October 12th 2021 Security Releases:
HTTP Request Smuggling due to spaced in headers (Medium)(CVE-2021-22959)
HTTP Request Smuggling when parsing the body (Medium)(CVE-2021-22960)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
This is a minor update, which officially supports Python 3.8, and
removes Python 2 code, among several bugfixes.
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
Features:
- Add cap_add and cap_drop parameters to service create and
ContainerSpec
- Add templating parameter to config create
Bugfixes:
- Fix getting a read timeout for logs/attach with a tty and slow
output
Miscellaneous:
- Fix documentation examples
Signed-off-by: Javier Marcet <javier@marcet.info>
What's Changed
- CHANGELOG.md: Fix typos discovered by codespell by @cclauss in #350
- Add Python 3.10 support by @theskumar in #359
Signed-off-by: Javier Marcet <javier@marcet.info>
Includes fix for CVE-2021-38297 (passing very large arguments to WASM
module functions can cause portions of the module to be overwritten).
Signed-off-by: Jeffery To <jeffery.to@gmail.com>
Commit 3da874371 ("libsodium: include ed25519_core in minimal build")
broke the build of PyNaCl. Add patch to always include all ed25519
functions which are now always covered even if libsodium is built with
the MINIMAL option.
Signed-off-by: Daniel Golle <daniel@makrotopia.org>
When running FindStdlib and running DependsCheckHostPipVersionMatch at
the same time, both commands were joined together resulting in a syntax
error.
Signed-off-by: Michal Vasilek <michal.vasilek@nic.cz>
Bluetooth support requires bluez-libs present, but they are only required
for the build, and don't seem to be needed to be present on the target.
There isn't any linking required to libbluetooth. It's only the bluetooth.h
header that is required for building BT support into Python.
For testing, this snippet was used from `Lib/test/test_socket.py` (inside
cpython):
```
def _have_socket_bluetooth():
"""Check whether AF_BLUETOOTH sockets are supported on this host."""
try:
# RFCOMM is supported by all platforms with bluetooth support. Windows
# does not support omitting the protocol.
s = socket.socket(socket.AF_BLUETOOTH, socket.SOCK_STREAM, socket.BTPROTO_RFCOMM)
except (AttributeError, OSError):
return False
else:
s.close()
return True
```
Fixes: https://github.com/openwrt/packages/issues/16544
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Without -ldl linker flag .so extensions are not loaded
when glibc is used. Fix it by providing adjusted LDFLAGS
for this case.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Without -ldl linker flag .so extensions are not loaded
when glibc is used. Fix it by providing adjusted LDFLAGS
for this case.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
Changed:
- Require Python 3.5 or a later version. Python 2 and 3.4 are no
longer supported
- Raise ValueError if quote_mode isn't one of always, auto or never
in set_key
- When writing a value to a .env file with set_key or dotenv set
<key> <value>
Added:
- The dotenv_path argument of set_key and unset_key now has a type of
Union[str, os.PathLike] instead of just os.PathLike
Signed-off-by: Javier Marcet <javier@marcet.info>
Bugfixes:
- Fix disable_buffering regression
- Bring back support for ssh identity file
- Cleanup remaining python-2 dependencies
- Fix image save example in docs
Miscellaneous:
- Bump urllib3 to 1.26.5
- Bump requests to 2.26.0
Signed-off-by: Javier Marcet <javier@marcet.info>
Refreshed patches.
And apply hack for line-endings in pep517 (from pip).
Hack comment:
# FIXME: [1] get rid of this asap; 'patch' doesn't like Windows endings, and this file is full of them...
# I actually tried this in a number of ways and the only way to fix this is to implement
# a poor-man's dos2unix using sed.
# The issue is with the pip package; it seems that it throws in some Windows line-endings
# and 'patch' won't handle them. So, we do a "dos2unix" and then patch.
# We can get rid of this once this is solved upstream and in pip:
# https://github.com/pypa/pep517/pull/130
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
The addressed issue is related to #6893 as its resolution
is actually causing the problem.
When changing the priority of the config file it happens
that after a sysupgrade the previous file is restored
and the new file is added, ending up in a situation
like this:
/etc/php7/15_openssl.ini
/etc/php7/20_openssl.ini
Causing a double extension=openssl.so to be parsed,
which is not appropriate and leads to error message.
The same problem might also occur for mysqli since there
was also a priority change - let's take care about this
at the same time.
The solution is to remove one of the files. Since it is
a configuration file, the user might have adjusted it, so
lets just use the previous version to replace the new
installed version.
Signed-off-by: Michael Heimpold <mhei@heimpold.de>