106 files changed, 5273 insertions, 2111 deletions
diff --git a/meta/recipes-devtools/apt/files/apt.conf b/meta/recipes-devtools/apt/files/apt.conf
index 03351356bc..c95a5b07af 100644
--- a/meta/recipes-devtools/apt/files/apt.conf
+++ b/meta/recipes-devtools/apt/files/apt.conf
@@ -39,4 +39,4 @@ APT
  };
 };
-DPkg::Options {"--root=#ROOTFS#";"--admindir=#ROOTFS#/var/lib/dpkg";"--force-all";"--no-debsig"};
+DPkg::Options {"--root=#ROOTFS#";"--admindir=#ROOTFS#/var/lib/dpkg";"--force-all";"--no-force-overwrite";"--no-debsig"};
diff --git a/meta/recipes-devtools/binutils/binutils/nativesdk-relocation.patch b/meta/recipes-devtools/binutils/binutils/nativesdk-relocation.patch
new file mode 100644
index 0000000000..408f7d18b7
--- /dev/null
+++ b/meta/recipes-devtools/binutils/binutils/nativesdk-relocation.patch
@@ -0,0 +1,80 @@
+We need binutils to look at our ld.so.conf file within the SDK to ensure 
+we search the SDK's libdirs as well as those from the host system.
+We therefore pass in the directory to the code using a define, then add
+it to a section we relocate in a similar way to the way we relocate the
+gcc internal paths. This ensures that ld works correctly in our buildtools
+tarball.
+Standard sysroot relocation doesn't work since we're not in a sysroot, 
+we want to use both the host system and SDK libs.
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+2020/1/17
+Upstream-Status: Inappropriate [OE specific tweak]
+Index: git/ld/Makefile.am
+===================================================================
+--- git.orig/ld/Makefile.am
+++ git/ld/Makefile.am
+@@ -36,7 +36,8 @@ am__skipyacc =
+ 
+ ELF_CLFAGS=-DELF_LIST_OPTIONS=@elf_list_options@ \
+           -DELF_SHLIB_LIST_OPTIONS=@elf_shlib_list_options@ \
+-          -DELF_PLT_UNWIND_LIST_OPTIONS=@elf_plt_unwind_list_options@
+          -DELF_PLT_UNWIND_LIST_OPTIONS=@elf_plt_unwind_list_options@ \
+           -DSYSCONFDIR="\"$(sysconfdir)\""
+ WARN_CFLAGS = @WARN_CFLAGS@
+ NO_WERROR = @NO_WERROR@
+ AM_CFLAGS = $(WARN_CFLAGS) $(ELF_CLFAGS)
+Index: git/ld/Makefile.in
+===================================================================
+--- git.orig/ld/Makefile.in
+++ git/ld/Makefile.in
+@@ -546,7 +546,8 @@ am__skiplex =
+ am__skipyacc = 
+ ELF_CLFAGS = -DELF_LIST_OPTIONS=@elf_list_options@ \
+           -DELF_SHLIB_LIST_OPTIONS=@elf_shlib_list_options@ \
+-          -DELF_PLT_UNWIND_LIST_OPTIONS=@elf_plt_unwind_list_options@
+          -DELF_PLT_UNWIND_LIST_OPTIONS=@elf_plt_unwind_list_options@ \
+           -DSYSCONFDIR="\"$(sysconfdir)\""
+ 
+ AM_CFLAGS = $(WARN_CFLAGS) $(ELF_CLFAGS)
+ @ENABLE_PLUGINS_FALSE@PLUGIN_C = 
+Index: git/ld/emultempl/elf32.em
+===================================================================
+--- git.orig/ld/emultempl/elf32.em
+++ git/ld/emultempl/elf32.em
+@@ -1024,7 +1024,7 @@ gld${EMULATION_NAME}_check_ld_so_conf (c
+ 
+       info.path = NULL;
+       info.len = info.alloc = 0;
+-      tmppath = concat (ld_sysroot, "${prefix}/etc/ld.so.conf",
+      tmppath = concat (ld_sysconfdir, "/ld.so.conf",
+                        (const char *) NULL);
+       if (!gld${EMULATION_NAME}_parse_ld_so_conf (&info, tmppath))
+        {
+Index: git/ld/ldmain.c
+===================================================================
+--- git.orig/ld/ldmain.c
+++ git/ld/ldmain.c
+@@ -68,6 +68,7 @@ char *program_name;
+ 
+ /* The prefix for system library directories.  */
+ const char *ld_sysroot;
+char ld_sysconfdir[4096] __attribute__ ((section (".gccrelocprefix"))) = SYSCONFDIR;
+ 
+ /* The canonical representation of ld_sysroot.  */
+ char *ld_canon_sysroot;
+Index: git/ld/ldmain.h
+===================================================================
+--- git.orig/ld/ldmain.h
+++ git/ld/ldmain.h
+@@ -23,6 +23,7 @@
+ 
+ extern char *program_name;
+ extern const char *ld_sysroot;
+extern char ld_sysconfdir[4096];
+ extern char *ld_canon_sysroot;
+ extern int ld_canon_sysroot_len;
+ extern FILE *saved_script_handle;
diff --git a/meta/recipes-devtools/binutils/binutils_2.32.bb b/meta/recipes-devtools/binutils/binutils_2.32.bb
index 89315915c4..ecdab96658 100644
--- a/meta/recipes-devtools/binutils/binutils_2.32.bb
+++ b/meta/recipes-devtools/binutils/binutils_2.32.bb
@@ -51,5 +51,10 @@ do_install_class-native () {
 PACKAGE_BEFORE_PN += "libbfd"
 FILES_libbfd = "${libdir}/libbfd-*.so"
+SRC_URI_append_class-nativesdk =  "file://nativesdk-relocation.patch"
+USE_ALTERNATIVES_FOR_class-nativesdk = ""
+FILES_${PN}_append_class-nativesdk = " ${bindir}"
 BBCLASSEXTEND = "native nativesdk"
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch
new file mode 100644
index 0000000000..ba4e3a3c97
--- /dev/null
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch
@@ -0,0 +1,49 @@
+From 71ba13755337e19c9a826dfc874562a36e1b24d3 Mon Sep 17 00:00:00 2001
+From: Theodore Ts'o <tytso@mit.edu>
+Date: Thu, 19 Dec 2019 19:45:06 -0500
+Subject: [PATCH] e2fsck: don't try to rehash a deleted directory
+If directory has been deleted in pass1[bcd] processing, then we
+shouldn't try to rehash the directory in pass 3a when we try to
+rehash/reoptimize directories.
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=71ba13755337e19c9a826dfc874562a36e1b24d3]
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+---
+ e2fsck/pass1b.c | 4 ++++
+ e2fsck/rehash.c | 2 ++
+ 2 files changed, 6 insertions(+)
+diff --git a/e2fsck/pass1b.c b/e2fsck/pass1b.c
+index 5693b9cf..bca701ca 100644
+--- a/e2fsck/pass1b.c
+++ b/e2fsck/pass1b.c
+@@ -705,6 +705,10 @@ static void delete_file(e2fsck_t ctx, ext2_ino_t ino,
+                fix_problem(ctx, PR_1B_BLOCK_ITERATE, &pctx);
+        if (ctx->inode_bad_map)
+                ext2fs_unmark_inode_bitmap2(ctx->inode_bad_map, ino);
+       if (ctx->inode_reg_map)
+               ext2fs_unmark_inode_bitmap2(ctx->inode_reg_map, ino);
+       ext2fs_unmark_inode_bitmap2(ctx->inode_dir_map, ino);
+       ext2fs_unmark_inode_bitmap2(ctx->inode_used_map, ino);
+        ext2fs_inode_alloc_stats2(fs, ino, -1, LINUX_S_ISDIR(dp->inode.i_mode));
+        quota_data_sub(ctx->qctx, &dp->inode, ino,
+                       pb.dup_blocks * fs->blocksize);
+diff --git a/e2fsck/rehash.c b/e2fsck/rehash.c
+index 3dd1e941..2c908be0 100644
+--- a/e2fsck/rehash.c
+++ b/e2fsck/rehash.c
+@@ -1028,6 +1028,8 @@ void e2fsck_rehash_directories(e2fsck_t ctx)
+                        if (!ext2fs_u32_list_iterate(iter, &ino))
+                                break;
+                }
+               if (!ext2fs_test_inode_bitmap2(ctx->inode_dir_map, ino))
+                       continue;
+ 
+                pctx.dir = ino;
+                if (first) {
+-- 
+2.24.1
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5188.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5188.patch
new file mode 100644
index 0000000000..de4bce0037
--- /dev/null
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/CVE-2019-5188.patch
@@ -0,0 +1,57 @@
+From 8dd73c149f418238f19791f9d666089ef9734dff Mon Sep 17 00:00:00 2001
+From: Theodore Ts'o <tytso@mit.edu>
+Date: Thu, 19 Dec 2019 19:37:34 -0500
+Subject: [PATCH] e2fsck: abort if there is a corrupted directory block when
+ rehashing
+In e2fsck pass 3a, when we are rehashing directories, at least in
+theory, all of the directories should have had corruptions with
+respect to directory entry structure fixed.  However, it's possible
+(for example, if the user declined a fix) that we can reach this stage
+of processing with a corrupted directory entries.
+So check for that case and don't try to process a corrupted directory
+block so we don't run into trouble in mutate_name() if there is a
+zero-length file name.
+Addresses: TALOS-2019-0973
+Addresses: CVE-2019-5188
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+CVE: CVE-2019-5188
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=8dd73c149f418238f19791f9d666089ef9734dff]
+---
+ e2fsck/rehash.c | 9 +++++++++
+ 1 file changed, 9 insertions(+)
+diff --git a/e2fsck/rehash.c b/e2fsck/rehash.c
+index a5fc1be1..3dd1e941 100644
+--- a/e2fsck/rehash.c
+++ b/e2fsck/rehash.c
+@@ -160,6 +160,10 @@ static int fill_dir_block(ext2_filsys fs,
+                dir_offset += rec_len;
+                if (dirent->inode == 0)
+                        continue;
+               if ((name_len) == 0) {
+                       fd->err = EXT2_ET_DIR_CORRUPTED;
+                       return BLOCK_ABORT;
+               }
+                if (!fd->compress && (name_len == 1) &&
+                    (dirent->name[0] == '.'))
+                        continue;
+@@ -401,6 +405,11 @@ static int duplicate_search_and_fix(e2fsck_t ctx, ext2_filsys fs,
+                        continue;
+                }
+                new_len = ext2fs_dirent_name_len(ent->dir);
+               if (new_len == 0) {
+                        /* should never happen */
+                       ext2fs_unmark_valid(fs);
+                       continue;
+               }
+                memcpy(new_name, ent->dir->name, new_len);
+                mutate_name(new_name, &new_len);
+                for (j=0; j < fd->num_array; j++) {
+-- 
+2.24.1
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsck-fix-use-after-free-in-calculate_tree.patch b/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsck-fix-use-after-free-in-calculate_tree.patch
new file mode 100644
index 0000000000..342a2b855b
--- /dev/null
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs/e2fsck-fix-use-after-free-in-calculate_tree.patch
@@ -0,0 +1,76 @@
+From: Wang Shilong <wshilong@ddn.com>
+Date: Mon, 30 Dec 2019 19:52:39 -0500
+Subject: e2fsck: fix use after free in calculate_tree()
+The problem is alloc_blocks() will call get_next_block() which might
+reallocate outdir->buf, and memory address could be changed after
+this.  To fix this, pointers that point into outdir->buf, such as
+int_limit and root need to be recaulated based on the new starting
+address of outdir->buf.
