SQLite Forum

When will/were recent "sqlite3 new security issues CVEs" be addressed?
> I'm more than happy to write up a guide to help.

Bullet-points for me that explain what consumers of CVEs expect would
be helpful.  

Would it be helpful for there to be a page on https://sqlite.org/ that
described the current status of all known CVEs from the perspective of
the SQLite developers?


  *  CVE-2020-11656 → Use-after-free error on debugging builds only.
     No impact on release builds.  Fix will be part of 3.32.0.

  *  CVE-2019-16168 → If the containing application includes an
     SQL Injection vulnerability then an attacker might be able to exploit
     that vulnerability to induce a division-by-zero in SQLite.
     Fixed in 3.29.0.

  *  CVE-2019-19317 → A bug in a development branch of SQLite.
     Never appeared in any official SQLite release.

And so forth...