diff --git a/backport-0001-sqlite-no-malloc-usable-size.patch b/backport-0001-sqlite-no-malloc-usable-size.patch
new file mode 100644
index 0000000000000000000000000000000000000000..ac3352a004ba147283fbc2735f7d800547e6f374
--- /dev/null
+++ b/backport-0001-sqlite-no-malloc-usable-size.patch
@@ -0,0 +1,41 @@
+From 6a7c9be9502ea2023c4b5cf39a0d5a5a55b320f7 Mon Sep 17 00:00:00 2001
+From: Lixiaokeng <lixiaokeng@huawei.com>
+Date: Wed, 17 Jul 2024 10:31:56 +0800
+Subject: [PATCH] sqlite no malloc_usable_size
+
+Reference:https://gitee.com/src-openeuler/sqlite/blob/openEuler-22.03-LTS-SP3/0001-sqlite-no-malloc-usable-size.patch
+Conflict:NA
+
+---
+ configure    | 2 +-
+ configure.ac | 2 +-
+ 2 files changed, 2 insertions(+), 2 deletions(-)
+
+diff --git a/configure b/configure
+index 29ca76b..d67183a 100755
+--- a/configure
++++ b/configure
+@@ -10292,7 +10292,7 @@ done
+ #########
+ # Figure out whether or not we have these functions
+ #
+-for ac_func in fdatasync gmtime_r isnan localtime_r localtime_s malloc_usable_size strchrnul usleep utime pread pread64 pwrite pwrite64
++for ac_func in fdatasync gmtime_r isnan localtime_r localtime_s strchrnul usleep utime pread pread64 pwrite pwrite64
+ do :
+   as_ac_var=`$as_echo "ac_cv_func_$ac_func" | $as_tr_sh`
+ ac_fn_c_check_func "$LINENO" "$ac_func" "$as_ac_var"
+diff --git a/configure.ac b/configure.ac
+index 53be0a6..6f9b1e1 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -108,7 +108,7 @@ AC_CHECK_HEADERS([sys/types.h stdlib.h stdint.h inttypes.h malloc.h])
+ #########
+ # Figure out whether or not we have these functions
+ #
+-AC_CHECK_FUNCS([fdatasync gmtime_r isnan localtime_r localtime_s malloc_usable_size strchrnul usleep utime pread pread64 pwrite pwrite64])
++AC_CHECK_FUNCS([fdatasync gmtime_r isnan localtime_r localtime_s strchrnul usleep utime pread pread64 pwrite pwrite64])
+ 
+ #########
+ # By default, we use the amalgamation (this may be changed below...)
+-- 
+2.33.0
diff --git a/backport-0002-remove-fail-testcase-in-no-free-fd-situation.patch b/backport-0002-remove-fail-testcase-in-no-free-fd-situation.patch
new file mode 100644
index 0000000000000000000000000000000000000000..dcc4f70d881a193e1377a2a3ad89a1c69564f013
--- /dev/null
+++ b/backport-0002-remove-fail-testcase-in-no-free-fd-situation.patch
@@ -0,0 +1,68 @@
+From defded46ea50037500590122d847ba6a7cb96110 Mon Sep 17 00:00:00 2001
+From: eulerstorage <eulerstoragemt@huawei.com>
+Date: Sat, 11 Jan 2020 11:33:54 +0800
+Subject: [PATCH] remove fail testcase in no free fd situation
+
+Reference:https://gitee.com/src-openeuler/sqlite/blob/openEuler-22.03-LTS-SP3/0002-remove-fail-testcase-in-no-free-fd-situation.patch
+Conflict:NA
+
+Remove testcase 1.1.1, 1.1.2 and 1.1.3, since it can not success in
+some situation if there is no enough fd resource.
+---
+ test/oserror.test | 27 ---------------------------
+ 1 file changed, 27 deletions(-)
+
+diff --git a/test/oserror.test b/test/oserror.test
+index a51301c..d46218f 100644
+--- a/test/oserror.test
++++ b/test/oserror.test
+@@ -40,47 +40,6 @@ proc do_re_test {tn script expression} {
+   
+ }
+ 
+-#--------------------------------------------------------------------------
+-# Tests oserror-1.* test failures in the open() system call.
+-#
+-
+-# Test a failure in open() due to too many files. 
+-#
+-# The xOpen() method of the unix VFS calls getcwd() as well as open().
+-# Although this does not appear to be documented in the man page, on OSX
+-# a call to getcwd() may fail if there are no free file descriptors. So
+-# an error may be reported for either open() or getcwd() here.
+-#
+-if {![clang_sanitize_address]} {
+-  unset -nocomplain rc
+-  unset -nocomplain nOpen
+-  set nOpen 20000
+-  do_test 1.1.1 {
+-    set ::log [list]
+-    set ::rc [catch {
+-      for {set i 0} {$i < $::nOpen} {incr i} { sqlite3 dbh_$i test.db -readonly 1 }
+-    } msg]
+-    if {$::rc==0} {
+-      # Some system (ex: Debian) are able to create 20000+ file descriptiors
+-      # such systems will not fail here
+-      set x ok
