debian/0000775000000000000000000000000012266330246007174 5ustar debian/clean0000664000000000000000000000001212230233106010156 0ustar sqlite.pc debian/sqlite.manpages0000664000000000000000000000001112230232050012163 0ustar sqlite.1 debian/pkgIndex.tcl0000664000000000000000000000012212230232050011425 0ustar package ifneeded sqlite 2.0 [list load [file join $dir libtclsqlite.so.0] sqlite] debian/sqlite-doc.doc-base0000664000000000000000000000031512230232050012617 0ustar Document: sqlite-reference Title: SQLite reference manual Abstract: Overview of SQLite Section: Data Management Format: HTML Index: /usr/share/doc/sqlite-doc/index.html Files: /usr/share/doc/sqlite-doc/* debian/libsqlite0.docs0000664000000000000000000000002512230232050012074 0ustar debian/README.Debian debian/libsqlite-tcl.dirs0000664000000000000000000000002712230232050012607 0ustar usr/lib usr/lib/sqlite debian/copyright0000664000000000000000000000060712230232050011113 0ustar This package was debianized by Andreas Rottmann on Wed, 26 Sep 2001 17:00:18 +0200. Maintainership continued by Laszlo Boszormenyi (GCS) from Wed Oct 11 21:20:15 UTC 2006. It was downloaded from http://www.sqlite.org. Upstream Author: D. Richard Hipp Copyright: The author disclaims all copyright. The library is in the public domain. debian/libsqlite-tcl.install0000664000000000000000000000007512230232050013317 0ustar usr/lib/sqlite/libtclsqlite.so.* usr/lib/sqlite/pkgIndex.tcl debian/source/0000775000000000000000000000000012230232107010460 5ustar debian/source/format0000664000000000000000000000001412230232106011665 0ustar 3.0 (quilt) debian/sqlite.dirs0000664000000000000000000000001012230232050011330 0ustar usr/bin debian/changelog0000664000000000000000000003525712266327410011061 0ustar sqlite (2.8.17-10ubuntu2) trusty; urgency=medium * Update config.{sub,guess} too, autoreconf isn't enough for this. -- Adam Conrad Fri, 17 Jan 2014 15:29:56 -0700 sqlite (2.8.17-10ubuntu1) trusty; urgency=low * Because Debian unstable's tcl packaging differs from Ubuntu 14.04's, adjust the build-dependencies and build targets to resolve FTBFS. - Handle Tcl lib in multiarch path. -- Daniel T Chen Wed, 15 Jan 2014 09:43:13 -0500 sqlite (2.8.17-10fakesync1) trusty-proposed; urgency=medium * Fake sync due to mismatching orig tarball. -- Colin Watson Wed, 08 Jan 2014 11:25:24 +0000 sqlite (2.8.17-10) unstable; urgency=low * Update Standards-Version to 3.9.5 . [ Wookey ] * Update config.{sub.guess} automatically (closes: #727510). -- Laszlo Boszormenyi (GCS) Mon, 06 Jan 2014 15:07:43 +0000 sqlite (2.8.17-9) unstable; urgency=low * Move to short debhelper rules and 3.0 (quilt) source format (closes: #725539). * Run tests but don't fail on them. -- Laszlo Boszormenyi (GCS) Fri, 18 Oct 2013 12:04:56 +0000 sqlite (2.8.17-8) unstable; urgency=low * Refresh auto* files and move to automake 1.13 (closes: #710341, #713180). * Add missing headers. * Fix pkgIndex.tcl for proper import. * Update to Standards-Version 3.9.4 . * Move to debhelper level 8 . -- Laszlo Boszormenyi (GCS) Tue, 09 Jul 2013 18:06:30 +0200 sqlite (2.8.17-7) unstable; urgency=low * Fix upstream mistake of missing format argument in fprintf (closes: #646032). * Empty dependency_list in libsqlite.la . * Update packaging and its dependencies. -- Laszlo Boszormenyi (GCS) Tue, 25 Oct 2011 00:55:38 +0200 sqlite (2.8.17-6.1) unstable; urgency=low * Non-maintainer upload. * Fix FTBFS by replacing DEB_BUILD_MAKE_TARGET with DEB_MAKE_BUILD_TARGET. Thanks to Daniel Schepler for the patch (closes: #618154). -- Aurelien Jarno Tue, 02 Aug 2011 19:06:03 +0200 sqlite (2.8.17-6) unstable; urgency=low * Change readline build dependency to plain libreadline-dev (version 6 ATM). * Fix version in pkgIndex.tcl (closes: #483993). * Register with doc-base (closes: #452390). * Fix section to be database. -- Laszlo Boszormenyi (GCS) Sun, 13 Sep 2009 15:14:27 +0000 sqlite (2.8.17-5) unstable; urgency=low [ Daniel Schepler ] * Fix FTBFS due to libtool version mismatch error (closes: #544437). [ Laszlo Boszormenyi ] * Update debhelper compatibility to 6 and standards-version to 3.8.3 ; add missing ${misc:Depends} to depends lines and fix Tcl spelling. * Don't use watch for now, upstream doesn't seem to host this version anymore. -- Laszlo Boszormenyi (GCS) Thu, 03 Sep 2009 18:30:44 +0000 sqlite (2.8.17-4) unstable; urgency=low * Fixed upstream Makefile.in not to lose doc/lemon.html and doc/report1.txt on rebuilds (closes: #441725). * Corrected debian/watch file. * Removed debconf message, was horribly old and outdated. Thanks again to everyone who contributed with translations. -- Laszlo Boszormenyi (GCS) Thu, 4 Oct 2007 11:39:25 +0200 sqlite (2.8.17-3) unstable; urgency=medium * Accept Nico's quick security fix related upload (closes: #441233). * Add Italian and Catalan debconf translations, thanks to Luca Monducci and Jorda Polo respectively (closes: #426155, #412582). -- Laszlo Boszormenyi (GCS) Sat, 08 Sep 2007 10:53:33 +0300 sqlite (2.8.17-2.1) unstable; urgency=high * Non-maintainer upload by testing security team. * Included 01-fix-CVE-2007-1888.patch to fix buffer overflow in encode.c (CVE-2007-1888) (Closes: #441233). -- Nico Golde Fri, 07 Sep 2007 17:47:03 +0200 sqlite (2.8.17-2) unstable; urgency=low * Add Galician (closes: #407958), Russian (closes: #397167) and Spanish (closes: #403493) debconf translations. * Correct Portuguese debconf translation filename (closes: #404167). -- Laszlo Boszormenyi (GCS) Tue, 30 Jan 2007 18:03:13 +0000 sqlite (2.8.17-1) unstable; urgency=low * New upstream release (closes: #357168) and new maintainer with ACK from Andreas. Thanks for your previous work Rotty! * Added possibility to configure with cdebconf (closes: #332102). * Added Vietnamese (closes: #318703), Swedish (closes: #333275), German (closes: #347517) and Portugese (closes: #372469) debconf translations. -- Laszlo Boszormenyi (GCS) Wed, 11 Oct 2006 21:13:34 +0000 sqlite (2.8.16-1) unstable; urgency=medium * New upstream release. - Fixes critical VACUUM bug, hence urgency=medium. -- Andreas Rottmann Wed, 16 Feb 2005 16:33:01 +0100 sqlite (2.8.15-5) unstable; urgency=high * Use automake1.9 to build instead of 1.8, as indicated by build-depends (closes: #293388). * Added watch file. -- Andreas Rottmann Fri, 4 Feb 2005 13:07:01 +0100 sqlite (2.8.15-4) unstable; urgency=medium * Included Czech debconf translation (closes: #290912), urgency medium so this ships with Sarge. * Build against libreadline5-dev instead of libreadline4-dev. * Build-depend on automake1.9 instead of automake1.8. * sqlite: adjust description synposis (Developers Reference 6.2.2). -- Andreas Rottmann Fri, 28 Jan 2005 13:34:56 +0100 sqlite (2.8.15-3) unstable; urgency=low * Link against the libpthread (closes: #264307), thanks to Robert Millan. * Updated Japanese translation, provided by Hideki Yamane (closes: #271257). * Removed lemon package, now built by sqlite3. -- Andreas Rottmann Thu, 25 Nov 2004 11:33:28 +0100 sqlite (2.8.15-2) unstable; urgency=low * Included Japanese debconf translation (closes: #264122). -- Andreas Rottmann Sat, 7 Aug 2004 13:42:37 +0200 sqlite (2.8.15-1) unstable; urgency=low * New upstream release. * SQLite is now compiled with UTF-8 support enabled (closes: #257069). * sqlite-doc now includes arch2.gif (closes: #259345). -- Andreas Rottmann Mon, 2 Aug 2004 12:46:09 +0200 sqlite (2.8.13-3) unstable; urgency=low * Added Brazilian Portuguese debconf translation (closes: #242085). -- Andreas Rottmann Tue, 6 Apr 2004 11:21:09 +0200 sqlite (2.8.13-2) unstable; urgency=low * Added sqlite.pc to -dev package (closes: #240257). -- Andreas Rottmann Fri, 26 Mar 2004 15:28:24 +0100 sqlite (2.8.13-1) unstable; urgency=low * New upstream release. - Has my Makefile.in changes, so 01-libtool.patch gone now. - Bogus assertation removed (closes: #234977). - Segfault on command-line SQL fixed (closes: #234625). - Lemon parse table bug fixed (closes: #233690). -- Andreas Rottmann Tue, 9 Mar 2004 13:41:23 +0100 sqlite (2.8.12-3) unstable; urgency=low * Switch to updating auto* stuff at build time. - Build-Depend on autoconf, automake1.8, libtool (>= 1.5.2), tighten build-dependency on cdbs (>= 0.4.15). - debian/rules: Use CDBS auto-update features for updating autoconf and libtool *as well as aclocal*. - 01-libtool.patch now only contains modifications to Makefile.in. -- Andreas Rottmann Sun, 29 Feb 2004 15:32:22 +0100 sqlite (2.8.12-2) unstable; urgency=low * Now generate a package for lemon (closes: #234059). - Added a bit of info in README.Debian. - Incorporated lemon.html and lemon.1 from the old stand-alone package. - New patch 02-lemon-snprintf, carried over from old package. -- Andreas Rottmann Mon, 23 Feb 2004 15:25:40 +0100 sqlite (2.8.12-1) unstable; urgency=low * New upstream release (closes: #232619). - Includes patch 01-upstream-ch-1162. * Put libtool-related changes in debian/patches/01-libtool.patch, not directly in the diff.gz. * Moved src/pkgIndex.tcl to debian/, since it is not part of upstream. -- Andreas Rottmann Wed, 18 Feb 2004 14:24:47 +0100 sqlite (2.8.9-4) unstable; urgency=low * Updated libtool from 1.5.0a to 1.5.2 (closes: #230820). -- Andreas Rottmann Mon, 2 Feb 2004 19:34:11 +0100 sqlite (2.8.9-3) unstable; urgency=low * Added Greek debconf translation (closes: #229506). -- Andreas Rottmann Sun, 25 Jan 2004 15:42:01 +0100 sqlite (2.8.9-2) unstable; urgency=low * debian/rules: Make sure all packages that depend on libsqlite0 are built after it (closes: #228830). -- Andreas Rottmann Wed, 21 Jan 2004 11:37:48 +0100 sqlite (2.8.9-1) unstable; urgency=medium * New upstream release. - Again a critical bugfix release, closes: #226698). * debian/rules: Now use simple-patchsys.mk * New patch 01-upstream-ch-1162, which fixes the test suite (thanks to Aaron M. Ucko for pointing this out). -- Andreas Rottmann Thu, 8 Jan 2004 13:19:57 +0100 sqlite (2.8.8-1) unstable; urgency=medium * New upstream release (urgency medium due to unlikely data corruption bug). -- Andreas Rottmann Thu, 1 Jan 2004 22:17:01 +0100 sqlite (2.8.6-1) unstable; urgency=low * New upstream release (closes: #216808). * debian/control: - Standards-Version: 3.6.1 (no changes). * Updated libtool. -- Andreas Rottmann Sat, 8 Nov 2003 14:17:03 +0100 sqlite (2.8.5-1) unstable; urgency=low * New upstream release. * Added dutch debconf template translation (closes: #206513). * Standards-Version 3.6.0 (no changes). * No more sharing of /usr/share/doc/ (isn't easily possible with new CBS versions). -- Andreas Rottmann Thu, 21 Aug 2003 10:56:43 +0200 sqlite (2.8.3-2) unstable; urgency=low * debian/control: - Added Build-Depends on libreadline4-dev. * Makefile.in: - Remove config.h, Makefile and libtool in the distclean target (closes: #186955). -- Andreas Rottmann Thu, 12 Jun 2003 19:03:40 +0200 sqlite (2.8.3-1) unstable; urgency=low * New upstream release. -- Andreas Rottmann Tue, 10 Jun 2003 12:46:37 +0200 sqlite (2.8.2-1) unstable; urgency=low * New upstream release. * Switched from CBS to CDBS. * debian/control: - Made sqlite, libsqlite0-dev and libsqlite-tcl suggest sqlite-doc. - Changed section of libsqlite0-dev to libdevel. - Bumped Standards-Version to 3.5.10 (no changes). * Added README.Debian file lining out the sqlite packages (closes: #192142). * Added french debconf template translation (closes: #193514). -- Andreas Rottmann Tue, 20 May 2003 15:35:47 +0200 sqlite (2.8.0-3) unstable; urgency=low * Now build and include docs again (closes: #186467). * Updated CBS. * Made libsqlite0-dev and libsqlite-tcl link their doc directories to the libsqlite0 one, instead of duplicating the contents. * Include upstream changelog in packages. -- Andreas Rottmann Sun, 30 Mar 2003 20:56:24 +0200 sqlite (2.8.0-2) unstable; urgency=low * Now using po-debconf. + Updated debhelper Build-Depends (>= 4.1.16). * Updated CBS. * Bumped Standards-Version to 3.5.9. -- Andreas Rottmann Thu, 20 Mar 2003 17:00:42 +0100 sqlite (2.8.0-1) unstable; urgency=low * New upstream release. * Got rid of debian/shlibs.local. * Make dependencies on libsqlite0 versioned. -- Andreas Rottmann Mon, 24 Feb 2003 18:11:11 +0100 sqlite (2.7.6-1) unstable; urgency=low * New upstream release. * Now building against tcl8.4-dev. -- Andreas Rottmann Tue, 28 Jan 2003 10:57:10 +0100 sqlite (2.7.4-1) unstable; urgency=low * New upstream release. * Now using CBS. + Build-Depend on autotools-dev, so CBS can use current config.{guess,sub}. * Bumped Standards-Version to 3.5.8 (no changes). -- Andreas Rottmann Sun, 22 Dec 2002 21:38:27 +0100 sqlite (2.7.2-1) unstable; urgency=low * New upstream release. + Includes quickstart.html. (closes: #162451) -- Andreas Rottmann Thu, 26 Sep 2002 19:19:37 +0200 sqlite (2.7.0-1) unstable; urgency=low * New upstream release. * Makefile.in: fixed wrong -rpath for libtclsqlite.la * debian/libsqlite0.{preinst|postinst}: use "set -e" instead of "#!/bin/sh -e" (fixes linda warning). * debian/control: + rename libsqlite0-tcl to libsqlite-tcl, since that makes more sense. + rename libsqlite-dev to libsqlite0-dev, to be more compliant with libpkg-guide. -- Andreas Rottmann Mon, 26 Aug 2002 16:29:31 +0200 sqlite (2.6.3-1) unstable; urgency=low * New upstream version. * debian/rules, debian/control: Now building using debhelper 4. * sqlite.1, debian/copyright: Updated to new www.sqlite.org site. -- Andreas Rottmann Wed, 14 Aug 2002 15:55:49 +0200 sqlite (2.6.1-2) unstable; urgency=low * Fixed 'is is' typo in package descriptions. (closes: #154185, #154186) -- Andreas Rottmann Thu, 25 Jul 2002 14:39:24 +0200 sqlite (2.6.1-1) unstable; urgency=low * New upstream version. * Database format has changed, opening databases with the new version of the library will convert them. Alert the user with a debconf note. * Now using LIBRARY_PATH in debian/rules instead of modifiying Makefile.in. * Fixed and improved package descriptions. * Bumped up Standards-Version to 3.5.6.1. * Now versioning dependency on libsqlite. -- Andreas Rottmann Tue, 23 Jul 2002 12:55:12 +0200 sqlite (2.5.4-1) unstable; urgency=low * New upstream version. -- Andreas Rottmann Tue, 2 Jul 2002 