SQLCipher 4.4.2 Release

SQLCipher 4.4.2 is now available. Please consult the full release announcement for complete details about the release.

The following summarizes the most substantial changes to SQLCipher core:

  • Improved error handling to resolve potential corruption if an encryption operation failed while operating in WAL mode
  • Changes to OpenSSL library cryptographic provider to reduce initialization complexity
  • Adjusts PRAGMA cipher_integrity_check to skip locking page to avoid a spurious error report for very large databases

In addition, this release includes numerous updates for SQLCipher Commercial and Enterprise packages:

  • non-FIPS macOS, iOS, and Mac Catalyst packages have been updated to support build and execution on new Apple Silicon (arm64) devices
  • the minimum SDK for macOS packages using a FIPS 140-2 validated cryptographic module is now 10.9 to enable signing and notarization
  • all packages now enable the DBSTAT Virtual Table to expose useful information about databases for analysis

Thanks @sjlombardo. Would be great to get the list of known issues & fixed bugs in 4.4.2 (reported from previous versions). This will help us make a more informed decision on consuming newer versions.

Hello @rsarma - I’d be happy to provide some additional details. The main issue that was resolved in 4.4.2 had to do with a potential corruption bug. It has the potential to affect applications using WAL journal in circumstances where the underlying cryptographic provider encountered an error during an encryption operation inside a WAL frame write. We are only aware of incidents occurring in Electron-based applications, but would recommend that any applications using WAL journal mode upgrade.

In addition, while there are no known issues with the OpenSSL cryptographic provider, we did make some simplifications in this version. We would therefore recommend upgrading for applications using OpenSSL, i.e. for any non-iOS and non-macOS platforms.

Hi, is there any dependency list for sqlcipher 4.4.2?
I tried to find out which version of openssl sqlcipher is denpends on.But nothing relative mentioned in release note.

Hello @Simson - SQLCipher should work with any modern version of OpenSSL, there isn’t a specific dependent version. If you are building SQLCipher yourself you’ll need to provide link and compile time information to the version installed. If you are using Commercial Edition packages everything is statically linked so there are no runtime dependencies.