Accepting request 1175354 from Java:packages

2.17.x OBS-URL: https://build.opensuse.org/request/show/1175354 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/jackson-dataformats-text?expand=0&rev=5
Accepting request 1175338 from home:gkenion:branches:Java:packages:jackson
2024-05-21 16:35:28 +00:00 · 2024-05-20 13:42:57 +00:00 · 2024-03-11 14:34:10 +00:00 · 2024-03-10 22:12:06 +00:00 · 2024-03-09 18:50:23 +00:00 · 2023-09-10 11:10:31 +00:00
4 changed files with 110 additions and 9 deletions
--- a/jackson-dataformats-text-2.15.2.tar.gz
+++ b/jackson-dataformats-text-2.15.2.tar.gz
@@ -1,3 +0,0 @@
-version https://git-lfs.github.com/spec/v1
-oid sha256:ecfdae7671a759513ff9840d356601454e3d38e1bf36171a93b1acbb2d89653f
-size 3959906
--- a/jackson-dataformats-text-2.17.1.tar.gz
+++ b/jackson-dataformats-text-2.17.1.tar.gz
@@ -0,0 +1,3 @@
+version https://git-lfs.github.com/spec/v1
+oid sha256:70c04f7eb14720a56d0dc3bd4459284b0157861caccdc59d24bfd8cf88037910
+size 4715429
--- a/jackson-dataformats-text.changes
+++ b/jackson-dataformats-text.changes
@@ -1,3 +1,103 @@
+-------------------------------------------------------------------
+Mon May 20 12:16:28 UTC 2024 - Gus Kenion <gus.kenion@suse.com>
+
+- Update to 2.17.1
+  * No changes since 2.17.0
+- Includes changes from 2.17.0
+  * #45: (csv) Allow skipping ending line break
+    (`CsvGenerator.Feature.WRITE_LINEFEED_AFTER_LAST_ROW`)
+    (proposed by Mathieu L)
+  * #454: (yaml) Unexpected `NumberFormatException` in `YAMLParser`
+    (fix contributed by Arthur C)
+  * #456: (yaml) Support max Read/Write nesting depth limits
+    (`StreamReadConstraints`/ `StreamWriteConstraints`) for YAML
+  * #465: (yaml) YAML: consider starting `#` and ending `:` as
+    quotable characters (contributed by Michael E)
+
+-------------------------------------------------------------------
+Fri Mar  8 08:33:47 UTC 2024 - Gus Kenion <gkenion@suse.com>
+
+- Update to version 2.16.1
+  * Resolve CVE-2023-3894, bsc#1214111
+  * 2.16.1 (24-Dec-2023)
+    + #445: (yaml) YAMLParser throws unexpected NullPointerException
+      in certain number parsing cases
+  * 2.16.0 (15-Nov-2023)
+    + #198: (csv) Support writing numbers as quoted Strings with
+      CsvGenerator.Feature.ALWAYS_QUOTE_NUMBERS
+    + #422: (csv) Add removeColumn() method in CsvSchema.Builder
+    + #438: (csv) BigInteger and BigDecimal are quoted if
+      CsvGenerator.Feature.ALWAYS_QUOTE_STRINGS enabled
+    + #400: (yaml) IllegalArgumentException when attempting to
+      decode invalid UTF-8 surrogate by SnakeYAML
+    + #406: (yaml) NumberFormatException from SnakeYAML due to int
+      overflow for corrupt YAML version
+    + #435: (yaml) Minor parsing validation miss: tagged as int,
+      exception on underscore-only values
+    + #437: (yaml) Update SnakeYAML dependency to 2.2
+
