The FPM SAPI works fine without the CGI SAPI installed. It seems that
this is a copy & paste error introduced a long time ago, when FPM support
was added - and nobody noticed.
So drop the dependency now to allow smaller footprints on installations
which only use FPM.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
This release contains some security fixes.
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
CVE-2017-14064: Heap exposure in generating JSON
Multiple vulnerabilities in RubyGems
Update bundled libyaml to version 0.1.7.
And many other bugfix.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Not sure how it can happen that the files are not
installed via the host build.
Maybe some SDK-like build.
Let's make sure they are installed via InstallDev rule too.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The host pip install should have the host's CFLAGS, LDFLAGS, etc
available.
And not the target's flags.
Otherwise, weird things can happen when installing
packages (host-side) that need to build C code.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
fix Makefile chmod (644)
replace MD5SUM with HASH
add PKG_MIRROR_HASH when PKG_SOURCE_PROTO:=git
(PKG_SOURCE_PROTO:=svn tarballs are not reproducible for now)
Signed-off-by: Etienne Champetier <champetier.etienne@gmail.com>
The host pip install should have the host's CFLAGS, LDFLAGS, etc
available.
And not the target's flags.
Otherwise, weird things can happen when installing
packages (host-side) that need to build C code.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This build script supports both Python 2.x (python-evdev) and 3.x (python3-evdev)
From the README:
This package provides bindings to the generic input event interface in Linux.
The evdev interface serves the purpose of passing events generated in the kernel
directly to userspace through character devices that are typically located in /dev/input/.
This package also comes with bindings to uinput, the userspace input subsystem.
Uinput allows userspace programs to create and handle input devices that can inject
events directly into the input subsystem.
Signed-off-by: Paulo Costa <me@paulo.costa.nom.br>
Unfortunately python-cryptography (after version 2.0.<something>)
decided to replace `pyasn1` with `asn1crypto`.
Unfortunately `pyasn1` is needed for another package,
so it can't be dropped just yet.
Not sure if dropping it would bother people.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This fixes several CVEs:
- in mbstring: CVE-2017-9224, CVE-2017-9226, CVE-2017-9227,
CVE-2017-9228, CVE-2017-9229
- in gd: CVE-2017-7890
Signed-off-by: Michael Heimpold <mhei@heimpold.de>