diff --git a/main/sqlite/APKBUILD b/main/sqlite/APKBUILD
index 06c4405ffa9..e6870581db7 100644
--- a/main/sqlite/APKBUILD
+++ b/main/sqlite/APKBUILD
@@ -3,7 +3,7 @@
 pkgname=sqlite
 # NOTE: pkgver needs to correspond with sqlite-tcl
 pkgver=3.44.2
-pkgrel=0
+pkgrel=1
 pkgdesc="C library that implements an SQL database engine"
 url="https://www.sqlite.org/"
 arch="all"
@@ -31,9 +31,12 @@ _ver=${_a}${_b}${_c}$_d
 builddir="$srcdir/$pkgname-autoconf-$_ver"
 source="https://www.sqlite.org/2023/sqlite-autoconf-$_ver.tar.gz
 	$pkgname-$_ver-LICENSE.md::https://www.sqlite.org/src/raw?name=LICENSE.md&ci=version-$pkgver
+	CVE-2025-29087.patch
 	"
 
 # secfixes:
+#   3.44.2-r1:
+#     - CVE-2025-29087
 #   3.34.1-r0:
 #     - CVE-2021-20227
 #   3.32.1-r0:
@@ -112,4 +115,5 @@ package() {
 sha512sums="
 59ad55df15eb84430f5286db2e5ceddd6ca1fc207a6343546a365c0c1baf20258e96c53d2ad48b50385608d03de09a692ae834cb78a39d1a48cb36a05722e402  sqlite-autoconf-3440200.tar.gz
 8a347c292363e55a8c0fa0321e3f399bfe9c9aedcb6c838123f0eb3e2a4e078d096b7c152a4981e18ee9fa50c4ef913a33ed840aeed33aee0a46e95cd17f0814  sqlite-3440200-LICENSE.md
+bcaba44c539658de959784be130ec4e6f471fab9c7465242b96474243499f07350d22084f2b8903607d523bc6804774985f09dc36af94a736355692e63ee85de  CVE-2025-29087.patch
 "
diff --git a/main/sqlite/CVE-2025-29087.patch b/main/sqlite/CVE-2025-29087.patch
new file mode 100644
index 00000000000..32d85c3fa2a
--- /dev/null
+++ b/main/sqlite/CVE-2025-29087.patch
@@ -0,0 +1,17 @@
+Patch-Source: https://sqlite.org/src/info/498e3f1cf57f164f
+
+--- a/sqlite3.c
++++ b/sqlite3.c
+@@ -130952,11 +130952,11 @@ static void concatFuncCore(
+   int i;
+   char *z;
+   for(i=0; i<argc; i++){
+     n += sqlite3_value_bytes(argv[i]);
+   }
+-  n += (argc-1)*nSep;
++  n += (argc-1)*(i64)nSep;
+   z = sqlite3_malloc64(n+1);
+   if( z==0 ){
+     sqlite3_result_error_nomem(context);
+     return;
+   }