17:30:19 +0200 sqlite (2.4.12-1) unstable; urgency=low * New upstream version. * Now compiling with -DTHREADSAFE=1. (closes: #149386) -- Andreas Rottmann Sun, 9 Jun 2002 22:20:12 +0200 sqlite (2.4.10-1) unstable; urgency=low * New upstream version. -- Andreas Rottmann Sun, 5 May 2002 22:26:15 +0200 sqlite (2.4.7-1) unstable; urgency=low * New upstream version. -- Andreas Rottmann Wed, 17 Apr 2002 20:09:22 +0200 sqlite (2.4.4-1) unstable; urgency=low * New upstream version. -- Andreas Rottmann Sun, 31 Mar 2002 20:44:24 +0200 sqlite (2.4.0-1) unstable; urgency=low * New upstream version. * Added proper sections to debian/control. -- Andreas Rottmann Mon, 11 Mar 2002 10:47:03 +0100 sqlite (2.2.1-1) unstable; urgency=low * Initial release. (closes: #127510) -- Andreas Rottmann Wed, 9 Jan 2002 21:56:21 +0100 debian/compat0000664000000000000000000000000212262544561010375 0ustar 8 debian/libsqlite0-dev.install0000664000000000000000000000015712230232050013374 0ustar usr/include/sqlite.h usr/lib/libsqlite.a usr/lib/libsqlite.so usr/lib/libsqlite.la usr/lib/pkgconfig/sqlite.pc debian/rules0000775000000000000000000000316512266330126010256 0ustar #!/usr/bin/make -f # -*- makefile -*- # Uncomment this to turn on verbose mode. #export DH_VERBOSE=1 DEB_HOST_MULTIARCH ?= $(shell dpkg-architecture -qDEB_HOST_MULTIARCH) CONFIGURE_EXTRA_FLAGS = config_TARGET_TCL_INC="-I/usr/include/tcl8.5" \ config_BUILD_CFLAGS="$(CFLAGS) -DTHREADSAFE=1" \ config_TARGET_LIBS="-ltcl8.5 -lpthread" \ config_TARGET_TCL_LIBS="-L/usr/lib/$(DEB_HOST_MULTIARCH) -ltcl8.5 -lpthread" \ --enable-utf8 override_dh_clean: dh_autoreconf_clean dh_autotools-dev_restoreconfig dh_clean override_dh_auto_configure: dh_autotools-dev_updateconfig dh_autoreconf dh_auto_configure -- $(CONFIGURE_EXTRA_FLAGS) override_dh_auto_build: $(MAKE) all libtclsqlite.la doc override_dh_auto_install: install -d $(CURDIR)/debian/tmp/usr/bin/ \ $(CURDIR)/debian/tmp/usr/lib/sqlite/ install -m 0664 $(CURDIR)/debian/pkgIndex.tcl \ $(CURDIR)/debian/tmp/usr/lib/sqlite ./libtool --mode=install install libsqlite.la \ $(CURDIR)/debian/tmp/usr/lib ./libtool --mode=install install libtclsqlite.la \ $(CURDIR)/debian/tmp/usr/lib/sqlite install -d $(CURDIR)/debian/tmp/usr/share/lemon install -m 664 $(CURDIR)/tool/lempar.c \ $(CURDIR)/debian/tmp/usr/share/lemon install -m 775 lemon $(CURDIR)/debian/tmp/usr/bin/ dh_auto_install override_dh_makeshlibs: # empty dependency_libs sed -i "/dependency_libs/ s/'.*'/''/" \ `find $(CURDIR)/debian/ -name '*.la'` dh_makeshlibs -V -X"libtclsqlite.so*" override_dh_auto_test: dh_auto_test || true %: dh $@ --parallel .PHONY: override_dh_clean override_dh_auto_configure override_dh_auto_build \ override_dh_auto_install override_dh_makeshlibs \ override_dh_auto_test debian/NEWS.Debian0000664000000000000000000000025312230232050011035 0ustar sqlite (2.8.15-1) unstable; urgency=low * SQLite is now compiled with UTF-8 support enabled. -- Andreas Rottmann Tue, 27 Jul 2004 15:19:49 +0200 debian/control0000664000000000000000000000457612265337631010617 0ustar Source: sqlite Section: devel Priority: optional Maintainer: Ubuntu Developers XSBC-Original-Maintainer: Laszlo Boszormenyi (GCS) Build-Depends: debhelper (>= 8), autoconf (>= 2.59), libtool (>= 1.5.2), automake, dh-autoreconf, libreadline-dev, tcl8.5-dev, tcl, dpkg-dev (>= 1.16.0~) Standards-Version: 3.9.5 Package: sqlite Section: database Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Recommends: sqlite3 Suggests: sqlite-doc Description: command line interface for