From 8ab3ecce3857d4ff5a705e8ed6c4680b01930771 Mon Sep 17 00:00:00 2001
From: Mike Dalessio <mike.dalessio@gmail.com>
Date: Thu, 29 Sep 2022 17:58:23 -0400
Subject: [PATCH] version bump to 1.5.1

---
 CHANGELOG.md           | 16 +++++++++++++++-
 lib/sqlite3/version.rb |  4 ++--
 2 files changed, 17 insertions(+), 3 deletions(-)

diff --git a/CHANGELOG.md b/CHANGELOG.md
index 2356ab06..04e1127f 100644
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@@ -1,11 +1,25 @@
 # sqlite3-ruby Changelog
 
-## next / unreleased
+## 1.5.1 / 2022-09-29
 
 ### Dependencies
 
 * Vendored sqlite is updated to [v3.39.4](https://sqlite.org/releaselog/3_39_4.html).
 
+### Security
+
+The vendored version of sqlite, v3.39.4, should be considered to be a security release. From the release notes:
+
+> Version 3.39.4 is a minimal patch against the prior release that addresses issues found since the
+> prior release. In particular, a potential vulnerability in the FTS3 extension has been fixed, so
+> this should be considered a security update.
+>
+> In order to exploit the vulnerability, an attacker must have full SQL access and must be able to
+> construct a corrupt database with over 2GB of FTS3 content. The problem arises from a 32-bit
+> signed integer overflow.
+
+For more information please see [GHSA-mgvv-5mxp-xq67](https://github.com/sparklemotion/sqlite3-ruby/security/advisories/GHSA-mgvv-5mxp-xq67).
+
 
 ## 1.5.0 / 2022-09-08
 
diff --git a/lib/sqlite3/version.rb b/lib/sqlite3/version.rb
index 192cb824..9b2a1b2d 100644
--- a/lib/sqlite3/version.rb
+++ b/lib/sqlite3/version.rb
@@ -1,11 +1,11 @@
 module SQLite3
 
-  VERSION = "1.5.0"
+  VERSION = "1.5.1"
 
   module VersionProxy
     MAJOR = 1
     MINOR = 5
-    TINY  = 0
+    TINY  = 1
     BUILD = nil
 
     STRING = [ MAJOR, MINOR, TINY, BUILD ].compact.join( "." )