System.Data.SQLite updating to 3.49.1
(1) By R-Gantman (RussellGantman) on 2025-05-01 12:52:29 [link] [source]
What is the roadmap to update System.Data.SQLite to use the 3.49.1 codebase?
There are two security vulnerabilities in version 1.0.119.0 (based on 3.46.1 code) which is fixed in 3.49.1 code.
- CVE-2025-29088 (BDSA-2025-3096)
- CVE-2025-3277 (BDSA-2025-3163)
Thank you
(2) By Richard Hipp (drh) on 2025-05-01 15:19:12 in reply to 1 [source]
What is the roadmap to update System.Data.SQLite
There is none. We don't have anybody on the SQLite team with the skill set to do that right now.
All of the source code to System.Data.SQLite (SDS) is available on-line. If you (or anyone else reading this) would like to volunteer to take over maintenance of SDS, please contact me off-forum (private email to drh at sqlite dot org) and I can get you set up with check-in privileges. Updating SDS to SQLite 3.49.1 should be as simple as swapping out three source files listed below and recompiling.
SQLite.Interop/src/core/sqlite3.cSQLite.Interop/src/core/sqlite3ext.hSQLite.Interop/src/core/sqlite3.h
(3.1) By Aask (AAsk1902) on 2025-05-02 09:44:56 edited from 3.0 in reply to 2 [link] [source]
Updating SDS to SQLite 3.49.1 should be as simple as swapping out three source files listed below and recompiling.
I've tried this, compiling for Windows with both 32- and 64- bit architectures. It works.
However, revisions/additions to sqlite3.c are not recognised automatically: that requires parallel changes to the underlying SDS code.