SQLite SQLite is a C library that implements an SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. Package: sqlite-doc Section: doc Architecture: all Depends: ${misc:Depends} Recommends: sqlite Description: SQLite documentation SQLite is a C library that implements an SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. . This package contains the documentation that is also available on the SQLite homepage. Package: libsqlite0 Section: libs Architecture: any Pre-Depends: ${misc:Depends} Depends: ${shlibs:Depends} Description: SQLite shared library SQLite is a C library that implements an SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. Package: libsqlite0-dev Provides: libsqlite-dev Conflicts: libsqlite-dev Replaces: libsqlite-dev (<< 2.7.0) Suggests: sqlite-doc Section: libdevel Architecture: any Depends: libsqlite0 (= ${binary:Version}), libc6-dev, ${misc:Depends} Description: SQLite development files SQLite is a C library that implements an SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. . This package contains the development files (headers, static libraries) Package: libsqlite-tcl Conflicts: libsqlite0-tcl Replaces: libsqlite0-tcl Suggests: sqlite-doc Section: interpreters Architecture: any Depends: ${shlibs:Depends}, ${misc:Depends} Description: SQLite Tcl bindings SQLite is a C library that implements an SQL database engine. Programs that link with the SQLite library can have SQL database access without running a separate RDBMS process. . This package contains the Tcl bindings. debian/sqlite-doc.docs0000664000000000000000000000003712230232050012073 0ustar doc/*.html doc/*.png www/*.gif debian/libsqlite0.dirs0000664000000000000000000000001012230232050012077 0ustar usr/lib debian/watch.old0000664000000000000000000000011012230232050010753 0ustar version=2 http://www.sqlite.org/download.html sqlite-(2.[\d\.]*).bin.gz debian/libsqlite0.install0000664000000000000000000000002712230232050012614 0ustar usr/lib/libsqlite.so.* debian/libsqlite0-dev.dirs0000664000000000000000000000002412230232050012660 0ustar usr/include usr/lib debian/README.Debian0000664000000000000000000000131512230232050011216 0ustar SQLite for Debian ----------------- SQLite for Debian is split up in four packages: libsqlite0-dev: Development files (headers, static library) libsqlite0: The database engine library itself sqlite: The text-mode user interface sqlite-doc: Documentation About lemon ----------- Additionally, since 2.8.12-2, a lemon package is generated by the sqlite source package. The lemon parser generator was previously maintained in a separate source package, but since upstream maintains it as part of SQLite, Debian switched to doing it this way, too. The maintainer of the now-obsolete separate lemon package was Guus Sliepen . -- Andreas Rottmann , Thu Feb 26 15:09:51 2004 debian/sqlite.install0000664000000000000000000000001712230232050012044 0ustar usr/bin/sqlite debian/patches/0000775000000000000000000000000012230232067010614 5ustar debian/patches/03-add-fprintf-format-argument.patch0000664000000000000000000000043712230232050017355 0ustar --- sqlite-2.8.17.orig/src/shell.c +++ sqlite-2.8.17/src/shell.c @@ -692,7 +692,7 @@ }else if( c=='h' && strncmp(azArg[0], "help", n)==0 ){ - fprintf(stderr,zHelp); + fprintf(stderr,"%s\n",zHelp); }else if( c=='i' && strncmp(azArg[0], "indices", n)==0 && nArg>1 ){ debian/patches/02-lemon-snprintf.patch0000664000000000000000000000646012230232050015025 0ustar diff -ruN sqlite/tool/lemon.c sqlite-new/tool/lemon.c --- sqlite/tool/lemon.c 2004-04-24 14:59:13.000000000 +0200 +++ sqlite-new/tool/lemon.c 2004-07-27 15:31:40.000000000 +0200 @@ -1272,15 +1272,15 @@ va_start(ap, format); /* Prepare a prefix to be prepended to every output line */ if( lineno>0 ){ - sprintf(prefix,"%.