package/jq: security bump to version 1.7.1

Fixes the following security issues: CVE-2023-50246: Fix heap buffer overflow in jvp_literal_number_literal https://github.com/jqlang/jq/security/advisories/GHSA-686w-5m7m-54vc CVE-2023-50268: fix stack-buffer-overflow if comparing nan with payload https://github.com/jqlang/jq/security/advisories/GHSA-7hmr-442f-qc8j Signed-off-by: Peter Korsgaard <peter@korsgaard.com> Signed-off-by: Yann E. MORIN <yann.morin.1998@free.fr>
2023-12-18 13:50:25 +01:00 · 2023-12-18 13:50:25 +01:00 · 6985955a69
commit 6985955a69
parent df04f17976
2 changed files with 2 additions and 2 deletions
--- a/package/jq/jq.hash
+++ b/package/jq/jq.hash
@ -1,3 +1,3 @@
 # Locally calculated
-sha256  402a0d6975d946e6f4e484d1a84320414a0ff8eb6cf49d2c11d144d4d344db62  jq-1.7.tar.gz
+sha256  478c9ca129fd2e3443fe27314b455e211e0d8c60bc8ff7df703873deeee580c2  jq-1.7.1.tar.gz
 sha256  10e974638a41fadfd72357f2f3a4325e20b856c563365128f72feaa406f8c92d  COPYING
--- a/package/jq/jq.mk
+++ b/package/jq/jq.mk
@ -4,7 +4,7 @@
 #
 ################################################################################

-JQ_VERSION = 1.7
+JQ_VERSION = 1.7.1
 JQ_SITE = https://github.com/jqlang/jq/releases/download/jq-$(JQ_VERSION)
 JQ_LICENSE = MIT (code), ICU (decNumber), CC-BY-3.0 (documentation)
 JQ_LICENSE_FILES = COPYING