[kirkstone,02/29] sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs.

From: Vivek Kumbhar <vkumbhar@mvista.com>

From: Steve Sakoman <steve@sakoman.com>
To: openembedded-core@lists.openembedded.org
Subject: [OE-core][kirkstone 02/29] sqlite: fix CVE-2022-46908 safe mode
 authorizer callback allows disallowed UDFs.
Date: Sun,  1 Jan 2023 07:37:24 -1000
Message-Id: 
 <d86cf217976c539067698178290390e910263b5f.1672594521.git.steve@sakoman.com>
In-Reply-To: <cover.1672594521.git.steve@sakoman.com>
References: <cover.1672594521.git.steve@sakoman.com>
MIME-Version: 1.0
Content-Transfer-Encoding: 8bit

Message ID	d86cf217976c539067698178290390e910263b5f.1672594521.git.steve@sakoman.com
State	Accepted, archived
Commit	18641988caa131436f75dd3c279ce5af3380481a
Headers	show Return-Path: <steve@sakoman.com> ip: 209.85.210.173, mailfrom: steve@sakoman.com) From: Steve Sakoman <steve@sakoman.com> To: openembedded-core@lists.openembedded.org Subject: [OE-core][kirkstone 02/29] sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs. Date: Sun, 1 Jan 2023 07:37:24 -1000 Message-Id: <d86cf217976c539067698178290390e910263b5f.1672594521.git.steve@sakoman.com> In-Reply-To: <cover.1672594521.git.steve@sakoman.com> References: <cover.1672594521.git.steve@sakoman.com> MIME-Version: 1.0 Content-Transfer-Encoding: 8bit
Series	[kirkstone,01/29] systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with a long backtrace \| expand [kirkstone,01/29] systemd: CVE-2022-45873 deadlock in systemd-coredump via a crash with a long back… [kirkstone,02/29] sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs. [kirkstone,03/29] curl: Correct LICENSE from MIT-open-group to curl [kirkstone,04/29] curl: Add patch to fix CVE-2022-43551 [kirkstone,05/29] curl: Add patch to fix CVE-2022-43552 [kirkstone,06/29] libX11: CVE-2022-3554 & CVE-2022-3555 Fix memory leak [kirkstone,07/29] cairo: update patch for CVE-2019-6461 with upstream solution [kirkstone,08/29] binutils : Fix CVE-2022-4285 [kirkstone,09/29] linux-yocto/5.10: update to v5.10.152 [kirkstone,10/29] linux-yocto/5.10: update to v5.10.154 [kirkstone,11/29] linux-yocto/5.10: update to v5.10.160 [kirkstone,12/29] libpng: upgrade 1.6.38 -> 1.6.39 [kirkstone,13/29] webkitgtk: 2.36.7 -> 2.36.8 [kirkstone,14/29] libnewt: update 0.52.21 -> 0.52.23 [kirkstone,15/29] ruby: merge .inc into .bb [kirkstone,16/29] ruby: update 3.1.2 -> 3.1.3 [kirkstone,17/29] tzdata: update 2022d -> 2022g [kirkstone,18/29] gstreamer1.0: upgrade 1.20.4 -> 1.20.5 [kirkstone,19/29] openssh: remove RRECOMMENDS to rng-tools for sshd package [kirkstone,20/29] baremetal-image: Avoid overriding qemu variables from IMAGE_CLASSES [kirkstone,21/29] go-crosssdk: avoid host contamination by GOCACHE [kirkstone,22/29] libepoxy: remove upstreamed patch [kirkstone,23/29] classes/create-spdx: Add SPDX_PRETTY option [kirkstone,24/29] libxml2: fix test data checksums [kirkstone,25/29] kernel.bbclass: remove empty module directories to prevent QA issues [kirkstone,26/29] devtool/upgrade: correctly handle recipes where S is a subdir of upstream tree [kirkstone,27/29] qemuboot.bbclass: make sure runqemu boots bundled initramfs kernel image [kirkstone,28/29] valgrind: skip the boost_thread test on arm [kirkstone,29/29] oeqa/concurrencytest: Add number of failures to summary output

[kirkstone,02/29] sqlite: fix CVE-2022-46908 safe mode authorizer callback allows disallowed UDFs.

Commit Message

Patch