From mboxrd@z Thu Jan  1 00:00:00 1970
From: Michael Tremer <michael.tremer@ipfire.org>
To: development@lists.ipfire.org
Subject: Re: [PATCH] jq: Update to version 1.7.1
Date: Thu, 23 May 2024 17:59:54 +0100
Message-ID: <D54F43DB-91FF-4C18-9064-43E086FF3E34@ipfire.org>
In-Reply-To: <20240520133525.3502954-4-adolf.belka@ipfire.org>
MIME-Version: 1.0
Content-Type: multipart/mixed; boundary="===============7929147862628947415=="
List-Id: <development.lists.ipfire.org>

--===============7929147862628947415==
Content-Type: text/plain; charset="utf-8"
Content-Transfer-Encoding: quoted-printable

Reviewed-by: Michael Tremer <michael.tremer(a)ipfire.org>

> On 20 May 2024, at 14:35, Adolf Belka <adolf.belka(a)ipfire.org> wrote:
>=20
> - Update from version 1.7 to 1.7.1
> - Update of rootfile not required
> - Changelog
>    1.7.1
> ## Security
> - CVE-2023-50246: Fix heap buffer overflow in jvp\_literal\_number\_literal
> - CVE-2023-50268: fix stack-buffer-overflow if comparing nan with payload
> ## CLI changes
> - Make the default background color more suitable for bright backgrounds.
>   @mjarosie @taoky @nicowilliams @itchyny #2904
> - Allow passing the inline jq script after `--`. @emanuele6 #2919
> - Restrict systems operations on OpenBSD and remove unused `mkstemp`.
>   @klemensn #2934
> - Fix possible uninitialised value dereference if `jq_init()` fails.
>   @emanuele6 @nicowilliams #2935
> ## Language changes
> - Simplify `paths/0` and `paths/1`. @asheiduk @emanuele6 #2946
> - Reject `U+001F` in string literals. @torsten-schenk @itchyny @wader #2911
> - Remove unused nref accumulator in `block_bind_library`. @emanuele6 #2914
> - Remove a bunch of unused variables, and useless assignments.
>   @emanuele6 #2914
> - main.c: Remove unused EXIT\_STATUS\_EXACT option. @emanuele6 #2915
> - Actually use the number correctly casted from double to int as index.
>   @emanuele6 #2916
> - src/builtin.c: remove unnecessary jv\_copy-s in
>   type\_error/type\_error2. @emanuele6 #2937
> - Remove undefined behavior caught by LLVM 10 UBSAN. @Gaelan @emanuele6
>   #2926
> - Convert decnum to binary64 (double) instead of decimal64. This makes
>   jq behave like the JSON specification suggests and more similar to
>   other languages. @wader @leonid-s-usov #2949
> - Fix memory leaks on invalid input for `ltrimstr/1` and `rtrimstr/1`.
>   @emanuele6 #2977
> - Fix memory leak on failed get for `setpath/2`. @emanuele6 #2970
> - Fix nan from json parsing also for nans with payload that start with
>   'n'. @emanuele6 #2985
> - Allow carriage return characters in comments. @emanuele6 #2942 #2984
> ## Documentation changes
> - Generate links in the man page. @emanuele6 #2931
> - Standardize arch types to AMD64 & ARM64 from index page download
>   dropdown. @owenthereal #2884
> ## libjq
> - Add extern C for C++. @rockwotj #2953
> ## Build and test changes
> - Fix incorrect syntax for checksum file. @kamontat @wader #2899
> - Remove `-dirty` version suffix for windows release build. @itchyny #2888
> - Make use of `od` in tests more compatible. @nabijaczleweli @emanuele6
>   @nicowilliams #2922
> - Add dependabot. @yeikel #2889
> - Extend fuzzing setup to fuzz parser and and JSON serializer.
>   @DavidKorczynski @emanuele6 #2952
> - Keep releasing executables with legacy names. @itchyny #2951
>=20
> Signed-off-by: Adolf Belka <adolf.belka(a)ipfire.org>
> ---
> lfs/jq | 6 +++---
> 1 file changed, 3 insertions(+), 3 deletions(-)
>=20
> diff --git a/lfs/jq b/lfs/jq
> index 17fc8e88e..518b04564 100644
> --- a/lfs/jq
> +++ b/lfs/jq
> @@ -1,7 +1,7 @@
> ###########################################################################=
####
> #                                                                          =
   #
> # IPFire.org - A linux based firewall                                      =
   #
> -# Copyright (C) 2007-2023  IPFire Team  <info(a)ipfire.org>               =
      #
> +# Copyright (C) 2007-2024  IPFire Team  <info(a)ipfire.org>               =
      #
> #                                                                          =
   #
> # This program is free software: you can redistribute it and/or modify     =
   #
> # it under the terms of the GNU General Public License as published by     =
   #
> @@ -24,7 +24,7 @@
>=20
> include Config
>=20
> -VER        =3D 1.7
> +VER        =3D 1.7.1
>=20
> THISAPP    =3D jq-$(VER)
> DL_FILE    =3D $(THISAPP).tar.gz
> @@ -40,7 +40,7 @@ objects =3D $(DL_FILE)
>=20
> $(DL_FILE) =3D $(DL_FROM)/$(DL_FILE)
>=20
> -$(DL_FILE)_BLAKE2 =3D eec09a90ab1b131e18ed02ffdb7070df98f540b6c54d3cf225d2=
171527ec384e651cf83325569707798152af3e89d9c3fa2326c86164d2535e774ddc3926112b
> +$(DL_FILE)_BLAKE2 =3D bcd5498271b710ad4e130428f04481073aa94f9ff8f4f2dcf04c=
f684182cbc75a329677dbbdb1b724a313cd01a880af746565d221fc6ba55408eefd0f1ac0716
>=20
> install : $(TARGET)
>=20
> --=20
> 2.44.0
>=20


--===============7929147862628947415==--