+[ Changed to correctly recalculate int_limit, and to optimize how we
+  reallocate outdir->buf.  -TYT ]
+Addresses-Debian-Bug: 948517
+Signed-off-by: Wang Shilong <wshilong@ddn.com>
+Signed-off-by: Theodore Ts'o <tytso@mit.edu>
+(cherry picked from commit 101e73e99ccafa0403fcb27dd7413033b587ca01)
+Signed-off-by: Anuj Mittal <anuj.mittal@intel.com>
+Upstream-Status: Backport [https://git.kernel.org/pub/scm/fs/ext2/e2fsprogs.git/commit/?id=101e73e99ccafa0403fcb27dd7413033b587ca01]
+---
+ e2fsck/rehash.c | 17 ++++++++++++++++-
+ 1 file changed, 16 insertions(+), 1 deletion(-)
+diff --git a/e2fsck/rehash.c b/e2fsck/rehash.c
+index 0a5888a9..2574e151 100644
+--- a/e2fsck/rehash.c
+++ b/e2fsck/rehash.c
+@@ -295,7 +295,11 @@ static errcode_t get_next_block(ext2_filsys fs, struct out_dir *outdir,
+        errcode_t       retval;
+ 
+        if (outdir->num >= outdir->max) {
+-               retval = alloc_size_dir(fs, outdir, outdir->max + 50);
+               int increment = outdir->max / 10;
+
+               if (increment < 50)
+                       increment = 50;
+               retval = alloc_size_dir(fs, outdir, outdir->max + increment);
+                if (retval)
+                        return retval;
+        }
+@@ -637,6 +641,9 @@ static int alloc_blocks(ext2_filsys fs,
+        if (retval)
+                return retval;
+ 
+       /* outdir->buf might be reallocated */
+       *prev_ent = (struct ext2_dx_entry *) (outdir->buf + *prev_offset);
+
+        *next_ent = set_int_node(fs, block_start);
+        *limit = (struct ext2_dx_countlimit *)(*next_ent);
+        if (next_offset)
+@@ -726,6 +733,9 @@ static errcode_t calculate_tree(ext2_filsys fs,
+                                        return retval;
+                        }
+                        if (c3 == 0) {
+                               int delta1 = (char *)int_limit - outdir->buf;
+                               int delta2 = (char *)root - outdir->buf;
+
+                                retval = alloc_blocks(fs, &limit, &int_ent,
+                                                      &dx_ent, &int_offset,
+                                                      NULL, outdir, i, &c2,
+@@ -733,6 +743,11 @@ static errcode_t calculate_tree(ext2_filsys fs,
+                                if (retval)
+                                        return retval;
+ 
+                               /* outdir->buf might be reallocated */
+                               int_limit = (struct ext2_dx_countlimit *)
+                                       (outdir->buf + delta1);
+                               root = (struct ext2_dx_entry *)
+                                       (outdir->buf + delta2);
+                        }
+                        dx_ent->block = ext2fs_cpu_to_le32(i);
+                        if (c3 != limit->limit)
+-- 
+2.24.1
diff --git a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb
index 14c05a446c..f81defb837 100644
--- a/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb
+++ b/meta/recipes-devtools/e2fsprogs/e2fsprogs_1.45.3.bb
@@ -6,6 +6,9 @@ SRC_URI += "file://remove.ldconfig.call.patch \
            file://mkdir_p.patch \
            file://0001-misc-create_inode.c-set-dir-s-mode-correctly.patch \
            file://CVE-2019-5094.patch \
+            file://CVE-2019-5188.patch \
+            file://0001-e2fsck-don-t-try-to-rehash-a-deleted-directory.patch \
+            file://e2fsck-fix-use-after-free-in-calculate_tree.patch \
            "
 SRC_URI_append_class-native = " file://e2fsprogs-fix-missing-check-for-permission-denied.patch \
diff --git a/meta/recipes-devtools/file/file_5.37.bb b/meta/recipes-devtools/file/file_5.37.bb
index 60fc66131e..eb0f40b54d 100644
--- a/meta/recipes-devtools/file/file_5.37.bb
+++ b/meta/recipes-devtools/file/file_5.37.bb
@@ -9,7 +9,7 @@ LICENSE = "BSD"
 LIC_FILES_CHKSUM = "file://COPYING;beginline=2;md5=0251eaec1188b20d9a72c502ecfdda1b"
 DEPENDS = "zlib file-replacement-native"
-DEPENDS_class-native = "zlib-native"
+DEPENDS_class-native = "zlib-native bzip2-replacement-native"
 # Blacklist a bogus tag in upstream check
 UPSTREAM_CHECK_GITTAGREGEX = "FILE(?P<pver>(?!6_23).+)"
diff --git a/meta/recipes-devtools/gcc/gcc-cross-canadian.inc b/meta/recipes-devtools/gcc/gcc-cross-canadian.inc
index f14cbf7152..4aac345bec 100644
--- a/meta/recipes-devtools/gcc/gcc-cross-canadian.inc
+++ b/meta/recipes-devtools/gcc/gcc-cross-canadian.inc
@@ -158,7 +158,7 @@ SYSTEMLIBS1 = "${target_libdir}/"
 EXTRA_OECONF += "--enable-poison-system-directories"
 EXTRA_OECONF_remove_elf = "--with-sysroot=/not/exist"
 EXTRA_OECONF_remove_eabi = "--with-sysroot=/not/exist"
-EXTRA_OECONF_append_elf = "--without-headers --with-newlib"
+EXTRA_OECONF_append_elf = " --without-headers --with-newlib"
-EXTRA_OECONF_append_eabi = "--without-headers --with-newlib"
+EXTRA_OECONF_append_eabi = " --without-headers --with-newlib"
 # gcc 4.7 needs -isystem
 export ARCH_FLAGS_FOR_TARGET = "--sysroot=${STAGING_DIR_TARGET} -isystem=${target_includedir}"
diff --git a/meta/recipes-devtools/gcc/gcc-cross.inc b/meta/recipes-devtools/gcc/gcc-cross.inc
index 8855bb1f34..06ba3ccd15 100644
--- a/meta/recipes-devtools/gcc/gcc-cross.inc
+++ b/meta/recipes-devtools/gcc/gcc-cross.inc
@@ -61,6 +61,13 @@ do_compile () {
        export CXXFLAGS_FOR_TARGET="${TARGET_CXXFLAGS}"
        export LDFLAGS_FOR_TARGET="${TARGET_LDFLAGS}"
+        # Prevent native/host sysroot path from being used in configargs.h header,
+        # as it will be rewritten when used by other sysroots preventing support
+        # for gcc plugins
+        oe_runmake configure-gcc
+        sed -i 's@${STAGING_DIR_TARGET}@/host@g' ${B}/gcc/configargs.h
+        sed -i 's@${STAGING_DIR_HOST}@/host@g' ${B}/gcc/configargs.h
        oe_runmake all-host configure-target-libgcc
        (cd ${B}/${TARGET_SYS}/libgcc; oe_runmake enable-execute-stack.c unwind.h md-unwind-support.h sfp-machine.h gthr-default.h)
        # now generate script to drive testing
diff --git a/meta/recipes-devtools/gcc/gcc-runtime.inc b/meta/recipes-devtools/gcc/gcc-runtime.inc
index 2da3c02ef0..536b18d97f 100644
--- a/meta/recipes-devtools/gcc/gcc-runtime.inc
+++ b/meta/recipes-devtools/gcc/gcc-runtime.inc
@@ -302,10 +302,6 @@ do_check() {
    # HACK: this works around the configure setting CXX with -nostd* args
    sed -i 's/-nostdinc++ -nostdlib++//g' $(find ${B} -name testsuite_flags | head -1)
-    # HACK: this works around the de-stashing changes to configargs.h, as well as recipe-sysroot changing the content
-    sed -i '/static const char configuration_arguments/d' ${B}/gcc/configargs.h
-    ${CC} -v 2>&1 | grep "^Configured with:" | \
-        sed 's/Configured with: \(.*\)/static const char configuration_arguments[] = "\1";/g' >> ${B}/gcc/configargs.h
    if [ "${TOOLCHAIN_TEST_TARGET}" = "user" ]; then
        # qemu user has issues allocating large amounts of memory
diff --git a/meta/recipes-devtools/gcc/gcc-target.inc b/meta/recipes-devtools/gcc/gcc-target.inc
index bdc6ff658f..987e88d32c 100644
--- a/meta/recipes-devtools/gcc/gcc-target.inc
+++ b/meta/recipes-devtools/gcc/gcc-target.inc
@@ -137,6 +137,14 @@ FILES_${PN}-doc = "\
 "
 do_compile () {
+        # Prevent full target sysroot path from being used in configargs.h header,
+        # as it will be rewritten when used by other sysroots preventing support
+        # for gcc plugins. Additionally the path is embeddeded into the output
+        # binary, this prevents building a reproducible binary.
+        oe_runmake configure-gcc
+        sed -i 's@${STAGING_DIR_TARGET}@/@g' ${B}/gcc/configargs.h
+        sed -i 's@${STAGING_DIR_HOST}@/@g' ${B}/gcc/configargs.h
        oe_runmake all-host
 }
diff --git a/meta/recipes-devtools/git/git.inc b/meta/recipes-devtools/git/git.inc
index 6e137432f0..a0ce1626a1 100644
--- a/meta/recipes-devtools/git/git.inc
+++ b/meta/recipes-devtools/git/git.inc
@@ -7,7 +7,21 @@ DEPENDS = "openssl curl zlib expat"
 PROVIDES_append_class-native = " git-replacement-native"
 SRC_URI = "${KERNELORG_MIRROR}/software/scm/git/git-${PV}.tar.gz;name=tarball \
-           ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages"
+           ${KERNELORG_MIRROR}/software/scm/git/git-manpages-${PV}.tar.gz;name=manpages \
+           file://CVE-2020-5260.patch \
+           file://0001-t-lib-credential-use-test_i18ncmp-to-check-stderr.patch \
+           file://0002-credential-detect-unrepresentable-values-when-parsin.patch \
+           file://0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch \
+           file://CVE-2020-11008-1.patch \
+           file://CVE-2020-11008-2.patch \
+           file://CVE-2020-11008-3.patch \
+           file://CVE-2020-11008-4.patch \
+           file://CVE-2020-11008-5.patch \
+           file://CVE-2020-11008-6.patch \
+           file://CVE-2020-11008-7.patch \
+           file://CVE-2020-11008-8.patch \
+           file://CVE-2020-11008-9.patch \
+          "
 S = "${WORKDIR}/git-${PV}"
diff --git a/meta/recipes-devtools/git/git/0001-t-lib-credential-use-test_i18ncmp-to-check-stderr.patch b/meta/recipes-devtools/git/git/0001-t-lib-credential-use-test_i18ncmp-to-check-stderr.patch
new file mode 100644
index 0000000000..6eb3c16aef
--- /dev/null
+++ b/meta/recipes-devtools/git/git/0001-t-lib-credential-use-test_i18ncmp-to-check-stderr.patch
@@ -0,0 +1,35 @@
+From 70ef9c6ce884b2d466d3d36563f1d2aa31b56443 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Wed, 11 Mar 2020 18:11:37 -0400
+Subject: [PATCH 01/12] t/lib-credential: use test_i18ncmp to check stderr
+The credential tests have a "check" function which feeds some input to
+git-credential and checks the stdout and stderr. We look for exact
+matches in the output. For stdout, this makes sense; the output is
+the credential protocol. But for stderr, we may be showing various
+diagnostic messages, or the prompts fed to the askpass program, which
+could be translated. Let's mark them as such.
+Upstream-Status: Backport
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ t/lib-credential.sh | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/t/lib-credential.sh b/t/lib-credential.sh
+index 937b831..bb88cc0 100755
+--- a/t/lib-credential.sh
+++ b/t/lib-credential.sh
+@@ -19,7 +19,7 @@ check() {
+                false
+        fi &&
+        test_cmp expect-stdout stdout &&
+-       test_cmp expect-stderr stderr
+       test_i18ncmp expect-stderr stderr
+ }
+ 
+ read_chunk() {
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/0002-credential-detect-unrepresentable-values-when-parsin.patch b/meta/recipes-devtools/git/git/0002-credential-detect-unrepresentable-values-when-parsin.patch
new file mode 100644
index 0000000000..a9b7348ef7
--- /dev/null
+++ b/meta/recipes-devtools/git/git/0002-credential-detect-unrepresentable-values-when-parsin.patch
@@ -0,0 +1,156 @@
+From 43803880b954a020dbffa5250a5b7fd893442c7c Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Thu, 12 Mar 2020 01:31:11 -0400
+Subject: [PATCH 02/12] credential: detect unrepresentable values when parsing
+ urls
+The credential protocol can't represent newlines in values, but URLs can
+embed percent-encoded newlines in various components. A previous commit
+taught the low-level writing routines to die() when encountering this,
+but we can be a little friendlier to the user by detecting them earlier
+and handling them gracefully.
+This patch teaches credential_from_url() to notice such components,
+issue a warning, and blank the credential (which will generally result
+in prompting the user for a username and password). We blank the whole
+credential in this case. Another option would be to blank only the
+invalid component. However, we're probably better off not feeding a
+partially-parsed URL result to a credential helper. We don't know how a
+given helper would handle it, so we're better off to err on the side of
+matching nothing rather than something unexpected.
+The die() call in credential_write() is _probably_ impossible to reach
+after this patch. Values should end up in credential structs only by URL
+parsing (which is covered here), or by reading credential protocol input
+(which by definition cannot read a newline into a value). But we should
+definitely keep the low-level check, as it's our final and most accurate
+line of defense against protocol injection attacks. Arguably it could
+become a BUG(), but it probably doesn't matter much either way.
+Note that the public interface of credential_from_url() grows a little
+more than we need here. We'll use the extra flexibility in a future
+patch to help fsck catch these cases.
+Upstream-Status: Backport
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ credential.c           | 36 ++++++++++++++++++++++++++++++++++--
+ credential.h           | 16 ++++++++++++++++
+ t/t0300-credentials.sh | 12 ++++++++++--
+ 3 files changed, 60 insertions(+), 4 deletions(-)
+diff --git a/credential.c b/credential.c
+index a79aff0..2482382 100644
+--- a/credential.c
+++ b/credential.c
+@@ -324,7 +324,22 @@ void credential_reject(struct credential *c)
+        c->approved = 0;
+ }
+ 
+-void credential_from_url(struct credential *c, const char *url)
+static int check_url_component(const char *url, int quiet,
+                              const char *name, const char *value)
+{
+       if (!value)
+               return 0;
+       if (!strchr(value, '\n'))
+               return 0;
+
+       if (!quiet)
+               warning(_("url contains a newline in its %s component: %s"),
+                       name, url);
+       return -1;
+}
+
+int credential_from_url_gently(struct credential *c, const char *url,
+                              int quiet)
+ {
+        const char *at, *colon, *cp, *slash, *host, *proto_end;
+ 
+@@ -338,7 +353,7 @@ void credential_from_url(struct credential *c, const char *url)
+         */
+        proto_end = strstr(url, "://");
+        if (!proto_end)
+-               return;
+               return 0;
+        cp = proto_end + 3;
+        at = strchr(cp, '@');
+        colon = strchr(cp, ':');
+@@ -373,4 +388,21 @@ void credential_from_url(struct credential *c, const char *url)
+                while (p > c->path && *p == '/')
+                        *p-- = '\0';
+        }
+
+       if (check_url_component(url, quiet, "username", c->username) < 0 ||
+           check_url_component(url, quiet, "password", c->password) < 0 ||
+           check_url_component(url, quiet, "protocol", c->protocol) < 0 ||
+           check_url_component(url, quiet, "host", c->host) < 0 ||
+           check_url_component(url, quiet, "path", c->path) < 0)
+               return -1;
+
+       return 0;
+}
+
+void credential_from_url(struct credential *c, const char *url)
+{
+       if (credential_from_url_gently(c, url, 0) < 0) {
+               warning(_("skipping credential lookup for url: %s"), url);
+               credential_clear(c);
+       }
+ }
+diff --git a/credential.h b/credential.h
+index 6b0cd16..122a23c 100644
+--- a/credential.h
+++ b/credential.h
+@@ -28,7 +28,23 @@ struct credential {
+ 
+ int credential_read(struct credential *, FILE *);
+ void credential_write(const struct credential *, FILE *);
+
+/*
+ * Parse a url into a credential struct, replacing any existing contents.
+ *
+ * Ifthe url can't be parsed (e.g., a missing "proto://" component), the
+ * resulting credential will be empty but we'll still return success from the
+ * "gently" form.
+ *
+ * If we encounter a component which cannot be represented as a credential
+ * value (e.g., because it contains a newline), the "gently" form will return
+ * an error but leave the broken state in the credential object for further
+ * examination.  The non-gentle form will issue a warning to stderr and return
+ * an empty credential.
+ */
+ void credential_from_url(struct credential *, const char *url);
+int credential_from_url_gently(struct credential *, const char *url, int quiet);
+
+ int credential_match(const struct credential *have,
+                     const struct credential *want);
+ 
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 26f3c3a..b9c0f1f 100755
+--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
+@@ -308,9 +308,17 @@ test_expect_success 'empty helper spec resets helper list' '
+        EOF
+ '
+ 
+-test_expect_success 'url parser rejects embedded newlines' '
+-       test_must_fail git credential fill <<-\EOF
+test_expect_success 'url parser ignores embedded newlines' '
+       check fill <<-EOF
+        url=https://one.example.com?%0ahost=two.example.com/
+       --
+       username=askpass-username
+       password=askpass-password
+       --
+       warning: url contains a newline in its host component: https://one.example.com?%0ahost=two.example.com/
+       warning: skipping credential lookup for url: https://one.example.com?%0ahost=two.example.com/
+       askpass: Username:
+       askpass: Password:
+        EOF
+ '
+ 
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch b/meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch
new file mode 100644
index 0000000000..23931e6313
--- /dev/null
+++ b/meta/recipes-devtools/git/git/0003-fsck-detect-gitmodules-URLs-with-embedded-newlines.patch
@@ -0,0 +1,103 @@
+From 1c9f8cedd34302575db40016231bdf502f17901e Mon Sep 17 00:00:00 2001
+From: Li Zhou <li.zhou@windriver.com>
+Date: Mon, 27 Apr 2020 13:49:39 +0800
+Subject: [PATCH 03/12] fsck: detect gitmodules URLs with embedded newlines
+The credential protocol can't handle values with newlines. We already
+detect and block any such URLs from being used with credential helpers,
+but let's also add an fsck check to detect and block gitmodules files
+with such URLs. That will let us notice the problem earlier when
+transfer.fsckObjects is turned on. And in particular it will prevent bad
+objects from spreading, which may protect downstream users running older
+versions of Git.
+We'll file this under the existing gitmodulesUrl flag, which covers URLs
+with option injection. There's really no need to distinguish the exact
+flaw in the URL in this context. Likewise, I've expanded the description
+of t7416 to cover all types of bogus URLs.
