sqlite3 (3.11.0-1ubuntu1.2) xenial-security; urgency=medium

  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2016-6153-*.patch: change temp direcotry
      search algorithm in src/os_unix.c.
    - CVE-2016-6153
  * SECURITY UPDATE: heap-base buffer over-read
    - debian/patches/CVE-2017-10989.patch: enhance RTree
      module  in ext/rtree/rtree.c and added test in
      ext/rtree/rtreeA.text.
    - CVE-2017-10989
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-13685.patch: adds checks in
      src/shell.c.
    - CVE-2017-13685
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-2518.patch: prevent a use-after-free
      in src/whereexpr.c.
    - CVE-2017-2518
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-2519.patch: increase the size of
      the reference count on table objects to 32bits in src/sqliteInt.h.
    - CVE-2017-2519
  * SECURITY UPDATE: Denial of service
    - debian/patches/CVE-2017-2520.patch: add a check for pVal in
      src/vdbemem.c
    - CVE-2017-2520
  * SECURITY UPDATE: Integer overflow
    - debian/patches/CVE-2018-20346-and-CVE-2018-20506.patch:
      add extra defenses against strategically corrupt databases
      in ext/fts3/fst3.c, ext/fts3/fts3_write.c, test/fts3corrupt4.test,
      test/permutations.test.
    - CVE-2018-20346
    - CVE-2018-20506
  * SECURITY UPDATE: heap out-of-bound read
    - debian/patches/CVE-2019-8457.patch: enhance the
      rtreenode() in ext/rtree/rtree.c.
    - debian/patches/CVE-2019-8457-string-interface.patch:
      add string interface in src/btree.c, src/build.c,
      src/func.c, src/mutex.c, src/pragma.c, src/printf.c,
      src/sqlite.h.in, src/sqliteInt.h, src/treeview.c,
      src/vdbeaux.c, src/vdbetrace.c, src/wherecode.c.
    - CVE-2019-8457
  * security update: heap-buffer over-read
    - debian/patches/cve-2019-9936.patch: add checks
      in code in order to fix in ext/fts5/fts5_hash.c,
      ext/fts5/test/fts5aa.test.
    - CVE-2019-9936
  * security update: NULL pointer dereference
    - debian/patches/cve-2019-9937.patch: fix in
      ext/fts5/fts5Int.h, ext/fts5/fts5_hash.c, ext/fts5/fts5_index.c,
      ext/fts5/test/fts5aa.test.
    - CVE-2019-9937

 -- Leonidas S. Barbosa <leo.barbosa@canonical.com>  Tue, 18 Jun 2019 09:42:23 -0300

sqlite3 (3.11.0-1ubuntu1.1) xenial-security; urgency=medium

  * SECURITY UPDATE: Avoid segmentation fault while using a corrupted file.
    - d/p/0001-Fix-a-parsing-issue-associated-with-a-corrupt-sqlite.patch:
      Check if parser is busy before using it and raise an error if positive.
      (LP: #1814869)
    - d/p/0002-Better-error-message-text-when-the-schema-is-corrupt.patch:
      Better message and additional checks.
    - No CVE associated.

 -- Paulo Flabiano Smorigo <pfsmorigo@canonical.com>  Thu, 21 Feb 2019 16:35:05 +0100

sqlite3 (3.11.0-1ubuntu1) xenial; urgency=medium

  * debian/rules: compile SQLite with SQLITE_ENABLE_FTS3_TOKENIZER to re-enable
    the two-argument version of fts3_tokenizer() used by mediascanner2
    (LP: #1546911)

 -- Łukasz 'sil2100' Zemczak <lukasz.zemczak@ubuntu.com>  Fri, 19 Feb 2016 13:12:22 +0100

sqlite3 (3.11.0-1) unstable; urgency=low

  * New upstream release.
  * Compile with thread-safe option.
  * Update squash-bad-deps patch.

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Wed, 17 Feb 2016 23:08:31 +0100

sqlite3 (3.10.2-1) unstable; urgency=low

  * New upstream, bugfix release.

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Thu, 21 Jan 2016 01:21:10 +0100

sqlite3 (3.10.1-1) unstable; urgency=low

  * New upstream, bugfix release.

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Thu, 14 Jan 2016 21:20:48 +0100

sqlite3 (3.10.0-1) unstable; urgency=low

  * New upstream release.
  * Update patch for cross compilation.
  * Use SQLITE_LIKE_DOESNT_MATCH_BLOBS compile-time option.
  * Add two new symbols to library.
  * Build and install sqldiff (closes: #806575).

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Wed, 06 Jan 2016 21:15:46 +0100

sqlite3 (3.9.2-1) unstable; urgency=low

  * New upstream release.

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Sat, 07 Nov 2015 19:54:52 +0100

sqlite3 (3.9.1-2) unstable; urgency=low

  [ Helmut Grohne <helmut@subdivi.de> ]
  * Fix FTCBFS: Update 30-cross.patch to cover all lemon invocations
    (closes: #802742).

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Fri, 23 Oct 2015 07:45:27 +0200

sqlite3 (3.9.1-1) unstable; urgency=low

  * New upstream release.
  * Update 10-520478-squash-bad-deps patch.
  * Enable FTS3 enhanced query syntax (closes: #759272).
  * Update libsqlite3-0 symbols.
  * No longer have problems with doc-base files (closes: #784100).
  * Enable JSON1 loadable extension.

  [ Yuriy M. Kaminskiy <yumkam@gmail.com> ]
  * Build with --as-needed linker option (closes: #792515).

 -- Laszlo Boszormenyi (GCS) <gcs@debian.org>  Mon, 19 Oct 2015 18:35:02 +0200

# For older changelog entries, run 'apt-get changelog libsqlite3-0'