0060-Fix-CVE-2020-11655.patch
|
|
Patch61: 0061-Fix-CVE-2020-13434.patch
|
|
Patch62: 0062-Fix-CVE-2020-13435.patch
|
|
Patch63: 0063-Fix-CVE-2020-13630.patch
|
|
Patch64: 0064-Fix-CVE-2020-13632.patch
|
|
|
|
BuildRequires: gcc autoconf tcl tcl-devel
|
|
BuildRequires: ncurses-devel readline-devel glibc-devel
|
|
|
|
|
|
Provides: %{name}-libs
|
|
Obsoletes: %{name}-libs
|
|
Provides: lemon
|
|
Obsoletes: lemon
|
|
Provides: %{name}-analyzer
|
|
Obsoletes: %{name}-analyzer
|
|
Provides: %{name}-tcl
|
|
Obsoletes: %{name}-tcl
|
|
|
|
%description
|
|
SQLite is a C-language library that implements a small, fast, self-contained,
|
|
high-reliability, full-featured, SQL database engine. SQLite is the most used
|
|
database engine in the world. SQLite is built into all mobile phones and most
|
|
computers and comes bundled inside countless other applications that people
|
|
use every day.It also include lemon and sqlite3_analyzer and tcl tools.
|
|
|
|
%package devel
|
|
Summary: Including header files and library for the developing of sqlite
|
|
Requires: %{name}%{?_isa} = %{version}-%{release}
|
|
Requires: pkgconfig
|
|
|
|
%description devel
|
|
This contains dynamic libraries and header files for the developing of sqlite.
|
|
|
|
%package help
|
|
Summary: Man file and documentation for sqlite
|
|
BuildArch: noarch
|
|
Provides: %{name}-doc
|
|
Obsoletes: %{name}-doc
|
|
|
|
%description help
|
|
This contains man files and HTML files for the using of sqlite.
|
|
|
|
|
|
%prep
|
|
#autosetup will fail because of 2 zip files
|
|
%setup -q -a1 -n %{name}-src-%{extver}
|
|
%patch0 -p1
|
|
%patch1 -p0
|
|
%patch2 -p1
|
|
%patch3 -p1
|
|
%patch4 -p1
|
|
%patch5 -p1
|
|
%patch6 -p1
|
|
%patch7 -p1
|
|
%patch8 -p1
|
|
%patch9 -p1
|
|
%patch10 -p1
|
|
%patch11 -p1
|
|
%patch12 -p1
|
|
%patch13 -p1
|
|
%patch14 -p1
|
|
%patch15 -p1
|
|
%patch16 -p1
|
|
%patch17 -p1
|
|
%patch18 -p1
|
|
%patch19 -p1
|
|
%patch20 -p1
|
|
%patch21 -p1
|
|
%patch22 -p1
|
|
%patch23 -p1
|
|
%patch24 -p1
|
|
%patch25 -p1
|
|
%patch26 -p1
|
|
%patch27 -p1
|
|
%patch28 -p1
|
|
%patch29 -p1
|
|
%patch30 -p1
|
|
%patch31 -p1
|
|
%patch32 -p1
|
|
%patch33 -p1
|
|
%patch34 -p1
|
|
%patch35 -p1
|
|
%patch36 -p1
|
|
%patch37 -p1
|
|
%patch38 -p1
|
|
%patch39 -p1
|
|
%patch40 -p1
|
|
%patch41 -p1
|
|
%patch42 -p1
|
|
%patch43 -p1
|
|
%patch44 -p1
|
|
%patch45 -p1
|
|
%patch46 -p1
|
|
%patch47 -p1
|
|
%patch48 -p1
|
|
%patch49 -p1
|
|
%patch50 -p1
|
|
%patch51 -p1
|
|
%patch52 -p1
|
|
%patch53 -p1
|
|
%patch54 -p1
|
|
%patch55 -p1
|
|
%patch56 -p1
|
|
%patch57 -p1
|
|
%patch58 -p1
|
|
%patch59 -p1
|
|
%patch60 -p1
|
|
%patch61 -p1
|
|
%patch62 -p1
|
|
%patch63 -p1
|
|
%patch64 -p1
|
|
|
|
rm -f %{name}-doc-%{extver}/sqlite.css~ || :
|
|
|
|
autoconf
|
|
|
|
%build
|
|
export CFLAGS="$RPM_OPT_FLAGS $RPM_LD_FLAGS -DSQLITE_ENABLE_COLUMN_METADATA=1 \
|
|
-DSQLITE_DISABLE_DIRSYNC=1 -DSQLITE_ENABLE_FTS3=3 \
|
|
-DSQLITE_ENABLE_RTREE=1 -DSQLITE_SECURE_DELETE=1 \
|
|
-DSQLITE_ENABLE_UNLOCK_NOTIFY=1 -DSQLITE_ENABLE_DBSTAT_VTAB=1 \
|
|
-DSQLITE_ENABLE_FTS3_PARENTHESIS=1 -DSQLITE_ENABLE_JSON1=1 \
|
|
-Wall -fno-strict-aliasing"
|
|
|
|
%configure --enable-fts5 \
|
|
--enable-threadsafe \
|
|
--enable-threads-override-locks \
|
|
--enable-load-extension \
|
|
TCLLIBDIR=%{tcl_sitearch}/sqlite3
|
|
|
|
# rpath removal
|
|
sed -i 's|^hardcode_libdir_flag_spec=.*|hardcode_libdir_flag_spec=""|g' libtool
|
|
sed -i 's|^runpath_var=LD_RUN_PATH|runpath_var=DIE_RPATH_DIE|g' libtool
|
|
|
|
%make_build
|
|
|
|
