diff options
author | Leo <thinkabit.ukim@gmail.com> | 2021-05-20 01:48:03 -0300 |
---|---|---|
committer | Leo <thinkabit.ukim@gmail.com> | 2021-05-20 01:48:03 -0300 |
commit | dec74dbcc2ce4ee051f456f6c12d3336031b85b0 (patch) | |
tree | f2e1cc9ef4ddd04b995185493bfecac37353b069 | |
parent | 94e1c9e8cab71bde2fb1f5da9a3eb1b49a67947d (diff) |
community/synapse: fix build
-rw-r--r-- | community/synapse/APKBUILD | 2 | ||||
-rw-r--r-- | community/synapse/relax-crypto-dep.patch | 17 |
2 files changed, 19 insertions, 0 deletions
diff --git a/community/synapse/APKBUILD b/community/synapse/APKBUILD index aa2c8a00919..dc9af70c117 100644 --- a/community/synapse/APKBUILD +++ b/community/synapse/APKBUILD @@ -53,6 +53,7 @@ subpackages="$pkgname-openrc" source="$pkgname-$pkgver.tar.gz::https://github.com/matrix-org/synapse/archive/v$pkgver.tar.gz synapse.initd synapse.confd + relax-crypto-dep.patch " # secfixes: @@ -93,4 +94,5 @@ sha512sums=" 3b67725ac6ebc4b3b42bd46228f49d400eb41a71fd8b9dbbc8b1efad05e04c38ba6b51758c43d3d3c56df136ff91b59c22283d5766f4774d8d8e10ba8c5fa986 synapse-1.34.0.tar.gz 4fa4a7bdd80e3b1af0f546723a64cec3b6014c5d52cfb296c41e831f73f72489bd90a3938831c0fd25cdcb03b6e27b54dfd222e325fb30525c39f5c6996687ff synapse.initd 7c022f0e00c8ac363d6d2e003b6389fb06a3934f68390ebac156cb46bc1366585e6b6cda07b15176bc62a00f5bf21bfda153ff5418b07331257a7075102a6f83 synapse.confd +15c17c21fb11f536c6c8307751c5836ac9377dd71af2284d06586abe7776d4d3decb8d04baec019a3f06ac08bd89e510e4c42a619679f20150daaf005a5e0369 relax-crypto-dep.patch " diff --git a/community/synapse/relax-crypto-dep.patch b/community/synapse/relax-crypto-dep.patch new file mode 100644 index 00000000000..6d0e3c78caf --- /dev/null +++ b/community/synapse/relax-crypto-dep.patch @@ -0,0 +1,17 @@ +Upstream: Not applicable +Reason: relax dependency requirements as our version of cryptography + even if it is old does not bundle a vulnerable 'openssl' + +diff --git a/synapse/python_dependencies.py b/synapse/python_dependencies.py +index 989523c..19a4167 100644 +--- a/synapse/python_dependencies.py ++++ b/synapse/python_dependencies.py +@@ -86,7 +86,7 @@ REQUIREMENTS = [ + "typing-extensions>=3.7.4", + # We enforce that we have a `cryptography` version that bundles an `openssl` + # with the latest security patches. +- "cryptography>=3.4.7", ++ "cryptography", + ] + + CONDITIONAL_REQUIREMENTS = { |