Script 'mail_helper' called by obssrc Hello community, here is the log from the commit of package jq for openSUSE:Factory checked in at 2023-12-20 21:00:41 ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Comparing /work/SRC/openSUSE:Factory/jq (Old) and /work/SRC/openSUSE:Factory/.jq.new.9037 (New) ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++
Package is "jq" Wed Dec 20 21:00:41 2023 rev:15 rq:1133989 version:1.7.1 Changes: -------- --- /work/SRC/openSUSE:Factory/jq/jq.changes 2023-11-16 20:27:19.377629219 +0100 +++ /work/SRC/openSUSE:Factory/.jq.new.9037/jq.changes 2023-12-20 21:00:49.347336915 +0100 @@ -1,0 +2,39 @@ +Wed Dec 13 20:28:23 UTC 2023 - Martin Hauke <[email protected]> + +- Update to version 1.7.1 + Security + * Fix CVE-2023-50246 (boo#1218034) + + Fix heap buffer overflow in jvp_literal_number_literal. + * Fix CVE-2023-50268 (boo#1218038) + fix stack-buffer-overflow if comparing nan with payload. + CLI changes + * Make the default background color more suitable for bright + backgrounds. + * Allow passing the inline jq script after --. + * Fix possible uninitialised value dereference if jq_init() fails + Language changes + * Simplify paths/0 and paths/1. + * Reject U+001F in string literals. + * Remove unused nref accumulator in block_bind_library. + * Remove a bunch of unused variables, and useless assignments. + * main.c: Remove unused EXIT_STATUS_EXACT option. + * Actually use the number correctly casted from double to int as + index. + * src/builtin.c: remove unnecessary jv_copy-s in + type_error/type_error2. + * Remove undefined behavior caught by LLVM 10 UBSAN. + * Convert decnum to binary64 (double) instead of decimal64. + This makes jq behave like the JSON specification suggests and + more similar to other languages. + * Fix memory leaks on invalid input for ltrimstr/1 and + rtrimstr/1. + * Fix memory leak on failed get for setpath/2. + * Fix nan from json parsing also for nans with payload that + start with 'n'. + * Allow carriage return characters in comments. + Documentation changes + * Generate links in the man page. + libjq + * Add extern C for C++. + +------------------------------------------------------------------- Old: ---- jq-1.7.tar.gz New: ---- jq-1.7.1.tar.gz ++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++++ Other differences: ------------------ ++++++ jq.spec ++++++ --- /var/tmp/diff_new_pack.oa2i1n/_old 2023-12-20 21:00:49.999360636 +0100 +++ /var/tmp/diff_new_pack.oa2i1n/_new 2023-12-20 21:00:50.003360781 +0100 @@ -18,7 +18,7 @@ %define jq_sover 1 Name: jq -Version: 1.7 +Version: 1.7.1 Release: 0 Summary: A lightweight and flexible command-line JSON processor License: CC-BY-3.0 AND MIT ++++++ jq-1.7.tar.gz -> jq-1.7.1.tar.gz ++++++ ++++ 5604 lines of diff (skipped)
