XPost: linux.debian.devel.release
--nQP4ZNNj+Bjv9CQ/
Content-Type: text/plain; charset=utf-8
Content-Disposition: inline
Content-Transfer-Encoding: quoted-printable
Package: release.debian.org
Severity: normal
Tags: bookworm
X-Debbugs-Cc:
[email protected],
[email protected]
Control: affects -1 + src:jq
User:
[email protected]
Usertags: pu
[ Reason ]
Cherry-pick to fix CVE-2025-48060.
[ Impact ]
User will affect by CVE-2025-48060.
[ Tests ]
No test is done since the change is trivial.
[ Risks ]
The change is trivial.
[ Checklist ]
[x] *all* changes are documented in the d/changelog
[x] I reviewed all changes and I approve them
[x] attach debdiff against the package in (old)stable
[x] the issue is verified as fixed in unstable
[ Changes ]
Set 0 to the end of buffer.
[ Other info ]
--
ChangZhuo Chen (陳昌倬) czchen@{czchen,debian}.org
Key fingerprint = BA04 346D C2E1 FE63 C790 8793 CC65 B0CD EC27 5D5B
--nQP4ZNNj+Bjv9CQ/
Content-Type: text/plain; charset=utf-8
Content-Disposition: attachment; filename="jq.debdiff" Content-Transfer-Encoding: quoted-printable
diff -Nru jq-1.6/debian/changelog jq-1.6/debian/changelog
--- jq-1.6/debian/changelog 2020-12-10 16:24:21.000000000 +0800
+++ jq-1.6/debian/changelog 2025-07-09 22:23:15.000000000 +0800
@@ -1,3 +1,10 @@
+jq (1.6-2.1+deb12u1) bookworm; urgency=medium
+
+ * Cherry-pick upstream commit c6e041699d8cd31b97375a2596217aff2cfca85b to
+ fix CVE-2025-48060.
+
+ -- ChangZhuo Chen (陳昌倬) <
[email protected]> Wed, 09 Jul 2025 22:23:15 +0800
+
jq (1.6-2.1) unstable; urgency=medium
[ Paul Gevers ]
diff -Nru jq-1.6/debian/patches/CVE-2025-48060.patch jq-1.6/debian/patches/CVE-2025-48060.patch
--- jq-1.6/debian/patches/CVE-2025-48060.patch 1970-01-01 08:00:00.000000000 +0800
+++ jq-1.6/debian/patches/CVE-