Needed for classpath. GCJ is also needed but that can be dealt with
separately.
Fix compilation with musl by defining _GNU_SOURCE. What's funny here is
that if __USE_GNU gets replaced, the host build fails. The man page says
_GNU_SOURCE for pthread_getattr_np but glibc violates that statement.
Removed classpath dependency. classpaths must select jamvm, not the other
way around.
Removed target whitelist. Switched to blacklist.
Fixed License information.
Various other cleanups.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from 2972cc98eb and synced
from master)
Clean up white space and properly clarify the Java version implemented.
Signed-off-by: Daniel Santos <daniel.santos@pobox.com>
(cherry-picked from 69c5f1dac6)
musl libc (http://musl-libc.org lack the non-standard <fpu_control.h>
header, which is used in src/os/linux/{i386,x86_64}/init.c files to
setup the floating point precision. This patch makes it use the
standard C <fenv.h> header instead.
Original patch at Felix Janda at
https://sourceforge.net/p/jamvm/patches/6/
Signed-off-by: Guo Li <uxgood.org@gmail.com>
(cherry-picked from 2f96d96aff)
This is causing linking errors on i386 and ppc.
Also removed custom warnings an optimization levels that override stock
settings.
Signed-off-by: Rosen Penev <rosenp@gmail.com>
(cherry-picked from ecb4fcca0c)
This release includes some bug fixes and some security fixes.
* CVE-2017-17742: HTTP response splitting in WEBrick
* CVE-2018-6914: Unintentional file and directory creation with directory traversal in tempfile and tmpdir
* CVE-2018-8777: DoS by large request in WEBrick
* CVE-2018-8778: Buffer under-read in String#unpack
* CVE-2018-8779: Unintentional socket creation by poisoned NUL byte in UNIXServer and UNIXSocket
* CVE-2018-8780: Unintentional directory traversal by poisoned NUL byte in Dir
* Multiple vulnerabilities in RubyGems
There are also some bug fixes
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
This release includes some bug fixes and a security fix.
CVE-2017-17405: Command injection vulnerability in Net::FTP
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit fc01053917)
Bump version and overwrite patches from master,
since those were refreshed (at some point).
I got an email notification about some CVEs
for branch 17.01, so I decided to update Python.
Technically, one seems to be for SolidWorks
from what I can tell, but upgrading should be easy.
```
Hello Alexandru Ardelean,
The package python is vulnerable to the following CVEs:
CVE-2014-4616
https://nvd.nist.gov/vuln/detail/CVE-2014-4616
CVE-2017-100015
https://nvd.nist.gov/vuln/detail/CVE-2017-100015
Please consider updating or patching the package.
```
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
This release contains some security fixes.
CVE-2017-0898: Buffer underrun vulnerability in Kernel.sprintf
CVE-2017-10784: Escape sequence injection vulnerability in the Basic authentication of WEBrick
CVE-2017-14033: Buffer underrun vulnerability in OpenSSL ASN1 decode
CVE-2017-14064: Heap exposure in generating JSON
Multiple vulnerabilities in RubyGems
Update bundled libyaml to version 0.1.7.
And many other bugfix.
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
(cherry picked from commit 699d9bef30)
Avoid using 'hg' (Mercurial) to download sources.
'hg' is not an official prerequisite and it is not installed
in all buildslaves in Openwrt and LEDE buildbots, which
leads to frequent build failures.
Download the .tar.gz source archive instead.
Signed-off-by: Hannu Nyman <hannu.nyman@iki.fi>
(cherry picked from commit 74e53c4842)
This releases contains only bug and security fixes,
mostly backported from devel branch.
(cherry picked from commit 26d19b5cb1)
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
It's not 100% aligned with the ncurses' definition.
Reported-by: Arturo Rinaldi <arturo@arduino.org>
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
There might be no ABI breakage when the first two number
of version are the same.
