cubixle/packages
1
0
Fork 0
mirror of https://github.com/novatiq/packages.git synced 2026-04-28 22:58:38 +01:00
Code Issues Packages Projects Releases Wiki Activity
16,759 Commits 8 Branches 1 Tag
3a61338ab4fd2caf94de12c8adeb540d98f3f270
Commit Graph

2345 Commits

Author SHA1 Message Date
Hannu Nyman 72731c08c8 Merge pull request #11639 from jefferyto/python-twisted-security-fix-openwrt-19.07 
[openwrt-19.07] python-twisted: Fix several request smuggling attacks
 2020-03-23 21:08:12 +02:00
Jeffery To db63e12089 python-pyasn1-modules: Update to 0.2.8 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit a6f1e7689b)
 2020-03-24 01:49:04 +08:00
Jeffery To 4da9026f2a python-idna: Update to 2.9 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 111d7ae088)
 2020-03-24 01:40:32 +08:00
Jeffery To a6b32c675c python-pycparser: Update to 2.20 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 931dcfe3aa)
 2020-03-24 01:34:49 +08:00
Jeffery To 364c24dd2b python-enum34: Update to 1.1.10, refresh patch 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 48af5b2abb)
 2020-03-24 01:27:22 +08:00
Jeffery To da05e08291 python-enum34: Update to 1.1.9, refresh patch 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit 87150b43a8)
 2020-03-24 01:26:52 +08:00
Jeffery To 4e5642de1a python-zope-interface: Update to 4.7.2, refresh patch 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from commit a178662fce)
 2020-03-24 01:08:08 +08:00
Jeffery To 261d6cbaaa python-twisted: Fix several request smuggling attacks 
This backports a patch[1] to fix several request smuggling attacks.

This includes fixes for:
* CVE-2020-10108
* CVE-2020-10109

[1]: https://github.com/twisted/twisted/commit/4a7d22e490bb8ff836892cc99a1f54b85ccb0281

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2020-03-23 23:22:39 +08:00
Jeffery To 0b654d52e9 golang: Update to 1.13.9 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2020-03-23 21:55:51 +08:00
Josef Schlehofer fd4da96672 python3: update to version 3.7.7 
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
 2020-03-14 00:47:42 +01:00
Alexandru Ardelean 3b9648db39 django: bump to version 1.11.29 
Includes several CVE fixes.
- CVE-2020-7471 in 1.11.28
- CVE-2020-9402 in 1.11.29

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
 2020-03-11 09:28:32 +02:00
Michael Heimpold 95c72d8aba php7: update to 7.2.28 
This fixes:
  - CVE-2020-7062
  - CVE-2020-7063

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
 2020-02-25 22:35:15 +01:00
Jeffery To 12b84e6acd golang: Update to 1.13.8 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2020-02-18 17:59:12 +08:00
Alexander Ryzhov fc59357297 perl: define $sysroot for extensions 
Signed-off-by: Alexander Ryzhov <github@ryzhov-al.ru>
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit fed1b3b11b)
 2020-02-15 22:05:28 -08:00
Rosen Penev 5c856ff558 perl: Don't build InstallDev under ARC 
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry picked from commit 2628584ffd)
 2020-02-15 22:05:20 -08:00
Michael Heimpold 3cf0c61f2e php7: update to 7.2.27 
This fixes:
  - CVE-2020-7059
  - CVE-2020-7060

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
 2020-02-07 21:09:24 +01:00
Jan Pavlinec 268ea7a78c python-importlib-metadata: add new package 
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
 2020-02-06 10:34:41 +01:00
Jeffery To 1d7cda2edc golang: Improve build isolation from user environment 
* Set GOENV=off when building Go compiler and packages, to ignore user's
  environment configuration file
* Set GOCACHE when building host Go
* Unset GOTMPDIR, to use the buildroot temp directory instead of temp
  directories in build_dir

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 3b5f1c73fb)
 2020-02-04 04:16:17 +08:00
Jeffery To 9a792f41c9 golang: Update to 1.13.7, add PKG_CPE_ID to Makefile 
This update includes fixes for[1]:
* CVE-2020-7919 - doesn't appear to be published publicly yet
* CVE-2020-0601 - a Windows-related issue

[1]: https://github.com/golang/go/issues?q=milestone%3AGo1.13.7+label%3ACherryPickApproved

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 0dc4fa6efb)
 2020-02-03 05:02:27 +08:00
Rosen Penev cff7a04a6a Merge pull request #11176 from jefferyto/python-fix-float-byte-order-openwrt-19.07 
[openwrt-19.07] python,python3: Fix float byte order detection
 2020-01-30 16:27:49 -08:00
Eneas U de Queiroz 36a1c0c5ae python-certify: bump to 2019.11.28 
This is a regular Mozilla CA bundle update.

Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
(cherry picked from commit c799f2a913)
 2020-01-30 14:59:51 -03:00
Jeffery To ad50eb7c0a python3: Fix float byte order detection 
This backports patches from bpo-34585[1] to fix byte order detection of
floats.

Fixing byte order detection allows the repr() of floats to be
shorter[2]. sys.float_repr_style should be 'short' instead of 'legacy'
on supported platforms.

See #11134.

[1]: https://bugs.python.org/issue34585
[2]: https://docs.python.org/3.8/whatsnew/3.1.html#other-language-changes

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2020-01-30 19:12:25 +08:00
Jeffery To a76dd0635c python: Fix float byte order detection 
This backports patches from bpo-34585[1] to fix byte order detection of
floats.

Fixing byte order detection allows the repr() of floats to be shorter (a
feature backported to Python 2.7 from Python 3.1[2]).
sys.float_repr_style should be 'short' instead of 'legacy' on supported
platforms.

See #11134.

[1]: https://bugs.python.org/issue34585
[2]: https://docs.python.org/2.7/whatsnew/2.7.html#python-3-1-features

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from a0da5aec7f)
Omitted PKG_RELEASE change
 2020-01-30 19:07:37 +08:00
Rosen Penev 30d0c2ee0f python: Replace utime with utimes 
Optionally fixes compilation with uClibc-ng.

Based on the surrounding code, this looks like an oversight.

Signed-off-by: Rosen Penev <rosenp@gmail.com>

(cherry picked from 608df65a62)
Adjusted PKG_RELEASE
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2020-01-30 19:04:39 +08:00
Rosen Penev 9cb0c7f4a0 Merge pull request #10990 from BKPepe/django-19.07 
[OpenWrt 19.07] django: update to version 1.11.27
 2020-01-22 18:41:20 -08:00
Jeffery To 2dbc88762c golang: Update to 1.13.6 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2020-01-15 01:26:40 +08:00
Jeffery To fdd202bd1e golang: Fix selection of GOARM value 
This fixes how GOARM is selected for arm platforms, based on support for
VFP/VFPv3 rather than CPU version.

Fixes #10967.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
 2020-01-15 00:58:28 +08:00
Josef Schlehofer a50eeb01fc django: update to version 1.11.27 
Fixes: CVE-2019-19844

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
 2020-01-11 23:15:13 +01:00
Alexandru Ardelean e847333d15 python,python3: split python[3]-pkg-resources from setuptools 
This package is required by other packages to run some binaries via
`load_entry_point`.

So, this splits this package away from setuptools.
setuptools is pretty big, akd pkg-resources is also big, but not as big.

Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>

(cherry picked from commit ed0e77f3c3)
Reference to discussion at
https://github.com/openwrt/packages/commit/c61579b564a3877235d74684b1a75915d77e42a9#commitcomment-36665837
Adjusted python PKG_RELEASE items to current situation
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
 2020-01-10 18:57:16 +02:00
Jeffery To fc313e772b golang: Format TARGET_LDFLAGS for gcc 
go invokes the external linker by calling gcc, so -zxxx options in
TARGET_LDFLAGS (in golang-package.mk) need to be formatted as -Wl,z,xxx.

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from dbd6f224c3)
 2019-12-29 18:51:15 +08:00
Daniel F. Dickinson bcdb9d00a5 passlib: Update passlib to 1.7.2 
Relevant bits of upstream changelog

New Features

    argon2: Support more hashes
    scrypt: Now uses python 3.6 stdlib’s hashlib.scrypt() as backend, if present (issue 86).

Bugfixes

    Python 3.8 compatibility fixes
    passlib.apache.HtpasswdFile: improve compatibility with Apache 2.4's htpasswd
    passlib.totp: fix some compatibility issues with older TOTP clients (issue 92)
    Fixed error in argon2.parsehash() (issue 97)

Signed-off-by: Daniel F. Dickinson <cshored@thecshore.com>
 2019-12-27 14:06:39 -05:00
Jeffery To db9a8a1e74 golang: Fix ldflags when GO_PKG_LDFLAGS is set 
go build/install supports multiple -ldflags arguments, but they are not
combined; for each package, the latest match on the command line is
used.[1]

Previously, the main executable would not be affected by the default
ldflags if GO_PKG_LDFLAGS or GO_PKG_LDFLAGS_X were set. (The default
ldflags instructs go to use the external linker.)

This fixes golang-package.mk so that the default ldflags take effect in
all cases.

