From e73d5bb4a21497ed645e2a0a4b88c2eeaf65080a Mon Sep 17 00:00:00 2001 From: Anuj Mittal Date: Tue, 29 Oct 2019 10:47:24 +0100 Subject: python: include CVE patches for python-native as well Also avoids maintaining a different set of patches for both. Signed-off-by: Anuj Mittal Signed-off-by: Richard Purdie (cherry picked from commit b3b1c00cc46b33ddbf7e008267032220e1e298af) Signed-off-by: Armin Kuster Signed-off-by: Richard Purdie --- meta/recipes-devtools/python/python.inc | 5 +++++ meta/recipes-devtools/python/python_2.7.16.bb | 5 ----- 2 files changed, 5 insertions(+), 5 deletions(-) diff --git a/meta/recipes-devtools/python/python.inc b/meta/recipes-devtools/python/python.inc index 779df53521..8d0e90862c 100644 --- a/meta/recipes-devtools/python/python.inc +++ b/meta/recipes-devtools/python/python.inc @@ -8,6 +8,11 @@ INC_PR = "r1" LIC_FILES_CHKSUM = "file://LICENSE;md5=e466242989bd33c1bd2b6a526a742498" SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ + file://bpo-35907-cve-2019-9948.patch \ + file://bpo-35907-cve-2019-9948-fix.patch \ + file://bpo-36216-cve-2019-9636.patch \ + file://bpo-36216-cve-2019-9636-fix.patch \ + file://CVE-2019-9740.patch \ " SRC_URI[md5sum] = "30157d85a2c0479c09ea2cbe61f2aaf5" diff --git a/meta/recipes-devtools/python/python_2.7.16.bb b/meta/recipes-devtools/python/python_2.7.16.bb index c6160ae0e8..a02a628cde 100644 --- a/meta/recipes-devtools/python/python_2.7.16.bb +++ b/meta/recipes-devtools/python/python_2.7.16.bb @@ -30,11 +30,6 @@ SRC_URI += " \ file://support_SOURCE_DATE_EPOCH_in_py_compile_2.7.patch \ file://float-endian.patch \ file://0001-python2-use-cc_basename-to-replace-CC-for-checking-c.patch \ - file://bpo-35907-cve-2019-9948.patch \ - file://bpo-35907-cve-2019-9948-fix.patch \ - file://bpo-36216-cve-2019-9636.patch \ - file://bpo-36216-cve-2019-9636-fix.patch \ - file://CVE-2019-9740.patch \ " S = "${WORKDIR}/Python-${PV}" -- cgit 1.2.3-korg