- update to 1.16 (bsc#1220489, CVE-2024-27454):

* Produce Python 3.8 wheels again, I deactivated it too eagerly, it's in security fixes only mode, not yet reached its end-of-life state * Honor the recursion limit also at parse time, to avoid attacks as described by CVE-2024-27454 - Switch to autosetup and pyproject macros. OBS-URL: https://build.opensuse.org/package/show/devel:languages:python/python-python-rapidjson?expand=0&rev=26
2024-03-16 09:31:19 +00:00
parent f080d06deb
commit 73c91293bd
4 changed files with 15 additions and 5 deletions
--- a/python-python-rapidjson.changes
+++ b/python-python-rapidjson.changes
@@ -1,3 +1,13 @@
+-------------------------------------------------------------------
+Sat Mar 16 09:29:41 UTC 2024 - Dirk Müller <dmueller@suse.com>
+
+- update to 1.16 (bsc#1220489, CVE-2024-27454):
+  * Produce Python 3.8 wheels again, I deactivated it too
+    eagerly, it's in security fixes only mode, not yet reached
+    its end-of-life state
+  * Honor the recursion limit also at parse time, to avoid
+    attacks as described by CVE-2024-27454
+
 -------------------------------------------------------------------
 Mon Mar  4 01:47:13 UTC 2024 - Steve Kowalik <steven.kowalik@suse.com>

--- a/python-python-rapidjson.spec
+++ b/python-python-rapidjson.spec
@@ -20,7 +20,7 @@
 %define rjversion 1.1.0+git20211015.4d6cb081
 %{?sle15_python_module_pythons}
 Name:           python-python-rapidjson
-Version:        1.14
+Version:        1.16
 Release:        0
 Summary:        Python wrapper around rapidjson
 License:        MIT
--- a/python-rapidjson-1.14.tar.gz
+++ b/python-rapidjson-1.14.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:a539d3efb8a2aef9844ca675bf6661ad1dcf12898a47dc675bbf49dfc4e95391
-size 1052791
--- a/python-rapidjson-1.16.tar.gz
+++ b/python-rapidjson-1.16.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:9ab2c36980b404a195878b875462ef1e606a8f715a1da782e258cd629d124a81
+size 1053135