This update for sqlite3 fixes the following issues:
Update sqlite3 to version 3.51.3:
Security issues:
- CVE-2025-7709: Integer Overflow in FTS5 Extension (bsc#1254670).
- CVE-2025-70873: SQLite zipfile extension may disclose uninitialized heap memory during inflation (bsc#1259619).
Non security issue:
- sqlite3 won't build when using --with icu (bsc#1248586).
Changelog:
Update to version 3.51.3:
- Fix the WAL-reset database corruption bug:
https://sqlite.org/wal.html#walresetbug
- Other minor bug fixes.
Update to version 3.51.2:
- Fix an obscure deadlock in the new broken-posix-lock detection
logic.
- Fix multiple problems in the EXISTS-to-JOIN optimization.
Update to version 3.51.1:
- Fix incorrect results from nested EXISTS queries caused by the
optimization in item 6b in the 3.51.0 release.
- Fix a latent bug in fts5vocab virtual table, exposed by new
optimizations in the 3.51.0 release
Update to version 3.51.0:
- SQLITE_SCM_BRANCH -> the name of the branch from which the
source code is taken.
- SQLITE_SCM_TAGS -> space-separated list of tags on the source
code check-in.
- SQLITE_SCM_DATETIME -> ISO-8601 date and time of the source
- Two new JSON functions, jsonb_each() and jsonb_tree() work the
same as the existing json_each() and json_tree() functions
except that they return JSONB for the "value" column when the
"type" is 'array' or 'object'.
- The carray and percentile extensions are now built into the
amalgamation, though they are disabled by default and must be
activated at compile-time using the -DSQLITE_ENABLE_CARRAY
and/or -DSQLITE_ENABLE_PERCENTILE options, respectively.
- Enhancements to TCL Interface:
- Add the -asdict flag to the eval command to have it set the
row data as a dict instead of an array.
- User-defined functions may now break to return an SQL NULL.
- Increase the precision of ".timer" to microseconds.
- Enhance the "box" and "column"...