gnu: sqlite: Update to 3.32.3 [security fixes].

Fixes CVE-2020-11655, CVE-2020-11656, CVE-2020-13434, CVE-2020-13435, CVE-2020-13630, CVE-2020-13631, CVE-2020-13632, CVE-2020-15358 and CVE-2020-9327. * gnu/packages/sqlite.scm (sqlite/fixed): New variable. (sqlite)[replacement]: Graft.
author: Léo Le Bouter <lle-bout@zaclys.net> 2021-03-18 07:09:10 +0100
committer: Léo Le Bouter <lle-bout@zaclys.net> 2021-03-26 02:29:19 +0100
commit: 6e7ba45357078b31a369b23f8a9f38302dfcbb10 (patch)
tree: 29b8210d11ba55ffd1533359398a3b09b075d6e2 /gnu/packages/sqlite.scm
parent: 52c8d07a4f7033534a71ac7efeec21a65d35c125 (diff)
download: guix-6e7ba45357078b31a369b23f8a9f38302dfcbb10.tar.gz
1 files changed, 22 insertions, 0 deletions
diff --git a/gnu/packages/sqlite.scm b/gnu/packages/sqlite.scm
index eeb77749d8..a48d724488 100644
--- a/gnu/packages/sqlite.scm
+++ b/gnu/packages/sqlite.scm
@@ -65,6 +65,7 @@
             (sha256
              (base32
               "1bj936svd8i5g25xd1bj52hj4zca01fgl3sqkj86z9q5pkz4wa32"))))
+   (replacement sqlite/fixed)
    (build-system gnu-build-system)
    (inputs `(("readline" ,readline)))
    (native-inputs (if (hurd-target?)
@@ -122,6 +123,27 @@ widely deployed SQL database engine in the world.  The source code for SQLite
 is in the public domain.")
    (license license:public-domain)))
 
+(define-public sqlite/fixed
+  (package
+    (inherit sqlite)
+    (version "3.32.3")
+    (source (origin
+              (method url-fetch)
+              (uri (let ((numeric-version
+                          (match (string-split version #\.)
+                            ((first-digit other-digits ...)
+                             (string-append first-digit
+                                            (string-pad-right
+                                             (string-concatenate
+                                              (map (cut string-pad <> 2 #\0)
+                                                   other-digits))
+                                             6 #\0))))))
+                     (string-append "https://sqlite.org/2020/sqlite-autoconf-"
+                                    numeric-version ".tar.gz")))
+              (sha256
+               (base32
+                "0rlbaq177gcgk5dswd3akbhv2nvvzljrbhgy18hklbhw7h90f5d3"))))))
+
 ;; Column metadata support was added to the regular 'sqlite' package with
 ;; commit fad5b1a6d8d9c36bea5785ae4fbc1beb37e644d7.
 (define-public sqlite-with-column-metadata
author	Léo Le Bouter <lle-bout@zaclys.net>	2021-03-18 07:09:10 +0100
committer	Léo Le Bouter <lle-bout@zaclys.net>	2021-03-26 02:29:19 +0100
commit	6e7ba45357078b31a369b23f8a9f38302dfcbb10 (patch)
tree	29b8210d11ba55ffd1533359398a3b09b075d6e2 /gnu/packages/sqlite.scm
parent	52c8d07a4f7033534a71ac7efeec21a65d35c125 (diff)
download	guix-6e7ba45357078b31a369b23f8a9f38302dfcbb10.tar.gz