The addressed issue is related to #6893 as its resolution
is actually causing the problem.
When changing the priority of the config file it happens
that after a sysupgrade the previous file is restored
and the new file is added, ending up in a situation
like this:
/etc/php7/15_openssl.ini
/etc/php7/20_openssl.ini
Causing a double extension=openssl.so to be parsed,
which is not appropriate and leads to error message.
The same problem might also occur for mysqli since there
was also a priority change - let's take care about this
at the same time.
The solution is to remove one of the files. Since it is
a configuration file, the user might have adjusted it, so
lets just use the previous version to replace the new
installed version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit e51a049301)
Includes fix for CVE-2021-39293 (archive/zip: overflow in preallocation
check can cause OOM panic).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit aa96b8408f)
Refreshed patches.
And apply hack for line-endings in pep517 (from pip).
Hack comment:
# FIXME: [1] get rid of this asap; 'patch' doesn't like Windows endings, and this file is full of them...
# I actually tried this in a number of ways and the only way to fix this is to implement
# a poor-man's dos2unix using sed.
# The issue is with the pip package; it seems that it throws in some Windows line-endings
# and 'patch' won't handle them. So, we do a "dos2unix" and then patch.
# We can get rid of this once this is solved upstream and in pip:
# https://github.com/pypa/pep517/pull/130
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 26988f905f)
python3-pyinotify: initial package version 0.9.6 of pyinotify for python3
Signed-off-by: Kerma Gérald <gandalf@gk2.net>
(cherry picked from commit bcb8775e48eb8f99a76b05a8539a0140513e4158)
I tried to install matplotlib by using pip and it failed with the following output:
2021-08-18T11:52:26,171 Collecting matplotlib
2021-08-18T11:52:26,173 Created temporary directory: /tmp/pip-unpack-wuth2u0e
2021-08-18T11:52:26,565 Using cached matplotlib-3.4.3.tar.gz (37.9 MB)
2021-08-18T11:52:38,659 Added matplotlib from https://files.pythonhosted.org/packages/21/37/ 197e68df384ff694f78d687a49ad39f96c67b8d75718bc61503e1676b617/matplotlib-3.4.3.tar. gz#sha256=fc4f526dfdb31c9bd6b8ca06bf9fab663ca12f3ec9cdf4496fb44bc680140318 to build tracker '/tmp/pip- req-tracker-u30x8pht'
2021-08-18T11:52:38,660 Running setup.py (path:/tmp/pip-install-afiyiers/ matplotlib_8e717e38862f4976a3d6cb1832ba3261/setup.py) egg_info for package matplotlib
2021-08-18T11:52:38,661 Created temporary directory: /tmp/pip-pip-egg-info-kbtiezxq
2021-08-18T11:52:38,662 Running command python setup.py egg_info
2021-08-18T11:52:38,831 Traceback (most recent call last):
2021-08-18T11:52:38,832 File "<string>", line 1, in <module>
2021-08-18T11:52:38,832 File "/usr/lib/python3.9/site-packages/setuptools/__init__.py", line 8, in <module>
2021-08-18T11:52:38,833 ModuleNotFoundError: No module named '_distutils_hack'
More details about it:
- https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=968410
Once I applied the patch from the bug tracker, I got further to install
it.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit feaaacc10f)
When installing a host perl module, the host perl binary in the staging
dir is replaced by using 'cp'. However, if the binary is running in a
parallel job, cp will fail with a text file busy error. Use
$(INSTALL_BIN), which unliks the file first to avoid the error.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit 19c7496648)
July 2021 Security Releases:
Use after free on close http2 on stream canceling (High) (CVE-2021-22930)
Node.js is vulnerable to a use after free attack where an attacker might be able to exploit the memory corruption, to change process behavior.
You can read more about it in https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2021-22930
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
Includes fix for CVE-2021-34558 (crypto/tls: clients can panic when
provided a certificate of the wrong type for the negotiated parameters).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit c0c62227bd)
This release fixes some bugs and these vulnerabilities:
* CVE-2021-31810: Trusting FTP PASV responses vulnerability in Net::FTP
* CVE-2021-32066: A StartTLS stripping vulnerability in Net::IMAP
* CVE-2021-31799: A command injection vulnerability in RDoc
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 1b41e8f641)
I seem to forget to check/select setuptools and pip (that come bundled with
Python).
This change will do a simple 'ls' on the 2 wheel files, so that the build
fails even if just building Python.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Refreshed patches.
Bumped pip to 21.1.3.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 44e009364f5a115172f5825fbfd8c0b3730021a5)
Dropped patches:
0004-Replace-EVP_CIPHER_CTX_cleanup-with-EVP_CIPHER_CTX_r.patch
0005-Switch-get_-Update-APIs-to-get0.patch
Reworked patches:
0001-Add-new-ASN1_STRING_get0_data-API.patch
0006-Add-X509_STORE_CTX_trusted_stack-compatibility-macro.patch
These 2 require that we keep only the CUSTOMIZATIONS stuff for now. Maybe
later we can drop this.
Ran 'make package/python-cryptography/refresh'.
Added patch:
0004-disable-rust.patch
upstream did a sloppy job with the CRYPTOGRAPHY_DONT_BUILD_RUST logic; we
need to patch it, to make sure the setuptools-rust isn't installed.
We may need to carry this patch in our tree for a bit longer than upstream,
because in newer versions, CRYPTOGRAPHY_DONT_BUILD_RUST logic gets removed.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 01d1b4581e)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Python3 comes with a built-in readline module. It wasn't included up until
now; mostly because it wasn't considered.
This change introduces it as a sub-package of the main Python3 package.
readline support is included in Python.
libreadline pulls libncursesw as a package, so python3-ncurses was
updated to pull libncursesw as well.
It should be the same package; mostly done for consistency.
Resolves the issue reported here:
https://forum.openwrt.org/t/python3-repl-missing-readline/90039
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry picked from commit 49faf5d7ca)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
By adding these dependencies, it is much easier for users (both
applications that use Twisted and end users) to have secure
communications by default.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 8349546208)
