| Age | Commit message (Collapse) | Author |
|---|
|
Fixes CVE-2018-14647, CVE-2018-20406, CVE-2018-20852, CVE-2019-9636,
CVE-2019-9740, and CVE-2019-9747.
Signed-off-by: Dan Tran <dantran@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fixes CVE-2018-20852, CVE-2019-9740, and CVE-2019-9747
Signed-off-by: Dan Tran <dantran@microsoft.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
CVE-2019-9947 is same as CVE-2019-9740 and mark it as such. See:
https://bugs.python.org/issue30458
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: OpenEmbedded.org
MR: 98320, 98319
Type: Security Fix
Disposition: Backport from https://git.openembedded.org/openembedded-core/commit/meta/recipes-devtools/python/python_2.7.16.bb?id=9d23b982fa4e0290761b3d15f6959779fed72ad6
ChangeID: e79b6fe3b7b4253bf0d76b029070ae869d5234bd
Description:
Fixes:
CVE-2019-9948
CVE-2019-9636
CVE-2019-9940 is a dup of 9948 per python.org
CVE-2019-9947 appears to be a dup of 9940 per https://bugs.python.org/issue30458#msg295067
Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Minor clean up for thud]
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Source: Python.org
MR: 98220
Type: Security Fix & Integration
Disposition: Backport from python.org
ChangeID: 96fdd2dee9fe9317eb72584583ae0100c0be9eaa
Description:
Bug fix update per Python.org
https://www.python.org/downloads/release/python-2716/
drop backported patch
License-update: copyright years
Helps prepare Thud for 2.7 EOL support moving forward.
Update includes:
CVE-CVE-2019-5010
https://github.com/python/cpython/commit/06b15424b0dcacb1c551b2a36e739fffa8d0c595
Signed-off-by: Armin Kuster <akuster@mvista.com>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Fix below warning:
WARNING: Skipping RPATH /usr/lib64 as is a standard search path for
work/x86_64-linux/python-native/2.7.15-r1.1/recipe-sysroot-native/
usr/lib/python2.7/lib-dynload/_bsddb.so
setup.py will check db.h under include_dirs, for native build,
/usr/lib64 will be insert to postion 0 of include_dirs, so
it's priority is higher then our sysroot, cause db.h sysroot
is ignored, and rpath set to /usr/lib64. and this cause warning
when do_populate_sysroot. use append to fix it.
Signed-off-by: Changqing Li <changqing.li@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
import time
time.tzset()
Traceback (most recent call last):
File "<stdin>", line 1, in <module>
AttributeError: module 'time' has no attribute 'tzset'
enable tzset in both python versions
Signed-off-by: Armin Kuster <akuster808@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
[Fix up for Thud context ie python3_3.5.6]
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
A couple have still been missed in the past despite multiple
attempts at doing so (or simply have re-appeared?).
Search & replace made using the following command:
sed -e 's|\(d\.getVar \?\)( \?\([^,()]*\), \?True)|\1(\2)|g' \
-i $(git grep -E 'getVar ?\( ?([^,()]*), ?True\)' \
| cut -d':' -f1 \
| sort -u)
(From OE-Core rev: 9f551d588693328e4d99d33be94f26684eafcaba)
Signed-off-by: André Draszik <andre.draszik@jci.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
This patch altered the clean target's behaviour to skip the ipkg-install
directory. However this directory isn't created by opkg, opkg-utils, or the
package_ipk class; and we don't invoke the clean target as we perform
out-of-tree builds.
(From OE-Core rev: 9f8bd475701e5d797d3ffc1ba97647101ba0b9b0)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
We stop distutils for *native* Python from rewriting hashbangs when installing
(so installed scripts don't have a hashbang that refers to sysroot paths), but
this isn't needed nor desirable for the *target* Python.
(From OE-Core rev: 52e128619803907c804d42815ea979b1848529c4)
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
While there is a bit of documentation regarding building a new
manifest file for python, it seems that users usually only read
the manifest file.
The manifest file is in JSON format which doesn't allow comments,
hence why instructions were initially put elsewhere.
