From a69ced4fd2b708e9deba2a411e486e71d67e65173524ae177e65c567ba28dd72 Mon Sep 17 00:00:00 2001 From: =?UTF-8?q?Tina=20M=C3=BCller?= Date: Mon, 8 Sep 2025 18:56:38 +0200 Subject: [PATCH] Update to 4.40.0 (4.04) --- JSON-XS-4.03.tar.gz | 3 --- JSON-XS-4.04.tar.gz | 3 +++ perl-JSON-XS.changes | 15 +++++++++++++++ perl-JSON-XS.spec | 25 +++++++++++++------------ 4 files changed, 31 insertions(+), 15 deletions(-) delete mode 100644 JSON-XS-4.03.tar.gz create mode 100644 JSON-XS-4.04.tar.gz diff --git a/JSON-XS-4.03.tar.gz b/JSON-XS-4.03.tar.gz deleted file mode 100644 index 4f08549..0000000 --- a/JSON-XS-4.03.tar.gz +++ /dev/null @@ -1,3 +0,0 @@ -version https://git-lfs.github.com/spec/v1 -oid sha256:515536f45f2fa1a7e88c8824533758d0121d267ab9cb453a1b5887c8a56b9068 -size 86749 diff --git a/JSON-XS-4.04.tar.gz b/JSON-XS-4.04.tar.gz new file mode 100644 index 0000000..74f6f8d --- /dev/null +++ b/JSON-XS-4.04.tar.gz @@ -0,0 +1,3 @@ +version https://git-lfs.github.com/spec/v1 +oid sha256:8eff1e9f304c5625b59ab7b42258415f6d3e3681c1ddab6b725518a018a7f5e0 +size 87082 diff --git a/perl-JSON-XS.changes b/perl-JSON-XS.changes index 1f2991c..1700809 100644 --- a/perl-JSON-XS.changes +++ b/perl-JSON-XS.changes @@ -1,3 +1,18 @@ +------------------------------------------------------------------- +Mon Sep 8 16:53:42 UTC 2025 - Tina Müller + +- updated to 4.40.0 (4.04) + see /usr/share/doc/packages/perl-JSON-XS/Changes + + 4.04 Fri 05 Sep 2025 23:59:48 CEST + - fix heap overflow causing crashes, possibly information + disclosure or worse (CVE-2025-40928), and causes JSON::XS to + accept invalid JSON texts as valid in some cases. Thanks to + Michael Hudak for finding this, the CPAN Security Group for + coordinating this, and Reini Urban for double-checking the patch + (and Peter Juhasz for potentially reporting this much earlier). + (bsc#1249330) + ------------------------------------------------------------------- Wed Oct 28 03:07:22 UTC 2020 - Tina Müller diff --git a/perl-JSON-XS.spec b/perl-JSON-XS.spec index d7dcceb..1b243be 100644 --- a/perl-JSON-XS.spec +++ b/perl-JSON-XS.spec @@ -1,7 +1,7 @@ # # spec file for package perl-JSON-XS # -# Copyright (c) 2020 SUSE LLC +# Copyright (c) 2025 SUSE LLC # # All modifications and additions to the file contributed by third parties # remain the property of their copyright owners, unless otherwise agreed @@ -16,25 +16,28 @@ # -Name: perl-JSON-XS -Version: 4.03 -Release: 0 %define cpan_name JSON-XS -Summary: JSON serialising/deserialising, done correctly and fast +Name: perl-JSON-XS +Version: 4.40.0 +Release: 0 +# 4.04 -> normalize -> 4.40.0 +%define cpan_version 4.04 License: Artistic-1.0 OR GPL-1.0-or-later -Group: Development/Libraries/Perl +Summary: JSON serialising/deserialising, done correctly and fast URL: https://metacpan.org/release/%{cpan_name} -Source0: https://cpan.metacpan.org/authors/id/M/ML/MLEHMANN/%{cpan_name}-%{version}.tar.gz +Source0: https://cpan.metacpan.org/authors/id/M/ML/MLEHMANN/%{cpan_name}-%{cpan_version}.tar.gz Source1: cpanspec.yml Source100: README.md -BuildRoot: %{_tmppath}/%{name}-%{version}-build BuildRequires: perl BuildRequires: perl-macros BuildRequires: perl(Canary::Stability) +BuildRequires: perl(ExtUtils::MakeMaker) >= 6.52 BuildRequires: perl(Types::Serialiser) BuildRequires: perl(common::sense) Requires: perl(Types::Serialiser) Requires: perl(common::sense) +Provides: perl(JSON::XS) = %{version} +%undefine __perllib_provides %{perl_requires} %description @@ -46,12 +49,11 @@ See MAPPING, below, on how JSON::XS maps perl values to JSON values and vice versa. %prep -%setup -q -n %{cpan_name}-%{version} -find . -type f ! -path "*/t/*" ! -name "*.pl" ! -path "*/bin/*" ! -path "*/script/*" ! -name "configure" -print0 | xargs -0 chmod 644 +%autosetup -n %{cpan_name}-%{cpan_version} -p1 %build perl Makefile.PL INSTALLDIRS=vendor OPTIMIZE="%{optflags}" -make %{?_smp_mflags} +%make_build %check make test @@ -62,7 +64,6 @@ make test %perl_gen_filelist %files -f %{name}.files -%defattr(-,root,root,755) %doc Changes README %license COPYING -- 2.49.0