Home Explore Help
Register Sign In
PUBLIC_REPOS
/
buildroot
mirror of git://git.buildroot.net/buildroot
2
1
Fork 0
Files
Browse Source

package/jq: security bump to version 1.8.0

Release notes:
https://github.com/jqlang/jq/releases/tag/jq-1.8.0

Fixes the following security issues:
- CVE-2024-23337: Fix signed integer overflow in jvp_array_write and jvp_object_rehash.
- CVE-2024-53427: Reject NaN with payload while parsing JSON.
- CVE-2025-48060: Fix heap buffer overflow in jv_string_vfmt.
- Fix use of uninitialized value in check_literal.
- Fix segmentation fault on strftime/1, strflocaltime/1.
- Fix unhandled overflow in @base64d.

COPYING hash changed due to the following commit.
https://github.com/jqlang/jq/commit/9afc450930b19ca179e6ef4e744853a94a7b72cf

Signed-off-by: Kadambini Nema <kadambini.nema@gmail.com>
Signed-off-by: Peter Korsgaard <peter@korsgaard.com>
Kadambini Nema 2 months ago
parent
aa9ee17701
commit
be69e6fe2f
2 changed files with 3 additions and 3 deletions
Split View Show Diff Stats
  1. 2 2
      package/jq/jq.hash
  2. 1 1
      package/jq/jq.mk

+ 2 - 2
package/jq/jq.hash
View File 

@@ -1,3 +1,3 @@
 
 # Locally calculated
 
-sha256  478c9ca129fd2e3443fe27314b455e211e0d8c60bc8ff7df703873deeee580c2  jq-1.7.1.tar.gz
 
-sha256  10e974638a41fadfd72357f2f3a4325e20b856c563365128f72feaa406f8c92d  COPYING
 
+sha256  91811577f91d9a6195ff50c2bffec9b72c8429dc05ec3ea022fd95c06d2b319c  jq-1.8.0.tar.gz
 
+sha256  ea9e53f5974239869c51ace8bb6849c9751dee7c9d592180957987a1a133caff  COPYING

+ 1 - 1
package/jq/jq.mk
View File 

@@ -4,7 +4,7 @@
 
 #
 
 ################################################################################
 
 
-JQ_VERSION = 1.7.1
 
+JQ_VERSION = 1.8.0
 
 JQ_SITE = https://github.com/jqlang/jq/releases/download/jq-$(JQ_VERSION)
 
 JQ_LICENSE = MIT (code), ICU (decNumber), CC-BY-3.0 (documentation)
 
 JQ_LICENSE_FILES = COPYING