search

mutecomm / go-sqlcipher

Self-contained Go sqlite3 driver with an AES-256 encrypted sqlite3 database
Other
157 stars 57 forks source link

Update sqlite version to 3.39.2 to fix vulnerability CVE-2022-35737 #26

Open opsrampdeveloper opened 1 year ago

opsrampdeveloper commented 1 year ago

Hi @frankbraun @klingtnet @nkbai @JonathanLogan

go-sqlite3 affected by vulnerability CVE-2022-35737. Can we please update sqlite3 code to latest 3.39.2?

Go sqlite3 driver: https://github.com/mattn/go-sqlite3 Seems above package code is we are using here. They updated the sqlite3 code to latest to fix the vulnerability CVE-2022-35737. Below is the commit details they did: https://github.com/mattn/go-sqlite3/commit/d8e192b7524caaae7247e005cad1dba6c2726e0d

Please update our sqlite source code also to latest.

Thanks, Durgababu

opsrampdeveloper commented 1 year ago

Hi @frankbraun @klingtnet @nkbai @JonathanLogan

Can we get any update on this

opsrampdeveloper commented 8 months ago

Hi @klingtnet @frankbraun @nkbai @JonathanLogan Any plans to do this?