+-------------------------------------------------------------------
+Sat Sep  9 13:41:12 UTC 2023 - Fridrich Strba <fstrba@suse.com>
+
+- Reproducible builds: use SOURCE_DATE_EPOCH for timestamp
+
+-------------------------------------------------------------------
+Mon Aug 21 14:10:44 UTC 2023 - Fridrich Strba <fstrba@suse.com>
+
+- Update to version 2.15.2
+  * No changes since 2.15.1
+  * 2.15.1 (16-May-2023)
+    + #404: (yaml) Cannot serialize YAML with Deduction-Based
+      Polymorphism
+  * 2.15.0 (23-Apr-2023)
+    + #373: (yaml) Positive numbers with plus sign not quoted
+      correctly with 'ALWAYS_QUOTE_NUMBERS_AS_STRINGS'
+    + #387: (toml) Stack overflow (50083) found by OSS-Fuzz
+      (bsc#1214111, CVE-2023-3894)
+    + #388: (yaml) Add
+      'YAMLParser.Feature.PARSE_BOOLEAN_LIKE_WORDS_AS_STRINGS' to
+      allow parsing "boolean" words as strings instead of booleans
+    + #390: (yaml) Upgrade to Snakeyaml 2.0 (resolves CVE-2022-1471,
+      bsc#1205944)
+    + #411: (toml) Fuzzer-found issue #57237 (buffer boundary
+      condition)
+    + #415: (yaml) Use 'LoaderOptions.allowDuplicateKeys' to enforce
+      duplicate key detection
+  * 2.14.3 (05-May-2023)
+    + #378: Some artifacts missing 'NOTICE', 'LICENSE' files
+  * 2.14.2 (28-Jan-2023)
+    + #356: (toml) Fix TOML parse failure when number token hits
+      buffer edge
+    + #370: (yaml) Replace use of deprecated constructor of
+      SnakeYAML ParserImpl
+  * 2.14.1 (21-Nov-2022)
+    + #352: Disabling
+      'CsvParser.Feature.FAIL_ON_MISSING_HEADER_COLUMNS' has no
+      effect
+  * 2.14.0 (05-Nov-2022)
+    + #169: (properties) Need a way to escape dots in property keys
+      (add path separator configuration)
+    + #244: (yaml) Add 'YAMLGenerator.Feature.ALLOW_LONG_KEYS' to
+      allow writing keys longer than 128 characters (default)
+    + #285: (csv) Missing columns from header line (compare to
+      'CsvSchema') not detected when reordering columns (add
+      'CsvParser.Feature.FAIL_ON_MISSING_HEADER_COLUMNS')
+    + #297: (csv) CSV schema caching POJOs with different views
+    + #314: (csv) Add fast floating-point parsing, generation
+      support
+    + #335/#346: (yaml) Update to SnakeYAML 1.33
+    + #337: (yaml) Allow overriding of file size limit for
+      YAMLParser by exposing SnakeYAML 'LoaderOptions'
+    + #345: (yaml) Support configuring SnakeYAML DumperOptions
+      directly
+    + #351: (csv) Make CSVDecoder use lazy parsing of
+      BigInteger/BigDecimal
+    + (yaml) Fixes to number decoding based on oss-fuzz findings
+  * 2.13.5 (23-Jan-2023)
+    + #343: Incorrect output buffer boundary check in 'CsvEncoder'
+  * 2.13.4 (03-Sep-2022)
+    + #329: (yaml) Update to SnakeYAML 1.31
+
 -------------------------------------------------------------------
 Tue Jun 14 16:16:51 UTC 2022 - Fridrich Strba <fstrba@suse.com>