+Upstream-Status: Backport
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ fsck.c                        | 16 +++++++++++++++-
+ t/t7416-submodule-dash-url.sh | 18 +++++++++++++++++-
+ 2 files changed, 32 insertions(+), 2 deletions(-)
+diff --git a/fsck.c b/fsck.c
+index ef8b343..ea46eea 100644
+--- a/fsck.c
+++ b/fsck.c
+@@ -15,6 +15,7 @@
+ #include "packfile.h"
+ #include "submodule-config.h"
+ #include "config.h"
+#include "credential.h"
+ #include "help.h"
+ 
+ static struct oidset gitmodules_found = OIDSET_INIT;
+@@ -947,6 +948,19 @@ static int fsck_tag(struct tag *tag, const char *data,
+        return fsck_tag_buffer(tag, data, size, options);
+ }
+ 
+static int check_submodule_url(const char *url)
+{
+       struct credential c = CREDENTIAL_INIT;
+       int ret;
+
+       if (looks_like_command_line_option(url))
+               return -1;
+
+       ret = credential_from_url_gently(&c, url, 1);
+       credential_clear(&c);
+       return ret;
+}
+
+ struct fsck_gitmodules_data {
+        struct object *obj;
+        struct fsck_options *options;
+@@ -971,7 +985,7 @@ static int fsck_gitmodules_fn(const char *var, const char *value, void *vdata)
+                                    "disallowed submodule name: %s",
+                                    name);
+        if (!strcmp(key, "url") && value &&
+-           looks_like_command_line_option(value))
+           check_submodule_url(value) < 0)
+                data->ret |= report(data->options, data->obj,
+                                    FSCK_MSG_GITMODULES_URL,
+                                    "disallowed submodule url: %s",
+diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
+index 5ba041f..41431b1 100755
+--- a/t/t7416-submodule-dash-url.sh
+++ b/t/t7416-submodule-dash-url.sh
+@@ -1,6 +1,6 @@
+ #!/bin/sh
+ 
+-test_description='check handling of .gitmodule url with dash'
+test_description='check handling of disallowed .gitmodule urls'
+ . ./test-lib.sh
+ 
+ test_expect_success 'create submodule with protected dash in url' '
+@@ -60,4 +60,20 @@ test_expect_success 'trailing backslash is handled correctly' '
+        test_i18ngrep ! "unknown option" err
+ '
+ 
+test_expect_success 'fsck rejects embedded newline in url' '
+       # create an orphan branch to avoid existing .gitmodules objects
+       git checkout --orphan newline &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+       url = "https://one.example.com?%0ahost=two.example.com/foo.git"
+       EOF
+       git add .gitmodules &&
+       git commit -m "gitmodules with newline" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+ test_done
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-1.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-1.patch
new file mode 100644
index 0000000000..9cf98ea7b4
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-1.patch
@@ -0,0 +1,70 @@
+From 863f8067d8b4012904ca3bb881c659ac9894df97 Mon Sep 17 00:00:00 2001
+From: Li Zhou <li.zhou@windriver.com>
+Date: Mon, 27 Apr 2020 14:36:03 +0800
+Subject: [PATCH 04/12] t0300: make "quit" helper more realistic
+We test a toy credential helper that writes "quit=1" and confirms that
+we stop running other helpers. However, that helper is unrealistic in
+that it does not bother to read its stdin at all.
+For now we don't send any input to it, because we feed git-credential a
+blank credential. But that will change in the next patch, which will
+cause this test to racily fail, as git-credential will get SIGPIPE
+writing to the helper rather than exiting because it was asked to.
+Let's make this one-off helper more like our other sample helpers, and
+have it source the "dump" script. That will read stdin, fixing the
+SIGPIPE problem. But it will also write what it sees to stderr. We can
+make the test more robust by checking that output, which confirms that
+we do run the quit helper, don't run any other helpers, and exit for the
+reason we expected.
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (1)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ t/t0300-credentials.sh | 17 ++++++++++++++---
+ 1 file changed, 14 insertions(+), 3 deletions(-)
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index b9c0f1f..0206b3b 100755
+--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
+@@ -22,6 +22,11 @@ test_expect_success 'setup helper scripts' '
+        exit 0
+        EOF
+ 
+       write_script git-credential-quit <<-\EOF &&
+       . ./dump
+       echo quit=1
+       EOF
+
+        write_script git-credential-verbatim <<-\EOF &&
+        user=$1; shift
+        pass=$1; shift
+@@ -291,10 +296,16 @@ test_expect_success 'http paths can be part of context' '
+ 
+ test_expect_success 'helpers can abort the process' '
+        test_must_fail git \
+-               -c credential.helper="!f() { echo quit=1; }; f" \
+               -c credential.helper=quit \
+                -c credential.helper="verbatim foo bar" \
+-               credential fill >stdout &&
+-       test_must_be_empty stdout
+               credential fill >stdout 2>stderr &&
+       >expect &&
+       test_cmp expect stdout &&
+       cat >expect <<-\EOF &&
+       quit: get
+       fatal: credential helper '\''quit'\'' told us to quit
+       EOF
+       test_i18ncmp expect stderr
+ '
+ 
+ test_expect_success 'empty helper spec resets helper list' '
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-2.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-2.patch
new file mode 100644
index 0000000000..c752e3d431
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-2.patch
@@ -0,0 +1,292 @@
+From 5588659069214aa0f7fea75a69687078e2f7a817 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Sat, 18 Apr 2020 20:47:30 -0700
+Subject: [PATCH 05/12] t0300: use more realistic inputs
+Many of the tests in t0300 give partial inputs to git-credential,
+omitting a protocol or hostname. We're checking only high-level things
+like whether and how helpers are invoked at all, and we don't care about
+specific hosts. However, in preparation for tightening up the rules
+about when we're willing to run a helper, let's start using input that's
+a bit more realistic: pretend as if http://example.com is being
+examined.
+This shouldn't change the point of any of the tests, but do note we have
+to adjust the expected output to accommodate this (filling a credential
+will repeat back the protocol/host fields to stdout, and the helper
+debug messages and askpass prompt will change on stderr).
+Signed-off-by: Jeff King <peff@peff.net>
+Reviewed-by: Taylor Blau <me@ttaylorr.com>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (2)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ t/t0300-credentials.sh | 89 +++++++++++++++++++++++++++++++++++++++++++++++---
+ 1 file changed, 85 insertions(+), 4 deletions(-)
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 0206b3b..f4c5d7f 100755
+--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
+@@ -40,43 +40,71 @@ test_expect_success 'setup helper scripts' '
+ 
+ test_expect_success 'credential_fill invokes helper' '
+        check fill "verbatim foo bar" <<-\EOF
+       protocol=http
+       host=example.com
+        --
+       protocol=http
+       host=example.com
+        username=foo
+        password=bar
+        --
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        EOF
+ '
+ 
+ test_expect_success 'credential_fill invokes multiple helpers' '
+        check fill useless "verbatim foo bar" <<-\EOF
+       protocol=http
+       host=example.com
+        --
+       protocol=http
+       host=example.com
+        username=foo
+        password=bar
+        --
+        useless: get
+       useless: protocol=http
+       useless: host=example.com
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        EOF
+ '
+ 
+ test_expect_success 'credential_fill stops when we get a full response' '
+        check fill "verbatim one two" "verbatim three four" <<-\EOF
+       protocol=http
+       host=example.com
+        --
+       protocol=http
+       host=example.com
+        username=one
+        password=two
+        --
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        EOF
+ '
+ 
+ test_expect_success 'credential_fill continues through partial response' '
+        check fill "verbatim one \"\"" "verbatim two three" <<-\EOF
+       protocol=http
+       host=example.com
+        --
+       protocol=http
+       host=example.com
+        username=two
+        password=three
+        --
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        verbatim: username=one
+        EOF
+ '
+@@ -102,14 +130,20 @@ test_expect_success 'credential_fill passes along metadata' '
+ 
+ test_expect_success 'credential_approve calls all helpers' '
+        check approve useless "verbatim one two" <<-\EOF
+       protocol=http
+       host=example.com
+        username=foo
+        password=bar
+        --
+        --
+        useless: store
+       useless: protocol=http
+       useless: host=example.com
+        useless: username=foo
+        useless: password=bar
+        verbatim: store
+       verbatim: protocol=http
+       verbatim: host=example.com
+        verbatim: username=foo
+        verbatim: password=bar
+        EOF
+@@ -117,6 +151,8 @@ test_expect_success 'credential_approve calls all helpers' '
+ 
+ test_expect_success 'do not bother storing password-less credential' '
+        check approve useless <<-\EOF
+       protocol=http
+       host=example.com
+        username=foo
+        --
+        --
+@@ -126,14 +162,20 @@ test_expect_success 'do not bother storing password-less credential' '
+ 
+ test_expect_success 'credential_reject calls all helpers' '
+        check reject useless "verbatim one two" <<-\EOF
+       protocol=http
+       host=example.com
+        username=foo
+        password=bar
+        --
+        --
+        useless: erase
+       useless: protocol=http
+       useless: host=example.com
+        useless: username=foo
+        useless: password=bar
+        verbatim: erase
+       verbatim: protocol=http
+       verbatim: host=example.com
+        verbatim: username=foo
+        verbatim: password=bar
+        EOF
+@@ -141,33 +183,49 @@ test_expect_success 'credential_reject calls all helpers' '
+ 
+ test_expect_success 'usernames can be preserved' '
+        check fill "verbatim \"\" three" <<-\EOF
+       protocol=http
+       host=example.com
+        username=one
+        --
+       protocol=http
+       host=example.com
+        username=one
+        password=three
+        --
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        verbatim: username=one
+        EOF
+ '
+ 
+ test_expect_success 'usernames can be overridden' '
+        check fill "verbatim two three" <<-\EOF
+       protocol=http
+       host=example.com
+        username=one
+        --
+       protocol=http
+       host=example.com
+        username=two
+        password=three
+        --
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        verbatim: username=one
+        EOF
+ '
+ 
+ test_expect_success 'do not bother completing already-full credential' '
+        check fill "verbatim three four" <<-\EOF
+       protocol=http
+       host=example.com
+        username=one
+        password=two
+        --
+       protocol=http
+       host=example.com
+        username=one
+        password=two
+        --
+@@ -179,23 +237,31 @@ test_expect_success 'do not bother completing already-full credential' '
+ # askpass helper is run, we know the internal getpass is working.
+ test_expect_success 'empty helper list falls back to internal getpass' '
+        check fill <<-\EOF
+       protocol=http
+       host=example.com
+        --
+       protocol=http
+       host=example.com
+        username=askpass-username
+        password=askpass-password
+        --
+-       askpass: Username:
+-       askpass: Password:
+       askpass: Username for '\''http://example.com'\'':
+       askpass: Password for '\''http://askpass-username@example.com'\'':
+        EOF
+ '
+ 
+ test_expect_success 'internal getpass does not ask for known username' '
+        check fill <<-\EOF
+       protocol=http
+       host=example.com
+        username=foo
+        --
+       protocol=http
+       host=example.com
+        username=foo
+        password=askpass-password
+        --
+-       askpass: Password:
+       askpass: Password for '\''http://foo@example.com'\'':
+        EOF
+ '
+ 
+@@ -207,7 +273,11 @@ HELPER="!f() {
+ test_expect_success 'respect configured credentials' '
+        test_config credential.helper "$HELPER" &&
+        check fill <<-\EOF
+       protocol=http
+       host=example.com
+        --
+       protocol=http
+       host=example.com
+        username=foo
+        password=bar
+        --
+@@ -298,11 +368,16 @@ test_expect_success 'helpers can abort the process' '
+        test_must_fail git \
+                -c credential.helper=quit \
+                -c credential.helper="verbatim foo bar" \
+-               credential fill >stdout 2>stderr &&
+               credential fill >stdout 2>stderr <<-\EOF &&
+       protocol=http
+       host=example.com
+       EOF
+        >expect &&
+        test_cmp expect stdout &&
+        cat >expect <<-\EOF &&
+        quit: get
+       quit: protocol=http
+       quit: host=example.com
+        fatal: credential helper '\''quit'\'' told us to quit
+        EOF
+        test_i18ncmp expect stderr
+@@ -311,11 +386,17 @@ test_expect_success 'helpers can abort the process' '
+ test_expect_success 'empty helper spec resets helper list' '
+        test_config credential.helper "verbatim file file" &&
+        check fill "" "verbatim cmdline cmdline" <<-\EOF
+       protocol=http
+       host=example.com
+        --
+       protocol=http
+       host=example.com
+        username=cmdline
+        password=cmdline
+        --
+        verbatim: get
+       verbatim: protocol=http
+       verbatim: host=example.com
+        EOF
+ '
+ 
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-3.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-3.patch
new file mode 100644
index 0000000000..c17e883d6c
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-3.patch
@@ -0,0 +1,97 @@
+From 22f28251ae575dd7a60f7a46853469025d004ca7 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Sat, 18 Apr 2020 20:48:05 -0700
+Subject: [PATCH 06/12] credential: parse URL without host as empty host, not
+ unset
+We may feed a URL like "cert:///path/to/cert.pem" into the credential
+machinery to get the key for a client-side certificate. That
+credential has no hostname field, which is about to be disallowed (to
+avoid confusion with protocols where a helper _would_ expect a
+hostname).
+This means as of the next patch, credential helpers won't work for
+unlocking certs. Let's fix that by doing two things:
+  - when we parse a url with an empty host, set the host field to the
+    empty string (asking only to match stored entries with an empty
+    host) rather than NULL (asking to match _any_ host).
+  - when we build a cert:// credential by hand, similarly assign an
+    empty string
+It's the latter that is more likely to impact real users in practice,
+since it's what's used for http connections. But we don't have good
+infrastructure to test it.
+The url-parsing version will help anybody using git-credential in a
+script, and is easy to test.
+Signed-off-by: Jeff King <peff@peff.net>
+Reviewed-by: Taylor Blau <me@ttaylorr.com>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (3)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ credential.c           |  3 +--
+ http.c                 |  1 +
+ t/t0300-credentials.sh | 17 +++++++++++++++++
+ 3 files changed, 19 insertions(+), 2 deletions(-)
+diff --git a/credential.c b/credential.c
+index 2482382..f2413ce 100644
+--- a/credential.c
+++ b/credential.c
+@@ -376,8 +376,7 @@ int credential_from_url_gently(struct credential *c, const char *url,
+ 
+        if (proto_end - url > 0)
+                c->protocol = xmemdupz(url, proto_end - url);
+-       if (slash - host > 0)
+-               c->host = url_decode_mem(host, slash - host);
+       c->host = url_decode_mem(host, slash - host);
+        /* Trim leading and trailing slashes from path */
+        while (*slash == '/')
+                slash++;
+diff --git a/http.c b/http.c
+index 27aa0a3..c4dfdac 100644
+--- a/http.c
+++ b/http.c
+@@ -558,6 +558,7 @@ static int has_cert_password(void)
+                return 0;
+        if (!cert_auth.password) {
+                cert_auth.protocol = xstrdup("cert");
+               cert_auth.host = xstrdup("");
+                cert_auth.username = xstrdup("");
+                cert_auth.path = xstrdup(ssl_cert);
+                credential_fill(&cert_auth);
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index f4c5d7f..1c1010b 100755
+--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
+@@ -414,4 +414,21 @@ test_expect_success 'url parser ignores embedded newlines' '
+        EOF
+ '
+ 
+test_expect_success 'host-less URLs are parsed as empty host' '
+       check fill "verbatim foo bar" <<-\EOF
+       url=cert:///path/to/cert.pem
+       --
+       protocol=cert
+       host=
+       path=path/to/cert.pem
+       username=foo
+       password=bar
+       --
+       verbatim: get
+       verbatim: protocol=cert
+       verbatim: host=
+       verbatim: path=path/to/cert.pem
+       EOF
+'
+
+ test_done
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-4.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-4.patch
new file mode 100644
index 0000000000..14e23466d4
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-4.patch
@@ -0,0 +1,173 @@
+From f8bf7099379990ad974c1ca8f51e1f28bf18cf2a Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Sat, 18 Apr 2020 20:50:48 -0700
+Subject: [PATCH 07/12] credential: refuse to operate when missing host or
+ protocol
+The credential helper protocol was designed to be very flexible: the
+fields it takes as input are treated as a pattern, and any missing
+fields are taken as wildcards. This allows unusual things like:
+  echo protocol=https | git credential reject
+to delete all stored https credentials (assuming the helpers themselves
+treat the input that way). But when helpers are invoked automatically by
+Git, this flexibility works against us. If for whatever reason we don't
+have a "host" field, then we'd match _any_ host. When you're filling a
+credential to send to a remote server, this is almost certainly not what
+you want.
