| Commit message (Collapse) | Author | Age |
|---|
| ... | |
| |
|
|
| |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
| |
package fails to build with mold linker due to unregocnized flag.
Signed-off-by: Oskari Rauta <oskari.rauta@gmail.com>
|
| |
|
|
| |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update to v20.11.1
This is a security release.
Notable changes
* CVE-2024-21892 - Code injection and privilege escalation through Linux capabilities- (High)
* CVE-2024-22019 - http: Reading unprocessed HTTP request with unbounded chunk extension allows DoS attacks- (High)
* CVE-2024-21896 - Path traversal by monkey-patching Buffer internals- (High)
* CVE-2024-22017 - setuid() does not drop all privileges due to io_uring - (High)
* CVE-2023-46809 - Node.js is vulnerable to the Marvin Attack (timing variant of the Bleichenbacher attack against PKCS#1 v1.5 padding) - (Medium)
* CVE-2024-21891 - Multiple permission model bypasses due to improper path traversal sequence sanitization - (Medium)
* CVE-2024-21890 - Improper handling of wildcards in --allow-fs-read and --allow-fs-write (Medium)
* CVE-2024-22025 - Denial of Service by resource exhaustion in fetch() brotli decoding - (Medium)
* undici version 5.28.3
* libuv version 1.48.0
* OpenSSL version 3.0.13+quic1 (Depends on shared library provided by OpenWrt)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| |
|
|
|
|
| |
Issue was avoided with glib2.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
| |
Fixes CVE-2023-47627
Signed-off-by: Rosen Penev <rosenp@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
- Drop upstreamed patch
- Fix broken symlink /usr/bin/epmd
- Re-enable mips16
- Formatting
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
| |
Also add a quick test.sh file.
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
|
| |
|
|
| |
Signed-off-by: Alexandru Ardelean <alex@shruggie.ro>
|
| |
|
|
| |
Signed-off-by: Eneas U de Queiroz <cotequeiroz@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
Relevant changes since 3.9.12:
- FIXED: Serialization str escape uses only 128-bit SIMD.
- FIXED: Fix compatibility with CPython 3.13 alpha 3.
- Publish musllinux_1_2 instead of musllinux_1_1 wheels.
- Serialization uses small integer optimization in CPython 3.12 or later.
Signed-off-by: Timothy M. Ace <openwrt@timothyace.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to pyyaml_project:pyyaml so use
pyyaml:pyyaml instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pyyaml:pyyaml
Fixes: c06a04c754bdcfdb2ea0bd1d654128863a2b6738 (python-yaml: update to version 5.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
| |
Update the PKG_VERSION and PKG_SOURCE_VERSION to pull version 3.16.2
from upstream. The upstream version includes fixes for the
`pthread_yield: symbol not found` issue.
Removed patches 100-musl-compat.patch and 200-fix-redef-error.patch
as fixes were implemented upstream.
Build tested on aarch64, arm_cortex_a15/a9, i386, mips[el]_24kc,
powerpc_464fp/8548, riscv64, x86_64. Confirmed on x86_64.
Signed-off-by: Mark Baker <mark@vpost.net>
|
| |
|
|
|
|
| |
Builds compiled perl module Time::Moment v0.44 from CPAN.