+-    } elseif {$::rc==1 && $msg=="unable to open database file"} {
+-      set x ok
+-    } else {
+-      set x [list $::rc $msg]
+-    }
+-  } {ok}
+-  do_test 1.1.2 {
+-    catch { for {set i 0} {$i < $::nOpen} {incr i} { dbh_$i close } }
+-  } $::rc
+-  if {$rc} {
+-    do_re_test 1.1.3 { 
+-      lindex $::log 0 
+-    } {^os_unix.c:\d+: \(\d+\) (open|getcwd)\(.*test.db\) - }
+-  }
+-}
+-
+-
+ # Test a failure in open() due to the path being a directory.
+ #
+ do_test 1.2.1 {
+-- 
+1.8.3.1
diff --git a/backport-0003-fix-memory-problem-in-the-rtree-test-suite.patch b/backport-0003-fix-memory-problem-in-the-rtree-test-suite.patch
new file mode 100644
index 0000000000000000000000000000000000000000..5a85b23e476d7c8f509d0b643ffab1a66a9921fe
--- /dev/null
+++ b/backport-0003-fix-memory-problem-in-the-rtree-test-suite.patch
@@ -0,0 +1,26 @@
+From 26ea25aacc1e70f4d142d8f041da2065509c0b51 Mon Sep 17 00:00:00 2001
+From: zwtmichael <zhuwentao5@huawei.com>
+Date: Tue, 30 Aug 2022 17:02:04 +0800
+Subject: [PATCH] fix memory problem in the rtree test suite
+
+Reference:https://gitee.com/src-openeuler/sqlite/blob/openEuler-22.03-LTS-SP3/0004-fix-memory-problem-in-the-rtree-test-suite.patch
+Conflict: BoxQueryCtx change to BoxGeomCtx
+---
+ ext/rtree/test_rtreedoc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/rtree/test_rtreedoc.c b/ext/rtree/test_rtreedoc.c
+index cdbcb2e..59a7942 100644
+--- a/ext/rtree/test_rtreedoc.c
++++ b/ext/rtree/test_rtreedoc.c
+@@ -188,7 +188,7 @@ static int SQLITE_TCLAPI register_box_geom(
+   }
+   if( getDbPointer(interp, Tcl_GetString(objv[1]), &db) ) return TCL_ERROR;
+ 
+-  pCtx = (BoxGeomCtx*)ckalloc(sizeof(BoxGeomCtx*));
++  pCtx = (BoxGeomCtx*)ckalloc(sizeof(BoxGeomCtx));
+   pCtx->interp = interp;
+   pCtx->pScript = Tcl_DuplicateObj(objv[2]);
+   Tcl_IncrRefCount(pCtx->pScript);
+-- 
+2.33.0
diff --git a/backport-0004-CVE-2023-36191.patch b/backport-0004-CVE-2023-36191.patch
new file mode 100644
index 0000000000000000000000000000000000000000..51fe2f9ef986e3ab5856668695bee2e1780e8cf1
--- /dev/null
+++ b/backport-0004-CVE-2023-36191.patch
@@ -0,0 +1,34 @@
+From c5c8e025ff6cf0f7400b17aec73014e9cdc00935 Mon Sep 17 00:00:00 2001
+From: zwtmichael <zhuwentao5@huawei.com>
+Date: Mon, 7 Aug 2023 15:10:32 +0800
+Subject: [PATCH] fix segmentation violation
+
+Reference:https://gitee.com/src-openeuler/sqlite/blob/openEuler-22.03-LTS-SP3/0007-CVE-2023-36191.patch
+Conflict:context adaptation
+
+Signed-off-by: zwtmichael <zhuwentao5@huawei.com>
+---
+ src/shell.c.in | 8 ++++++--
+ 1 file changed, 6 insertions(+), 2 deletions(-)
+
+diff --git a/src/shell.c.in b/src/shell.c.in
+index 72e4498..355b4bb 100644
+--- a/src/shell.c.in
++++ b/src/shell.c.in
+@@ -12219,8 +12219,12 @@ int SQLITE_CDECL wmain(int argc, wchar_t **wargv){
+     }else if( cli_strcmp(z,"-bail")==0 ){
+       bail_on_error = 1;
+     }else if( cli_strcmp(z,"-nonce")==0 ){
+-      free(data.zNonce);
+-      data.zNonce = strdup(argv[++i]);
++      if( data.zNonce ) free(data.zNonce);
++      if( i + 1 < argc ) data.zNonce = strdup(argv[++i]);
++      else{
++	      data.zNonce = 0;
++	      break;
++      }
+     }else if( cli_strcmp(z,"-unsafe-testing")==0 ){
+       ShellSetFlag(&data,SHFLG_TestingMode);
+     }else if( cli_strcmp(z,"-safe")==0 ){
+-- 
+2.33.0
diff --git a/0001-CVE-2023-7104.patch b/backport-CVE-2023-7104.patch
similarity index 85%
rename from 0001-CVE-2023-7104.patch
rename to backport-CVE-2023-7104.patch
index bded7fdbff8ddeed4a42241e24c42dd07bb837f0..de195cd7137009262b91703f47124cc8c713d3ec 100644
--- a/0001-CVE-2023-7104.patch
+++ b/backport-CVE-2023-7104.patch
@@ -1,10 +1,12 @@
-it From a756d158b3e55831975feb45b753ba499d2adeda Mon Sep 17 00:00:00 2001
-From: mazhao <mazhao12@huawei.com>
-Date: Wed, 3 Jan 2024 12:00:45 +0800
+From 310e27eec4eb0e6c5cbc7bad6d3c0ad71619cb44 Mon Sep 17 00:00:00 2001
+From: dan <Dan Kennedy>
+Date: Thu, 7 Sep 2023 13:53:09 +0000
 Subject: [PATCH] Fix a buffer overread in the sessions extension that could
  occur when processing a corrupt changeset.
 