+Prevent this at the layer that writes to the credential helper. Add a
+check to the credential API that the host and protocol are always passed
+in, and add an assertion to the credential_write function that speaks
+credential helper protocol to be doubly sure.
+There are a few ways this can be triggered in practice:
+  - the "git credential" command passes along arbitrary credential
+    parameters it reads from stdin.
+  - until the previous patch, when the host field of a URL is empty, we
+    would leave it unset (rather than setting it to the empty string)
+  - a URL like "example.com/foo.git" is treated by curl as if "http://"
+    was present, but our parser sees it as a non-URL and leaves all
+    fields unset
+  - the recent fix for URLs with embedded newlines blanks the URL but
+    otherwise continues. Rather than having the desired effect of
+    looking up no credential at all, many helpers will return _any_
+    credential
+Our earlier test for an embedded newline didn't catch this because it
+only checked that the credential was cleared, but didn't configure an
+actual helper. Configuring the "verbatim" helper in the test would show
+that it is invoked (it's obviously a silly helper which doesn't look at
+its input, but the point is that it shouldn't be run at all). Since
+we're switching this case to die(), we don't need to bother with a
+helper. We can see the new behavior just by checking that the operation
+fails.
+We'll add new tests covering partial input as well (these can be
+triggered through various means with url-parsing, but it's simpler to
+just check them directly, as we know we are covered even if the url
+parser changes behavior in the future).
+[jn: changed to die() instead of logging and showing a manual
+ username/password prompt]
+Reported-by: Carlo Arenas <carenas@gmail.com>
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (4)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ credential.c           | 20 ++++++++++++++------
+ t/t0300-credentials.sh | 34 ++++++++++++++++++++++++++--------
+ 2 files changed, 40 insertions(+), 14 deletions(-)
+diff --git a/credential.c b/credential.c
+index f2413ce..e08ed84 100644
+--- a/credential.c
+++ b/credential.c
+@@ -89,6 +89,11 @@ static int proto_is_http(const char *s)
+ 
+ static void credential_apply_config(struct credential *c)
+ {
+       if (!c->host)
+               die(_("refusing to work with credential missing host field"));
+       if (!c->protocol)
+               die(_("refusing to work with credential missing protocol field"));
+
+        if (c->configured)
+                return;
+        git_config(credential_config_callback, c);
+@@ -191,8 +196,11 @@ int credential_read(struct credential *c, FILE *fp)
+        return 0;
+ }
+ 
+-static void credential_write_item(FILE *fp, const char *key, const char *value)
+static void credential_write_item(FILE *fp, const char *key, const char *value,
+                                 int required)
+ {
+       if (!value && required)
+               BUG("credential value for %s is missing", key);
+        if (!value)
+                return;
+        if (strchr(value, '\n'))
+@@ -202,11 +210,11 @@ static void credential_write_item(FILE *fp, const char *key, const char *value)
+ 
+ void credential_write(const struct credential *c, FILE *fp)
+ {
+-       credential_write_item(fp, "protocol", c->protocol);
+-       credential_write_item(fp, "host", c->host);
+-       credential_write_item(fp, "path", c->path);
+-       credential_write_item(fp, "username", c->username);
+-       credential_write_item(fp, "password", c->password);
+       credential_write_item(fp, "protocol", c->protocol, 1);
+       credential_write_item(fp, "host", c->host, 1);
+       credential_write_item(fp, "path", c->path, 0);
+       credential_write_item(fp, "username", c->username, 0);
+       credential_write_item(fp, "password", c->password, 0);
+ }
+ 
+ static int run_credential_helper(struct credential *c,
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 1c1010b..646f845 100755
+--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
+@@ -400,18 +400,16 @@ test_expect_success 'empty helper spec resets helper list' '
+        EOF
+ '
+ 
+-test_expect_success 'url parser ignores embedded newlines' '
+-       check fill <<-EOF
+test_expect_success 'url parser rejects embedded newlines' '
+       test_must_fail git credential fill 2>stderr <<-\EOF &&
+        url=https://one.example.com?%0ahost=two.example.com/
+-       --
+-       username=askpass-username
+-       password=askpass-password
+-       --
+       EOF
+       cat >expect <<-\EOF &&
+        warning: url contains a newline in its host component: https://one.example.com?%0ahost=two.example.com/
+        warning: skipping credential lookup for url: https://one.example.com?%0ahost=two.example.com/
+-       askpass: Username:
+-       askpass: Password:
+       fatal: refusing to work with credential missing host field
+        EOF
+       test_i18ncmp expect stderr
+ '
+ 
+ test_expect_success 'host-less URLs are parsed as empty host' '
+@@ -431,4 +429,24 @@ test_expect_success 'host-less URLs are parsed as empty host' '
+        EOF
+ '
+ 
+test_expect_success 'credential system refuses to work with missing host' '
+       test_must_fail git credential fill 2>stderr <<-\EOF &&
+       protocol=http
+       EOF
+       cat >expect <<-\EOF &&
+       fatal: refusing to work with credential missing host field
+       EOF
+       test_i18ncmp expect stderr
+'
+
+test_expect_success 'credential system refuses to work with missing protocol' '
+       test_must_fail git credential fill 2>stderr <<-\EOF &&
+       host=example.com
+       EOF
+       cat >expect <<-\EOF &&
+       fatal: refusing to work with credential missing protocol field
+       EOF
+       test_i18ncmp expect stderr
+'
+
+ test_done
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-5.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-5.patch
new file mode 100644
index 0000000000..60f8d59082
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-5.patch
@@ -0,0 +1,211 @@
+From 3431abe8c0f64f4049a31298c0b1056baa7d81dc Mon Sep 17 00:00:00 2001
+From: Li Zhou <li.zhou@windriver.com>
+Date: Mon, 27 Apr 2020 14:45:49 +0800
+Subject: [PATCH 08/12] fsck: convert gitmodules url to URL passed to curl
+In 07259e74ec1 (fsck: detect gitmodules URLs with embedded newlines,
+2020-03-11), git fsck learned to check whether URLs in .gitmodules could
+be understood by the credential machinery when they are handled by
+git-remote-curl.
+However, the check is overbroad: it checks all URLs instead of only
+URLs that would be passed to git-remote-curl. In principle a git:// or
+file:/// URL does not need to follow the same conventions as an http://
+URL; in particular, git:// and file:// protocols are not succeptible to
+issues in the credential API because they do not support attaching
+credentials.
+In the HTTP case, the URL in .gitmodules does not always match the URL
+that would be passed to git-remote-curl and the credential machinery:
+Git's URL syntax allows specifying a remote helper followed by a "::"
+delimiter and a URL to be passed to it, so that
+        git ls-remote http::https://example.com/repo.git
+invokes git-remote-http with https://example.com/repo.git as its URL
+argument. With today's checks, that distinction does not make a
+difference, but for a check we are about to introduce (for empty URL
+schemes) it will matter.
+.gitmodules files also support relative URLs. To ensure coverage for the
+https based embedded-newline attack, urldecode and check them directly
+for embedded newlines.
+Helped-by: Jeff King <peff@peff.net>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Reviewed-by: Jeff King <peff@peff.net>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (5)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ fsck.c                        | 94 ++++++++++++++++++++++++++++++++++++++++---
+ t/t7416-submodule-dash-url.sh | 29 +++++++++++++
+ 2 files changed, 118 insertions(+), 5 deletions(-)
+diff --git a/fsck.c b/fsck.c
+index ea46eea..0f21eb1 100644
+--- a/fsck.c
+++ b/fsck.c
+@@ -9,6 +9,7 @@
+ #include "tag.h"
+ #include "fsck.h"
+ #include "refs.h"
+#include "url.h"
+ #include "utf8.h"
+ #include "decorate.h"
+ #include "oidset.h"
+@@ -948,17 +949,100 @@ static int fsck_tag(struct tag *tag, const char *data,
+        return fsck_tag_buffer(tag, data, size, options);
+ }
+ 
+/*
+ * Like builtin/submodule--helper.c's starts_with_dot_slash, but without
+ * relying on the platform-dependent is_dir_sep helper.
+ *
+ * This is for use in checking whether a submodule URL is interpreted as
+ * relative to the current directory on any platform, since \ is a
+ * directory separator on Windows but not on other platforms.
+ */
+static int starts_with_dot_slash(const char *str)
+{
+       return str[0] == '.' && (str[1] == '/' || str[1] == '\\');
+}
+
+/*
+ * Like starts_with_dot_slash, this is a variant of submodule--helper's
+ * helper of the same name with the twist that it accepts backslash as a
+ * directory separator even on non-Windows platforms.
+ */
+static int starts_with_dot_dot_slash(const char *str)
+{
+       return str[0] == '.' && starts_with_dot_slash(str + 1);
+}
+
+static int submodule_url_is_relative(const char *url)
+{
+       return starts_with_dot_slash(url) || starts_with_dot_dot_slash(url);
+}
+
+/*
+ * Check whether a transport is implemented by git-remote-curl.
+ *
+ * If it is, returns 1 and writes the URL that would be passed to
+ * git-remote-curl to the "out" parameter.
+ *
+ * Otherwise, returns 0 and leaves "out" untouched.
+ *
+ * Examples:
+ *   http::https://example.com/repo.git -> 1, https://example.com/repo.git
+ *   https://example.com/repo.git -> 1, https://example.com/repo.git
+ *   git://example.com/repo.git -> 0
+ *
+ * This is for use in checking for previously exploitable bugs that
+ * required a submodule URL to be passed to git-remote-curl.
+ */
+static int url_to_curl_url(const char *url, const char **out)
+{
+       /*
+        * We don't need to check for case-aliases, "http.exe", and so
+        * on because in the default configuration, is_transport_allowed
+        * prevents URLs with those schemes from being cloned
+        * automatically.
+        */
+       if (skip_prefix(url, "http::", out) ||
+           skip_prefix(url, "https::", out) ||
+           skip_prefix(url, "ftp::", out) ||
+           skip_prefix(url, "ftps::", out))
+               return 1;
+       if (starts_with(url, "http://") ||
+           starts_with(url, "https://") ||
+           starts_with(url, "ftp://") ||
+           starts_with(url, "ftps://")) {
+               *out = url;
+               return 1;
+       }
+       return 0;
+}
+
+ static int check_submodule_url(const char *url)
+ {
+-       struct credential c = CREDENTIAL_INIT;
+-       int ret;
+       const char *curl_url;
+ 
+        if (looks_like_command_line_option(url))
+                return -1;
+ 
+-       ret = credential_from_url_gently(&c, url, 1);
+-       credential_clear(&c);
+-       return ret;
+       if (submodule_url_is_relative(url)) {
+               /*
+                * This could be appended to an http URL and url-decoded;
+                * check for malicious characters.
+                */
+               char *decoded = url_decode(url);
+               int has_nl = !!strchr(decoded, '\n');
+               free(decoded);
+               if (has_nl)
+                       return -1;
+       }
+
+       else if (url_to_curl_url(url, &curl_url)) {
+               struct credential c = CREDENTIAL_INIT;
+               int ret = credential_from_url_gently(&c, curl_url, 1);
+               credential_clear(&c);
+               return ret;
+       }
+
+       return 0;
+ }
+ 
+ struct fsck_gitmodules_data {
+diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
+index 41431b1..afdd255 100755
+--- a/t/t7416-submodule-dash-url.sh
+++ b/t/t7416-submodule-dash-url.sh
+@@ -60,6 +60,20 @@ test_expect_success 'trailing backslash is handled correctly' '
+        test_i18ngrep ! "unknown option" err
+ '
+ 
+test_expect_success 'fsck permits embedded newline with unrecognized scheme' '
+       git checkout --orphan newscheme &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = "data://acjbkd%0akajfdickajkd"
+       EOF
+       git add .gitmodules &&
+       git commit -m "gitmodules with unrecognized scheme" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       git push dst HEAD
+'
+
+ test_expect_success 'fsck rejects embedded newline in url' '
+        # create an orphan branch to avoid existing .gitmodules objects
+        git checkout --orphan newline &&
+@@ -76,4 +90,19 @@ test_expect_success 'fsck rejects embedded newline in url' '
+        grep gitmodulesUrl err
+ '
+ 
+test_expect_success 'fsck rejects embedded newline in relative url' '
+       git checkout --orphan relative-newline &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = "./%0ahost=two.example.com/foo.git"
+       EOF
+       git add .gitmodules &&
+       git commit -m "relative url with newline" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+ test_done
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-6.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-6.patch
new file mode 100644
index 0000000000..6b36893030
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-6.patch
@@ -0,0 +1,84 @@
+From 883508bcebe87fbe7fb7392272e930c27c30fdc2 Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Sat, 18 Apr 2020 20:53:09 -0700
+Subject: [PATCH 09/12] credential: die() when parsing invalid urls
+When we try to initialize credential loading by URL and find that the
+URL is invalid, we set all fields to NULL in order to avoid acting on
+malicious input. Later when we request credentials, we diagonse the
+erroneous input:
+        fatal: refusing to work with credential missing host field
+This is problematic in two ways:
+- The message doesn't tell the user *why* we are missing the host
+  field, so they can't tell from this message alone how to recover.
+  There can be intervening messages after the original warning of
+  bad input, so the user may not have the context to put two and two
+  together.
+- The error only occurs when we actually need to get a credential.  If
+  the URL permits anonymous access, the only encouragement the user gets
+  to correct their bogus URL is a quiet warning.
+  This is inconsistent with the check we perform in fsck, where any use
+  of such a URL as a submodule is an error.
+When we see such a bogus URL, let's not try to be nice and continue
+without helpers. Instead, die() immediately. This is simpler and
+obviously safe. And there's very little chance of disrupting a normal
+workflow.
+It's _possible_ that somebody has a legitimate URL with a raw newline in
+it. It already wouldn't work with credential helpers, so this patch
+steps that up from an inconvenience to "we will refuse to work with it
+at all". If such a case does exist, we should figure out a way to work
+with it (especially if the newline is only in the path component, which
+we normally don't even pass to helpers). But until we see a real report,
+we're better off being defensive.
