Package: release.debian.org Severity: normal Tags: bookworm X-Debbugs-Cc: [email protected] Control: affects -1 + src:jq User: [email protected] Usertags: pu
[ Reason ] Fix the following security vulnerabilities: * CVE-2026-40612 * CVE-2026-41256 * CVE-2026-41257 * CVE-2026-43894 * CVE-2026-43895 * CVE-2026-43896 * CVE-2026-44777 * CVE-2026-32316 * CVE-2026-33947 * CVE-2026-33948 * CVE-2026-39956 * CVE-2026-39979 * CVE-2026-40164 * CVE-2025-49014 * CVE-2024-23337 * CVE-2024-53427 * CVE-2025-48060 * CVE-2023-50246 * CVE-2023-50268 [ Impact ] Security vulnerabilities [ Tests ] Tested by upstream unit tests. [ Risks ] * jq has zero runtime dependencies, so it is safe to backport. * Cherry-pick upstream patches is infeasible due to the change in upstream. [ Checklist ] [x] *all* changes are documented in the d/changelog [x] I reviewed all changes and I approve them [x] attach debdiff against the package in (old)stable [x] the issue is verified as fixed in unstable [ Changes ] (Explain *all* the changes) [ Other info ] (Anything else the release team should know.) -- ChangZhuo Chen (陳昌倬) callsign: BU2HG email: [email protected] fingerprint = BA04 346D C2E1 FE63 C790 8793 CC65 B0CD EC27 5D5B
signature.asc
Description: PGP signature