This patch hacks the call to open the JSON manifest file by using a
marker to trick it into reading only part of the file as the manifest
itself, and keep the other part as comments, which contain instructions
for the user to run the create_manifest task after an upgrade or
when adding a new package.
(From OE-Core rev: 5641a24a70b54544012c04c6a082514d9a5aa49a)
Signed-off-by: Alejandro Enedino Hernandez Samaniego <alejandr@xilinx.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Use 4 spaces to replace a tab.
(From OE-Core rev: cbb6743d46752481782789fa1a0dfade11057114)
Signed-off-by: Robert Yang <liezhi.yang@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Signed-off-by: Armin Kuster <akuster808@gmail.com>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Pyvenv is just a small script that uses venv to create virtual
environments.
https://www.python.org/dev/peps/pep-0405/#creating-virtual-environments
This patch adds the python3-venv module as a self-contained package which
python3-pyvenv must depend on at run-time.
The patch also provides the package python3-pyvenv from the pyhton3-venv
package.This is good for future-proofing since python3-pyvenv has been
deprecated and only python3-venv is now available in Python 3.6.
https://docs.python.org/3/library/venv.html.
Without this patch python3-pyvenv is broken because it is missing the
venv module at run-time. This patch specifies the newly created
python3-venv as a run-time dependency of python3-pyvenv.
Signed-off-by: Hugues Kamba <hugues.kamba@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport patch to fix the following CVE.
CVE: CVE-2018-14647
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport a patch to fix the following CVE.
CVE: CVE-2018-1000802
Signed-off-by: Chen Qi <Qi.Chen@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Nothing should be in this package, so remove it entirely to be sure nothing does
end up in there.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We want to allow the main recipe to extend RDEPENDS directly, so don't wipe
RDEPENDS when reading the manifest.
This fixes the missing python-misc dependency from python-modules.
As the wiping was having the good side-effect of removing the PN-dev dependency
on PN (which doesn't exist), clear RDEPENDS_${PN}-dev.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Copy the Python 2 run-ptest script to execute the Python 3 test suite.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
commit c5629268b0f8ae0a425c98337d13e8dc83107e13:
[
python: set PYTHONHOME for nativesdk
This ensures that the nativesdk python functions correctly without needing to
set PYTHONHOME in the sdk environment setup script.
]
it's also needed for python3.
Signed-off-by: Cheuk Wing Leung <cwleung@kth.se>
Signed-off-by: Ming Liu <liu.ming50@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Python uses AC_RUN_IFELSE to determine the byte order for floats and doubles,
and falls back onto "I don't know" if it can't run code. This results in
crippled floating point numbers in Python, and the regression tests fail.
Instead of running code, take a macro from autoconf-archive which compiles C
with a special double in which has an ASCII representation, and then greps the
binary to identify the format.
This is essentially a backport of the Python 3 patch in oe-core 1781b87.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
As the manifest handling is done differently now, just inherit ptest with the
other inherits.
test_shutil needs unzip so add to RDEPENDS.
Instead of using a patched Makefile, call test.regrtest directly.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
It's likely that the certificate root chain is needed if python3-crypt is
installed, so recommend it.
Also remove the redundant nativesdk-python3-crypt assignment, as the general
form is sufficient when class-extended.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Backport two and pick some other in-review patches from Ubuntu to fix
ssl test failures because of OpenSSL 1.1.x changes.
Fixes [YOCTO #12788]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
The module was accidentally included in python-misc.
Also re-run create_manifest to update the dependencies of python-sqlite3,
causing some whitespace changes.
[ YOCTO #12933 ]
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
We manually maintain the tests package's content and dependencies, so mark is as
special (matching create_manifest3.py).
