Fixes: https://github.com/openwrt/packages/issues/8399
These 2 patches cause some breakage for other packages.
For now, we drop them and wait for upstream to finalize a fix.
We can live with deprecated SSL APIs for a while. No need to hurry, since
this doesn't seem to help.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Bug fixes and a security update of the bundled RubyGems:
CVE-2019-8320: Delete directory using symlink when decompressing tar
CVE-2019-8321: Escape sequence injection vulnerability in verbose
CVE-2019-8322: Escape sequence injection vulnerability in gem owner
CVE-2019-8323: Escape sequence injection vulnerability in API response handling
CVE-2019-8324: Installing a malicious gem may lead to arbitrary code execution
CVE-2019-8325: Escape sequence injection vulnerability in errors
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Removing python3 conditional DEPENDS to avoid a circular dependency.
Fixes a typo in Makefile.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
This updates the Python 2 and 3 versions of each package to share the
same title field.
This also updates the package title, url and source urls.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
The package was missing dependencies on pillow and python-setuptools.
The Makefile was simplified.
Signed-off-by: Eneas U de Queiroz <cote2004-github@yahoo.com>
Package is rewritten to be current type of python package with variants
but for backward compatibility the simplejson package name was left as
is and new Python3 specific package was named correctly as
python3-simplejson.
Signed-off-by: Karel Kočí <cynerd@email.cz>
This change updates Python to version 2.7.16, which is a bugfix release
in the Python 2.7 series.
This also removes patches back-ported from upstream.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
As it was suggested in PR from the current package maintainer, I have become a new maintainer.
Signed-off-by: Josef Schlehofer <pepe.schlehofer@gmail.com>
Version 2.6 includes OpenSSL no-engine support.
This also removes python-idna as a dependency. idna became optional with
version 2.5 (https://cryptography.io/en/latest/changelog/#v2-5).
This also updates the package title field and updates both Python 2 and
3 versions to use the same field.
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
For a while now, Jeffery has helped quite a lot with Python, and is now
unofficial go-to guy [for problems] with Python packages.
This change adds him as co-maintainer [if he also agrees].
I'm not going away; I'll be still doing the same work for Python.
This change serves to recognize Jeffery in an official way, since he's
already taking on these things. And 2 co-maintainers is better in case one
kicks the bucket [by accident].
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Fixes: https://github.com/openwrt/packages/issues/8301
This seems to have slipped for some time. No idea if it ever worked.
It could be that this worked at some point.
In any case, the shebang is properly updated now.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>