Skip to content

[3.11] gh-137134: Update SQLite to 3.50.4 for binary releases (GH-137135) #137457

New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom
Closed
wants to merge 1 commit into from
Closed

[3.11] gh-137134: Update SQLite to 3.50.4 for binary releases (GH-137135) #137457

wants to merge 1 commit into from

Conversation

hugovk
Copy link
Member

@hugovk hugovk commented Aug 6, 2025
edited by bedevere-app bot
Loading

  • Update SQLite to 3.50.3 for binary releases.
  • macOS and Windows news entries. what about Android?
  • update sbom hash
  • newline fix via regen-sbom
  • news wording
  • Update SQLite to 3.50.4 for binary releases.
  • update 3.50.4.0.tar.gz hash in sbom & regen-sbom to fix whitespace
  • Postpone to a separate PR the build-installer changes to support additional hash types (cherry picked from commit 532c376)

@gpshead @erlend-aasland
@claude @ned-deily @hugovk
[3.11] pythongh-137134: Update SQLite to 3.50.4 for binary releases (p…
039df4b 
…ythonGH-137135)

* Update SQLite to 3.50.3 for binary releases.
* macOS and Windows news entries. what about Android?
* update sbom hash
* newline fix via regen-sbom
* news wording
* Update SQLite to 3.50.4 for binary releases.
* update 3.50.4.0.tar.gz hash in sbom & regen-sbom to fix whitespace
* Postpone to a separate PR the build-installer changes to support additional hash types
(cherry picked from commit 532c376)

Co-authored-by: Gregory P. Smith <68491+gpshead@users.noreply.github.com>
Co-authored-by: Erlend E. Aasland <erlend.aasland@protonmail.com>
Co-authored-by: Claude <noreply@anthropic.com>
Co-authored-by: Ned Deily <nad@python.org>
@hugovk hugovk requested review from a team as code owners August 6, 2025 12:28
@bedevere-app bedevere-app bot mentioned this pull request Aug 6, 2025
Closed
@bedevere-app bedevere-app bot added the type-security A security issue label Aug 6, 2025
@bedevere-app bedevere-app bot mentioned this pull request Aug 6, 2025
Merged
@Yhg1s
Copy link
Member

Yhg1s commented Aug 14, 2025

Not backporting to security-only branches as it only affects installers, which we don't build for security-only branches.

@Yhg1s Yhg1s closed this Aug 14, 2025
@LazyDodo
Copy link

Shipping the installer or not is irrelevant, someone building a security release from source shouldn't end up with a 7.2 CVE on their hands out of the box.

@Yhg1s
Copy link
Member

Yhg1s commented Aug 20, 2025

Someone building from source wouldn't be using the prebuilt binaries or probably even the exact process we use to build the macOS / Windows installers. If there are people doing that, they probably have specific requirements for their own environments anyway. They should definitely vet and consider all the third-party dependencies they're building against.

Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers
No reviews
Assignees
No one assigned
Labels
awaiting core review type-security A security issue
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.
4 participants
@hugovk @Yhg1s @LazyDodo @gpshead