Signed-off-by: Timothy Ace <openwrt@timothyace.com>
|
| |
|
|
| |
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to python:pip so use pypa:pip instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:pypa:pip
Moreover, CPE_ID missed PKG_ prefix
Fixes: eee273507b868ad5f6f7e744d513c85330967906 (python3: Split pip into separate source package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
python-paho-mqtt is licensed under EPL-2.0, not EPL-1.0, since version
1.6.0 and
https://github.com/eclipse/paho.mqtt.python/commit/fabe7500fb6fde31fd98c619e0117d1c651fd18d
While at it, add LICENSE.txt to PKG_LICENSE_FILES
Fixes: 784f2a519bb8cdfaa973070f65ff9a3a481e5cd1 (python-paho-mqtt: bump to version 1.6.1)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to python-requests:requests so use
python:requests instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:requests
Fixes: ceadbcbb64de727c3a974e552d9a723d532e4e40 (treewide: add PKG_CPE_ID for cvescanner)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
There is not a single CVE linked to urllib3_project:urllib3 so use
python:urllib3 instead:
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:python:urllib3
Fixes: 6dcaa769d8ce8921dc3bfaf78ab9a8c1cef4a9b9 (python-urllib3: update to version 1.25)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
aiohttp:aiohttp is a better CPE ID than aio-libs_projet:aiohttp as this
CPE ID has the latest CVEs (whereas aio-libs_project:aiohttp only has
one CVE from 2018):
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:aiohttp:aiohttp
Fixes: 2edf5034f1c09fe60af52087abe7b6fcef9433fc (python-aiohttp: add a new package)
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- PKG_LICENCE -> PKG_LICENSE
- PKC_LICENSE_FILES -> PKG_LICENSE_FILES
- BSD 3-Clause -> BSD-3-Clause
- BSD-3-clause -> BSD-3-Clause
- BSD-2-clause -> BSD-2-Clause
- Public Domain -> Public-Domain
- PublicDomain -> Public-Domain
- Drop unneeded ',' in PKG_LICENSE or PKG_LICENSE_FILES
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
| |
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
|
|
|
|
| |
- Update to Erlang/OTP 26.2.1
- Remove obsolete configure options
- Remove obsolete patches, add new one
- Add missing no_dot_erlang.boot file (fixes #20587)
- Change package URL to https
Signed-off-by: krant <aleksey.vasilenko@gmail.com>
|
| |
|
|
|
|
| |
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:docker:docker-py
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |
|
|
|
|
| |
https://nvd.nist.gov/products/cpe/search/results?keyword=cpe:2.3:a:gnome:vala
Signed-off-by: Fabrice Fontaine <fontaine.fabrice@gmail.com>
|
| |\
| |
| | |
php8: update to 8.3.2
|
| | |
| |
| |
| | |
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
|
| | |
| |
| |
| | |
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| | |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| |
| | |
b3b0cc8 version 0.2.2
85515cd roidmi: initial support for NEX2 Pro
62addc2 isort imports
8695649 README: update other govee to govee_ht
33f6ade ruuvitag: remove device class for counter
2099607 Rename key govee->govee_ht
12acacd codestyle updates
dbba43d ruuvitag: drop redundant import
84878e0 base: add and use HumidityTemperatureSensor
e9f0046 xiaomi_lywsd03_atc: make send_custom a class variable
2f4809a base: use lowercase for instance variable
5b1af17 govee: add manufacturer
7891691 ruuvitag: add manufacturer
cfd799b ruuvitag: remove inheritance from SubscribeAndSetDataMixin
7be28a1 codestyle updates
bffcf5e Add Govee H5074 temperature/humidity sensor support (#77)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
|
| |/
|
|
|
| |
fix: avoid expensive runtime inspection of known callables (https://github.com/Bluetooth-Devices/dbus-fast/pull/277)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
|
| |
|
|
|
|
|
|
|
| |
Relevant changes since 3.9.10:
- Improve performance of serializing. str is significantly faster. Documents
using dict, list, and tuple are somewhat faster.
- FIXED: Minimal musllinux_1_1 build due to sporadic CI failure.
Signed-off-by: Timothy Ace <openwrt@timothyace.com>
|
| |
|
|
|
|
|
| |
- Slightly speed up the contains keyword by removing some unnecessary
validator (re-)creation.
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
|
|
|
|
|
|
| |
- Fix the behavior of enum in the presence of 0 or 1 to properly
consider True and False unequal.
- Special case the error message for {min,max}
{Items,Length,Properties} when they're checking for emptiness rather
than true length.