%make_build sqlite3_analyzer
|
|
|
|
%install
|
|
make DESTDIR=${RPM_BUILD_ROOT} install
|
|
|
|
install -D -m 755 lemon %{buildroot}%{_bindir}/lemon
|
|
install -D -m 644 tool/lempar.c %{buildroot}%{_datadir}/lemon/lempar.c
|
|
install -D -m 644 sqlite3.1 %{buildroot}%{_mandir}/man1/sqlite3.1
|
|
install -D -m 755 sqlite3_analyzer %{buildroot}%{_bindir}/sqlite3_analyzer
|
|
chmod 755 %{buildroot}/%{tcl_sitearch}/sqlite3/*.so
|
|
|
|
|
|
%if %{with check}
|
|
%check
|
|
export LD_LIBRARY_PATH=`pwd`/.libs
|
|
export MALLOC_CHECK_=3
|
|
|
|
%ifarch x86_64 %{ix86}
|
|
%else
|
|
rm test/csv01.test
|
|
%endif
|
|
|
|
make test
|
|
%endif # with check
|
|
|
|
%ldconfig_scriptlets
|
|
|
|
%files
|
|
%doc README.md
|
|
%{_bindir}/{sqlite3,lemon,sqlite3_analyzer}
|
|
%{_libdir}/*.so.*
|
|
%{_datadir}/lemon
|
|
%{tcl_sitearch}/sqlite3
|
|
%exclude %{_libdir}/*.{la,a}
|
|
|
|
%files devel
|
|
%{_includedir}/*.h
|
|
%{_libdir}/*.so
|
|
%{_libdir}/pkgconfig/*.pc
|
|
|
|
%files help
|
|
%doc %{name}-doc-%{extver}/*
|
|
%{_mandir}/man*/*
|
|
|
|
%changelog
|
|
* Tue Jun 30 2020 volcanodragon <linfeilong@huawei.com> - 3.24.0-12
|
|
- Type:enhancement
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:rename patches
|
|
|
|
* Tue Jun 23 2020 yanglongkang <yanglongkang@huawei.com> - 3.24.0-11
|
|
- Type:cves
|
|
- ID:CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13632
|
|
- SUG:NA
|
|
- DESC:fix CVE-2020-13434 CVE-2020-13435 CVE-2020-13630 CVE-2020-13632
|
|
|
|
* Sun Apr 19 2020 ethan848 <mingfangsen@huawei.com>
|
|
- Type:enhancement
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:CVE-2020-11655 fixed
|
|
|
|
* Tue Mar 10 2020 steven <steven_ygui@163.com> - 3.24.0-9
|
|
- Type:enhancement
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:CVE-2018-20505, CVE-2020-9327 fixed
|
|
|
|
* Wed Jan 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.24.0-8
|
|
- Type:enhancement
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:CVE-2019-19959 fixed
|
|
|
|
* Wed Jan 11 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.24.0-7
|
|
- Type:enhancement
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:Fix CVE-2019-19923 CVE-2019-19924 CVE-2019-19925 CVE-2019-19926 CVE-2019-20218
|
|
|
|
* Fri Jan 3 2020 openEuler Buildteam <buildteam@openeuler.org> - 3.24.0-6
|
|
- Type:cves
|
|
- ID:CVE-2019-9936,CVE-2019-9937
|
|
- SUG:NA
|
|
- DESC:fix cve
|
|
|
|
* Sat Dec 21 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.24.0-5
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:fix CVE bug
|
|
|
|
* Wed Sep 11 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.24.0-4
|
|
- Type:enhancemnet
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:remove debuginfo
|
|
|
|
* Wed Aug 28 2019 openEuler Buildteam <buildteam@openeuler.org> - 3.24.0-3
|
|
- Type:enhancemnet
|
|
- ID:NA
|
|
- SUG:restart
|
|
- DESC:openEuler Debranding
|
|
|
|
* Tue Aug 20 2019 wubo<wubo40@huawei.com> - 3.24.0-2.h4
|
|
- Type:
|
|
- ID:
|
|
- SUG:NA
|
|
- DESC:rename patch
|
|
|
|
* Thu Aug 15 2019 wubo<wubo40@huawei.com> - 3.24.0-2.h3
|
|
- Type:bugfix
|
|
- ID:CVE-2019-8457
|
|
- SUG:NA
|
|
- DESC:heap out-of-bound read in function rtreenode()
|
|
|
|
* Sat Mar 23 2019 Xiaoqi Guo<guoxiaoqi2@huawei.com> - 3.24.0-2.h2
|
|
- Type:bugfix
|
|
- ID:NA
|
|
- SUG:NA
|
|
- DESC:backport patch from community
|
|
|
|
* Sat Mar 23 2019 luochunsheng<luochunsheng@huawei.com> - 3.24.0-2.h1
|
|
- Type:cves
|
|
- ID:CVE-2018-20346
|
|
- SUG:NA
|
|
- DESC:CVE-2018-20346
|
|
- Package init
|