[packages/jq] up to 1.8.0 (fixes CVE-2024-23337 CVE-2024-53427 CVE-2025-48060)

Sun Jun 1 14:07:52 CEST 2025

commit a39936b0872c40834cd57aeb649cfe4500d1fed9
Author: Jan Palus <atler at pld-linux.org>
Date:   Sun Jun 1 13:19:09 2025 +0200

    up to 1.8.0 (fixes CVE-2024-23337 CVE-2024-53427 CVE-2025-48060)

 jq.spec            | 15 ++++++---------
 static.patch       | 11 -----------
 tests-no-pty.patch |  2 +-
 3 files changed, 7 insertions(+), 21 deletions(-)
---

diff --git a/jq.spec b/jq.spec
index 35abfeb..b8a242a 100644
--- a/jq.spec
+++ b/jq.spec
@@ -12,15 +12,14 @@
 Summary:	Command-line JSON processor
 Summary(pl.UTF-8):	Procesor JSON działający z linii poleceń
 Name:		jq
-Version:	1.7.1
+Version:	1.8.0
 Release:	1
 License:	MIT, Apache, CC-BY, GPL v3
 Group:		Applications/Text
 #Source0Download: https://github.com/jqlang/jq/releases
 Source0:	https://github.com/jqlang/jq/releases/download/%{name}-%{version}/jq-%{version}.tar.gz
-# Source0-md5:	974a340105ecb43add8c55601525f9fc
-Patch0:		static.patch
-Patch1:		tests-no-pty.patch
+# Source0-md5:	46856841b9fd765b852023b881cd2e8b
+Patch0:		tests-no-pty.patch
 URL:		https://jqlang.github.io/jq/
 BuildRequires:	autoconf >= 2.65
 BuildRequires:	automake >= 1:1.11.2
@@ -28,9 +27,8 @@ BuildRequires:	bison >= 3
 BuildRequires:	flex
 BuildRequires:	libtool >= 2:2
 BuildRequires:	oniguruma-devel
-%if %{with tests_valgrind}
-BuildRequires:	valgrind
-%endif
+BuildRequires:	rpmbuild(macros) >= 1.527
+%{?with_tests_valgrind:BuildRequires:	valgrind}
 Requires:	%{name}-libs = %{version}-%{release}
 BuildRoot:	%{tmpdir}/%{name}-%{version}-root-%(id -u -n)
 
@@ -91,7 +89,6 @@ Statyczna biblioteka jq.
 %prep
 %setup -q
 %patch -P0 -p1
-%patch -P1 -p1
 
 %build
 %{__libtoolize}
@@ -103,7 +100,7 @@ Statyczna biblioteka jq.
 	%{!?with_static_libs:--disable-static} \
 	--disable-all-static \
 	--disable-silent-rules \
-	%{!?with_tests_valgrind:--disable-valgrind}
+	%{__enable_disable tests_valgrind valgrind}
 
 echo -e '#!/bin/sh\necho "'%{version}'"' > scripts/version
 
diff --git a/static.patch b/static.patch
deleted file mode 100644
index 814009b..0000000
--- a/static.patch
+++ /dev/null
@@ -1,11 +0,0 @@
---- jq-1.5/Makefile.am~	2015-08-16 07:38:10.000000000 +0300
-+++ jq-1.5/Makefile.am	2016-05-02 18:36:32.459838273 +0300
-@@ -84,7 +84,7 @@
- 
- bin_PROGRAMS = jq
- jq_SOURCES = src/main.c src/version.h
--jq_LDFLAGS = -static-libtool-libs
-+jq_LDFLAGS =
- jq_LDADD = libjq.la -lm
- 
- if ENABLE_ALL_STATIC
diff --git a/tests-no-pty.patch b/tests-no-pty.patch
index 74b5705..b5935e3 100644
--- a/tests-no-pty.patch
+++ b/tests-no-pty.patch
@@ -1,7 +1,7 @@
 --- jq-1.7/tests/shtest.orig	2023-09-06 22:00:31.000000000 +0200
 +++ jq-1.7/tests/shtest	2023-09-09 14:40:45.573460403 +0200
 @@ -503,7 +503,7 @@
- cmp $d/warning $d/expect_warning
+ done
  
  # Check $NO_COLOR
 -test_no_color=true
================================================================

---- gitweb:

http://git.pld-linux.org/gitweb.cgi/packages/jq.git/commitdiff/a39936b0872c40834cd57aeb649cfe4500d1fed9

