[Bug 1546911] [NEW] Please recompile sqlite 3.11 with -DSQLITE_ENABLE_FTS3_TOKENIZER

James Henstridge james.henstridge at canonical.com
Thu Feb 18 08:29:39 UTC 2016


Public bug reported:

The recent upload of sqlite 3.11 to xenial-proposed has rendered
mediascanner2 non-functional.  From the release notes, it seems the
ability to register new full text search tokenizers has been disabled by
default:

http://sqlite.org/releaselog/3_11_0.html

This means that mediascanner2 fails to open the index.  We can't switch
to any of the built-in tokenizers because they don't handle CJK text, so
the only option seems to be to re-enable this functionality despite it
being a potential security vulnerability for apps that let untrusted
code run arbitrary SQL.

** Affects: mediascanner2 (Ubuntu)
     Importance: Critical
         Status: Confirmed

** Affects: sqlite3 (Ubuntu)
     Importance: Undecided
         Status: New

** Also affects: mediascanner2 (Ubuntu)
   Importance: Undecided
       Status: New

** Changed in: mediascanner2 (Ubuntu)
   Importance: Undecided => Critical

** Changed in: mediascanner2 (Ubuntu)
       Status: New => Confirmed

-- 
You received this bug notification because you are a member of Ubuntu
Foundations Bugs, which is subscribed to sqlite3 in Ubuntu.
https://bugs.launchpad.net/bugs/1546911

Title:
  Please recompile sqlite 3.11 with -DSQLITE_ENABLE_FTS3_TOKENIZER

Status in mediascanner2 package in Ubuntu:
  Confirmed
Status in sqlite3 package in Ubuntu:
  New

Bug description:
  The recent upload of sqlite 3.11 to xenial-proposed has rendered
  mediascanner2 non-functional.  From the release notes, it seems the
  ability to register new full text search tokenizers has been disabled
  by default:

  http://sqlite.org/releaselog/3_11_0.html

  This means that mediascanner2 fails to open the index.  We can't
  switch to any of the built-in tokenizers because they don't handle CJK
  text, so the only option seems to be to re-enable this functionality
  despite it being a potential security vulnerability for apps that let
  untrusted code run arbitrary SQL.

To manage notifications about this bug go to:
https://bugs.launchpad.net/ubuntu/+source/mediascanner2/+bug/1546911/+subscriptions



More information about the foundations-bugs mailing list