Re: Version 3.20.0 release candidate 2

Previous Topic Next Topic
 
classic Classic list List threaded Threaded
1 message Options
Reply | Threaded
Open this post in threaded view
|  
Report Content as Inappropriate

Re: Version 3.20.0 release candidate 2

Dave Wellman
Also, I've just spotted the following (** characters surround the changes):

1)
On the same page under " 2.1. Upping The Threat Level", the fourth paragraph starts:
     Because the pointer is passed in the t1.t1 column...

I think this is meant to be:
     Because the pointer is passed in the ** t1.cx ** column...

2)
On the same page under " 2.1. Upping The Threat Level", the first bullet under the sixth paragraph starts:
     The WebSQL interface to webkit allowed any webpage to to run arbitrary SQL in the browser for Chrome and Safari. That arbitrary SQL was suppose to be run inside a sandbox where it could do not harm even if exploited

I thin this is meant to say:
     The WebSQL interface to webkit allowed any webpage to to run arbitrary SQL in the browser for Chrome and Safari. That arbitrary SQL was suppose to be run inside a sandbox where it could do ** no ** harm even if exploited

3)
On the same page under " 2.3. Pointer Leaks"
The second sentence of the first para says:
   In other words, subtypes on pointer values prevents attacks using SQL statements like this:

I think it should say:
   In other words, subtypes on pointer values ** prevent ** attacks using SQL statements like this:

Or possibly:
   In other words, ** using ** subtypes on pointer values prevents attacks using SQL statements like this:

4)
On the same page, under " 5. Summary"

The second sentence of key take-awy #3 starts:
   Instead, use the interfaces designed to facility secure pointer passing:

I think it should be:
   Instead, use the interfaces designed to facilitate secure pointer passing:


Cheers,
Dave


Ward Analytics Ltd - information in motion
Tel: +44 (0) 118 9740191
Fax: +44 (0) 118 9740192
www: http://www.ward-analytics.com

Registered office address: The Oriel, Sydenham Road, Guildford, Surrey, United Kingdom, GU1 3SR
Registered company number: 3917021 Registered in England and Wales.


-----Original Message-----
From: sqlite-users [mailto:[hidden email]] On Behalf Of David Wellman
Sent: 25 July 2017 16:31
To: 'SQLite mailing list'
Subject: Re: [sqlite] Version 3.20.0 release candidate 2

Hi,

Minor doc error at https://sqlite.org/draft/bindptr.html 

The first paragraph under "2. A Brief History Of Pointer Passing In SQLite" starts with:
   It is sometimes convenient for SQLite extensions to communicatin non-SQL values...

I'm not sure what it is meant to say, but probably not that :-) Possibly something like:
    It is sometimes convenient for SQLite extensions to communicate non-SQL values...

Cheers,
Dave



Ward Analytics Ltd - information in motion
Tel: +44 (0) 118 9740191
Fax: +44 (0) 118 9740192
www: http://www.ward-analytics.com

Registered office address: The Oriel, Sydenham Road, Guildford, Surrey, United Kingdom, GU1 3SR
Registered company number: 3917021 Registered in England and Wales.

-----Original Message-----
From: sqlite-users [mailto:[hidden email]] On Behalf Of Richard Hipp
Sent: 25 July 2017 16:23
To: General Discussion of SQLite Database; sqlite-dev
Subject: [sqlite] Version 3.20.0 release candidate 2

We are restarting the test process for SQLite 3.20.0.  There is a new
release candidate on the website at https://sqlite.org/download.html
and on the newly reopened branch-3.20 of the source tree at
https://sqlite.org/src/timeline?r=branch-3.20

A new draft change log is at https://sqlite.org/draft/releaselog/3_20_0.html

Changes in the release candidate since the previous release attempt include:

* Improved documentation for the new pointer-passing interface
* Date/time functions can now be used in CHECK constraints and indexes
* Added the UNION virtual table extension

The target release date is one week from today.  If you have concerns
with anything in this release, please raise them now.

The checklist at https://sqlite.org/checklists/3200000/index has been
reset.  The release will occur when that checklist goes all-green.
--
D. Richard Hipp
[hidden email]
_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users

_______________________________________________
sqlite-users mailing list
[hidden email]
http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
Loading...