a68ee4aeaf- bsc#1150137, CVE-2019-16168, sqlite3-CVE-2019-16168.patch: Improper validation of qlite_stat1 sz field leads to division by zero.Reinhard Max2019-09-10 15:21:46 +00:00
756d8b5bef- Update to version 3.29.0 * Added the SQLITE_DBCONFIG_DQS_DML and SQLITE_DBCONFIG_DQS_DDL actions to sqlite3_db_config() for activating and deactivating the double-quoted string literal misfeature. Both default to "on" for legacy compatibility, but developers are encouraged to turn them "off", perhaps using the -DSQLITE_DQS=0 compile-time option. * -DSQLITE_DQS=0 is now a recommended compile-time option. * Improvements to the query planner: + Improved optimization of AND and OR operators when one or the other operand is a constant. + Enhancements to the LIKE optimization for cases when the left-hand side column has numeric affinity. * Added the "sqlite_dbdata" virtual table for extracting raw low-level content from an SQLite database, even a database that is corrupt. * Enhancements to the CLI: + Add the ".recover" command which tries to recover as much content as possible from a corrupt database file. + Add the ".filectrl" command useful for testing. + Add the long-standing ".testctrl" command to the ".help" menu. + Added the ".dbconfig" command
Ismail Dönmez
2019-07-11 09:13:12 +00:00
0372cc6f27- Upgrade to 3.28.0: * CVE-2019-9936, bsc#1130326: running fts5 prefix queries inside a transaction could trigger a heap-based buffer over-read. * CVE-2019-9937, bsc#1130325: interleaving reads and writes in a single transaction with an fts5 virtual table will lead to a NULL Pointer Dereference. * Enhanced window functions * Enhanced VACUUM INTO so that it works for read-only databases. * New query optimizations. * Added the sqlite3_value_frombind() API for determining if the argument to an SQL function is from a bound parameter. * Security and compatibilities enhancements to fts3_tokenizer(). * Improved robustness against corrupt database files.Reinhard Max2019-04-18 14:01:24 +00:00
3cfe68017a- Update to version 3.21.0 * Take advantage of the atomic-write capabilities in the F2FS filesystem when available, for greatly reduced transaction overhead. This currently requires the SQLITE_ENABLE_BATCH_ATOMIC_WRITE compile-time option. * Allow ATTACH and DETACH commands to work inside of a transaction. * Allow WITHOUT ROWID virtual tables to be writable if the PRIMARY KEY contains exactly one column. * The "fsync()" that occurs after the header is written in a WAL reset now uses the sync settings for checkpoints. This means it will use a "fullfsync" on macs if PRAGMA checkpoint_fullfsync set on. * The sqlite3_sourceid() function tries to detect if the source code has been modified from what is checked into version control and if there are modifications, the last four characters of the version hash are shown as "alt1" or "alt2". The objective is to detect accidental and/or careless edits. A forger can subvert this feature. * Improved de-quoting of column names for CREATE TABLE AS statements with an aggregate query on the right-hand side. * Fewer "stat()" system calls issued by the unix VFS. * Enhanced the LIKE optimization so that it works with an ESCAPE clause. * Enhanced PRAGMA integrity_check and PRAGMA quick_check to detect obscure row corruption that they were formerly missing. Also update both pragmas so that they return error text rather than SQLITE_CORRUPT when encountering corruption in records. * The query planner now prefers to implement FROM-clause
Ismail Dönmez
2017-10-25 08:51:42 +00:00
4a0efba63b- Update to 3.19.2 * Fix a bug in the LEFT JOIN flattening optimization. Ticket cad1ab4cb7b0fc. * Fix more bugs in the LEFT JOIN flattening optimization. Ticket 7fde638e94287d2c.
