Package Release Info

jettison-1.5.4-bp160.1.9

Update Info: Base Release
Available in Package Hub : 16.0

platforms

AArch64
ppc64le
s390x
x86-64

subpackages

jettison

jettison-javadoc

Change Logs

* Tue Sep 05 2023 Fridrich Strba <fstrba@suse.com>

- Make manifest timestamp reproducible

* Tue Apr 18 2023 Fridrich Strba <fstrba@suse.com>

- Upgrade to version 1.5.4
  * Fixes:
    + Fixing issue 60: Infinite recursion triggered when
    constructing a JSONArray from a Collection (bsc#1209605,
    CVE-2023-1436)

* Wed Dec 14 2022 Fridrich Strba <fstrba@suse.com>

- Upgrade to version 1.5.3
  * Fixes:
    + Backslash escaping. Throw syntax exception on invalid json
    sooner
    + Adding another test for backslashes
    + Introducing new static methods to set the recursion depth
    limit
    + Incorrect recursion depth check in JSONTokener
    + Fixing StackOverflow error (bsc#1206400, CVE-2022-45685,
    bsc#1206401, CVE-2022-45693)

* Wed Oct 05 2022 Fridrich Strba <fstrba@suse.com>

- Upgrade to version 1.5.1
  * Fixes:
    + Stack Overflow fix on malformed JSON
    (bsc#1203515, CVE-2022-40149)
    + Prevent infinite loop when a /* comment is not terminated
    (bsc#1203516, CVE-2022-40150)
- Removed patches:
  * jettison-1.3.7-jdk10plus.patch
  * jettison-update-woodstox-version.patch
    + not needed with current version

* Tue Mar 22 2022 Fridrich Strba <fstrba@suse.com>

- Build with source and target levels 8

Version: 1.3.7-bp153.1.99

Version: 1.3.7-bp152.1.44

* Sun Nov 24 2019 Fridrich Strba <fstrba@suse.com>

- Specify maven.compiler.release to fix build with jdk9+ and newer
  maven-javadoc-plugin

* Tue Jun 04 2019 Fridrich Strba <fstrba@suse.com>

- Initial packaging of jettison 1.3.7