(No change on generated packages. No need to bumb release)
Signed-off-by: Luiz Angelo Daros de Luca <luizluca@gmail.com>
Import a proposed upstream bug fix to allow building against recent curl
versions. Fixes the following error observed by the buildbots:
curlopt-constants.c:129:49: error: 'CURL_STRICTER' undeclared (first use in this function)
if (strEQ(name, "STRICTER")) return CURL_STRICTER;
Upstream bug: https://rt.cpan.org/Public/Bug/Display.html?id=117793
Signed-off-by: Jo-Philipp Wich <jo@mein.io>
Certain strings are misinterpreted as comments by perlmod.mk and removed
when they shouldn't be (in particular, perl-cgi). Enable this whenever
you have sufficient flash space.
Globally, CONFIG_PERL_NOCOMMENT=y (default) causes comments to be stripped
as before. However, a package (like perl-cgi) can override this with
PKG_LEAVE_COMMENTS=1.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
This fixes the following build error, spotted by the LEDE buildbots:
{standard input}: Assembler messages:
{standard input}:557: Error: operand 3 should be an integer register -- `mul x0,x0,1048576'
{standard input}:558: Error: operand 3 should be an integer register -- `smulh x1,x0,1048576'
Makefile:1466: recipe for target 'ext/opcache/zend_accelerator_module.lo' failed
Signed-off-by: Michael Heimpold <mhei@heimpold.de>
The macro perlmod/Install does comment stripping which gets confused by
the line:
in several files in this module, incorrectly deleting it as a comment.
It's not: it's the closure of a "= q/" literal.
See PR #3740 as this is a prerequisite.
Signed-off-by: Philip Prindeville <philipp@redfish-solutions.com>
LEDE now provides libncursesw by default [even for libncurses].
No need to keep this patch around.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Python comes with it's own builtin libffi lib, which
seems easier to use for the host build, than trying
to use the one from the package feeds.
Also, dropping `005-fix-libffi-x86-64-configure.patch`
Not needed anymore.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
I just found out that, that the BUILD_VARIANT var
is not set for the host build, so technically this code
would never get used.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
As both LEDE and OpenWrt have STAGING_DIR_HOSTPKG now, we can start to rely
on it. See 73b7f55424 for more information on
STAGING_DIR_HOSTPKG.
STAGING_DIR_HOSTPKG won't actually be changed before the first LEDE release
(it is equivalent to $(STAGING_DIR)/host), so this simple search/replace
cleanup is safe to apply. Doing this cleanup now will be useful for the
Gluon project (an OpenWrt/LEDE based firmware framework) for experimenting
with modifying STAGING_DIR_HOSTPKG before doing this in the LEDE upstream.
Also fixes a typo in the dbus Makefile ("STAGIND_DIR").
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
STAGING_DIR_HOSTPKG is now defined in both OpenWrt and LEDE, so we can
start to rely on it.
Signed-off-by: Matthias Schiffer <mschiffer@universe-factory.net>
Fixes: https://github.com/openwrt/packages/issues/3767
Since commit:
f6e6341d89
libressl is built on the host-side.
Python picks it up [ via the openssl/* headers ] and assumes
it has SSL libs.
Compiling works fine, linking fails.
Doesn't look like it's because:
2fd5ce9488
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Technically, this just updates build details.
No functionality change to package itself.
So, no need to increase PKG_RELEASE on this change.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Most python packages use the same build rules & vars.
So, adding them in python-package.mk.
Also, preparing for using VARIANTs for python/python3 packages.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
PYTHON_FOR_BUILD is used to build the target python.
Nomally Python scripts detect fine the Python host interpreter
to use for building the Python target interpreter.
But, let's not leave it up to chance anymore.
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
And apparently `--with-system-ffi` does not take any arguments.
But it's only in Python 3.6 that a check was added for that.
After checking, Python 2.7 does not take any args either
for `--with-system-ffi` ; so, remove it [for the case when this
change may get backported].
Signed-off-by: Alexandru Ardelean <ardeleanalex@gmail.com>
Rosen Penev