diff mbox series

[meta-oe,master,walnascar[PATCH] jq: upgrade 1.7.1 -> 1.8.0

Message ID 20250604034053.8065-1-vanusuri@mvista.com
State Under Review
Headers show
Series [meta-oe,master,walnascar[PATCH] jq: upgrade 1.7.1 -> 1.8.0 | expand

Commit Message

Vijay Anusuri June 4, 2025, 3:40 a.m. UTC 
From: Vijay Anusuri <vanusuri@mvista.com>

Changelog:
==========
https://github.com/jqlang/jq/releases/tag/jq-1.8.0

Security fixes

* CVE-2024-23337: Fix signed integer overflow in jvp_array_write and jvp_object_rehash. @itchyny de21386
     The fix for this issue now limits the maximum size of arrays and objects to 536870912 (2^29) elements.
* CVE-2024-53427: Reject NaN with payload while parsing JSON. @itchyny a09a4df
     The fix for this issue now drops support for NaN with payload in JSON (like NaN123).
     Other JSON extensions like NaN and Infinity are still supported.
* CVE-2025-48060: Fix heap buffer overflow in jv_string_vfmt. @itchyny c6e0416
* Fix use of uninitialized value in check_literal. @itchyny #3324
* Fix segmentation fault on strftime/1, strflocaltime/1. @itchyny #3271
* Fix unhandled overflow in @base64d. @emanuele6 #3080

Signed-off-by: Vijay Anusuri <vanusuri@mvista.com>
---
 meta-oe/recipes-devtools/jq/{jq_1.7.1.bb => jq_1.8.0.bb} | 7 ++-----
 1 file changed, 2 insertions(+), 5 deletions(-)
 rename meta-oe/recipes-devtools/jq/{jq_1.7.1.bb => jq_1.8.0.bb} (87%)
diff mbox series

Patch

diff --git a/meta-oe/recipes-devtools/jq/jq_1.7.1.bb b/meta-oe/recipes-devtools/jq/jq_1.8.0.bb
similarity index 87%
rename from meta-oe/recipes-devtools/jq/jq_1.7.1.bb
rename to meta-oe/recipes-devtools/jq/jq_1.8.0.bb
index a6a1d6a07a..af35324b5f 100644
--- a/meta-oe/recipes-devtools/jq/jq_1.7.1.bb
+++ b/meta-oe/recipes-devtools/jq/jq_1.8.0.bb
@@ -6,13 +6,13 @@  HOMEPAGE = "https://jqlang.github.io/jq/"
 BUGTRACKER = "https://github.com/jqlang/jq/issues"
 SECTION = "utils"
 LICENSE = "MIT"
-LIC_FILES_CHKSUM = "file://COPYING;md5=488f4e0b04c0456337fb70d1ac1758ba"
+LIC_FILES_CHKSUM = "file://COPYING;md5=08ffb5ac7e7e6bfc66968b89f01f512a"
 
 GITHUB_BASE_URI = "https://github.com/jqlang/${BPN}/releases/"
 SRC_URI = "${GITHUB_BASE_URI}/download/${BPN}-${PV}/${BPN}-${PV}.tar.gz \
     file://run-ptest \
     "
-SRC_URI[sha256sum] = "478c9ca129fd2e3443fe27314b455e211e0d8c60bc8ff7df703873deeee580c2"
+SRC_URI[sha256sum] = "91811577f91d9a6195ff50c2bffec9b72c8429dc05ec3ea022fd95c06d2b319c"
 
 inherit autotools github-releases ptest
 
@@ -26,9 +26,6 @@  PACKAGECONFIG[oniguruma] = "--with-oniguruma,--without-oniguruma,onig"
 # enable if you want ptest running under valgrind
 PACKAGECONFIG[valgrind] = "--enable-valgrind,--disable-valgrind,valgrind"
 
-# Gets going with gcc-15 but See if it can be removed with next upgrade
-CFLAGS += "-std=gnu17"
-
 do_configure:append() {
 	sed -i -e "/^ac_cs_config=/ s:${WORKDIR}::g" ${B}/config.status
 }