mirror of
https://gitlab.alpinelinux.org/alpine/aports.git
synced 2025-07-12 18:59:50 +03:00
main/jq: security upgrade to 1.8.0
- CVE-2024-23337 - CVE-2024-53427 - CVE-2025-48060 ref https://github.com/jqlang/jq/releases/tag/jq-1.8.0 sed added to support \x23 replacement for version
This commit is contained in:
Andy Postnikov
Natanael Copa
parent
af4f1041c8
commit
98d6ad8a9f
1 changed files with 11 additions and 3 deletions
|
|
@ -1,17 +1,25 @@
|
|||
# Contributor: Johannes Matheis <jomat+alpinebuild@jmt.gr>
|
||||
# Maintainer: Patrycja Rosa <alpine@ptrcnull.me>
|
||||
pkgname=jq
|
||||
pkgver=1.7.1
|
||||
pkgver=1.8.0
|
||||
pkgrel=0
|
||||
pkgdesc="A lightweight and flexible command-line JSON processor"
|
||||
url="https://jqlang.github.io/jq/"
|
||||
arch="all"
|
||||
license="MIT"
|
||||
makedepends="oniguruma-dev"
|
||||
makedepends="oniguruma-dev sed"
|
||||
checkdepends="tzdata"
|
||||
subpackages="$pkgname-doc $pkgname-dev"
|
||||
source="jq-$pkgver.tar.gz::https://github.com/jqlang/jq/releases/download/jq-$pkgver/jq-$pkgver.tar.gz"
|
||||
|
||||
# secfixes:
|
||||
# 1.8.0-r0:
|
||||
# - CVE-2024-23337
|
||||
# - CVE-2024-53427
|
||||
# - CVE-2025-48060
|
||||
# 1.7.1-r0:
|
||||
# - CVE-2023-50246
|
||||
# - CVE-2023-50268
|
||||
# 1.6_rc1-r0:
|
||||
# - CVE-2016-4074
|
||||
|
||||
|
|
@ -36,5 +44,5 @@ package() {
|
|||
}
|
||||
|
||||
sha512sums="
|
||||
464861fb2e0d6934b616f1dc7f8002d7dae727c8c0c07b385b813e7522ba1ada8ead4165e1d99c892e3ea76e238c55a15b718c738805419721920f88f8d8478c jq-1.7.1.tar.gz
|
||||
eaa991e43d3fc716dd57f6722a42d4119dcd8ba272eb2fcab882f83efb0b11c10a35c3dc8ad2067f30440dad988d34b5955601499eae1bb9e43db53db02bc4cf jq-1.8.0.tar.gz
|
||||
"
|
||||
|
|
|
|||
Loading…
Add table
Add a link
Reference in a new issue