Includes fixes for:
* CVE-2021-44716: unbounded growth of HTTP/2 header canonicalization
cache
* CVE-2021-44717: syscall.ForkExec error can close file descriptor 0
Added patches:
* 001-cmd-link-use-gold-on-ARM-ARM64-only-if-gold-is-available.patch:
https://github.com/golang/go/pull/49748 backported for Go 1.17,
this removes the requirement for the gold linker when building Go
programs that use Go plugins on arm/arm64
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
When cURL is built with OpenSSL as backend SSL/TLS library,
pecl_http's configure tries to detect whether TLS 1.3 ciphers
are enabled. This does not work when cross-compiling so let's
pass it based on OpenSSL build configuration.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Active support for PHP 7.4 branch ended a few days ago.
Since we have PHP 8.x in the repository for a while
and we migrated all PECL extension packages already,
let's focus on that newer version and drop support for 7.4.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
The functionality of this package - or at least similar one -
was meanwhile included in PHP8.
This package was mostly included as dependency for HTTP PECL package,
so it is not needed anymore and thus can be dropped.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This package is not compatible with PHP8 and seems to be not maintained
upstream anymore. Let's drop it.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Only a newer version of upstream includes support for PHP8, so while
migrating we need to update to latest upstream version.
We also need to adjust dependencies since JSON is now always integrated
not longer available as dedicated package.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Also update patches and remove obsolete ones.
We also need to add one to prevent mod_php to be enabled
by apxs in configuration file.
While at, remove the VARIANT setting for pecl extensions.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Relevant changes:
* quoted data urls which are not base64 encoded keep their spaces now
* accept bytes and text as input. All other types now raise a TypeError
* update python & gcc support
* python version will only accept the C implementation if the versions
match exactly. This should prevent using older installed C versions.
Along with the version bump:
- update maintainer email address
- use $(AUTORELEASE)
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
What's Changed:
Fixed:
- Add missing trailing newline before adding new entry with set_key
by @bbc2 in #361
Signed-off-by: Javier Marcet <javier@marcet.info>
Django 1.x is not compatible with python 3.10.
Mark the package as BROKEN. Since its dependent packages will also
select it, they will need to be marked BROKEN as well to avoid recursive
dependencies--packages not marked as BROKEN will be able to select the
broken package.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
There's been a bit of overlapping opinions on some of these packages.
The best thing to do here is to reduce ownership and relinquish my
control.
This patch does that.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Manually re-applied:
008-distutils-use-python-sysroot.patch
016-adjust-config-paths.patch
Drop patch: 003-do-not-run-distutils-tests.patch
There is now a configure option '--disable-test-modules'
And seems we left the '_ctypes_test' around for quite some time.
Dropped now.
Refs:
https://bugs.python.org/issue27640https://bugs.python.org/issue43282
Drop patch: 013-getbuildinfo-date-time-source-date-epoch.patch
Python build honors SOURCE_DATE_EPOCH pretty well now.
Drop setuptools patches. Setuptools should be reproducible with Python 3.6+
according to a mention here:
https://github.com/pypa/setuptools/pull/1690#issuecomment-536517456
It's time to let upstream fix Setuptools reproduce-ability.
Drop patch: 010-do-not-add-rt-lib-dirs-when-cross-compiling.patch
I can't seem to fully remember why it's there.
And it seem to build fine without it.
Drop patch: 015-abort-on-failed-modules.patch
Python build supports a similar PYTHONSTRICTEXTENSIONBUILD=1 env-var
option.
Add patch: 026-openssl-feature-flags.patch
We need to keep this in our tree for a while.
See:
https://bugs.python.org/issue45627
Backport patch: 027-bpo-43158-Use-configure-values-for-building-_uuid-ex.patch
Link: https://github.com/python/cpython/pull/29353
Fixes the build for uuid C module.
Add patch: 028-host-python-support-ssl-with-libressl.patch
We need the _ssl module working on the host-side with LibreSSL for pip to
work to download from https://pypi.org
Refs: https://github.com/openwrt/openwrt/pull/4749
Add patch: 029-disable-deprecation-warning.patch
Fixes apparmor build. The warning causes a configure error.
Refreshed the rest of patches.
Some old build-flags were removed. They don't seem to be necessary anymore.
Split python3-uuid from python3-light. To better manage the libuuid library
(if needed). Also, fixing the uuid C module build. Seems this was failing,
and was falling back to using hashlib.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Contains fixes for:
* CVE-2021-41771: ImportedSymbols in debug/macho (for Open or OpenFat)
accesses a memory location after the end of a buffer
* CVE-2021-41772: archive/zip Reader.Open panic via a crafted ZIP
archive containing an invalid name or an empty filename field
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Details:
- Cleaned up whitespace and removed comments (refer to official PHP documentation for that)
- Removed directives that no longer exist as of PHP 8.0.12
- Added newly existing directives commented out
- Added '~E_DEPRECATED' to 'error_reporting'
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
Details:
- Cleaned up whitespace and removed comments (refer to official PHP documentation for that)
- Removed directives that no longer exist as of PHP 7.4.25
- Added '~E_DEPRECATED' to 'error_reporting'
Directives removed that no longer exist as of PHP 7.4.25:
- zend.ze1_compatibility_mode
- y2k_compliance
- register_globals
- register_long_arrays
- magic_quotes_gpc
- magic_quotes_runtime
- magic_quotes_sybase
- always_populate_raw_post_data
Signed-off-by: Giovanni Giacobbi <giovanni@giacobbi.net>
(cherry picked from commit 7e45ad87f3)
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This is the latest version, which still has support for PHP 7.x.
It's an intermediate step in the transition to PHP 8.x.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This PR prepares PHP for a few minor changes that cause PHP builds to fail when using --enable-intl with ICU 70.1.
Change UBool to bool for equality operators in ICU >= 70.1
https://github.com/php/php-src/pull/7596
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This PR prepares PHP for a few minor changes that cause PHP builds to fail when using --enable-intl with ICU 70.1.
Change UBool to bool for equality operators in ICU >= 70.1
https://github.com/php/php-src/pull/7596
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
The module will be available, once php8 is selected, at the same place
as the other apache modules.
Signed-off-by: Sebastian Kemper <sebastian_ml@gmx.net>