diff --git a/0003-CVE-2021-36690.patch b/0003-CVE-2021-36690.patch
deleted file mode 100644
index db53e1683d91370de3a888b809317b052f339abe..0000000000000000000000000000000000000000
--- a/0003-CVE-2021-36690.patch
+++ /dev/null
@@ -1,44 +0,0 @@
-diff -rNu a/ext/expert/sqlite3expert.c b/ext/expert/sqlite3expert.c
---- a/ext/expert/sqlite3expert.c	2021-11-25 09:00:19.267831518 +0800
-+++ b/ext/expert/sqlite3expert.c	2021-11-25 09:07:38.551969861 +0800
-@@ -690,11 +690,13 @@
-   rc = idxPrintfPrepareStmt(db, &p1, pzErrmsg, "PRAGMA table_xinfo=%Q", zTab);
-   while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(p1) ){
-     const char *zCol = (const char*)sqlite3_column_text(p1, 1);
-+    const char *zColSeq = 0;
-     nByte += 1 + STRLEN(zCol);
-     rc = sqlite3_table_column_metadata(
--        db, "main", zTab, zCol, 0, &zCol, 0, 0, 0
-+        db, "main", zTab, zCol, 0, &zColSeq, 0, 0, 0
-     );
--    nByte += 1 + STRLEN(zCol);
-+    if( zColSeq==0 ) zColSeq = "binary";
-+    nByte += 1 + STRLEN(zColSeq);
-     nCol++;
-     nPk += (sqlite3_column_int(p1, 5)>0);
-   }
-@@ -714,6 +716,7 @@
-   nCol = 0;
-   while( rc==SQLITE_OK && SQLITE_ROW==sqlite3_step(p1) ){
-     const char *zCol = (const char*)sqlite3_column_text(p1, 1);
-+    const char *zColSeq = 0;
-     int nCopy = STRLEN(zCol) + 1;
-     pNew->aCol[nCol].zName = pCsr;
-     pNew->aCol[nCol].iPk = (sqlite3_column_int(p1, 5)==1 && nPk==1);
-@@ -721,12 +724,13 @@
-     pCsr += nCopy;
- 
-     rc = sqlite3_table_column_metadata(
--        db, "main", zTab, zCol, 0, &zCol, 0, 0, 0
-+        db, "main", zTab, zCol, 0, &zColSeq, 0, 0, 0
-     );
-     if( rc==SQLITE_OK ){
--      nCopy = STRLEN(zCol) + 1;
-+      if( zColSeq==0 ) zColSeq = "binary";
-+      nCopy = STRLEN(zColSeq) + 1;
-       pNew->aCol[nCol].zColl = pCsr;
--      memcpy(pCsr, zCol, nCopy);
-+      memcpy(pCsr, zColSeq, nCopy);
-       pCsr += nCopy;
-     }
- 
diff --git a/0004-CVE-2022-35737.patch b/0003-CVE-2022-35737.patch
similarity index 100%
rename from 0004-CVE-2022-35737.patch
rename to 0003-CVE-2022-35737.patch
diff --git a/0004-fix-memory-problem-in-the-rtree-test-suite.patch b/0004-fix-memory-problem-in-the-rtree-test-suite.patch
new file mode 100644
index 0000000000000000000000000000000000000000..273fbef54f5057cf67b615e09f555ee252d2044d
--- /dev/null
+++ b/0004-fix-memory-problem-in-the-rtree-test-suite.patch
@@ -0,0 +1,25 @@
+From 3755f418be5c3608a7e0b59488a8e172d443d738 Mon Sep 17 00:00:00 2001
+From: zwtmichael <zhuwentao5@huawei.com>
+Date: Tue, 30 Aug 2022 17:02:04 +0800
+Subject: [PATCH] fix memory problem in the rtree test suite
+
+---
+ ext/rtree/test_rtreedoc.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+
+diff --git a/ext/rtree/test_rtreedoc.c b/ext/rtree/test_rtreedoc.c
+index 119be0e..cdbcb2e 100644
+--- a/ext/rtree/test_rtreedoc.c
++++ b/ext/rtree/test_rtreedoc.c
+@@ -324,7 +324,7 @@ static int SQLITE_TCLAPI register_box_query(
+   }
+   if( getDbPointer(interp, Tcl_GetString(objv[1]), &db) ) return TCL_ERROR;
+ 
+-  pCtx = (BoxQueryCtx*)ckalloc(sizeof(BoxQueryCtx*));
++  pCtx = (BoxQueryCtx*)ckalloc(sizeof(BoxQueryCtx));
+   pCtx->interp = interp;
+   pCtx->pScript = Tcl_DuplicateObj(objv[2]);
+   Tcl_IncrRefCount(pCtx->pScript);
+-- 
+2.23.0
+
diff --git a/sqlite-autoconf-3360000.tar.gz b/sqlite-autoconf-3370200.tar.gz
similarity index 30%
rename from sqlite-autoconf-3360000.tar.gz
rename to sqlite-autoconf-3370200.tar.gz
index a13321b9ff03b1a7db31bb122405187b07767e09..418e66f1e4dc878eeccc19b6d3ab0302617149bc 100644
Binary files a/sqlite-autoconf-3360000.tar.gz and b/sqlite-autoconf-3370200.tar.gz differ
diff --git a/sqlite-doc-3360000.zip b/sqlite-doc-3370200.zip
similarity index 58%
rename from sqlite-doc-3360000.zip
rename to sqlite-doc-3370200.zip
index 14dcf01b5ab7cc744f6cbf611eca4063a9095fe7..636a5c442dc7f311f50bd881c95ca52487e0bd74 100644
Binary files a/sqlite-doc-3360000.zip and b/sqlite-doc-3370200.zip differ
diff --git a/sqlite-src-3360000.zip b/sqlite-src-3370200.zip
similarity index 80%
rename from sqlite-src-3360000.zip
rename to sqlite-src-3370200.zip
index 0e3d3927b261af9b24552d47186240886a30183d..a736b3451f0feb25f281dc6b769f4e3524864346 100644
Binary files a/sqlite-src-3360000.zip and b/sqlite-src-3370200.zip differ
diff --git a/sqlite.spec b/sqlite.spec
index 9ce8a9244816cbc28d1f57a05f59fb10266f2ecd..5ee6824cf641fd7146fa0ce1d64dc125e866deb6 100644
--- a/sqlite.spec
+++ b/sqlite.spec
@@ -1,24 +1,24 @@
 %bcond_without check
 
