diff -urNd databases/sqlite3.orig/Makefile databases/sqlite3/Makefile --- databases/sqlite3.orig/Makefile 2018-04-07 05:51:36.302806000 +0000 +++ databases/sqlite3/Makefile 2018-04-07 06:07:32.977875000 +0000 @@ -2,8 +2,7 @@ # $FreeBSD: head/databases/sqlite3/Makefile 466648 2018-04-06 15:53:16Z jbeich $ PORTNAME= sqlite3 -DISTVERSION= 3.22.0 -PORTREVISION= 2 +DISTVERSION= 3.23.0 CATEGORIES= databases MASTER_SITES= https://www.sqlite.org/2018/ http://www2.sqlite.org/2018/ http://www3.sqlite.org/2018/ DISTNAME= sqlite-autoconf-${PORTVERSION:C/\.([[:digit:]])[[:>:]]/0\1/g:S/.//g}00 @@ -30,7 +29,7 @@ OPTIONS_GROUP= OPT_EXT OPT_FUNC UNICODE RTREEG RL OPTIONS_GROUP_OPT_EXT= JSON1 SESSION -OPTIONS_GROUP_OPT_FUNC= OFFSET SOUNDEX +OPTIONS_GROUP_OPT_FUNC= OFFSET SER1 SOUNDEX OPT_EXT_DESC= Optional extensions OPT_FUNC_DESC= Optional functions @@ -52,6 +51,9 @@ # http://www.sqlite.org/compile.html#enable_offset_sql_func OFFSET_DESC= Enable sqlite_offset() returning record's file offset +# https://www.sqlite.org/compile.html#enable_deserialize +SER1_DESC= Enable the sqlite3_[de]serialize() interface + # https://www.sqlite.org/sessionintro.html SESSION_DESC= Enable the session extension @@ -212,6 +214,8 @@ OFFSET_CPPFLAGS= -DSQLITE_ENABLE_OFFSET_SQL_FUNC=1 +SER1_CPPFLAGS= -DSQLITE_ENABLE_DESERIALIZE=1 + .include # Platform Configuration diff -urNd databases/sqlite3.orig/distinfo databases/sqlite3/distinfo --- databases/sqlite3.orig/distinfo 2018-04-07 05:51:36.302803000 +0000 +++ databases/sqlite3/distinfo 2018-04-07 06:08:15.393002000 +0000 @@ -1,3 +1,3 @@ -TIMESTAMP = 1517654018 -SHA256 (sqlite-autoconf-3220000.tar.gz) = 2824ab1238b706bc66127320afbdffb096361130e23291f26928a027b885c612 -SIZE (sqlite-autoconf-3220000.tar.gz) = 2644649 +TIMESTAMP = 1523081283 +SHA256 (sqlite-autoconf-3230000.tar.gz) = b7711a1800a071674c2bf76898ae8584fc6c9643cfe933cfc1bc54361e3a6e49 +SIZE (sqlite-autoconf-3230000.tar.gz) = 2674030 diff -urNd databases/sqlite3.orig/files/patch-sqlite3.c databases/sqlite3/files/patch-sqlite3.c --- databases/sqlite3.orig/files/patch-sqlite3.c 2018-04-07 05:51:36.302809000 +0000 +++ databases/sqlite3/files/patch-sqlite3.c 1970-01-01 00:00:00.000000000 +0000 @@ -1,36 +0,0 @@ -Fix for CVE-2018-8740: https://nvd.nist.gov/vuln/detail/CVE-2018-8740 -Detect databases whose schema is corrupted using a CREATE TABLE AS statement and issue an appropriate error message. -Commit [d75e6765]: https://www.sqlite.org/src/info/d75e67654aa9620b -Description: https://bugs.launchpad.net/ubuntu/+source/sqlite3/+bug/1756349 - ---- sqlite3.c.orig 2018-03-22 07:08:21 UTC -+++ sqlite3.c -@@ -103474,8 +103474,6 @@ SQLITE_PRIVATE void sqlite3EndTable( - p = pParse->pNewTable; - if( p==0 ) return; - -- assert( !db->init.busy || !pSelect ); -- - /* If the db->init.busy is 1 it means we are reading the SQL off the - ** "sqlite_master" or "sqlite_temp_master" table on the disk. - ** So do not write to the disk again. Extract the root page number -@@ -103486,6 +103484,10 @@ SQLITE_PRIVATE void sqlite3EndTable( - ** table itself. So mark it read-only. - */ - if( db->init.busy ){ -+ if( pSelect ){ -+ sqlite3ErrorMsg(pParse, ""); -+ return; -+ } - p->tnum = db->init.newTnum; - if( p->tnum==1 ) p->tabFlags |= TF_Readonly; - } -@@ -117813,7 +117815,7 @@ static void corruptSchema( - char *z; - if( zObj==0 ) zObj = "?"; - z = sqlite3MPrintf(db, "malformed database schema (%s)", zObj); -- if( zExtra ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra); -+ if( zExtra && zExtra[0] ) z = sqlite3MPrintf(db, "%z - %s", z, zExtra); - sqlite3DbFree(db, *pData->pzErrMsg); - *pData->pzErrMsg = z; - }