This fixes how GOARM is selected for arm platforms, based on support for
VFP/VFPv3 rather than CPU version.
Fixes#10967.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
PHP7 fails to load xmlreader.so (php7-mod-xmlreader) module without
dom.so (php7-mod-dom) module loaded:
-snip-
PHP Warning: PHP Startup: Unable to load dynamic library 'xmlreader.so'
(tried: /usr/lib/php/xmlreader.so (Error relocating /usr/lib/php/xmlreader.so:
dom_node_class_entry: symbol not found), /usr/lib/php/xmlreader.so.so (Error
loading shared library /usr/lib/php/xmlreader.so.so: No such file or
directory)) in Unknown on line 0
^C
-snap-
However, this dependency only exists when during build also php7-mod-dom
is selected.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit b8c22fc1ec)
While at, update the SPDX license id to most recent format.
Compile and run tested on mxs platform.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 5805da860e)
This fixes CVE-2019-11042 and CVE-2019-11041.
Compile and run tested on mxs platform
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit 8e419c6d4c)
All symbols on MacOS are prefixed with an underscore which
interfered with the filtering mechanism (added in perl 5.28)
for extension libraries to be linked into static perl.
Signed-off-by: Jakub Piotr Cłapa <jpc@loee.pl>
2.5.7 fixes:
* CVE-2019-16255: A code injection vulnerability of Shell#[] and Shell#test
* CVE-2019-16254: HTTP response splitting in WEBrick (Additional fix)
* CVE-2019-15845: A NUL injection vulnerability of File.fnmatch and File.fnmatch?
* CVE-2019-16201: Regular Expression Denial of Service vulnerability of WEBrick’s Digest access authentication
2.5.6 fixes:
* Multiple jQuery vulnerabilities in RDoc
* About 40 bugs
Changelog: https://github.com/ruby/ruby/compare/v2_5_5...v2_5_7
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Patches already merged and so removed:
* 019-bpo-36216-Add-check-for-characters-in-netloc-that-normalize-to-separators-GH-12216.patch
* 020-bpo-36216-Only-print-test-messages-when-verbose-GH-12291.patch
* 021-2.7-bpo-35121-prefix-dot-in-domain-for-proper-subdom.patch
* 027-bpo-38243-Escape-the-server-title-of-DocXMLRPCServer.patch
* 028-bpo-34155-Dont-parse-domains-containing-GH-13079.patch
Patches no longer necessary and so removed:
* 017_lib2to3_fix_pyc_search.patch
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 83b300aa83)
This seems to have slipped for some time. No idea if it ever worked.
It could be that this worked at some point.
In any case, the shebang is properly updated now.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
(cherry-picked from commit 1b96dc0171)
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(bump PKG_RELEASE for python3-pip)
These patches address issues:
CVE-2019-16056: email.utils.parseaddr mistakenly parse an email
CVE-2019-16935: A reflected XSS in python/Lib/DocXMLRPCServer.py
Links to Python issues:
https://bugs.python.org/issue34155https://bugs.python.org/issue38243
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
CVE-2013-7459 and CVE-2018-6594. Both patches taken from Fedora.
Also took the liberty to update the PKG_SOURCE_URL to a standard one.
Updated the home URL as well.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 32b23e28ad)
Currently, all files in usr/bin (presumably all Python scripts) are run
through sed to replace the shebang; sed will overwrite the file whether
or not a match is found. This causes symlinks to be overridden and made
into copies of their targets. python[3]-base and python[3]-dev are
affected by this.
This adds the --follow-symlinks flag to sed, in addition to using
$(SED), so that symlinks are not overridden.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This extends the Python[3] shebang fixup to all packages.
Only Python scripts in `/usr/bin` will be handled at the moment. Later it
may make sense to also cover executables in `/bin`, though typically Python
executables shouldn't be placed there.
Previously the shebang handling was only done for python[3]-pip &
python[3]-setuptools.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This change updates Python to version 2.7.16, which is a bugfix release
in the Python 2.7 series.
This also removes patches back-ported from upstream.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
3.6.9 is the latest security fix release of Python 3.6.
- Fixes: CVE-2018-20852, CVE-2019-9948, CVE-2019-9740, CVE-2019-5010
- Refreshed patches
- Removed a few backports patches
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
This reverts commit a176ffa0a1.
I just noticed that I accidentally used wrong openwrt branch
to compile this, with 18.09 branch the compilation fails.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This reverts commit 8e9429f3e9.
I just noticed that I accidentally used wrong openwrt branch
to compile this, with 18.09 branch the compilation fails.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This reverts commit 8abaf8a308.
I just noticed that I accidentally used wrong openwrt branch
to compile this, with 18.09 branch the compilation fails.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
- Fixes CVE-2019-9740, CVE-2019-11324
- RFC 3986 compliant
- Fix TITLE, which was too long for make menuconfig
- Add PKG_LICENSE_FILES
- Remove current maintainer
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
The LIBDIR and INCDIR assignments are duplicate of the original
Makefile, changing LIB_PATH and INC_PATH to LDFLAGS and CPPFLAGS.
Setting LIB_PATH and INC_PATH to empty strings will do the same
without duplicating the flags.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Linking with ld is not portable and was causing problems for some
targets, e.g. i386_pentium4:
i486-openwrt-linux-musl-ld: x509.o: in function `push_asn1_objname':
x509.c:(.text+0x61): undefined reference to `__stack_chk_fail_local'
...
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
(cherry-picked from e3f1532297)
Currently i386 and the PPC targets have issues linking issues.
https://github.com/openwrt/packages/issues/3319
says that replacing -fPIC with -fpic works.
Patch added to avoid package overriding settings set by toolchain and make
compilation less noisy
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from cf23dd2eb0)
These patches address issue:
CVE-2019-9636: urlsplit does not handle NFKC normalization
Link to Python issue:
https://bugs.python.org/issue36216
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
