File: changelog

package info (click to toggle)
json-smart 2.5.2-1
  • links: PTS, VCS
  • area: main
  • in suites: forky, sid, trixie
  • size: 1,104 kB
  • sloc: java: 9,769; xml: 696; makefile: 7
file content (72 lines) | stat: -rw-r--r-- 2,698 bytes parent folder | download 
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
 
json-smart (2.5.2-1) unstable; urgency=medium

  * New upstream version 2.5.2:
    - Fixes CVE-2024-57699: A security issue was found in Netplex Json-smart
      2.5.0 through 2.5.1. When loading a specially crafted JSON input,
      containing a large number of ’{’, a stack exhaustion can be trigger,
      which could allow an attacker to cause a Denial of Service (DoS). This
      issue exists because of an incomplete fix for CVE-2023-1370.
      (Closes: #1095839)
  * Refreshing patches

 -- Pierre Gruet <pgt@debian.org>  Sun, 16 Feb 2025 15:47:20 +0100

json-smart (2.5.1-1) unstable; urgency=medium

  * Team upload
  * New upstream version 2.5.1 (Closes: #1068940)
  * Refreshing patches
  * Refreshing d/copyright
  * Fixing Vcs-* fields in d/control
  * Simplifying d/rules after the parent pom was removed from the source package
  * Providing a parent pom in the debian/ directory, to be used during the build
  * Packaging with jar instead of bundle
  * Comparing milliseconds since epoch instead of precise instants in test
  * Removing unneeded versioned B-D on maven-debian-helper

 -- Pierre Gruet <pgt@debian.org>  Wed, 04 Dec 2024 22:16:05 +0100

json-smart (2.2-3) unstable; urgency=medium

  * Team upload
  * Add watch file
  * Fix CVE-2023-1370: When reaching a ‘[‘ or ‘{‘ character
    in the JSON input, the code parses an array or
    an object respectively. It was discovered that the
    code does not have any limit to the nesting of such arrays
    or objects. Since the parsing of nested arrays and objects is
    done recursively, nesting too many of them can cause
    a stack exhaustion (stack overflow) and crash the software.
    (Closes: #1033474)
  * Use compat level 13
  * Bump policy to 4.7.7
  * Add salsa-CI

 -- Bastien Roucariès <rouca@debian.org>  Sat, 13 Apr 2024 14:43:01 +0000

json-smart (2.2-2) unstable; urgency=medium

  * Team upload.
  * Add maven-bundle-plugin-failok.patch and work around a FTBFS
    caused by a bug in maven-bundle-plugin. See #868913 for more information.
    (Closes: #868603)
  * Switch to compat level 10.
  * Declare compliance with Debian Policy 4.1.1.
  * Use https for format field.

 -- Markus Koschany <apo@debian.org>  Mon, 16 Oct 2017 15:52:50 +0200

json-smart (2.2-1) unstable; urgency=medium

  * New upstream release
    - Build the new accessors-smart module
    - Ignore the timezone dependent tests in TestDateConvert
  * Standards-Version updated to 3.9.8

 -- Emmanuel Bourg <ebourg@apache.org>  Wed, 03 Aug 2016 10:06:43 +0200

json-smart (1.2-1) unstable; urgency=medium

  * Initial release (Closes: #819635)

 -- Emmanuel Bourg <ebourg@apache.org>  Thu, 31 Mar 2016 13:21:52 +0200