+Reported-by: Carlo Arenas <carenas@gmail.com>
+Signed-off-by: Jeff King <peff@peff.net>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (6)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ credential.c           | 6 ++----
+ t/t0300-credentials.sh | 3 +--
+ 2 files changed, 3 insertions(+), 6 deletions(-)
+diff --git a/credential.c b/credential.c
+index e08ed84..22649d5 100644
+--- a/credential.c
+++ b/credential.c
+@@ -408,8 +408,6 @@ int credential_from_url_gently(struct credential *c, const char *url,
+ 
+ void credential_from_url(struct credential *c, const char *url)
+ {
+-       if (credential_from_url_gently(c, url, 0) < 0) {
+-               warning(_("skipping credential lookup for url: %s"), url);
+-               credential_clear(c);
+-       }
+       if (credential_from_url_gently(c, url, 0) < 0)
+               die(_("credential url cannot be parsed: %s"), url);
+ }
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 646f845..efed3ea 100755
+--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
+@@ -406,8 +406,7 @@ test_expect_success 'url parser rejects embedded newlines' '
+        EOF
+        cat >expect <<-\EOF &&
+        warning: url contains a newline in its host component: https://one.example.com?%0ahost=two.example.com/
+-       warning: skipping credential lookup for url: https://one.example.com?%0ahost=two.example.com/
+-       fatal: refusing to work with credential missing host field
+       fatal: credential url cannot be parsed: https://one.example.com?%0ahost=two.example.com/
+        EOF
+        test_i18ncmp expect stderr
+ '
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-7.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-7.patch
new file mode 100644
index 0000000000..5e3b6f1454
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-7.patch
@@ -0,0 +1,206 @@
+From 68acf8724e9cb2f67664dd980581c0022401daf0 Mon Sep 17 00:00:00 2001
+From: Jonathan Nieder <jrnieder@gmail.com>
+Date: Sat, 18 Apr 2020 20:54:13 -0700
+Subject: [PATCH 10/12] credential: treat URL without scheme as invalid
+libcurl permits making requests without a URL scheme specified.  In
+this case, it guesses the URL from the hostname, so I can run
+        git ls-remote http::ftp.example.com/path/to/repo
+and it would make an FTP request.
+Any user intentionally using such a URL is likely to have made a typo.
+Unfortunately, credential_from_url is not able to determine the host and
+protocol in order to determine appropriate credentials to send, and
+until "credential: refuse to operate when missing host or protocol",
+this resulted in another host's credentials being leaked to the named
+host.
+Teach credential_from_url_gently to consider such a URL to be invalid
+so that fsck can detect and block gitmodules files with such URLs,
+allowing server operators to avoid serving them to downstream users
+running older versions of Git.
+This also means that when such URLs are passed on the command line, Git
+will print a clearer error so affected users can switch to the simpler
+URL that explicitly specifies the host and protocol they intend.
+One subtlety: .gitmodules files can contain relative URLs, representing
+a URL relative to the URL they were cloned from.  The relative URL
+resolver used for .gitmodules can follow ".." components out of the path
+part and past the host part of a URL, meaning that such a relative URL
+can be used to traverse from a https://foo.example.com/innocent
+superproject to a https::attacker.example.com/exploit submodule.
+Fortunately a leading ':' in the first path component after a series of
+leading './' and '../' components is unlikely to show up in other
+contexts, so we can catch this by detecting that pattern.
+Reported-by: Jeff King <peff@peff.net>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Reviewed-by: Jeff King <peff@peff.net>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (7)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ credential.c                  |  7 +++++--
+ fsck.c                        | 47 +++++++++++++++++++++++++++++++++++++++++--
+ t/t5550-http-fetch-dumb.sh    |  7 ++-----
+ t/t7416-submodule-dash-url.sh | 32 +++++++++++++++++++++++++++++
+ 4 files changed, 84 insertions(+), 9 deletions(-)
+diff --git a/credential.c b/credential.c
+index 22649d5..1e1aed5 100644
+--- a/credential.c
+++ b/credential.c
+@@ -360,8 +360,11 @@ int credential_from_url_gently(struct credential *c, const char *url,
+         *   (3) proto://<user>:<pass>@<host>/...
+         */
+        proto_end = strstr(url, "://");
+-       if (!proto_end)
+-               return 0;
+       if (!proto_end) {
+               if (!quiet)
+                       warning(_("url has no scheme: %s"), url);
+               return -1;
+       }
+        cp = proto_end + 3;
+        at = strchr(cp, '@');
+        colon = strchr(cp, ':');
+diff --git a/fsck.c b/fsck.c
+index 0f21eb1..30eac29 100644
+--- a/fsck.c
+++ b/fsck.c
+@@ -978,6 +978,34 @@ static int submodule_url_is_relative(const char *url)
+ }
+ 
+ /*
+ * Count directory components that a relative submodule URL should chop
+ * from the remote_url it is to be resolved against.
+ *
+ * In other words, this counts "../" components at the start of a
+ * submodule URL.
+ *
+ * Returns the number of directory components to chop and writes a
+ * pointer to the next character of url after all leading "./" and
+ * "../" components to out.
+ */
+static int count_leading_dotdots(const char *url, const char **out)
+{
+       int result = 0;
+       while (1) {
+               if (starts_with_dot_dot_slash(url)) {
+                       result++;
+                       url += strlen("../");
+                       continue;
+               }
+               if (starts_with_dot_slash(url)) {
+                       url += strlen("./");
+                       continue;
+               }
+               *out = url;
+               return result;
+       }
+}
+/*
+  * Check whether a transport is implemented by git-remote-curl.
+  *
+  * If it is, returns 1 and writes the URL that would be passed to
+@@ -1024,15 +1052,30 @@ static int check_submodule_url(const char *url)
+                return -1;
+ 
+        if (submodule_url_is_relative(url)) {
+               char *decoded;
+               const char *next;
+               int has_nl;
+
+                /*
+                 * This could be appended to an http URL and url-decoded;
+                 * check for malicious characters.
+                 */
+-               char *decoded = url_decode(url);
+-               int has_nl = !!strchr(decoded, '\n');
+               decoded = url_decode(url);
+               has_nl = !!strchr(decoded, '\n');
+
+                free(decoded);
+                if (has_nl)
+                        return -1;
+
+               /*
+                * URLs which escape their root via "../" can overwrite
+                * the host field and previous components, resolving to
+                * URLs like https::example.com/submodule.git that were
+                * susceptible to CVE-2020-11008.
+                */
+               if (count_leading_dotdots(url, &next) > 0 &&
+                   *next == ':')
+                       return -1;
+        }
+ 
+        else if (url_to_curl_url(url, &curl_url)) {
+diff --git a/t/t5550-http-fetch-dumb.sh b/t/t5550-http-fetch-dumb.sh
+index b811d89..1c9e5d3 100755
+--- a/t/t5550-http-fetch-dumb.sh
+++ b/t/t5550-http-fetch-dumb.sh
+@@ -321,11 +321,8 @@ test_expect_success 'git client does not send an empty Accept-Language' '
+ '
+ 
+ test_expect_success 'remote-http complains cleanly about malformed urls' '
+-       # do not actually issue "list" or other commands, as we do not
+-       # want to rely on what curl would actually do with such a broken
+-       # URL. This is just about making sure we do not segfault during
+-       # initialization.
+-       test_must_fail git remote-http http::/example.com/repo.git
+       test_must_fail git remote-http http::/example.com/repo.git 2>stderr &&
+       test_i18ngrep "url has no scheme" stderr
+ '
+ 
+ test_expect_success 'redirects can be forbidden/allowed' '
+diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
+index afdd255..249dc3d 100755
+--- a/t/t7416-submodule-dash-url.sh
+++ b/t/t7416-submodule-dash-url.sh
+@@ -60,6 +60,38 @@ test_expect_success 'trailing backslash is handled correctly' '
+        test_i18ngrep ! "unknown option" err
+ '
+ 
+test_expect_success 'fsck rejects missing URL scheme' '
+       git checkout --orphan missing-scheme &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = http::one.example.com/foo.git
+       EOF
+       git add .gitmodules &&
+       test_tick &&
+       git commit -m "gitmodules with missing URL scheme" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+test_expect_success 'fsck rejects relative URL resolving to missing scheme' '
+       git checkout --orphan relative-missing-scheme &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = "..\\../.\\../:one.example.com/foo.git"
+       EOF
+       git add .gitmodules &&
+       test_tick &&
+       git commit -m "gitmodules with relative URL that strips off scheme" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+ test_expect_success 'fsck permits embedded newline with unrecognized scheme' '
+        git checkout --orphan newscheme &&
+        cat >.gitmodules <<-\EOF &&
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-8.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-8.patch
new file mode 100644
index 0000000000..935d47795f
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-8.patch
@@ -0,0 +1,114 @@
+From 5e06d0781a963d62413ae7eab4eb78cc7195af8b Mon Sep 17 00:00:00 2001
+From: Jonathan Nieder <jrnieder@gmail.com>
+Date: Sat, 18 Apr 2020 20:54:57 -0700
+Subject: [PATCH 11/12] credential: treat URL with empty scheme as invalid
+Until "credential: refuse to operate when missing host or protocol",
+Git's credential handling code interpreted URLs with empty scheme to
+mean "give me credentials matching this host for any protocol".
+Luckily libcurl does not recognize such URLs (it tries to look for a
+protocol named "" and fails). Just in case that changes, let's reject
+them within Git as well. This way, credential_from_url is guaranteed to
+always produce a "struct credential" with protocol and host set.
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (8)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ credential.c                  |  5 ++---
+ t/t5550-http-fetch-dumb.sh    |  9 +++++++++
+ t/t7416-submodule-dash-url.sh | 32 ++++++++++++++++++++++++++++++++
+ 3 files changed, 43 insertions(+), 3 deletions(-)
+diff --git a/credential.c b/credential.c
+index 1e1aed5..cf11cc9 100644
+--- a/credential.c
+++ b/credential.c
+@@ -360,7 +360,7 @@ int credential_from_url_gently(struct credential *c, const char *url,
+         *   (3) proto://<user>:<pass>@<host>/...
+         */
+        proto_end = strstr(url, "://");
+-       if (!proto_end) {
+       if (!proto_end || proto_end == url) {
+                if (!quiet)
+                        warning(_("url has no scheme: %s"), url);
+                return -1;
+@@ -385,8 +385,7 @@ int credential_from_url_gently(struct credential *c, const char *url,
+                host = at + 1;
+        }
+ 
+-       if (proto_end - url > 0)
+-               c->protocol = xmemdupz(url, proto_end - url);
+       c->protocol = xmemdupz(url, proto_end - url);
+        c->host = url_decode_mem(host, slash - host);
+        /* Trim leading and trailing slashes from path */
+        while (*slash == '/')
+diff --git a/t/t5550-http-fetch-dumb.sh b/t/t5550-http-fetch-dumb.sh
+index 1c9e5d3..ea2688b 100755
+--- a/t/t5550-http-fetch-dumb.sh
+++ b/t/t5550-http-fetch-dumb.sh
+@@ -325,6 +325,15 @@ test_expect_success 'remote-http complains cleanly about malformed urls' '
+        test_i18ngrep "url has no scheme" stderr
+ '
+ 
+# NEEDSWORK: Writing commands to git-remote-curl can race against the latter
+# erroring out, producing SIGPIPE. Remove "ok=sigpipe" once transport-helper has
+# learned to handle early remote helper failures more cleanly.
+test_expect_success 'remote-http complains cleanly about empty scheme' '
+       test_must_fail ok=sigpipe git ls-remote \
+               http::${HTTPD_URL#http}/dumb/repo.git 2>stderr &&
+       test_i18ngrep "url has no scheme" stderr
+'
+
+ test_expect_success 'redirects can be forbidden/allowed' '
+        test_must_fail git -c http.followRedirects=false \
+                clone $HTTPD_URL/dumb-redir/repo.git dumb-redir &&
+diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
+index 249dc3d..9309040 100755
+--- a/t/t7416-submodule-dash-url.sh
+++ b/t/t7416-submodule-dash-url.sh
+@@ -92,6 +92,38 @@ test_expect_success 'fsck rejects relative URL resolving to missing scheme' '
+        grep gitmodulesUrl err
+ '
+ 
+test_expect_success 'fsck rejects empty URL scheme' '
+       git checkout --orphan empty-scheme &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = http::://one.example.com/foo.git
+       EOF
+       git add .gitmodules &&
+       test_tick &&
+       git commit -m "gitmodules with empty URL scheme" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+test_expect_success 'fsck rejects relative URL resolving to empty scheme' '
+       git checkout --orphan relative-empty-scheme &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = ../../../:://one.example.com/foo.git
+       EOF
+       git add .gitmodules &&
+       test_tick &&
+       git commit -m "relative gitmodules URL resolving to empty scheme" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+ test_expect_success 'fsck permits embedded newline with unrecognized scheme' '
+        git checkout --orphan newscheme &&
+        cat >.gitmodules <<-\EOF &&
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-11008-9.patch b/meta/recipes-devtools/git/git/CVE-2020-11008-9.patch
new file mode 100644
index 0000000000..22292dbbbf
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-11008-9.patch
@@ -0,0 +1,114 @@
+From 2e084e25fa454c58a600c9434f776f2150037a76 Mon Sep 17 00:00:00 2001
+From: Jonathan Nieder <jrnieder@gmail.com>
+Date: Sat, 18 Apr 2020 20:57:22 -0700
+Subject: [PATCH 12/12] fsck: reject URL with empty host in .gitmodules
+Git's URL parser interprets
+        https:///example.com/repo.git
+to have no host and a path of "example.com/repo.git".  Curl, on the
+other hand, internally redirects it to https://example.com/repo.git.  As
+a result, until "credential: parse URL without host as empty host, not
+unset", tricking a user into fetching from such a URL would cause Git to
+send credentials for another host to example.com.
+Teach fsck to block and detect .gitmodules files using such a URL to
+prevent sharing them with Git versions that are not yet protected.
+A relative URL in a .gitmodules file could also be used to trigger this.
+The relative URL resolver used for .gitmodules does not normalize
+sequences of slashes and can follow ".." components out of the path part
+and to the host part of a URL, meaning that such a relative URL can be
+used to traverse from a https://foo.example.com/innocent superproject to
+a https:///attacker.example.com/exploit submodule. Fortunately,
+redundant extra slashes in .gitmodules are rare, so we can catch this by
+detecting one after a leading sequence of "./" and "../" components.
+Helped-by: Jeff King <peff@peff.net>
+Signed-off-by: Jonathan Nieder <jrnieder@gmail.com>
+Reviewed-by: Jeff King <peff@peff.net>
+Upstream-Status: Backport
+CVE: CVE-2020-11008 (9)
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ fsck.c                        | 10 +++++++---
+ t/t7416-submodule-dash-url.sh | 32 ++++++++++++++++++++++++++++++++
+ 2 files changed, 39 insertions(+), 3 deletions(-)
+diff --git a/fsck.c b/fsck.c
+index 30eac29..00077b1 100644
+--- a/fsck.c
+++ b/fsck.c
+@@ -1070,17 +1070,21 @@ static int check_submodule_url(const char *url)
+                /*
+                 * URLs which escape their root via "../" can overwrite
+                 * the host field and previous components, resolving to
+-                * URLs like https::example.com/submodule.git that were
+                * URLs like https::example.com/submodule.git and
+                * https:///example.com/submodule.git that were
+                 * susceptible to CVE-2020-11008.