Ismail Dönmez
2017-05-25 17:55:38 +00:00
d718414324- Update to 3.19.0 * The SQLITE_READ authorizer callback is invoked once with a column name that is an empty string for every table referenced in a query from which no columns are extracted. * When using an index on an expression, try to use expression values already available in the index, rather than loading the original columns and recomputing the expression. * Enhance the flattening optimization so that it is able to flatten views on the right-hand side of a LEFT JOIN. * Use replace() instead of char() for escaping newline and carriage-return characters embedded in strings in the .dump output from the command-line shell. * Avoid unnecessary foreign key processing in UPDATE statements that do not touch the columns that are constrained by the foreign keys. * On a DISTINCT query that uses an index, try to skip ahead to the next distinct entry using the index rather than stepping through rows, when an appropriate index is available. * Avoid unnecessary invalidation of sqlite3_blob handles when making changes to unrelated tables. * Transfer any terms of the HAVING clause that use only columns mentioned in the GROUP BY clause over to the WHERE clause for faster processing. * Reuse the same materialization of a VIEW if that VIEW appears more than once in the same query. * Enhance PRAGMA integrity_check so that it identifies tables that have two or more rows with the same rowid. * Enhance the FTS5 query syntax so that column filters may be applied to arbitrary expressions. * Enhance the json_extract() function to cache and
Ismail Dönmez
2017-05-22 18:54:24 +00:00
46a6b5d5afAccepting request 484084 from server:databaseYuchen Lin2017-04-17 08:20:52 +00:00
dce18f915e- Update to 3.18.0 * Added the PRAGMA optimize command * The SQLite version identifier returned by the sqlite_source_id() SQL function and the sqlite3_sourceid() C API and found in the SQLITE_SOURCE_ID macro is now a 64-digit SHA3-256 hash instead of a 40-digit SHA1 hash. * Added the json_patch() SQL function to the JSON1 extension. * Enhance the LIKE optimization so that it works for arbitrary expressions on the left-hand side as long as the LIKE pattern on the right-hand side does not begin with a digit or minus sign. * Added the sqlite3_set_last_insert_rowid() interface and use the new interface in the FTS3, FTS4, and FTS5 extensions to ensure that the sqlite3_last_insert_rowid() interface always returns reasonable values. * Enhance PRAGMA integrity_check and PRAGMA quick_check so that they verify CHECK constraints. * Enhance the query plans for joins to detect empty tables early and halt without doing unnecessary work. * Enhance the sqlite3_mprintf() family of interfaces and the printf SQL function to put comma separators at the thousands marks for integers, if the "," format modifier is used in between the "%" and the "d" (example: "%,d"). * Added the -DSQLITE_MAX_MEMORY=N compile-time option. * Added the .sha3sum dot-command and the .selftest dot-command to the command-line shell * Begin enforcing SQLITE_LIMIT_VDBE_OP. This can be used, for example, to prevent excessively large prepared statements in systems that accept SQL queries from untrusted users. * Various performance improvements. * Ensure that indexed expressions with collating sequences are
Ismail Dönmez
2017-03-31 12:08:39 +00:00
b0e219d229Accepting request 457523 from home:dimstar:branches:server:database
Martin Pluskal
2017-02-15 19:09:21 +00:00
c9b42ce308- Update to 3.17.0 * Approximately 25% better performance from the R-Tree extension. * Add the SQLITE_DEFAULT_LOOKASIDE compile-time option. * Increase the default lookaside size from 512,125 to 1200,100 as this provides better performance while only adding 56KB of extra memory per connection. * Use compiler built-ins __builtin_sub_overflow(), __builtin_add_overflow(), and __builtin_mul_overflow() when available. * Added the SQLITE_ENABLE_NULL_TRIM compile-time option, which can result in significantly smaller database files for some applications, at the risk of being incompatible with older versions of SQLite. * Change SQLITE_DEFAULT_PCACHE_INITSZ from 100 to 20, for improved performance. * Added the SQLITE_UINT64_TYPE compile-time option as an analog to SQLITE_INT64_TYPE. * Perform some UPDATE operations in a single pass instead of in two passes. * Enhance the session extension to support WITHOUT ROWID tables. * Fixed performance problems and potential stack overflows when creating views from multi-row VALUES clauses with hundreds of thousands of rows. * Added the sha1.c extension. * In the command-line shell, enhance the ".mode" command so that it restores the default column and row separators for modes "line", "list", "column", and "tcl". * Enhance the SQLITE_DIRECT_OVERFLOW_READ option so that it works in WAL mode as long as the pages being read are not in the WAL file.
Ismail Dönmez
2017-02-14 09:28:13 +00:00
25f5d559d5- Update to version 3.16.2:
Martin Pluskal
2017-01-07 16:47:03 +00:00
731c308e06- Update to version 3.16.1 * Fix a bug concerning the use of row values within triggers (see ticket 8c9458e7) that was in version 3.15.0.
