diff -Nru sqlite3-3.22.0/debian/changelog sqlite3-3.22.0/debian/changelog
--- sqlite3-3.22.0/debian/changelog	2022-09-14 17:02:25.000000000 +0000
+++ sqlite3-3.22.0/debian/changelog	2022-11-04 13:14:10.000000000 +0000
@@ -1,3 +1,12 @@
+sqlite3 (3.22.0-1ubuntu0.7) bionic-security; urgency=medium
+
+  * SECURITY UPDATE: array-bounds overflow via large string argument
+    - debian/patches/CVE-2022-35737.patch: increase the size of loop
+      variables in src/printf.c.
+    - CVE-2022-35737
+
+ -- Marc Deslauriers <marc.deslauriers@ubuntu.com>  Fri, 04 Nov 2022 09:14:10 -0400
+
 sqlite3 (3.22.0-1ubuntu0.6) bionic-security; urgency=medium
 
   * SECURITY UPDATE: null pointer dereference in INTERSEC query processing
diff -Nru sqlite3-3.22.0/debian/patches/CVE-2022-35737.patch sqlite3-3.22.0/debian/patches/CVE-2022-35737.patch
--- sqlite3-3.22.0/debian/patches/CVE-2022-35737.patch	1970-01-01 00:00:00.000000000 +0000
+++ sqlite3-3.22.0/debian/patches/CVE-2022-35737.patch	2022-11-04 13:13:47.000000000 +0000
@@ -0,0 +1,28 @@
+Backport of:
+
+From 6eb7354fabede50a3601f251caaec172556a3a82 Mon Sep 17 00:00:00 2001
+From: drh <>
+Date: Mon, 18 Jul 2022 15:27:29 +0000
+Subject: [PATCH] Increase the size of loop variables in the printf()
+ implementation to avoid harmless compiler warnings.
+
+FossilOrigin-Name: 26db4fc22fe6665809d321b8a88b60efbbfecd5723ff3e370b857661b981c32c
+---
+ manifest      | 16 ++++++++--------
+ manifest.uuid |  2 +-
+ src/printf.c  |  4 ++--
+ 3 files changed, 11 insertions(+), 11 deletions(-)
+
+--- a/src/printf.c
++++ b/src/printf.c
+@@ -674,8 +674,8 @@ void sqlite3_str_vappendf(
+       case etSQLESCAPE:           /* Escape ' characters */
+       case etSQLESCAPE2:          /* Escape ' and enclose in '...' */
+       case etSQLESCAPE3: {        /* Escape " characters */
+-        int i, j, k, n, isnull;
+-        int needQuote;
++        i64 i, j, k, n;
++        int needQuote, isnull;
+         char ch;
+         char q = ((xtype==etSQLESCAPE3)?'"':'\'');   /* Quote character */
+         char *escarg;
diff -Nru sqlite3-3.22.0/debian/patches/series sqlite3-3.22.0/debian/patches/series
--- sqlite3-3.22.0/debian/patches/series	2022-09-14 17:01:28.000000000 +0000
+++ sqlite3-3.22.0/debian/patches/series	2022-11-04 13:13:07.000000000 +0000
@@ -33,3 +33,4 @@
 CVE-2020-13632.patch
 CVE-2021-36690.patch
 CVE-2020-35525.patch
+CVE-2022-35737.patch