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Notable Changes
* crypto: update root certificates to NSS 3.95 (Node.js GitHub Bot)
* doc: add MrJithil to collaborators (Jithil P Ponnan)
* doc: add Ethan-Arrowood as a collaborator (Ethan Arrowood)
* (SEMVER-MINOR) esm: add import.meta.dirname and import.meta.filename (James Sumners)
* fs: add c++ fast path for writeFileSync utf8 (CanadaHonk)
* (SEMVER-MINOR) module: remove useCustomLoadersIfPresent flag (Chengzhong Wu)
* (SEMVER-MINOR) module: bootstrap module loaders in shadow realm (Chengzhong Wu)
* (SEMVER-MINOR) src: add --disable-warning option (Ethan Arrowood)
* [SEMVER-MINOR) src: create per isolate proxy env template (Chengzhong Wu)
* (SEMVER-MINOR) src: make process binding data weak (Chengzhong Wu)
* stream: use Array for Readable buffer (Robert Nagy)
* stream: optimize creation (Robert Nagy)
* (SEMVER-MINOR) test_runner: adds built in lcov reporter (Phil Nash)
* (SEMVER-MINOR) test_runner: add Date to the supported mock APIs (Lucas Santos)
* (SEMVER-MINOR) test_runner, cli: add --test-timeout flag (Shubham Pandey)
Signed-off-by: Hirokazu MORIKAWA <morikw2@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
| |
https://pypi.org/project/gevent/
https://www.gevent.org/development/installing_from_source.html
source code
https://github.com/gevent/gevent
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
https://github.com/numpy/numpy/releases
NumPy 1.26.2 Release Notes
NumPy 1.26.2 is a maintenance release that fixes bugs and regressions
discovered after the 1.26.1 release. The 1.26.release series is the last
planned minor release series before NumPy 2.0. The Python versions
supported by this release are 3.9-3.12.
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
| |
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
| |
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Dependency introduced by https://github.com/hbldh/bleak/commit/21094e67cf5d238b911352ba8c45a33d72f47d80
and
https://github.com/hbldh/bleak/commit/3c1fac9773e13acf52cebfe4e9df5c60bffaf76b
(And only for python versions below 3.12.)
Fixes: 64fa106 (python3-bleak: bump version to 0.21.1)
Signed-off-by: Quintin Hill <stuff@quintin.me.uk>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
- ENHANCEMENTS:
- Refactor distro.info() method to return an InfoDict
- Ignore the file '/etc/board-release'
- Ignore the file '/etc/ec2_version'
- RELEASE:
- Run Python 3.6 on Ubuntu 20.04 for CI and bump isort
- TESTS:
- Test on modern versions of CPython and PyPy and macOS
- Add support for ALT Linux Server 10.1 distribution
- Add Debian Testing to the tests
- Update archlinux resource for tests
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Upgrade Notes:
- Removed SSL version (ssl_version) and explicit hostname check
(assert_hostname) options
- assert_hostname has not been used since Python 3.6 and was
removed in 3.12
- Python 3.7+ supports TLSv1.3 by default
- Websocket support is no longer included by default
- By default, docker-py hijacks the TCP connection and does not use
Websockets
- Websocket client is only required to use attach_socket(container,
ws=True)
- Python 3.7 no longer officially supported (reached end-of-life June
2023)
Features:
- Python 3.12 support
- Full networking_config support for containers.create()
- Replaces network_driver_opt (added in 6.1.0)
- Add health() property to container that returns status (e.g.
unhealthy)
- Add pause option to container.commit()
- Add support for bind mount propagation (e.g. rshared, private)
- Add filters, keep_storage, and all parameters to prune_builds()
(requires API v1.39+)
Bugfixes:
- Consistently return docker.errors.NotFound on 404 responses
- Validate tag format before image push
Miscellaneous:
- Upgraded urllib3 version in requirements.txt (used for
development/tests)
- Documentation typo fixes & formatting improvements
- Fixed integration test compatibility for newer Moby engine versions
- Switch to ruff for linting
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
|
|
|
|
|
|
|
| |
https://pypi.org/project/pyproject-metadata/
source code
https://github.com/FFY00/python-pyproject-metadata
add the pyproject-metadata package that numpy requires
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
| |
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
|
|
|
|
|
| |
https://pypi.org/project/zope.event/
source code
https://github.com/zopefoundation/zope.event
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
| |
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
| |
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
| |
Signed-off-by: Andy Syam <privasisource@gmail.com>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Renamed `mask` variable in ABNF to prevent name collision with
`mask()` function (9b51f73)
- Fixed old http import of HTTPStatus in _handshake.py (9b51f73)
- Add `send_text()` and `send_bytes()` to _app.py
- Improved typehint support (9b51f73, 8b73d00)
- General readability improvements, made all string concatenations
use f-strings (780584f, 3eabc6e)
- Applied black formatting style to code (da7f286)
Signed-off-by: Javier Marcet <javier@marcet.info>
|
| |
|
|
| |
Signed-off-by: W. Michael Petullo <mike@flyn.org>
|