I also want to know should we graft in this case since updating sqlite
would cause ~4000s rebuilts. Besides, how to deal with packages that
inherit sqlite when grafting?
(e.g. sqlite-with-fts5 and sqlite-with-column-metadata)

Thanks,
Alex

Alex Vong <alexvong1995@gmail.com> writes:

> Hello Guix,
>
> Recently, a remote execution vulnerability is discovered in
> sqlite[0][1]. Apart from updating the sqlite package, I think we need to
> update all packages bundling sqlite as well. What do you think?
>
> Cheers,
> Alex
>
> [0]: https://blade.tencent.com/magellan/index_en.html
> [1]:
> https://www.reddit.com/r/netsec/comments/a6ab59/magellan_sqlite_remote_code_execution/