2023-09-05 11:29:40 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Sep 5 11:29:14 UTC 2023 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Make manifest timestamp reproducible
|
|
|
|
|
2023-04-18 15:32:20 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Apr 18 15:26:38 UTC 2023 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Upgrade to version 1.5.4
|
|
|
|
* Fixes:
|
|
|
|
+ Fixing issue 60: Infinite recursion triggered when
|
|
|
|
constructing a JSONArray from a Collection (bsc#1209605,
|
|
|
|
CVE-2023-1436)
|
|
|
|
|
2022-10-05 08:43:36 +00:00
|
|
|
-------------------------------------------------------------------
|
2022-12-14 12:17:48 +00:00
|
|
|
Wed Dec 14 12:11:51 UTC 2022 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Upgrade to version 1.5.3
|
|
|
|
* Fixes:
|
|
|
|
+ Backslash escaping. Throw syntax exception on invalid json
|
|
|
|
sooner
|
|
|
|
+ Adding another test for backslashes
|
|
|
|
+ Introducing new static methods to set the recursion depth
|
|
|
|
limit
|
|
|
|
+ Incorrect recursion depth check in JSONTokener
|
|
|
|
+ Fixing StackOverflow error (bsc#1206400, CVE-2022-45685,
|
|
|
|
bsc#1206401, CVE-2022-45693)
|
|
|
|
|
|
|
|
-------------------------------------------------------------------
|
2022-10-05 08:43:36 +00:00
|
|
|
Wed Oct 5 08:33:43 UTC 2022 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Upgrade to version 1.5.1
|
|
|
|
* Fixes:
|
|
|
|
+ Stack Overflow fix on malformed JSON
|
|
|
|
(bsc#1203515, CVE-2022-40149)
|
|
|
|
+ Prevent infinite loop when a /* comment is not terminated
|
|
|
|
(bsc#1203516, CVE-2022-40150)
|
|
|
|
- Removed patches:
|
|
|
|
* jettison-1.3.7-jdk10plus.patch
|
|
|
|
* jettison-update-woodstox-version.patch
|
|
|
|
+ not needed with current version
|
|
|
|
|
2022-03-22 16:38:21 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Mar 22 16:38:03 UTC 2022 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Build with source and target levels 8
|
|
|
|
|
2019-11-24 12:42:08 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Sun Nov 24 12:41:56 UTC 2019 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Specify maven.compiler.release to fix build with jdk9+ and newer
|
|
|
|
maven-javadoc-plugin
|
|
|
|
|
2019-06-04 07:35:29 +00:00
|
|
|
-------------------------------------------------------------------
|
|
|
|
Tue Jun 4 07:34:35 UTC 2019 - Fridrich Strba <fstrba@suse.com>
|
|
|
|
|
|
|
|
- Initial packaging of jettison 1.3.7
|