Beginning in PathTools 3.47 and/or perl 5.20.0, the File::Spec::canonpath()
routine returned untained strings even if passed tainted input. This defect
undermines the guarantee of taint propagation, which is sometimes used to
ensure that unvalidated user input does not reach sensitive code.
This defect was found and reported by David Golden of MongoDB, and a patch
was provided by Tony Cook.
References:
* https://rt.perl.org/Public/Bug/Display.html?id=126862
* https://cve.mitre.org/cgi-bin/cvename.cgi?name=CVE-2015-8607
Signed-off-by: Jo-Philipp Wich <jow@openwrt.org>
From the package description:
Python wrapper module around the OpenSSL library
This depends on python-cryptography (#2035)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the README:
cryptography is a package which provides cryptographic recipes and
primitives to Python developers. Our goal is for it to be your "cryptographic
standard library". It supports Python 2.6-2.7, Python 3.3+, and PyPy 2.6+.
This depends on python-cffi host install (#2034)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
[Squashed update to latest upstream version into this introducing commit]
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
AFAIK sysroot is combined with prefix/exec_prefix, so sysroot shouldn't
include "/usr". (cf. the HostPython function in older versions of
python-package.mk)
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
This release includes a security fix for Fiddle extension.
* CVE-2015-7551: Unsafe tainted string usage in Fiddle and DL
There are also some bugfixes.
In package, now LD_FLAGS is copied to DLD_FLAGS (used by ruby for libraries).
The missing values from LD_FLAGS cause build error when gcc does not implicitly
include staging/usr/lib.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
For x86 and x86_64, nodejs has some special CPU
code that needs to be selected by specifying
the correct CPU name (correct for nodejs).
On OpenWRT x86 is i386 ; node wants ia32 for this.
And x86_64 is x64 on nodejs.
So, we just need to do the proper substitutions.
Note: the ARCH env-var is obtained from CONFIG_ARCH, after
some subtitutions are applied.
So, it shouldn't affect other target archs.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This adds code to make it easier to build third-party python
modules such as ones from PyPi.
Signed-off-by: Daniel Dickinson <openwrt@daniel.thecshore.com>
Seems those pkgconfig file paths were revealed to be incorrect
after doing a full clean build.
And I only had to inspiration to do one after doing the initial PR.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
And split python-dev and python-lib2to3 packages.
Seems for python3 this was done, so we'll sync here.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
That means basically moving the host Python from $(STAGING_DIR_HOST)
to $(STAGING_DIR_HOST)/usr and making the PYTHONPATH var
as an argument.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Apparently, recompiling/relinking fails under some circumstances. This
patch has been reported to work around that issue.
Signed-off-by: Marcel Denia <naoir@gmx.net>
From the documentation:
gmpy2 is a C-coded Python extension module that supports multiple-precision
arithmetic. gmpy2 is the successor to the original gmpy module. The gmpy module
only supported the GMP multiple-precision library. gmpy2 adds support for the
MPFR (correctly rounded real floating-point arithmetic) and MPC (correctly
rounded complex floating-point arithmetic) libraries. gmpy2 also updates the
API and naming conventions to be more consistent and support the additional
functionality.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
From the setup description:
A python implementation of the Pluggable Transports for Circumvention
specification for Tor
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Configuration scripts expect the libc identifier to be "uclibc" in case we're using it,
OpenWrt provides "uClibc". Oh well...
Signed-off-by: Marcel Denia <naoir@gmx.net>
This was previously manually set to '4.8.0'. Aside from just being incorrect,
it also breaks Errno's GCC5 detection.
Fixes#2044.
Signed-off-by: Marcel Denia <naoir@gmx.net>
From the README:
This is a small but growing collection of ASN.1 data structures
expressed in Python terms using pyasn1 data model.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Some python packages (e.g. cffi) compile one or more shared libraries
as part of their setup process. When these packages are setup
dependencies of other packages (e.g. cryptography), these packages (and
their shared libraries) will need to be loaded on the host system.
This adds a makefile, similar to python-package.mk, to simplify
installing python packages on the host.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Since 94f87dc1, host build of Python depends on expat installed in host
staging directory. However, pyexpat extension fails to build if expat
was not built and installed to staging dir before - adding host build
dependency should fix this.
Signed-off-by: Jan Čermák <jan.cermak@nic.cz>