File json-c.changes of Package json-c

Sat Sep 20 12:07:25 UTC 2014 -

- json-c 0.12
  Fixes for security issues contained in this release have been
  previously patched into this package, but listed for completeness:
  * Address security issues:
    * CVE-2013-6371: hash collision denial of service
    * CVE-2013-6370: buffer overflow if size_t is larger than int
- Further changes:
  * Avoid potential overflow in json_object_get_double
  * Eliminate the mc_abort() function and MC_ABORT macro.
  * Make the json_tokener_errors array local.  It has been deprecated for
     a while, and json_tokener_error_desc() should be used instead.
  * change the floating point output format to %.17g so values with 
     more than 6 digits show up in the output.
  * Remove the old name compatibility support.  The library is
      only created as now and headers are only installed 
      into the ${prefix}/json-c directory.
  * When supported by the linker, add the -Bsymbolic-functions flag.
  * Make strict mode more strict:
    * number must not start with 0
    * no single-quote strings
    * no comments
    * trailing char not allowed
    * only allow lowercase literals
  * Added a json_object_new_double_s() convenience function to allow
    an exact string representation of a double to be specified when
    creating the object and use it in json_tokener_parse_ex() so
    a re-serialized object more exactly matches the input.
  * Add support NaN and Infinity
- packaging changes:
  * json-c-hash-dos-and-overflow-random-seed-4e.patch is upstream
  * Move from json-c-lfs.patch which removed warning errors and
    autoconf call to json-c-0.12-unused_variable_size.patch from 
    upstream which fixes the warning
  * except for SLE 11 where autoreconf call is required
  * add licence file to main package

Mon Apr  7 12:22:58 UTC 2014 -

- Add json-c-hash-dos-and-overflow-random-seed-4e.patch to fix
  CVE-2013-6370 and CVE-2013-6371 (bnc#870147)

Tue Feb  4 14:54:51 UTC 2014 -

- Update metadata (description, RPM groups), and remove .la file
  in %install, not %check.

Mon Jan  6 13:09:45 UTC 2014 -

- Upgrade to 0.11 version:
  - SONAME change.
  - Fix provides and obsoletes accordingly
  - symlink the .pc file to the oldname for software that needs it
- Remove json-c-fix-headers.patch integrated upstream

Sun Mar 10 08:38:30 UTC 2013 -

- add json-c-fix-headers.patch from master branch to fix compilation
  of apps using the lib

Thu Mar  7 09:43:30 UTC 2013 -

- Update to 0.10 version : 
  * Add a json_object_to_json_string_ext() function to allow output 
	to be formatted in a more human readable form.
  * Add json_object_object_get_ex(), a NULL-safe get object method, 
	to be able to distinguish between a key not present and the value 
	being NULL.
  * Add an alternative iterator implementation, see json_object_iterator.h
  * Make json_object_iter public to enable external use of the
     json_object_object_foreachC macro.
  * Add a printbuf_memset() function to provide an effecient way to set and
     append things like whitespace indentation.
  * Adjust json_object_is_type and json_object_get_type so they return
      json_type_null for NULL objects and handle NULL passed to
  * Rename boolean type to json_bool.
  * Fix various compile issues for Visual Studio and MinGW.
  * Allow json_tokener_parse_ex() to be re-used to parse multiple object.
     Also, fix some parsing issues with capitalized hexadecimal numbers and
     number in E notation.
  * Add json_tokener_get_error() and json_tokener_error_desc() to better
     encapsulate the process of retrieving errors while parsing.
  * Various improvements to the documentation of many functions.
  * Add new json_object_array_sort() function.
  * Fix a bug in json_object_get_int(), which would incorrectly return 0
    when called on a string type object.
    Eric Haszlakiewicz
  * Add a json_type_to_name() function.
    Eric Haszlakiewicz
  * Add a json_tokener_parse_verbose() function.
    Jehiah Czebotar
  * Improve support for null bytes within JSON strings.
    Jehiah Czebotar
  * Fix file descriptor leak if memory allocation fails in json_util
    Zachary Blair, zack_blair at hotmail dot com
  * Add int64 support. Two new functions json_object_net_int64 and
    json_object_get_int64. Binary compatibility preserved.
    Eric Haszlakiewicz, EHASZLA at transunion com
    Rui Miguel Silva Seabra, rms at 1407 dot org
  * Fix subtle bug in linkhash where lookup could hang after all slots
    were filled then successively freed.
    Spotted by Jean-Marc Naud, j dash m at newtraxtech dot com
  * Make json_object_from_file take const char *filename
    Spotted by Vikram Raj V, vsagar at attinteractive dot com
  * Add handling of surrogate pairs (json_tokener.c, test4.c,
    Brent Miller, bdmiller at yahoo dash inc dot com
  * Correction to comment describing printbuf_memappend in printbuf.h
    Brent Miller, bdmiller at yahoo dash inc dot com

- Packaging : 
	* upgrade upstream location
	* cleanup old patches included now upstream
		. json-c-0.9-linkhash.patch
		. json-c-0.9-json_tokener.patch
		. json-c-0.9-json_object_from_file.patch
		. json-c-0.9-base.patch
	* Redone lfs patch against new 0.10 release
	* Removed empty NEWS file 

Sun Apr 22 00:34:03 UTC 2012 -

- Fix LFS support in x86.
- Do not build with -Werror
- Remove "la" files
- tune up autotools scripts as well ensure config.h is included

Sun Nov 13 13:50:27 UTC 2011 -

- Remove redundant/unwanted tags/section (cf. specfile guidelines)

Sun Nov 13 09:11:46 UTC 2011 -

- add libtool as explicit buildrequire to avoid implicit dependency from prjconf

Mon Aug 29 08:01:40 UTC 2011 -

- add baselibs.conf for pulseaudio to use
- use original sources

Thu Nov  4 17:22:27 UTC 2010 -

- initial pkg 0.9