SQLCipher 4.5.2 Release

SQLCipher 4.5.2 is now available. Please consult the full release announcement for complete details about the release.

The following summarizes the most substantial changes to SQLCipher core:

  • Updates baseline to use SQLite 3.39.2. IMPORTANT: This version includes an upstream SQLite fix for CVE-2022-35737. We recommend any applications dealing with large string inputs (> 2GB) upgrade to the latest release.
  • Fixes issue where PRAGMA cipher_memory_security could report OFF when it was actually ON
  • Fixes unfreed allocation leak when using OpenSSL version 3.x
  • Simplifies OpenSSL multi-version conditional code
  • Adds support for building against recent versions of BoringSSL
  • Initial public beta release for the new SQLCipher for Android Refresh

In addition, this release includes several improvements for SQLCipher Commercial and Enterprise packages:

  • Java and .NET library wrappers have been updated to the latest available versions.
  • non-FIPS packages using OpenSSL now include the latest release of 1.1.1q
  • Fixes linking for .NET MAUI iOS targets