Ismail Dönmez
2017-01-03 19:49:25 +00:00
da0d447e9b- Update to version 3.16.0:
Martin Pluskal
2017-01-03 11:44:25 +00:00
dbe7cc058bAccepting request 448258 from home:AndreasStieger:branches:server:database
Ismail Dönmez
2016-12-30 17:03:45 +00:00
7be5d4b84f- SQLite 3.15.0 * Added support for row values. * Allow deterministic SQL functions in the WHERE clause of a partial index. * Added the "modeof=filename" URI parameter on the unix VFS * Added support for SQLITE_DBCONFIG_MAINDBNAME. * Added the ability to VACUUM an ATTACH-ed database. * Enhancements to the command-line shell: + Add the ".testcase" and ".check" dot-commands. + Added the --new option to the ".open" dot-command, causing any prior content in the database to be purged prior to opening. * Enhance the fts5vocab virtual table to handle "ORDER BY term" efficiently. * Miscellaneous micro-optimizations reduce CPU usage by more than 7% on common workloads. Most optimization in this release has been on the front-end (sqlite3_prepare_v2()). * The multiply operator now correctly detects 64-bit integer overflow and promotes to floating point in all corner-cases. Fix for ticket 1ec41379c9c1e400. * Correct handling of columns with redundant unique indexes when those columns are used on the LHS of an IN operator. Fix for ticket 0eab1ac759. * Skip NULL entries on range queries in indexes on expressions. Fix for ticket 4baa46491212947. * Ensure that the AUTOINCREMENT counters in the sqlite_sequence table are initialized doing "Xfer Optimization" on "INSERT ... SELECT" statements. Fix for ticket 7b3328086a5c116c. * Make sure the ORDER BY LIMIT optimization (from check-in 559733b09e) works with IN operators on INTEGER PRIMARY KEYs.
Ismail Dönmez
2016-10-14 18:20:33 +00:00
321ace634e- SQLite 3.14.2: * Fix the sqlite3_trace_v2() interface so that it is disabled if either the callback or the mask arguments are zero, in accordance with the documentation. * Fix commenting errors and improve the comments generated on EXPLAIN listings when the -DSQLITE_ENABLE_EXPLAIN_COMMENTS compile-time option is used. * Fix the ".read" command in the command-line shell so that it understands that its input is not interactive. * Correct affinity computations for a SELECT on the RHS of an IN operator. Fix for ticket 199df4168c. * The ORDER BY LIMIT optimization is not valid unless the inner-most IN operator loop is actually used by the query plan. Fix for ticket 0c4df46116e90f92. * Fix an internal code generator problem that was causing some DELETE operations to no-op. Ticket ef360601 - SQLite 3.14.1:
Ismail Dönmez
2016-09-14 08:54:43 +00:00
df6b1ce612- SQLite 3.14.0 * Added support for WITHOUT ROWID virtual tables. * Improved the query planner so that the OR optimization can be used on virtual tables even if one or more of the disjuncts use the LIKE, GLOB, REGEXP, MATCH operators. * Added the CSV virtual table for reading RFC 4180 formatted comma-separated value files. * Added the carray() table-valued function extension. * Enabled persistent loadable extensions using the new SQLITE_OK_LOAD_PERMANENTLY return code from the extension entry point. * Added the SQLITE_DBSTATUS_CACHE_USED_SHARED option to sqlite3_db_status(). * Add the vfsstat.c loadable extension - a VFS shim that measures I/O together with an eponymous virtual table that provides access to the measurements. * Improved algorithm for running queries with both an ORDER BY and a LIMIT where only the inner-most loop naturally generates rows in the correct order. * Enhancements to Lemon parser generator, so that it generates a faster parser. * The PRAGMA compile_options command now attempts to show the version number of the compiler that generated the library. * Enhance PRAGMA table_info so that it provides information about eponymous virtual tables. * The query planner uses a full scan of a partial index instead of a full scan of the main table, in cases where that makes sense. * Allow table-valued functions to appear on the right-hand side of an IN operator. * Added two new C-language interfaces: sqlite3_expanded_sql() and sqlite3_trace_v2(). These new interfaces subsume the functions of sqlite3_trace() and sqlite3_profile() which are now deprecated. * Added the json_quote() SQL function to the json1 extension. * Disable the authorizer callback while reparsing the schema. * Added the SQLITE_ENABLE_UNKNOWN_SQL_FUNCTION compile-time option and turned that option on by default when building the command-line shell. * Fix the ALTER TABLE command so that it does not corrupt descending indexes when
Ismail Dönmez
2016-08-08 18:15:37 +00:00
62bae05a2a- SQLite 3.13.0: * Postpone I/O associated with TEMP files for as long as possible, with the hope that the I/O can ultimately be avoided completely. * Merged the session extension into trunk. * Added the ".auth ON|OFF" command to the command-line shell. * Added the "--indent" option to the ".schema" and ".fullschema" commands of the command-line shell, to turn on pretty-printing. * Added the ".eqp full" option to the command-line shell, that does both EXPLAIN and EXPLAIN QUERY PLAN on each statement that is evaluated. * Improved resistance against goofy query planner decisions caused by incomplete or incorrect modifications to the sqlite_stat1 table by the application. * Added the sqlite3_db_config(db,SQLITE_DBCONFIG_ENABLE_LOAD_EXTENSION) interface which allows the sqlite3_load_extension() C-API to be enabled while keeping the load_extension() SQL function disabled for security. * Change the temporary directory search algorithm on Unix to allow directories with write and execute permission, but without read permission, to serve as temporary directories. Apply this same standard to the "." fallback directory. * Fix a problem with the multi-row one-pass DELETE optimization that was causing it to compute incorrect answers with a self-referential subquery in the WHERE clause. Fix for ticket dc6ebeda9396087 * Fix a possible segfault with DELETE when table is a rowid table with an INTEGER PRIMARY KEY and the WHERE clause contains a OR and the table has one or more indexes that are able to trigger the OR optimization, but none of the indexes reference any table columns other than the INTEGER PRIMARY KEY. Ticket 16c9801ceba49. * When checking for the WHERE-clause push-down optimization, verify that all terms of the compound inner SELECT are non-aggregate, not just the last term. Fix for ticket f7f8c97e97597.