+                 */
+                if (count_leading_dotdots(url, &next) > 0 &&
+-                   *next == ':')
+                   (*next == ':' || *next == '/'))
+                        return -1;
+        }
+ 
+        else if (url_to_curl_url(url, &curl_url)) {
+                struct credential c = CREDENTIAL_INIT;
+-               int ret = credential_from_url_gently(&c, curl_url, 1);
+               int ret = 0;
+               if (credential_from_url_gently(&c, curl_url, 1) ||
+                   !*c.host)
+                       ret = -1;
+                credential_clear(&c);
+                return ret;
+        }
+diff --git a/t/t7416-submodule-dash-url.sh b/t/t7416-submodule-dash-url.sh
+index 9309040..eec96e0 100755
+--- a/t/t7416-submodule-dash-url.sh
+++ b/t/t7416-submodule-dash-url.sh
+@@ -124,6 +124,38 @@ test_expect_success 'fsck rejects relative URL resolving to empty scheme' '
+        grep gitmodulesUrl err
+ '
+ 
+test_expect_success 'fsck rejects empty hostname' '
+       git checkout --orphan empty-host &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = http:///one.example.com/foo.git
+       EOF
+       git add .gitmodules &&
+       test_tick &&
+       git commit -m "gitmodules with extra slashes" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+test_expect_success 'fsck rejects relative url that produced empty hostname' '
+       git checkout --orphan messy-relative &&
+       cat >.gitmodules <<-\EOF &&
+       [submodule "foo"]
+               url = ../../..//one.example.com/foo.git
+       EOF
+       git add .gitmodules &&
+       test_tick &&
+       git commit -m "gitmodules abusing relative_path" &&
+       test_when_finished "rm -rf dst" &&
+       git init --bare dst &&
+       git -C dst config transfer.fsckObjects true &&
+       test_must_fail git push dst HEAD 2>err &&
+       grep gitmodulesUrl err
+'
+
+ test_expect_success 'fsck permits embedded newline with unrecognized scheme' '
+        git checkout --orphan newscheme &&
+        cat >.gitmodules <<-\EOF &&
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/git/git/CVE-2020-5260.patch b/meta/recipes-devtools/git/git/CVE-2020-5260.patch
new file mode 100644
index 0000000000..d03e701a8f
--- /dev/null
+++ b/meta/recipes-devtools/git/git/CVE-2020-5260.patch
@@ -0,0 +1,65 @@
+From 9a6bbee8006c24b46a85d29e7b38cfa79e9ab21b Mon Sep 17 00:00:00 2001
+From: Jeff King <peff@peff.net>
+Date: Wed, 11 Mar 2020 17:53:41 -0400
+Subject: [PATCH] credential: avoid writing values with newlines
+The credential protocol that we use to speak to helpers can't represent
+values with newlines in them. This was an intentional design choice to
+keep the protocol simple, since none of the values we pass should
+generally have newlines.
+However, if we _do_ encounter a newline in a value, we blindly transmit
+it in credential_write(). Such values may break the protocol syntax, or
+worse, inject new valid lines into the protocol stream.
+The most likely way for a newline to end up in a credential struct is by
+decoding a URL with a percent-encoded newline. However, since the bug
+occurs at the moment we write the value to the protocol, we'll catch it
+there. That should leave no possibility of accidentally missing a code
+path that can trigger the problem.
+At this level of the code we have little choice but to die(). However,
+since we'd not ever expect to see this case outside of a malicious URL,
+that's an acceptable outcome.
+Reported-by: Felix Wilhelm <fwilhelm@google.com>
+Upstream-Status: Backport
+CVE: CVE-2020-5260
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ credential.c           | 2 ++
+ t/t0300-credentials.sh | 6 ++++++
+ 2 files changed, 8 insertions(+)
+diff --git a/credential.c b/credential.c
+index 9747f47..00ee4d6 100644
+--- a/credential.c
+++ b/credential.c
+@@ -194,6 +194,8 @@ static void credential_write_item(FILE *fp, const char *key, const char *value)
+ {
+        if (!value)
+                return;
+       if (strchr(value, '\n'))
+               die("credential value for %s contains newline", key);
+        fprintf(fp, "%s=%s\n", key, value);
+ }
+ 
+diff --git a/t/t0300-credentials.sh b/t/t0300-credentials.sh
+index 03bd31e..15cc3c5 100755
+--- a/t/t0300-credentials.sh
+++ b/t/t0300-credentials.sh
+@@ -309,4 +309,10 @@ test_expect_success 'empty helper spec resets helper list' '
+        EOF
+ '
+ 
+test_expect_success 'url parser rejects embedded newlines' '
+       test_must_fail git credential fill <<-\EOF
+       url=https://one.example.com?%0ahost=two.example.com/
+       EOF
+'
+
+ test_done
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/go/go-1.12.inc b/meta/recipes-devtools/go/go-1.12.inc
index 6aecaad75d..2a0680aeaa 100644
--- a/meta/recipes-devtools/go/go-1.12.inc
+++ b/meta/recipes-devtools/go/go-1.12.inc
@@ -18,6 +18,10 @@ SRC_URI += "\
    file://0008-use-GOBUILDMODE-to-set-buildmode.patch \
    file://0001-release-branch.go1.12-security-net-textproto-don-t-n.patch \
    file://0010-fix-CVE-2019-17596.patch \
+    file://CVE-2020-15586.patch \
+    file://CVE-2020-16845.patch \
+    file://0001-net-http-cgi-rename-a-test-file-to-be-less-cute.patch \
+    file://CVE-2020-24553.patch \
 "
 SRC_URI_append_libc-musl = " file://0009-ld-replace-glibc-dynamic-linker-with-musl.patch"
diff --git a/meta/recipes-devtools/go/go-1.12/0001-net-http-cgi-rename-a-test-file-to-be-less-cute.patch b/meta/recipes-devtools/go/go-1.12/0001-net-http-cgi-rename-a-test-file-to-be-less-cute.patch
new file mode 100644
index 0000000000..7c07961c03
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.12/0001-net-http-cgi-rename-a-test-file-to-be-less-cute.patch
@@ -0,0 +1,28 @@
+From 8390c478600b852392cb116741b3cb239c94d123 Mon Sep 17 00:00:00 2001
+From: Brad Fitzpatrick <bradfitz@golang.org>
+Date: Wed, 15 Jan 2020 18:08:10 +0000
+Subject: [PATCH] net/http/cgi: rename a test file to be less cute
+My fault (from CL 4245070), sorry.
+Change-Id: Ib95d3170dc326e74aa74c22421c4e44a8b00f577
+Reviewed-on: https://go-review.googlesource.com/c/go/+/214920
+Run-TryBot: Brad Fitzpatrick <bradfitz@golang.org>
+TryBot-Result: Gobot Gobot <gobot@golang.org>
+Reviewed-by: Emmanuel Odeke <emm.odeke@gmail.com>
+Upstream-Status: Backport
+[lz: Add this patch for merging the patch for CVE-2020-24553]
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ src/net/http/cgi/{matryoshka_test.go => integration_test.go} | 0
+ 1 file changed, 0 insertions(+), 0 deletions(-)
+ rename src/net/http/cgi/{matryoshka_test.go => integration_test.go} (100%)
+diff --git a/src/net/http/cgi/matryoshka_test.go b/src/net/http/cgi/integration_test.go
+similarity index 100%
+rename from src/net/http/cgi/matryoshka_test.go
+rename to src/net/http/cgi/integration_test.go
+-- 
+2.17.1
diff --git a/meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch b/meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch
new file mode 100644
index 0000000000..ebdc5aec6d
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.12/CVE-2020-15586.patch
@@ -0,0 +1,131 @@
+From fa98f46741f818913a8c11b877520a548715131f Mon Sep 17 00:00:00 2001
+From: Russ Cox <rsc@golang.org>
+Date: Mon, 13 Jul 2020 13:27:22 -0400
+Subject: [PATCH] net/http: synchronize "100 Continue" write and Handler writes
+The expectContinueReader writes to the connection on the first
+Request.Body read. Since a Handler might be doing a read in parallel or
+before a write, expectContinueReader needs to synchronize with the
+ResponseWriter, and abort if a response already went out.
+The tests will land in a separate CL.
+Fixes #34902
+Fixes CVE-2020-15586
+Change-Id: Icdd8dd539f45e8863762bd378194bb4741e875fc
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/793350
+Reviewed-by: Filippo Valsorda <valsorda@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/242598
+Run-TryBot: Katie Hockman <katie@golang.org>
+Reviewed-by: Filippo Valsorda <filippo@golang.org>
+TryBot-Result: Gobot Gobot <gobot@golang.org>
+Upstream-Status: Backport
+CVE: CVE-2020-15586
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ src/net/http/server.go | 43 +++++++++++++++++++++++++++++++++++-------
+ 1 file changed, 36 insertions(+), 7 deletions(-)
+diff --git a/src/net/http/server.go b/src/net/http/server.go
+index a995a50658..d41b5f6f48 100644
+--- a/src/net/http/server.go
+++ b/src/net/http/server.go
+@@ -425,6 +425,16 @@ type response struct {
+        wants10KeepAlive bool               // HTTP/1.0 w/ Connection "keep-alive"
+        wantsClose       bool               // HTTP request has Connection "close"
+ 
+       // canWriteContinue is a boolean value accessed as an atomic int32
+       // that says whether or not a 100 Continue header can be written
+       // to the connection.
+       // writeContinueMu must be held while writing the header.
+       // These two fields together synchronize the body reader
+       // (the expectContinueReader, which wants to write 100 Continue)
+       // against the main writer.
+       canWriteContinue atomicBool
+       writeContinueMu  sync.Mutex
+
+        w  *bufio.Writer // buffers output in chunks to chunkWriter
+        cw chunkWriter
+ 
+@@ -515,6 +525,7 @@ type atomicBool int32
+ 
+ func (b *atomicBool) isSet() bool { return atomic.LoadInt32((*int32)(b)) != 0 }
+ func (b *atomicBool) setTrue()    { atomic.StoreInt32((*int32)(b), 1) }
+func (b *atomicBool) setFalse()   { atomic.StoreInt32((*int32)(b), 0) }
+ 
+ // declareTrailer is called for each Trailer header when the
+ // response header is written. It notes that a header will need to be
+@@ -878,21 +889,27 @@ type expectContinueReader struct {
+        resp       *response
+        readCloser io.ReadCloser
+        closed     bool
+-       sawEOF     bool
+       sawEOF     atomicBool
+ }
+ 
+ func (ecr *expectContinueReader) Read(p []byte) (n int, err error) {
+        if ecr.closed {
+                return 0, ErrBodyReadAfterClose
+        }
+-       if !ecr.resp.wroteContinue && !ecr.resp.conn.hijacked() {
+-               ecr.resp.wroteContinue = true
+-               ecr.resp.conn.bufw.WriteString("HTTP/1.1 100 Continue\r\n\r\n")
+-               ecr.resp.conn.bufw.Flush()
+       w := ecr.resp
+       if !w.wroteContinue && w.canWriteContinue.isSet() && !w.conn.hijacked() {
+               w.wroteContinue = true
+               w.writeContinueMu.Lock()
+               if w.canWriteContinue.isSet() {
+                       w.conn.bufw.WriteString("HTTP/1.1 100 Continue\r\n\r\n")
+                       w.conn.bufw.Flush()
+                       w.canWriteContinue.setFalse()
+               }
+               w.writeContinueMu.Unlock()
+        }
+        n, err = ecr.readCloser.Read(p)
+        if err == io.EOF {
+-               ecr.sawEOF = true
+               ecr.sawEOF.setTrue()
+        }
+        return
+ }
+@@ -1311,7 +1328,7 @@ func (cw *chunkWriter) writeHeader(p []byte) {
+        // because we don't know if the next bytes on the wire will be
+        // the body-following-the-timer or the subsequent request.
+        // See Issue 11549.
+-       if ecr, ok := w.req.Body.(*expectContinueReader); ok && !ecr.sawEOF {
+       if ecr, ok := w.req.Body.(*expectContinueReader); ok && !ecr.sawEOF.isSet() {
+                w.closeAfterReply = true
+        }
+ 
+@@ -1561,6 +1578,17 @@ func (w *response) write(lenData int, dataB []byte, dataS string) (n int, err er
+                }
+                return 0, ErrHijacked
+        }
+
+       if w.canWriteContinue.isSet() {
+               // Body reader wants to write 100 Continue but hasn't yet.
+               // Tell it not to. The store must be done while holding the lock
+               // because the lock makes sure that there is not an active write
+               // this very moment.
+               w.writeContinueMu.Lock()
+               w.canWriteContinue.setFalse()
+               w.writeContinueMu.Unlock()
+       }
+
+        if !w.wroteHeader {
+                w.WriteHeader(StatusOK)
+        }
+@@ -1872,6 +1900,7 @@ func (c *conn) serve(ctx context.Context) {
+                        if req.ProtoAtLeast(1, 1) && req.ContentLength != 0 {
+                                // Wrap the Body reader with one that replies on the connection
+                                req.Body = &expectContinueReader{readCloser: req.Body, resp: w}
+                               w.canWriteContinue.setTrue()
+                        }
+                } else if req.Header.get("Expect") != "" {
+                        w.sendExpectationFailed()
+-- 
+2.17.1
diff --git a/meta/recipes-devtools/go/go-1.12/CVE-2020-16845.patch b/meta/recipes-devtools/go/go-1.12/CVE-2020-16845.patch
new file mode 100644
index 0000000000..80f467522f
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.12/CVE-2020-16845.patch
@@ -0,0 +1,110 @@
+From 027d7241ce050d197e7fabea3d541ffbe3487258 Mon Sep 17 00:00:00 2001
+From: Katie Hockman <katie@golang.org>
+Date: Tue, 4 Aug 2020 11:45:32 -0400
+Subject: [PATCH] encoding/binary: read at most MaxVarintLen64 bytes in
+ ReadUvarint
+MIME-Version: 1.0
+Content-Type: text/plain; charset=UTF-8
+Content-Transfer-Encoding: 8bit
+This CL ensures that ReadUvarint consumes only a limited
+amount of input (instead of an unbounded amount).
+On some inputs, ReadUvarint could read an arbitrary number
+of bytes before deciding to return an overflow error.
+After this CL, ReadUvarint returns that same overflow
+error sooner, after reading at most MaxVarintLen64 bytes.
+Fix authored by Robert Griesemer and Filippo Valsorda.
+Thanks to Diederik Loerakker, Jonny Rhea, Raúl Kripalani,
+and Preston Van Loon for reporting this.