-Signed-off-by: mazhao <mazhao12@huawei.com>
+Reference:https://sqlite.org/src/info/0e4e7a05c4204b47
+Conflict:NA
+
 ---
  ext/session/sqlite3session.c | 18 +++++++++++-------
  1 file changed, 11 insertions(+), 7 deletions(-)
@@ -41,5 +43,4 @@ index a892804..72ad427 100644
      }
    }
 -- 
-2.34.1
-
+2.33.0
diff --git a/sqlite.spec b/sqlite.spec
index 90c6e5f636a86729f09c6a12967ae894eb8bfe38..6461e871ce2253edb5c003e7d79fee0a2ea6f213 100644
--- a/sqlite.spec
+++ b/sqlite.spec
@@ -6,7 +6,7 @@
 
 Name:    sqlite
 Version: 3.42.0
-Release: 2
+Release: 3
 Summary: Embeded SQL database
 License: Public Domain
 URL:     http://www.sqlite.org/
@@ -15,12 +15,15 @@ Source0: https://www.sqlite.org/2023/sqlite-src-%{extver}.zip
 Source1: http://www.sqlite.org/2023/sqlite-doc-%{extver}.zip
 Source2: https://www.sqlite.org/2023/sqlite-autoconf-%{extver}.tar.gz
 
-Patch1: 0001-CVE-2023-7104.patch
+Patch6000: backport-0001-sqlite-no-malloc-usable-size.patch
+Patch6001: backport-0002-remove-fail-testcase-in-no-free-fd-situation.patch 
+Patch6002: backport-0003-fix-memory-problem-in-the-rtree-test-suite.patch
+Patch6003: backport-0004-CVE-2023-36191.patch
+Patch6004: backport-CVE-2023-7104.patch
 
 BuildRequires: gcc autoconf tcl tcl-devel
 BuildRequires: ncurses-devel readline-devel glibc-devel
 
-
 Provides:  %{name}-libs
 Obsoletes: %{name}-libs
 Provides:  lemon
@@ -58,7 +61,11 @@ This contains man files and HTML files for the using of sqlite.
 %prep
 #autosetup will fail because of 2 zip files
 %setup -q -a1 -n %{name}-src-%{extver}
-%patch1 -p1
+%patch6000 -p1
+%patch6001 -p1
+%patch6002 -p1
+%patch6003 -p1
+%patch6004 -p1
 
 rm -f %{name}-doc-%{extver}/sqlite.css~ || :
 
@@ -133,6 +140,9 @@ make test
 %{_mandir}/man*/*
 
 %changelog
+* Mon Nov 11 2024 wangmian <wangmian19@h-partners.com> - 3.42.0-3
+- sync the patch from 2203
+
 * Wed Sep 4 2024 wangmian <wangmian19@h-partners.com> - 3.42.0-2
 - sync the CVE-2023-7104 from 2203