SQLite 3.26.0 with security updates & window functions
brodybits opened this issue · comments
SQLite 3.26.0 update is needed due to a known vulnerability, will provide window functions as well (#828).
Alternative solutions from https://discuss.zetetic.net/t/magellan-vulnerbility/3290:
- disable FTS3 functionality
- only apply the FTS3 fix from https://www.sqlite.org/src/info/940f2adc8541a838
I would favor a clean SQLite 3.26.0 update, which should be coming in the next few days.
ref:
- https://www.zdnet.com/article/sqlite-bug-impacts-thousands-of-apps-including-all-chromium-based-browsers/
- https://blade.tencent.com/magellan/index_en.html
- https://discuss.zetetic.net/t/magellan-vulnerbility/3290
- https://news.ycombinator.com/item?id=18686305
- https://www.sqlite.org/security.html
- https://worthdoingbadly.com/sqlitebug/
- https://www.sqlite.org/src/info/940f2adc8541a838