--- a/jackson-dataformats-text.spec
+++ b/jackson-dataformats-text.spec
@@ -1,7 +1,7 @@
 #
 # spec file for package jackson-dataformats-text
 #
-# Copyright (c) 2023 SUSE LLC
+# Copyright (c) 2024 SUSE LLC
 #
 # All modifications and additions to the file contributed by third parties
 # remain the property of their copyright owners, unless otherwise agreed
@@ -17,7 +17,7 @@


 Name:           jackson-dataformats-text
-Version:        2.15.2
+Version:        2.17.1
 Release:        0
 Summary:        Jackson standard text-format data format backends
 License:        Apache-2.0
@@ -25,9 +25,9 @@ URL:            https://github.com/FasterXML/jackson-dataformats-text
 Source0:        https://github.com/FasterXML/jackson-dataformats-text/archive/%{name}-%{version}.tar.gz
 BuildRequires:  fdupes
 BuildRequires:  maven-local
-BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-annotations) >= 2.15
-BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-core) >= 2.15
-BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-databind) >= 2.15
+BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-annotations) >= 2.17
+BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-core) >= 2.17
+BuildRequires:  mvn(com.fasterxml.jackson.core:jackson-databind) >= 2.17
 BuildRequires:  mvn(com.fasterxml.jackson:jackson-base:pom:)
 BuildRequires:  mvn(com.google.code.maven-replacer-plugin:replacer)
 BuildRequires:  mvn(de.jflex:jflex-maven-plugin)
@@ -90,7 +90,8 @@ sed -i 's/\r//' LICENSE NOTICE
 %{mvn_file} ":{*}" jackson-dataformats/@1

 %build
-%{mvn_build} -sf
+%{mvn_build} -sf -- \
+    -Dproject.build.outputTimestamp=$(date -u -d @${SOURCE_DATE_EPOCH:-$(date +%%s)} +%%Y-%%m-%%dT%%H:%%M:%%SZ)

 %install
 %mvn_install
Author	SHA256	Message	Date
Ana Guerrero	f19889b1d4	Accepting request 1175354 from Java:packages 2.17.x OBS-URL: https://build.opensuse.org/request/show/1175354 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/jackson-dataformats-text?expand=0&rev=5	2024-05-21 16:35:28 +00:00
Fridrich Strba	7649d255c4	Accepting request 1175338 from home:gkenion:branches:Java:packages:jackson Upgrade Jackson packages to 2.17.1 OBS-URL: https://build.opensuse.org/request/show/1175338 OBS-URL: https://build.opensuse.org/package/show/Java:packages/jackson-dataformats-text?expand=0&rev=12	2024-05-20 13:42:57 +00:00
Ana Guerrero	03379842d9	Accepting request 1156784 from Java:packages 2.16.1, CVE-2023-3894, bsc#1214111 OBS-URL: https://build.opensuse.org/request/show/1156784 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/jackson-dataformats-text?expand=0&rev=4	2024-03-11 14:34:10 +00:00
Fridrich Strba	921891291b	OBS-URL: https://build.opensuse.org/package/show/Java:packages/jackson-dataformats-text?expand=0&rev=10	2024-03-10 22:12:06 +00:00
Fridrich Strba	b12707b2bc	Accepting request 1156388 from home:gkenion:branches:Java:packages OBS-URL: https://build.opensuse.org/request/show/1156388 OBS-URL: https://build.opensuse.org/package/show/Java:packages/jackson-dataformats-text?expand=0&rev=9	2024-03-09 18:50:23 +00:00
Ana Guerrero	b2d2f0eddf	Accepting request 1109956 from Java:packages Reproducible builds improvement OBS-URL: https://build.opensuse.org/request/show/1109956 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/jackson-dataformats-text?expand=0&rev=3	2023-09-10 11:10:31 +00:00
Fridrich Strba	349b3f238b	OBS-URL: https://build.opensuse.org/package/show/Java:packages/jackson-dataformats-text?expand=0&rev=7	2023-09-09 13:41:16 +00:00
Ana Guerrero	b82429888d	Accepting request 1105158 from Java:packages A bug/CVE number missing OBS-URL: https://build.opensuse.org/request/show/1105158 OBS-URL: https://build.opensuse.org/package/show/openSUSE:Factory/jackson-dataformats-text?expand=0&rev=2	2023-08-23 12:57:16 +00:00
Fridrich Strba	e38d553b7f	OBS-URL: https://build.opensuse.org/package/show/Java:packages/jackson-dataformats-text?expand=0&rev=5	2023-08-22 00:01:35 +00:00
Fridrich Strba	ae6683c704	OBS-URL: https://build.opensuse.org/package/show/Java:packages/jackson-dataformats-text?expand=0&rev=4	2023-08-21 14:19:17 +00:00