Ismail Dönmez
2016-05-18 19:49:01 +00:00
ef56c90c01- SQLite 3.12.2: * Fix compatibility with some legacy versions of sqlite database * Minor bugfixes - SQLite 3.12.1: * Fix a boundary condition error introduced by version 3.12.0 that can result in a crash during heavy SAVEPOINT usage. * Fix views so that they inherit column datatypes from the table that they are defined against, when possible. * Fix the query planner so that IS and IS NULL operators are able to drive an index on a LEFT OUTER JOIN.
Ismail Dönmez
2016-04-19 06:10:52 +00:00
c5699505fb- Fix a boundary condition error introduced by version 3.12.0 that can result in a crash during heavy SAVEPOINT usage. - Fix views so that they inherit column datatypes from the table that they are defined against, when possible. - Fix the query planner so that IS and IS NULL operators are able to drive an index on a LEFT OUTER JOIN.
Ismail Dönmez
2016-04-09 06:58:37 +00:00
3c63068c63- SQLite 3.12.0: * The SQLITE_DEFAULT_PAGE_SIZE is increased from 1024 to 4096. The SQLITE_DEFAULT_CACHE_SIZE is changed from 2000 to -2000 so the same amount of cache memory is used by default. * Enhancements to the Lemon parser generator so that it creates a smaller and faster SQL parser. * Only create master journal files if two or more attached databases are all modified, do not have PRAGMA synchronous set to OFF, and do not have the journal_mode set to OFF, MEMORY, or WAL. * Added the SQLITE_DBCONFIG_ENABLE_FTS3_TOKENIZER option to sqlite3_db_config() which allows the two-argument version of the fts3_tokenizer() SQL function to be enabled or disabled at run-time. * Added the sqlite3rbu_bp_progress() interface to the RBU extension. * The PRAGMA defer_foreign_keys=ON statement now also disables RESTRICT actions on foreign key. * Added the sqlite3_system_errno() interface. * Added the SQLITE_DEFAULT_SYNCHRONOUS and SQLITE_DEFAULT_WAL_SYNCHRONOUS compile-time options. The SQLITE_DEFAULT_SYNCHRONOUS compile-time option replaces the SQLITE_EXTRA_DURABLE option, which is no longer supported. * Enhanced the ".stats" command in the command-line shell to show more information about I/O performance obtained from /proc, when available. * Make sure the sqlite3_set_auxdata() values from multiple triggers within a single statement do not interfere with one another. Ticket dc9b1c91. * Fix the code generator for expressions of the form "x IN (SELECT...)" where the SELECT statement on the RHS is a correlated subquery. - Remove sqlite3-link-binary-with-libsqlite3.patch: replaced with configure option --disable-static-shell
Ismail Dönmez
2016-03-30 08:02:52 +00:00
718e1870dc- Enable secure delete by default, this matches Fedora & Android. It can be disabled with PRAGMA SECURE_DELETE = 0; - Enable more extensions, syncing with Fedora & Gentoo.
Ismail Dönmez
2016-03-25 08:53:27 +00:00
710b9b6313- Enable FTS5 support. - Add sqlite-fts5-link.patch to link to math library because FTS5 code uses log().
Ismail Dönmez
2016-03-07 14:02:44 +00:00
6aaf9cc059Accepting request 366738 from home:AndreasStieger:branches:server:database
Ismail Dönmez
2016-03-05 19:55:10 +00:00
9b843a17c8Accepting request 363683 from home:lnussel:branches:server:database
Martin Pluskal
2016-03-01 16:54:34 +00:00
Martin Pluskal
Dominique Leuenberger
Reinhard Max
Ismail Dönmez
Adam Majer
Yuchen Lin