This fixes the following CVEs:
- in BCMath: CVE-2016-4537, CVE-2016-4538
- in EXIF: CVE-2016-4542, CVE-2016-4543, CVE-2016-4544
- in GD: CVE-2016-3074
- in Intl: CVE-2016-4540, CVE-2016-4541
- in XML: CVE-2016-4539
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Perl CGI fails to copy CGI.pm to package and therefore
perl programs and modules depend on CGI module fail.
Signed-off-by: Daniel Dickinson <lede@daniel.thecshore.com>
LUA_MATH_LIBRARY=m is added as lua-cjson fails to detect Lua in the host
build without it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes segfaults occuring in the node host build when GCC 6 is used.
Backport of upstream commit 96198d5bc710a4e3ca49eeeb3b3fa7b8cb61547d.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Also, override all prefix args in the HOST_CONFIGURE_ARGS
so that this works fine on CC/15.05.
There are some changes in core regarding package builds that
require this.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Also, override all prefix args in the HOST_CONFIGURE_ARGS
so that this works fine on CC/15.05.
There are some changes in core regarding package builds that
require this.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Seems it's some Unicode fix that required a small release.
https://pip.pypa.io/en/stable/news/
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
python-setuptools releases more often than my preference.
Every once in a while I sync up with the latest released.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
It seems that this can become an issue.
Found when building python3-setuptools from packages/trunk
in openwrt/15.05.
python3-setuptools is not in packages/for-15.05
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
python-setuptools/host needs python-package.mk and python-host.mk files that are installed by python (non host build - InstallDev)
Signed-off-by: Andrey Sechin <zyxmon@gmail.com>
- update to latest version (16.0.0)
- change to one package containing all plugins/subprojects
- add license info
- add myself as maintainer
This builds one main package, instead of multiple packages like the old
packages feed, to match upstream. (Debian and Fedora are moving to a
single-package model as well.) The obvious downside is a larger install
size, but one main package should be easier to maintain in the future.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the README:
service_identity aspires to give you all the tools you need for
verifying whether a certificate is valid for the intended purposes.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the README:
attrs is an MIT-licensed Python package with class decorators that ease
the chores of implementing the most common attribute-related object
protocols.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the PyPi description:
gmpy is a C-coded Python extension module that provides access to the
GMP (or MPIR) multiple-precision arithmetic library.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
$(CP) was defined as `cp -fpR' since the very begining of OpenWrt build
system (2006-06-22). The -R option should be enough and base packages
use only $(CP) for the same purposes just fine and BSD manual of cp also
discourages the use of `-r' option. So let's just tidy up the usage now.
Signed-off-by: Yousong Zhou <yszhou4tech@gmail.com>
Pull requests #2455 and #2463 should have fixed python-cffi.
Additionally r48918 has decreased the risk from broken host sections
to buildbot builds: https://dev.openwrt.org/changeset/48918
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
New feature release for ruby.More info:
https://www.ruby-lang.org/en/news/2015/12/25/ruby-2-3-0-released/
Patches changes:
(-) 001-rdoc-remove_gems_dep.patch was merged
(+) 001-acinclude.m4_rename_aclocal.m4.patch backported from upstream.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
The sets host Python's prefix and exec-prefix to the same value
($(STAGING_DIR)/host for packages, as currently defined in
include/host-build.mk), which avoids the case where pyconfig.h is
not in the same location as Python's other header files (see
https://bugs.python.org/issue896330).
This also removes some cross compilation workarounds
(_python_sysroot/prefix/exec_prefix, disabling byte-compilation,
__PYVENV_LAUNCHER__) that are not necessary when compiling packages
for host.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
python-cffi's host section has trouble compiling at buildbot.
Yesterday it stopped all buildbot runs that reached the package.
Mark the package temporarily as BROKEN to enable buildbot to complete the build.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
Stephane Chazelas discovered a bug in the environment handling in Perl.
Perl provides a Perl-space hash variable, %ENV, in which environment
variables can be looked up. If a variable appears twice in envp, only
the last value would appear in %ENV, but getenv would return the first.
Perl's taint security mechanism would be applied to the value in %ENV,
but not to the other rest of the environment. This could result in an
ambiguous environment causing environment variables to be propagated to
subprocesses, despite the protections supposedly offered by taint
checking.
With this update Perl changes the behavior to match the following:
a) %ENV is populated with the first environment variable, as getenv
would return.
b) Duplicate environment entries are removed.