+Fixes #40618
+Fixes CVE-2020-16845
+Change-Id: Ie0cb15972f14c38b7cf7af84c45c4ce54909bb8f
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/812099
+Reviewed-by: Filippo Valsorda <valsorda@google.com>
+Reviewed-on: https://go-review.googlesource.com/c/go/+/247120
+Run-TryBot: Katie Hockman <katie@golang.org>
+TryBot-Result: Gobot Gobot <gobot@golang.org>
+Reviewed-by: Alexander Rakoczy <alex@golang.org>
+Upstream-Status: Backport [https://github.com/golang/go.git]
+CVE: CVE-2020-16845
+Signed-off-by: Zhixiong Chi <zhixiong.chi@windriver.com>
+---
+ src/encoding/binary/varint.go      |  5 +++--
+ src/encoding/binary/varint_test.go | 18 ++++++++++++------
+ 2 files changed, 15 insertions(+), 8 deletions(-)
+diff --git a/src/encoding/binary/varint.go b/src/encoding/binary/varint.go
+index bcb8ac9a45..38af61075c 100644
+--- a/src/encoding/binary/varint.go
+++ b/src/encoding/binary/varint.go
+@@ -106,13 +106,13 @@ var overflow = errors.New("binary: varint overflows a 64-bit integer")
+ func ReadUvarint(r io.ByteReader) (uint64, error) {
+        var x uint64
+        var s uint
+-       for i := 0; ; i++ {
+       for i := 0; i < MaxVarintLen64; i++ {
+                b, err := r.ReadByte()
+                if err != nil {
+                        return x, err
+                }
+                if b < 0x80 {
+-                       if i > 9 || i == 9 && b > 1 {
+                       if i == 9 && b > 1 {
+                                return x, overflow
+                        }
+                        return x | uint64(b)<<s, nil
+@@ -120,6 +120,7 @@ func ReadUvarint(r io.ByteReader) (uint64, error) {
+                x |= uint64(b&0x7f) << s
+                s += 7
+        }
+       return x, overflow
+ }
+ 
+ // ReadVarint reads an encoded signed integer from r and returns it as an int64.
+diff --git a/src/encoding/binary/varint_test.go b/src/encoding/binary/varint_test.go
+index ca411ecbd6..6ef4c99505 100644
+--- a/src/encoding/binary/varint_test.go
+++ b/src/encoding/binary/varint_test.go
+@@ -121,21 +121,27 @@ func TestBufferTooSmall(t *testing.T) {
+        }
+ }
+ 
+-func testOverflow(t *testing.T, buf []byte, n0 int, err0 error) {
+func testOverflow(t *testing.T, buf []byte, x0 uint64, n0 int, err0 error) {
+        x, n := Uvarint(buf)
+        if x != 0 || n != n0 {
+                t.Errorf("Uvarint(%v): got x = %d, n = %d; want 0, %d", buf, x, n, n0)
+        }
+ 
+-       x, err := ReadUvarint(bytes.NewReader(buf))
+-       if x != 0 || err != err0 {
+-               t.Errorf("ReadUvarint(%v): got x = %d, err = %s; want 0, %s", buf, x, err, err0)
+       r := bytes.NewReader(buf)
+       len := r.Len()
+       x, err := ReadUvarint(r)
+       if x != x0 || err != err0 {
+               t.Errorf("ReadUvarint(%v): got x = %d, err = %s; want %d, %s", buf, x, err, x0, err0)
+       }
+       if read := len - r.Len(); read > MaxVarintLen64 {
+               t.Errorf("ReadUvarint(%v): read more than MaxVarintLen64 bytes, got %d", buf, read)
+        }
+ }
+ 
+ func TestOverflow(t *testing.T) {
+-       testOverflow(t, []byte{0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x2}, -10, overflow)
+-       testOverflow(t, []byte{0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x1, 0, 0}, -13, overflow)
+       testOverflow(t, []byte{0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x2}, 0, -10, overflow)
+       testOverflow(t, []byte{0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x80, 0x1, 0, 0}, 0, -13, overflow)
+       testOverflow(t, []byte{0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF, 0xFF}, 1<<64-1, 0, overflow) // 11 bytes, should overflow
+ }
+ 
+ func TestNonCanonicalZero(t *testing.T) {
+-- 
+2.17.0
diff --git a/meta/recipes-devtools/go/go-1.12/CVE-2020-24553.patch b/meta/recipes-devtools/go/go-1.12/CVE-2020-24553.patch
new file mode 100644
index 0000000000..18a218bc9a
--- /dev/null
+++ b/meta/recipes-devtools/go/go-1.12/CVE-2020-24553.patch
@@ -0,0 +1,429 @@
+From eb07103a083237414145a45f029c873d57037e06 Mon Sep 17 00:00:00 2001
+From: Roberto Clapis <roberto@golang.org>
+Date: Wed, 26 Aug 2020 08:53:03 +0200
+Subject: [PATCH] [release-branch.go1.15-security] net/http/cgi,net/http/fcgi:
+ add Content-Type detection
+This CL ensures that responses served via CGI and FastCGI
+have a Content-Type header based on the content of the
+response if not explicitly set by handlers.
+If the implementers of the handler did not explicitly
+specify a Content-Type both CGI implementations would default
+to "text/html", potentially causing cross-site scripting.
+Thanks to RedTeam Pentesting GmbH for reporting this.
+Fixes CVE-2020-24553
+Change-Id: I82cfc396309b5ab2e8d6e9a87eda8ea7e3799473
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/823217
+Reviewed-by: Russ Cox <rsc@google.com>
+(cherry picked from commit 23d675d07fdc56aafd67c0a0b63d5b7e14708ff0)
+Reviewed-on: https://team-review.git.corp.google.com/c/golang/go-private/+/835311
+Reviewed-by: Dmitri Shuralyov <dmitshur@google.com>
+Upstream-Status: Backport
+CVE: CVE-2020-24553
+Signed-off-by: Li Zhou <li.zhou@windriver.com>
+---
+ src/net/http/cgi/child.go            | 36 ++++++++++-----
+ src/net/http/cgi/child_test.go       | 69 ++++++++++++++++++++++++++++
+ src/net/http/cgi/integration_test.go | 53 ++++++++++++++++++++-
+ src/net/http/fcgi/child.go           | 39 ++++++++++++----
+ src/net/http/fcgi/fcgi_test.go       | 52 +++++++++++++++++++++
+ 5 files changed, 227 insertions(+), 22 deletions(-)
+diff --git a/src/net/http/cgi/child.go b/src/net/http/cgi/child.go
+index 9474175f17..61de6165f6 100644
+--- a/src/net/http/cgi/child.go
+++ b/src/net/http/cgi/child.go
+@@ -163,10 +163,12 @@ func Serve(handler http.Handler) error {
+ }
+ 
+ type response struct {
+-       req        *http.Request
+-       header     http.Header
+-       bufw       *bufio.Writer
+-       headerSent bool
+       req            *http.Request
+       header         http.Header
+       code           int
+       wroteHeader    bool
+       wroteCGIHeader bool
+       bufw           *bufio.Writer
+ }
+ 
+ func (r *response) Flush() {
+@@ -178,26 +180,38 @@ func (r *response) Header() http.Header {
+ }
+ 
+ func (r *response) Write(p []byte) (n int, err error) {
+-       if !r.headerSent {
+       if !r.wroteHeader {
+                r.WriteHeader(http.StatusOK)
+        }
+       if !r.wroteCGIHeader {
+               r.writeCGIHeader(p)
+       }
+        return r.bufw.Write(p)
+ }
+ 
+ func (r *response) WriteHeader(code int) {
+-       if r.headerSent {
+       if r.wroteHeader {
+                // Note: explicitly using Stderr, as Stdout is our HTTP output.
+                fmt.Fprintf(os.Stderr, "CGI attempted to write header twice on request for %s", r.req.URL)
+                return
+        }
+-       r.headerSent = true
+-       fmt.Fprintf(r.bufw, "Status: %d %s\r\n", code, http.StatusText(code))
+       r.wroteHeader = true
+       r.code = code
+}
+ 
+-       // Set a default Content-Type
+// writeCGIHeader finalizes the header sent to the client and writes it to the output.
+// p is not written by writeHeader, but is the first chunk of the body
+// that will be written. It is sniffed for a Content-Type if none is
+// set explicitly.
+func (r *response) writeCGIHeader(p []byte) {
+       if r.wroteCGIHeader {
+               return
+       }
+       r.wroteCGIHeader = true
+       fmt.Fprintf(r.bufw, "Status: %d %s\r\n", r.code, http.StatusText(r.code))
+        if _, hasType := r.header["Content-Type"]; !hasType {
+-               r.header.Add("Content-Type", "text/html; charset=utf-8")
+               r.header.Set("Content-Type", http.DetectContentType(p))
+        }
+-
+        r.header.Write(r.bufw)
+        r.bufw.WriteString("\r\n")
+        r.bufw.Flush()
+diff --git a/src/net/http/cgi/child_test.go b/src/net/http/cgi/child_test.go
+index 14e0af475f..f6ecb6eb80 100644
+--- a/src/net/http/cgi/child_test.go
+++ b/src/net/http/cgi/child_test.go
+@@ -7,6 +7,11 @@
+ package cgi
+ 
+ import (
+       "bufio"
+       "bytes"
+       "net/http"
+       "net/http/httptest"
+       "strings"
+        "testing"
+ )
+ 
+@@ -148,3 +153,67 @@ func TestRequestWithoutRemotePort(t *testing.T) {
+                t.Errorf("RemoteAddr: got %q; want %q", g, e)
+        }
+ }
+
+type countingWriter int
+
+func (c *countingWriter) Write(p []byte) (int, error) {
+       *c += countingWriter(len(p))
+       return len(p), nil
+}
+func (c *countingWriter) WriteString(p string) (int, error) {
+       *c += countingWriter(len(p))
+       return len(p), nil
+}
+
+func TestResponse(t *testing.T) {
+       var tests = []struct {
+               name   string
+               body   string
+               wantCT string
+       }{
+               {
+                       name:   "no body",
+                       wantCT: "text/plain; charset=utf-8",
+               },
+               {
+                       name:   "html",
+                       body:   "<html><head><title>test page</title></head><body>This is a body</body></html>",
+                       wantCT: "text/html; charset=utf-8",
+               },
+               {
+                       name:   "text",
+                       body:   strings.Repeat("gopher", 86),
+                       wantCT: "text/plain; charset=utf-8",
+               },
+               {
+                       name:   "jpg",
+                       body:   "\xFF\xD8\xFF" + strings.Repeat("B", 1024),
+                       wantCT: "image/jpeg",
+               },
+       }
+       for _, tt := range tests {
+               t.Run(tt.name, func(t *testing.T) {
+                       var buf bytes.Buffer
+                       resp := response{
+                               req:    httptest.NewRequest("GET", "/", nil),
+                               header: http.Header{},
+                               bufw:   bufio.NewWriter(&buf),
+                       }
+                       n, err := resp.Write([]byte(tt.body))
+                       if err != nil {
+                               t.Errorf("Write: unexpected %v", err)
+                       }
+                       if want := len(tt.body); n != want {
+                               t.Errorf("reported short Write: got %v want %v", n, want)
+                       }
+                       resp.writeCGIHeader(nil)
+                       resp.Flush()
+                       if got := resp.Header().Get("Content-Type"); got != tt.wantCT {
+                               t.Errorf("wrong content-type: got %q, want %q", got, tt.wantCT)
+                       }
+                       if !bytes.HasSuffix(buf.Bytes(), []byte(tt.body)) {
+                               t.Errorf("body was not correctly written")
+                       }
+               })
+       }
+}
+diff --git a/src/net/http/cgi/integration_test.go b/src/net/http/cgi/integration_test.go
+index 32d59c09a3..295c3b82d4 100644
+--- a/src/net/http/cgi/integration_test.go
+++ b/src/net/http/cgi/integration_test.go
+@@ -16,7 +16,9 @@ import (
+        "io"
+        "net/http"
+        "net/http/httptest"
+       "net/url"
+        "os"
+       "strings"
+        "testing"
+        "time"
+ )
+@@ -52,7 +54,7 @@ func TestHostingOurselves(t *testing.T) {
+        }
+        replay := runCgiTest(t, h, "GET /test.go?foo=bar&a=b HTTP/1.0\nHost: example.com\n\n", expectedMap)
+ 
+-       if expected, got := "text/html; charset=utf-8", replay.Header().Get("Content-Type"); got != expected {
+       if expected, got := "text/plain; charset=utf-8", replay.Header().Get("Content-Type"); got != expected {
+                t.Errorf("got a Content-Type of %q; expected %q", got, expected)
+        }
+        if expected, got := "X-Test-Value", replay.Header().Get("X-Test-Header"); got != expected {
+@@ -152,6 +154,51 @@ func TestChildOnlyHeaders(t *testing.T) {
+        }
+ }
+ 
+func TestChildContentType(t *testing.T) {
+       testenv.MustHaveExec(t)
+
+       h := &Handler{
+               Path: os.Args[0],
+               Root: "/test.go",
+               Args: []string{"-test.run=TestBeChildCGIProcess"},
+       }
+       var tests = []struct {
+               name   string
+               body   string
+               wantCT string
+       }{
+               {
+                       name:   "no body",
+                       wantCT: "text/plain; charset=utf-8",
+               },
+               {
+                       name:   "html",
+                       body:   "<html><head><title>test page</title></head><body>This is a body</body></html>",
+                       wantCT: "text/html; charset=utf-8",
+               },
+               {
+                       name:   "text",
+                       body:   strings.Repeat("gopher", 86),
+                       wantCT: "text/plain; charset=utf-8",
+               },
+               {
+                       name:   "jpg",
+                       body:   "\xFF\xD8\xFF" + strings.Repeat("B", 1024),
+                       wantCT: "image/jpeg",
+               },
+       }
+       for _, tt := range tests {
+               t.Run(tt.name, func(t *testing.T) {
+                       expectedMap := map[string]string{"_body": tt.body}
+                       req := fmt.Sprintf("GET /test.go?exact-body=%s HTTP/1.0\nHost: example.com\n\n", url.QueryEscape(tt.body))
+                       replay := runCgiTest(t, h, req, expectedMap)
+                       if got := replay.Header().Get("Content-Type"); got != tt.wantCT {
+                               t.Errorf("got a Content-Type of %q; expected it to start with %q", got, tt.wantCT)
+                       }
+               })
+       }
+}
+
+ // golang.org/issue/7198
+ func Test500WithNoHeaders(t *testing.T)     { want500Test(t, "/immediate-disconnect") }
+ func Test500WithNoContentType(t *testing.T) { want500Test(t, "/no-content-type") }
+@@ -203,6 +250,10 @@ func TestBeChildCGIProcess(t *testing.T) {
+                if req.FormValue("no-body") == "1" {
+                        return
+                }
+               if eb, ok := req.Form["exact-body"]; ok {
+                       io.WriteString(rw, eb[0])
+                       return
+               }
+                if req.FormValue("write-forever") == "1" {
+                        io.Copy(rw, neverEnding('a'))
+                        for {
+diff --git a/src/net/http/fcgi/child.go b/src/net/http/fcgi/child.go
+index 30a6b2ce2d..a31273b3ec 100644
+--- a/src/net/http/fcgi/child.go
+++ b/src/net/http/fcgi/child.go
+@@ -74,10 +74,12 @@ func (r *request) parseParams() {
+ 
+ // response implements http.ResponseWriter.
+ type response struct {
+-       req         *request
+-       header      http.Header
+-       w           *bufWriter
+-       wroteHeader bool
+       req            *request
+       header         http.Header
+       code           int
+       wroteHeader    bool
+       wroteCGIHeader bool
+       w              *bufWriter
+ }
+ 
+ func newResponse(c *child, req *request) *response {
+@@ -92,11 +94,14 @@ func (r *response) Header() http.Header {
+        return r.header
+ }
+ 
+-func (r *response) Write(data []byte) (int, error) {
+func (r *response) Write(p []byte) (n int, err error) {
+        if !r.wroteHeader {
+                r.WriteHeader(http.StatusOK)
+        }
+-       return r.w.Write(data)
+       if !r.wroteCGIHeader {
+               r.writeCGIHeader(p)
+       }
+       return r.w.Write(p)
+ }
+ 
+ func (r *response) WriteHeader(code int) {
+@@ -104,22 +109,34 @@ func (r *response) WriteHeader(code int) {
+                return
+        }
+        r.wroteHeader = true
+       r.code = code
+        if code == http.StatusNotModified {
+                // Must not have body.