-%global extver 3360000
+%global extver 3370200
 %global tcl_version 8.6
 %global tcl_sitearch %{_libdir}/tcl%{tcl_version}
 
 Name:    sqlite
-Version: 3.36.0
-Release: 3
+Version: 3.37.2
+Release: 1
 Summary: Embeded SQL database
 License: Public Domain
 URL:     http://www.sqlite.org/
 
-Source0: https://www.sqlite.org/2021/sqlite-src-%{extver}.zip
-Source1: http://www.sqlite.org/2021/sqlite-doc-%{extver}.zip
-Source2: https://www.sqlite.org/2021/sqlite-autoconf-%{extver}.tar.gz
+Source0: https://www.sqlite.org/2022/sqlite-src-%{extver}.zip
+Source1: http://www.sqlite.org/2022/sqlite-doc-%{extver}.zip
+Source2: https://www.sqlite.org/2022/sqlite-autoconf-%{extver}.tar.gz
 
 Patch1: 0001-sqlite-no-malloc-usable-size.patch
 Patch2: 0002-remove-fail-testcase-in-no-free-fd-situation.patch
-Patch3: 0003-CVE-2021-36690.patch
-Patch4: 0004-CVE-2022-35737.patch
+Patch3: 0003-CVE-2022-35737.patch
+Patch4: 0004-fix-memory-problem-in-the-rtree-test-suite.patch
 
 BuildRequires: gcc autoconf tcl tcl-devel
 BuildRequires: ncurses-devel readline-devel glibc-devel
@@ -135,6 +135,9 @@ make test
 %{_mandir}/man*/*
 
 %changelog
+* Mon Aug 29 2022 zhuwentao <zhuwentao5@huawei.com> - 3.37.2-1
+- update to 3.37.2
+
 * Tue Aug 16 2022 liusirui <liusirui@huawei.com> - 3.36.0-3
 - fix the CVE-2022-35737.