On 14 Dec 2019, at 11:16pm, Yongheng Chen <changoch...@gmail.com> wrote:
> When we report the bugs, we said that they were from 3.31 version, but people > in mitre changed them to 3.30.1. We just reported what we found. And the > commit we reported in the bug report is referencing to the official GitHub > repo. > > Bugs are found in the latest version I need to clarify this for you, because the difference is important. The version of SQLite you tested was never released. It was not version 3.30.1. It was not version 3.31. It was no version at all. The version you downloaded was a work in progress. The programmers were still working on it. There is no point in reporting bugs in such a version to CVE. Becausee CVE requires a version number to report bugs and that version of SQLite does not have a version number. However, your work is important. If you would like the current version of SQLite to test, please download it from this page. Do not depend on a version in GITHUB. This may not be an official copy. <https://sqlite.org/download.html> You will find two copies of SQLite there: At the top you will find "Pre-release Snapshots". These are not released. They do not have a version number. Nobody should be using it. It is there so that people can look at new features and recent bug-fixes. If you find a bug in this version, please report it by posting here, including the name of the download (e.g. "sqlite-snapshot-201911192122.tar.gz"). The developers will thank you for your work and correct the bug before that version is released. Lower down you will find "Source Code". This version has been released. It has a version number. People might be using it. If you find a bug in this version please report it here as above. But you could also report it elsewhere if you want, since you will be able to report which version the bug affects. Thank you for your help. _______________________________________________ sqlite-users mailing list sqlite-users@mailinglists.sqlite.org http://mailinglists.sqlite.org/cgi-bin/mailman/listinfo/sqlite-users
