File jettison.changes of Package jettison.28016

-------------------------------------------------------------------
Wed Dec 14 12:11:51 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Upgrade to version 1.5.3
  * Fixes:
    + Backslash escaping. Throw syntax exception on invalid json
      sooner
    + Adding another test for backslashes
    + Introducing new static methods to set the recursion depth
      limit
    + Incorrect recursion depth check in JSONTokener
    + Fixing StackOverflow error (bsc#1206400, CVE-2022-45685,
      bsc#1206401, CVE-2022-45693)

-------------------------------------------------------------------
Wed Oct  5 08:33:43 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Upgrade to version 1.5.1
  * Fixes:
    + Stack Overflow fix on malformed JSON
      (bsc#1203515, CVE-2022-40149)
    + Prevent infinite loop when a /* comment is not terminated
      (bsc#1203516, CVE-2022-40150)
- Removed patches:
  * jettison-1.3.7-jdk10plus.patch
  * jettison-update-woodstox-version.patch
    + not needed with current version

-------------------------------------------------------------------
Tue Mar 22 16:38:03 UTC 2022 - Fridrich Strba <fstrba@suse.com>

- Build with source and target levels 8

-------------------------------------------------------------------
Sun Nov 24 12:41:56 UTC 2019 - Fridrich Strba <fstrba@suse.com>

- Specify maven.compiler.release to fix build with jdk9+ and newer
  maven-javadoc-plugin

-------------------------------------------------------------------
Tue Jun  4 07:34:35 UTC 2019 - Fridrich Strba <fstrba@suse.com>

- Initial packaging of jettison 1.3.7
openSUSE Build Service is sponsored by