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
sqlite3/__init__.py was accidentally included in python3-misc.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This package doesn't exist anymore so the manifest tool doesn't need to handle
it specially.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Currently the bulk of the tests in python3-tests, some more in
python3-sqlite3-tests, and others in their parent module (such as
python3-ctypes). This is pointless space usage if we're not planning on running
the tests, so consolidate all the tests into python3-tests.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Don't sort the manifest when using it to generate packaging rules, so ordering
can be used to have complex packaging rules.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Instead of sorting the entire manifest when it is updated, use OrderedDict to
preserve the order of fields. This means that packages can be ordered in the
manifest to allow non-trivial FILES assignments (such as a package that picks up
pieces of other packages)
The manifest has been regenerated with the new stable ordering, and
distutils-staticdev moved above distutils so the packaging rules work as
expected.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Currently the bulk of the tests in python-tests, some more in
python-sqlite3-tests, and others in their parent module (such as
python-ctypes). This is pointless space usage if we're not planning on
running the tests, so consolidate all the tests into python-tests.
This is a backport of the same changes done by Ross Burton for python3
Changes since v1:
- Rebase
Signed-off-by: Andrew Geissler <geissonator@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Don't sort the manifest when using it to generate packaging rules, so
ordering can be used to have complex packaging rules.
This is a backport of the same changes done by Ross Burton for python3
Changes since v1:
- Rebase
Signed-off-by: Andrew Geissler <geissonator@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Instead of sorting the entire manifest when it is updated, use
OrderedDict to preserve the order of fields.This means that
packages can be ordered in the manifest to allow non-trivial
FILES assignments (such as a package that picks up pieces of
other packages)
The manifest has been regenerated with the new stable ordering, and
distutils-staticdev moved above distutils so the packaging rules work as
expected.
This is a backport of the same changes done by Ross Burton for python3
Changes since v1:
- Moved distutils-staticdev above distutils so packaging rules work
as expected.
Changes since v2:
- Rebase
Signed-off-by: Andrew Geissler <geissonator@gmail.com>
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Due to human error an older revision of the SSL patch was merged.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
Use variables instead of hard-coding to remove another variation between
releases.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Instead of forcibly disabling Bluetooth (support for Bluetooth sockets in the
socket module), add a PACKAGECONFIG. The default remains disabled for
consistency.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
For target Python we use the libffi that we build, so we don't need to
autoreconf the in-tree libffi.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
_PYTHON_PROJECT_BASE and _PYTHON_PROJECT_SRC appear to be set in setup.py from
the source directory and build directory correctly, so this is redundant.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Instead of including the Py2 python.inc and having to undo some of the
assignments, create a new python3.inc to hold the common configuration.
Over time we can move more from the recipes into this file to unify the target
and native recipes.
Signed-off-by: Ross Burton <ross.burton@intel.com>
|
|
Backport changes from 3.7/3.6 to fix failing python3 ssl test suite.
Fixes [YOCTO #12919]
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
Includes changes:
76aa2c0a9a bpo-33216: Clarify the documentation for CALL_FUNCTION_* (#8338)
1b141b9553 Doc: Backport language switcher (bpo-33700, bpo-31045) (#8048)
f381cfe07d [3.5] bpo-33001: Prevent buffer overrun in os.symlink (GH-5989) (#5991)
937ac1fe06 [3.5] bpo-32981: Fix catastrophic backtracking vulns (GH-5955) (#6034)
Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
|
|
glibc 2.28 slightly changed the behaviour of sigaddset() which broke
multiprocessing. Backport a patch from Python 3.6 to solve this.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
This patch dates back to the addition of the Python 3 recipe to oe-core, and as
listxattr is never added to supports_follow_symlinks the extended attribute
support will never be enabled.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
None of the Python invocations that this changes are actually called, and
there's no need to provide a HOSTPGEN variable when the recipe can just override
PGEN directly.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
With OpenSSL 1.1.x TLS 1.3 can be used, so backport a patch from Python 3.6 to
fix the ftplib unit test.
Signed-off-by: Ross Burton <ross.burton@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
Dan Tran
Anuj Mittal
Martin Jansa
Armin Kuster
Ross Burton
Changqing Li
Armin Kuster
André Draszik
Alejandro Enedino Hernandez Samaniego
Robert Yang
Hugues Kamba
Chen Qi
Cheuk Wing Leung
Andrew Geissler