[1]: https://golang.org/cmd/go/#hdr-Compile_packages_and_dependencies

Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 4827bc7509)
 2019-12-26 21:09:01 +08:00
Josef Schlehofer c5d6ffaf1c python3: Updated to version 3.7.6 
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
 2019-12-21 14:35:31 +01:00
Michael Heimpold 13de8da3b3 php7: update to 7.2.26 
This fixes:
  - CVE-2019-11046
  - CVE-2019-11044
  - CVE-2019-11045
  - CVE-2019-11050
  - CVE-2019-11047

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit d5c18b1d5e)
 2019-12-18 21:23:12 +01:00
Josef Schlehofer c1dd9499b1 golang: Update to 1.13.5 
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 791729cfc06ab6608018c15ce84d7f6e37ba3f5a)
 2019-12-09 23:28:07 +01:00
Jan Pavlinec b88b43dd12 python-more-itertools: add new package 
Signed-off-by: Jan Pavlinec <jan.pavlinec@nic.cz>
(cherry-picked from 4bade3b2f7)
 2019-12-06 15:41:53 -08:00
Matthias Schiffer 03b412db2e luasrcdiet: add package (moved from luci-base package) 
We use luasrcdiet in Gluon as well. Move it from the luci feed to packages.

Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
(cherry picked from commit 46d68b8699)
 2019-11-26 19:52:28 +01:00
Rosen Penev d0e97caca6 Merge pull request #10631 from jefferyto/python-pyopenssl-19.1.0-openwrt-19.07 
[openwrt-19.07] python-pyopenssl: Update to 19.1.0
 2019-11-25 11:14:29 -08:00
Josef Schlehofer 4a82137613 php7: Update to version 7.2.25 
- Fixes CVE-2019-11043

Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
(cherry picked from commit 9bc48abd2a)
 2019-11-24 22:04:15 +01:00
W. Michael Petullo 36358e7e38 php7: mark /etc/config/php7-fastcgi as conffile 
Signed-off-by: W. Michael Petullo <mike@flyn.org>
(cherry picked from commit 5bc9bb04c5)
 2019-11-24 22:03:41 +01:00
Michael Heimpold 3be4577ee9 php7-mod-xmlreader: add conditional dependency to php7-mod-dom (fixes #10201) 
PHP7 fails to load xmlreader.so (php7-mod-xmlreader) module without
dom.so (php7-mod-dom) module loaded:

-snip-
PHP Warning:  PHP Startup: Unable to load dynamic library 'xmlreader.so'
 (tried: /usr/lib/php/xmlreader.so (Error relocating /usr/lib/php/xmlreader.so:
 dom_node_class_entry: symbol not found), /usr/lib/php/xmlreader.so.so (Error
 loading shared library /usr/lib/php/xmlreader.so.so: No such file or
 directory)) in Unknown on line 0
^C
-snap-

However, this dependency only exists when during build also php7-mod-dom
is selected.

Signed-off-by: Michael Heimpold <mhei@heimpold.de>
(cherry picked from commit b8c22fc1ec)
 2019-11-24 22:03:11 +01:00
Stefaan Ghysels 7aadc71300 php7: bump to 7.2.23 
Signed-off-by: Stefaan Ghysels <stefaang@gmail.com>
(cherry picked from commit dacda44755)
 2019-11-24 22:02:30 +01:00
Jeffery To fc33728724 python-pyopenssl: Update to 19.1.0 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from aff03aee1f)
 2019-11-25 04:40:19 +08:00
Alexandru Ardelean 2969a1842d django: bump to version 1.11.26 
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
 2019-11-19 10:49:50 +02:00
Rosen Penev 41503554d0 Merge pull request #10577 from jefferyto/python-zope-interface-4.7.1-openwrt-19.07 
[openwrt-19.07] python-zope-interface: Update to 4.7.1, refresh patch
 2019-11-17 18:11:45 -08:00
Rosen Penev 209ecba6be Merge pull request #10575 from jefferyto/python-twisted-19.10.0-openwrt-19.07 
[openwrt-19.07] python-twisted: Update to 19.10.0, refresh patches
 2019-11-17 18:11:27 -08:00
Jeffery To 1f417d7ed0 python-zope-interface: Update to 4.7.1, refresh patch 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 5e8feda04a)
 2019-11-18 04:49:46 +08:00
Jeffery To 87ccd3ddbd python-twisted: Update to 19.10.0, refresh patches 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from c56770a570)
 2019-11-18 04:35:45 +08:00
Jeffery To 7504b410a6 python-pyasn1: Update to 0.4.8 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from b99abe8dd8)
 2019-11-18 04:07:32 +08:00
Jeffery To daebf4aba9 python-six: Update to 1.13.0 
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
(cherry picked from 5be603a836)
 2019-11-11 18:39:36 +08:00