*s:%d: ",PREFIXLIMIT-10,filename,lineno); + snprintf(prefix,sizeof prefix,"%.*s:%d: ",PREFIXLIMIT-10,filename,lineno); }else{ - sprintf(prefix,"%.*s: ",PREFIXLIMIT-10,filename); + snprintf(prefix,sizeof prefix,"%.*s: ",PREFIXLIMIT-10,filename); } prefixsize = strlen(prefix); availablewidth = LINEWIDTH - prefixsize; /* Generate the error message */ - vsprintf(errmsg,format,ap); + vsnprintf(errmsg,sizeof errmsg,format,ap); va_end(ap); errmsgsize = strlen(errmsg); /* Remove trailing '\n's from the error message. */ @@ -2675,7 +2675,7 @@ while( cfp ){ char buf[20]; if( cfp->dot==cfp->rp->nrhs ){ - sprintf(buf,"(%d)",cfp->rp->index); + snprintf(buf,sizeof buf,"(%d)",cfp->rp->index); fprintf(fp," %5s ",buf); }else{ fprintf(fp," "); @@ -2721,7 +2721,7 @@ c = *cp; *cp = 0; path = (char *)malloc( strlen(argv0) + strlen(name) + 2 ); - if( path ) sprintf(path,"%s/%s",argv0,name); + if( path ) snprintf(path,sizeof path,"%s/%s",argv0,name); *cp = c; }else{ extern char *getenv(); @@ -2734,7 +2734,7 @@ if( cp==0 ) cp = &pathlist[strlen(pathlist)]; c = *cp; *cp = 0; - sprintf(path,"%s/%s",pathlist,name); + snprintf(path,sizeof path,"%s/%s",pathlist,name); *cp = c; if( c==0 ) pathlist = ""; else pathlist = &cp[1]; @@ -2814,14 +2814,16 @@ cp = strrchr(lemp->filename,'.'); if( cp ){ - sprintf(buf,"%.*s.lt",(int)(cp-lemp->filename),lemp->filename); + snprintf(buf,sizeof buf,"%.*s.lt",(int)(cp-lemp->filename),lemp->filename); }else{ - sprintf(buf,"%s.lt",lemp->filename); + snprintf(buf,sizeof buf,"%s.lt",lemp->filename); } if( access(buf,004)==0 ){ tpltname = buf; }else if( access(templatename,004)==0 ){ tpltname = templatename; + }else if( access("/usr/share/lemon/lempar.c",004)==0 ){ + tpltname = "/usr/share/lemon/lempar.c"; }else{ tpltname = pathsearch(lemp->argv0,templatename,0); } @@ -2833,7 +2835,7 @@ } in = fopen(tpltname,"r"); if( in==0 ){ - fprintf(stderr,"Can't open the template file \"%s\".\n",templatename); + fprintf(stderr,"Can't open the template file \"%s\".\n",tpltname); lemp->errorcnt++; return 0; } @@ -3447,7 +3449,7 @@ /* Generate a table containing the symbolic name of every symbol */ for(i=0; insymbol; i++){ - sprintf(line,"\"%s\",",lemp->symbols[i]->name); + snprintf(line,sizeof line,"\"%s\",",lemp->symbols[i]->name); fprintf(out," %-15s",line); if( (i&3)==3 ){ fprintf(out,"\n"); lineno++; } } @@ -3562,7 +3564,7 @@ in = file_open(lemp,".h","r"); if( in ){ for(i=1; interminal && fgets(line,LINESIZE,in); i++){ - sprintf(pattern,"#define %s%-30s %2d\n",prefix,lemp->symbols[i]->name,i); + snprintf(pattern,sizeof pattern,"#define %s%-30s %2d\n",prefix,lemp->symbols[i]->name,i); if( strcmp(line,pattern) ) break; } fclose(in); debian/patches/series0000664000000000000000000000013012265337304012033 0ustar 01-fix-CVE-2007-1888.patch 02-lemon-snprintf.patch 03-add-fprintf-format-argument.patch debian/patches/01-fix-CVE-2007-1888.patch0000664000000000000000000000055612230232050014246 0ustar diff -Nurad sqlite-2.8.17~/src/encode.c sqlite-2.8.17/src/encode.c --- sqlite-2.8.17~/src/encode.c 2007-09-07 17:45:19.000000000 +0200 +++ sqlite-2.8.17/src/encode.c 2007-09-07 17:45:50.000000000 +0200 @@ -176,6 +176,10 @@ int i, e; unsigned char c; e = *(in++); + if(e == 0){ + return 0; + } + i = 0; while( (c = *(in++))!=0 ){ if( c==1 ){