References:
* http://perl5.git.perl.org/perl.git/commit/ae37b791a73a9e78dedb89fb2429d2628cf58076
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2016-2381
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
ruby subpackages now are generated by a macro. This reduces the
Makefile size by half and the chance of errors.
No change in packages contents, install-size or dependencies, except
for some removed doc files.
Improved ruby_missingfiles and ruby_find_pkgsdeps script
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath()
routine returned untained strings even if passed tainted input. This defect
undermines the guarantee of taint propagation, which is sometimes used to
ensure that unvalidated user input does not reach sensitive code.
This defect was found and reported by David Golden of MongoDB, and a patch
was provided by Tony Cook.
References:
* https://rt.perl.org/Public/Bug/Display.html?id=126862
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
From the package description:
Python wrapper module around the OpenSSL library
This depends on python-cryptography (#2035)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the README:
cryptography is a package which provides cryptographic recipes and
primitives to Python developers. Our goal is for it to be your "cryptographic
standard library". It supports Python 2.6-2.7, Python 3.3+, and PyPy 2.6+.
This depends on python-cffi host install (#2034)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
[Squashed update to latest upstream version into this introducing commit]
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
AFAIK sysroot is combined with prefix/exec_prefix, so sysroot shouldn't
include "/usr". (cf. the HostPython function in older versions of
python-package.mk)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This release includes a security fix for Fiddle extension.
* CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL
There are also some bugfixes.
In package, now LD_FLAGS is copied to DLD_FLAGS (used by ruby for libraries).
The missing values from LD_FLAGS cause build error when gcc does not implicitly
include staging/usr/lib.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
For x86 and x86_64, nodejs has some special CPU
code that needs to be selected by specifying
the correct CPU name (correct for nodejs).
On OpenWRT x86 is i386 ; node wants ia32 for this.
And x86_64 is x64 on nodejs.
So, we just need to do the proper substitutions.
Note: the ARCH env-var is obtained from CONFIG_ARCH, after
some subtitutions are applied.
So, it shouldn't affect other target archs.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This adds code to make it easier to build third-party python
modules such as ones from PyPi.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Seems those pkgconfig file paths were revealed to be incorrect
after doing a full clean build.
And I only had to inspiration to do one after doing the initial PR.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
And split python-dev and python-lib2to3 packages.
Seems for python3 this was done, so we'll sync here.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
That means basically moving the host Python from $(STAGING_DIR_HOST)
to $(STAGING_DIR_HOST)/usr and making the PYTHONPATH var
as an argument.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Apparently, recompiling/relinking fails under some circumstances. This
patch has been reported to work around that issue.
Signed-off-by: Marcel Denia <naoir@gmx.net>
From the documentation:
gmpy2 is a C-coded Python extension module that supports multiple-precision
arithmetic. gmpy2 is the successor to the original gmpy module. The gmpy module
only supported the GMP multiple-precision library. gmpy2 adds support for the
MPFR (correctly rounded real floating-point arithmetic) and MPC (correctly
rounded complex floating-point arithmetic) libraries. gmpy2 also updates the
API and naming conventions to be more consistent and support the additional
functionality.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the setup description:
A python implementation of the Pluggable Transports for Circumvention
specification for Tor
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Configuration scripts expect the libc identifier to be "uclibc" in case we're using it,
OpenWrt provides "uClibc". Oh well...
Signed-off-by: Marcel Denia <naoir@gmx.net>
This was previously manually set to '4.8.0'. Aside from just being incorrect,
it also breaks Errno's GCC5 detection.
Fixes#2044.
Signed-off-by: Marcel Denia <naoir@gmx.net>
From the README:
This is a small but growing collection of ASN.1 data structures
expressed in Python terms using pyasn1 data model.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Some python packages (e.g. cffi) compile one or more shared libraries
as part of their setup process. When these packages are setup
dependencies of other packages (e.g. cryptography), these packages (and
their shared libraries) will need to be loaded on the host system.
This adds a makefile, similar to python-package.mk, to simplify
installing python packages on the host.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Since 94f87dc1, host build of Python depends on expat installed in host
staging directory. However, pyexpat extension fails to build if expat
was not built and installed to staging dir before - adding host build
dependency should fix this.
Signed-off-by: Jan Čermák <jan.cermak@nic.cz>
From PyPI:
Foreign Function Interface for Python calling C code.
This depends on python-pycparser, which is in PR #1970
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
