jq (1.7.1-3ubuntu0.24.04.1) noble-security; urgency=medium
* SECURITY UPDATE: integer overflow via signed integer limit
- debian/patches/CVE-2024-23337.patch: fix signed integer overflow in
jvp_array_write and jvp_object_rehash in src/jv.c, src/jv_aux.c,
tests/jq.test.
- CVE-2024-23337
* SECURITY UPDATE: OOB write via NaN
- debian/patches/CVE-2024-53427-1.patch: jv_number_value should cache
the double value of literal numbers in jv.c.
- debian/patches/CVE-2024-53427-2.patch: reject NaN with payload while
parsing JSON in src/jv.c, tests/jq.test, tests/shtest.
- CVE-2024-53427
* SECURITY UPDATE: heap buffer overflow
- debian/patches/CVE-2025-48060-1.patch: improve performance of
repeating strings in src/builtin.c, src/jv.c, src/jv.h,
tests/jq.test.
- debian/patches/CVE-2025-48060-2.patch: fix heap buffer overflow when
formatting an empty string in src/jv.c, tests/jq.test.
- CVE-2025-48060
-- Marc Deslauriers <marc.deslauriers@ubuntu.com> Wed, 16 Jul 2025 09:48:44 -0400
jq (1.7.1-3build1) noble; urgency=medium
* No-change rebuild for CVE-2024-3094
-- Steve Langasek <steve.langasek@ubuntu.com> Sun, 31 Mar 2024 07:40:40 +0000
jq (1.7.1-3) unstable; urgency=medium
[ Helmut Grohne ]
* Non-maintainer upload.
* Stop using libtool-bin. (Closes: #1064662)
-- ChangZhuo Chen (陳昌倬) <czchen@debian.org> Fri, 01 Mar 2024 00:24:00 +0800
jq (1.7.1-2) unstable; urgency=high
* Remove valgrind [i386] to fix FTBFS. (Closes: #1058870)
-- ChangZhuo Chen (陳昌倬) <czchen@debian.org> Sun, 17 Dec 2023 23:08:11 +0800
jq (1.7.1-1) unstable; urgency=high
* New upstream release. (Closes: #1058763)
* Fix CVE-2023-50246, CVE-2023-50268.
* Remove unnecessary patch.
-- ChangZhuo Chen (陳昌倬) <czchen@debian.org> Sat, 16 Dec 2023 04:35:42 +0800
jq (1.7-1) unstable; urgency=medium
* New upstream release. (Closes: #824814, #903081, #985350, #1025344)
* Remove unnecessary patches.
* Update libjq symbols.
* Add libjq.pc.
* d/control: Tweak indent.
-- ChangZhuo Chen (陳昌倬) <czchen@debian.org> Wed, 13 Sep 2023 03:22:17 +0800
jq (1.6-3) unstable; urgency=medium
[ Alex Murray ]
* Fix fromdate when local time is during daylight savings
(Closes: #979308 LP: #1910162)
- d/p/fix-ftbfs-when-localtime-is-dst.patch: Backport upstream patch
which ensures fromdate uses the correct time during daylight savings
[ ChangZhuo Chen (陳昌倬) ]
* Bump Standards-Version to 4.6.2.
* Clean modified files (Closes: #1047460)
* Update Homepage.
* Update d/copyright.
* Add d/upstream/metadata.
* Add d/gbp.conf.
-- ChangZhuo Chen (陳昌倬) <czchen@debian.org> Mon, 21 Aug 2023 00:32:38 +0800
jq (1.6-2.1) unstable; urgency=medium
[ Paul Gevers ]
* Non-maintainer upload
[ Sebastien Bacher ]
* Fix the build failing on dh_missing (Closes: #972040)
* debian/jq.docs:
- use the correct paths to install the documentation
* debian/rules:
- clean the .la
-- Paul Gevers <elbrus@debian.org> Thu, 10 Dec 2020 09:24:21 +0100
jq (1.6-2) unstable; urgency=medium
[ Helmut Grohne ]
* Fix FTCBFS: Annotate ruby-ronn build dependency with :native.
(Closes: #949841)
[ ChangZhuo Chen (陳昌倬) ]
* Bump Standards-Version to 4.5.0.
* Bump compat to 13.
-- ChangZhuo Chen (陳昌倬) <czchen@debian.org> Sat, 10 Oct 2020 21:50:26 +0800
jq (1.6-1) unstable; urgency=medium
[ Ondřej Nový ]
* d/copyright: Use https protocol in Format field.
* d/watch: Use https protocol.
[ Helmut Grohne ]
* stop using libtool-bin. (Closes: #912843)
[ ChangZhuo Chen (陳昌倬) ]
* New upstream release.
* Bump Standards-Version to 4.4.1.
* Remove unused Build-Depends dh-autoreconf.
* Remove get-orig-source.
* Bump compat to 12
* Remove Simon Elsbrock as Uploaders (Closes: #871236).
* Replace libtool-bin with libtool (Closes: #912843)
* Thanks to Helmut Grohneg.
* Do not use venderized oniguruma.
* Fix uninitialized variables.
* Thanks to Reiner Herrmann.
* Set Rules-Requires-Root: no.
* Update copyright.
-- ChangZhuo Chen (陳昌倬) <czchen@debian.org> Thu, 10 Oct 2019 00:17:01 +0800
# Older entries have been removed from this changelog.
# To read the complete changelog use `apt changelog libjq1`.
Generated by dwww version 1.16 on Sat Dec 13 16:16:05 CET 2025.