> I'm more than happy to write up a guide to help. Bullet-points for me that explain what consumers of CVEs expect would be helpful. Would it be helpful for there to be a page on https://sqlite.org/ that described the current status of all known CVEs from the perspective of the SQLite developers? Examples: * CVE-2020-11656 → Use-after-free error on debugging builds only. No impact on release builds. Fix will be part of 3.32.0. * CVE-2019-16168 → If the containing application includes an SQL Injection vulnerability then an attacker might be able to exploit that vulnerability to induce a division-by-zero in SQLite. Fixed in 3.29.0. * CVE-2019-19317 → A bug in a development branch of SQLite. Never appeared in any official SQLite release. And so forth...