Hi Laszlo,
Am Sun, Jul 27, 2025 at 03:56:36PM +0300 schrieb Shani Yosef:
> Here is the patch 😅
>
> On Sun, 27 Jul 2025 at 15:01, Shani Yosef <[email protected]> wrote:
>
> > Source: sqlite3
> > Version: 3.40.1-2
> > Tags: security upstream
> > X-Debbugs-Cc: [email protected], Debian Security Team
> > <[email protected]>
> >
> >
> > I’m writing to suggest a patch for addressing *CVE-2025-6965* in the Debian
> > sqlite3 package.
> >
> >
> > The vulnerability has been fixed upstream in the following
> > commit:https://github.com/sqlite/sqlite/commit/c52e9d97d485a3eb168e3f8f3674a7bc4b419703
> >
> > I’ve already backported the patch to *3.40.1-2+deb12u1* and confirmed that
> > it applies cleanly.
> >
> > Please find the patch attached, hopefully it can be considered for
> > inclusion in the next stable update.
> >
> > Please let me know if there's anything else I can do to assist.
Could you review and submit Shani's patch for the upcoming Bookworm point
release?
Cheers,
Moritz