+                r.header.Del("Content-Type")
+                r.header.Del("Content-Length")
+                r.header.Del("Transfer-Encoding")
+-       } else if r.header.Get("Content-Type") == "" {
+-               r.header.Set("Content-Type", "text/html; charset=utf-8")
+        }
+-
+        if r.header.Get("Date") == "" {
+                r.header.Set("Date", time.Now().UTC().Format(http.TimeFormat))
+        }
+}
+ 
+-       fmt.Fprintf(r.w, "Status: %d %s\r\n", code, http.StatusText(code))
+// writeCGIHeader finalizes the header sent to the client and writes it to the output.
+// p is not written by writeHeader, but is the first chunk of the body
+// that will be written. It is sniffed for a Content-Type if none is
+// set explicitly.
+func (r *response) writeCGIHeader(p []byte) {
+       if r.wroteCGIHeader {
+               return
+       }
+       r.wroteCGIHeader = true
+       fmt.Fprintf(r.w, "Status: %d %s\r\n", r.code, http.StatusText(r.code))
+       if _, hasType := r.header["Content-Type"]; r.code != http.StatusNotModified && !hasType {
+               r.header.Set("Content-Type", http.DetectContentType(p))
+       }
+        r.header.Write(r.w)
+        r.w.WriteString("\r\n")
+       r.w.Flush()
+ }
+ 
+ func (r *response) Flush() {
+@@ -290,6 +307,8 @@ func (c *child) serveRequest(req *request, body io.ReadCloser) {
+                httpReq = httpReq.WithContext(envVarCtx)
+                c.handler.ServeHTTP(r, httpReq)
+        }
+       // Make sure we serve something even if nothing was written to r
+       r.Write(nil)
+        r.Close()
+        c.mu.Lock()
+        delete(c.requests, req.reqId)
+diff --git a/src/net/http/fcgi/fcgi_test.go b/src/net/http/fcgi/fcgi_test.go
+index e9d2b34023..4a27a12c35 100644
+--- a/src/net/http/fcgi/fcgi_test.go
+++ b/src/net/http/fcgi/fcgi_test.go
+@@ -10,6 +10,7 @@ import (
+        "io"
+        "io/ioutil"
+        "net/http"
+       "strings"
+        "testing"
+ )
+ 
+@@ -344,3 +345,54 @@ func TestChildServeReadsEnvVars(t *testing.T) {
+                <-done
+        }
+ }
+
+func TestResponseWriterSniffsContentType(t *testing.T) {
+       var tests = []struct {
+               name   string
+               body   string
+               wantCT string
+       }{
+               {
+                       name:   "no body",
+                       wantCT: "text/plain; charset=utf-8",
+               },
+               {
+                       name:   "html",
+                       body:   "<html><head><title>test page</title></head><body>This is a body</body></html>",
+                       wantCT: "text/html; charset=utf-8",
+               },
+               {
+                       name:   "text",
+                       body:   strings.Repeat("gopher", 86),
+                       wantCT: "text/plain; charset=utf-8",
+               },
+               {
+                       name:   "jpg",
+                       body:   "\xFF\xD8\xFF" + strings.Repeat("B", 1024),
+                       wantCT: "image/jpeg",
+               },
+       }
+       for _, tt := range tests {
+               t.Run(tt.name, func(t *testing.T) {
+                       input := make([]byte, len(streamFullRequestStdin))
+                       copy(input, streamFullRequestStdin)
+                       rc := nopWriteCloser{bytes.NewBuffer(input)}
+                       done := make(chan bool)
+                       var resp *response
+                       c := newChild(rc, http.HandlerFunc(func(
+                               w http.ResponseWriter,
+                               r *http.Request,
+                       ) {
+                               io.WriteString(w, tt.body)
+                               resp = w.(*response)
+                               done <- true
+                       }))
+                       defer c.cleanUp()
+                       go c.serve()
+                       <-done
+                       if got := resp.Header().Get("Content-Type"); got != tt.wantCT {
+                               t.Errorf("got a Content-Type of %q; expected it to start with %q", got, tt.wantCT)
+                       }
+               })
+       }
+}
+-- 
+2.17.1
diff --git a/meta/recipes-devtools/mtd/mtd-utils/0001-mtd-utils-Fix-return-value-of-ubiformat.patch b/meta/recipes-devtools/mtd/mtd-utils/0001-mtd-utils-Fix-return-value-of-ubiformat.patch
new file mode 100644
index 0000000000..d43f7e1a7a
--- /dev/null
+++ b/meta/recipes-devtools/mtd/mtd-utils/0001-mtd-utils-Fix-return-value-of-ubiformat.patch
@@ -0,0 +1,62 @@
+From 4d19bffcfd66e25d3ee74536ae2d2da7ad52e8e2 Mon Sep 17 00:00:00 2001
+From: Barry Grussling <barry@grussling.com>
+Date: Sun, 12 Jan 2020 12:33:32 -0800
+Subject: [PATCH] mtd-utils: Fix return value of ubiformat
+Organization: O.S. Systems Software LTDA.
+This changeset fixes a feature regression in ubiformat.  Older versions of
+ubiformat, when invoked with a flash-image, would return 0 in the case no error
+was encountered.  Upon upgrading to latest, it was discovered that ubiformat
+returned 255 even without encountering an error condition.
+This changeset corrects the above issue and causes ubiformat, when given an
+image file, to return 0 when no errors are detected.
+Tested by running through my loading scripts and verifying ubiformat returned
+0.
+Upstream-Status: Backport [2.1.2]
+Signed-off-by: Barry Grussling <barry@grussling.com>
+Signed-off-by: David Oberhollenzer <david.oberhollenzer@sigma-star.at>
+Signed-off-by: Otavio Salvador <otavio@ossystems.com.br>
+---
+ ubi-utils/ubiformat.c | 7 +++++--
+ 1 file changed, 5 insertions(+), 2 deletions(-)
+diff --git a/ubi-utils/ubiformat.c b/ubi-utils/ubiformat.c
+index a90627c..5377b12 100644
+--- a/ubi-utils/ubiformat.c
+++ b/ubi-utils/ubiformat.c
+@@ -550,6 +550,7 @@ static int format(libmtd_t libmtd, const struct mtd_dev_info *mtd,
+        struct ubi_vtbl_record *vtbl;
+        int eb1 = -1, eb2 = -1;
+        long long ec1 = -1, ec2 = -1;
+       int ret = -1;
+ 
+        write_size = UBI_EC_HDR_SIZE + mtd->subpage_size - 1;
+        write_size /= mtd->subpage_size;
+@@ -643,8 +644,10 @@ static int format(libmtd_t libmtd, const struct mtd_dev_info *mtd,
+        if (!args.quiet && !args.verbose)
+                printf("\n");
+ 
+-       if (novtbl)
+       if (novtbl) {
+               ret = 0;
+                goto out_free;
+       }
+ 
+        if (eb1 == -1 || eb2 == -1) {
+                errmsg("no eraseblocks for volume table");
+@@ -669,7 +672,7 @@ static int format(libmtd_t libmtd, const struct mtd_dev_info *mtd,
+ 
+ out_free:
+        free(hdr);
+-       return -1;
+       return ret;
+ }
+ 
+ int main(int argc, char * const argv[])
+-- 
+2.27.0
diff --git a/meta/recipes-devtools/mtd/mtd-utils_git.bb b/meta/recipes-devtools/mtd/mtd-utils_git.bb
index 810fe40f4e..d1658a739b 100644
--- a/meta/recipes-devtools/mtd/mtd-utils_git.bb
+++ b/meta/recipes-devtools/mtd/mtd-utils_git.bb
@@ -15,6 +15,7 @@ PV = "2.1.1"
 SRCREV = "4443221ce9b88440cd9f5bb78e6fe95621d36c8a"
 SRC_URI = "git://git.infradead.org/mtd-utils.git \
           file://add-exclusion-to-mkfs-jffs2-git-2.patch \
+           file://0001-mtd-utils-Fix-return-value-of-ubiformat.patch \
 "
 S = "${WORKDIR}/git/"
diff --git a/meta/recipes-devtools/patchelf/patchelf/fix-phdrs.patch b/meta/recipes-devtools/patchelf/patchelf/fix-phdrs.patch
new file mode 100644
index 0000000000..d087bd7855
--- /dev/null
+++ b/meta/recipes-devtools/patchelf/patchelf/fix-phdrs.patch
@@ -0,0 +1,37 @@
+When running patchelf on some existing patchelf'd binaries to change to longer 
+RPATHS, ldd would report the binaries as invalid. The output of objdump -x on 
+those libraryies should show the top of the .dynamic section is getting trashed,
+something like:
+0x600000001 0x0000000000429000
+0x335000 0x0000000000335000
+0xc740 0x000000000000c740
+0x1000 0x0000000000009098
+SONAME libglib-2.0.so.0
+(which should be RPATH and DT_NEEDED entries)
+This was tracked down to the code which injects the PT_LOAD section.
+The issue is that if the program headers were previously relocated to the end 
+of the file which was how patchelf operated previously, the relocation code 
+wouldn't work properly on a second run as it now assumes they're located after 
+the elf header. This change forces them back to immediately follow the elf
+header which is where the code has made space for them.
+Upstream-Status: Submitted [https://github.com/NixOS/patchelf/pull/202]
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+RP 2020/6/2
+Index: git/src/patchelf.cc
+===================================================================
+--- git.orig/src/patchelf.cc
+++ git/src/patchelf.cc
+@@ -762,6 +762,7 @@ void ElfFile<ElfFileParamNames>::rewrite
+     }
+ 
+     /* Add a segment that maps the replaced sections into memory. */
+    wri(hdr->e_phoff, sizeof(Elf_Ehdr));
+     phdrs.resize(rdi(hdr->e_phnum) + 1);
+     wri(hdr->e_phnum, rdi(hdr->e_phnum) + 1);
+     Elf_Phdr & phdr = phdrs[rdi(hdr->e_phnum) - 1];
diff --git a/meta/recipes-devtools/patchelf/patchelf_0.10.bb b/meta/recipes-devtools/patchelf/patchelf_0.10.bb
index cc983e033a..e4a604ec70 100644
--- a/meta/recipes-devtools/patchelf/patchelf_0.10.bb
+++ b/meta/recipes-devtools/patchelf/patchelf_0.10.bb
@@ -1,6 +1,7 @@
 SRC_URI = "https://nixos.org/releases/${BPN}/${BPN}-${PV}/${BPN}-${PV}.tar.bz2 \
           file://handle-read-only-files.patch \
           file://fix-adjusting-startPage.patch \
+           file://fix-phdrs.patch \
           "
 LICENSE = "GPLv3"
diff --git a/meta/recipes-devtools/perl/files/0001-tests-adjust-to-correctly-exclude-unbuilt-extensions.patch b/meta/recipes-devtools/perl/files/0001-tests-adjust-to-correctly-exclude-unbuilt-extensions.patch
new file mode 100644
index 0000000000..0f3a2c6327
--- /dev/null
+++ b/meta/recipes-devtools/perl/files/0001-tests-adjust-to-correctly-exclude-unbuilt-extensions.patch
@@ -0,0 +1,27 @@
+From b0d53cfd785f64002128ac5eecc4aed0663d9c30 Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex.kanavin@gmail.com>
+Date: Thu, 9 Jan 2020 17:26:55 +0100
+Subject: [PATCH] tests: adjust to correctly exclude unbuilt extensions
+Issue is reported here:
+https://github.com/arsv/perl-cross/issues/85
+Upstream-Status: Inappropriate [issue caused by perl-cross]
+Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+---
+ t/TEST | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/t/TEST b/t/TEST
+index a9c844f..8d3505f 100755
+--- a/t/TEST
+++ b/t/TEST
+@@ -419,7 +419,7 @@ sub _tests_from_manifest {
+        while (<MANI>) {
+            if (m!^((?:cpan|dist|ext)/(\S+)/+(?:[^/\s]+\.t|test\.pl)|lib/\S+?(?:\.t|test\.pl))\s!) {
+                my $t = $1;
+-               my $extension = $2;
+               my $extension = $1."/".$2;
+ 
+                # XXX Generates way too many error lines currently.  Skip for
+                # v5.22
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10543.patch b/meta/recipes-devtools/perl/files/CVE-2020-10543.patch
new file mode 100644
index 0000000000..36dff0aac9
--- /dev/null
+++ b/meta/recipes-devtools/perl/files/CVE-2020-10543.patch
@@ -0,0 +1,36 @@
+From 897d1f7fd515b828e4b198d8b8bef76c6faf03ed Mon Sep 17 00:00:00 2001
+From: John Lightsey <jd@cpanel.net>
+Date: Wed, 20 Nov 2019 20:02:45 -0600
+Subject: [PATCH] regcomp.c: Prevent integer overflow from nested regex
+ quantifiers.
+(CVE-2020-10543) On 32bit systems the size calculations for nested regular
+expression quantifiers could overflow causing heap memory corruption.
+Fixes: Perl/perl5-security#125
+(cherry picked from commit bfd31397db5dc1a5c5d3e0a1f753a4f89a736e71)
+Upstream-Status: Backport [https://github.com/perl/perl5/commit/897d1f7fd515b828e4b198d8b8bef76c6faf03ed] 
+CVE: CVE-2020-10543
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ regcomp.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+diff --git a/regcomp.c b/regcomp.c
+index 93c8d98fbb0..5f86be8086d 100644
+--- a/regcomp.c
+++ b/regcomp.c
+@@ -5489,6 +5489,12 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+                                  RExC_precomp)));
+                 }
+ 
+                if ( ( minnext > 0 && mincount >= SSize_t_MAX / minnext )
+                    || min >= SSize_t_MAX - minnext * mincount )
+                {
+                    FAIL("Regexp out of space");
+                }
+
+                min += minnext * mincount;
+                is_inf_internal |= deltanext == SSize_t_MAX
+                          || (maxcount == REG_INFTY && minnext + deltanext > 0);
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_1.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_1.patch
new file mode 100644
index 0000000000..b86085a551
--- /dev/null
+++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_1.patch
@@ -0,0 +1,152 @@
+From 0a320d753fe7fca03df259a4dfd8e641e51edaa8 Mon Sep 17 00:00:00 2001
+From: Hugo van der Sanden <hv@crypt.org>
+Date: Tue, 18 Feb 2020 13:51:16 +0000
+Subject: [PATCH] study_chunk: extract rck_elide_nothing
+(CVE-2020-10878)
+(cherry picked from commit 93dee06613d4e1428fb10905ce1c3c96f53113dc)
+Upstream-Status: Backport [https://github.com/perl/perl5/commit/0a320d753fe7fca03df259a4dfd8e641e51edaa8] 
+CVE: CVE-2020-10878
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ embed.fnc |  1 +
+ embed.h   |  1 +
+ proto.h   |  3 +++
+ regcomp.c | 70 ++++++++++++++++++++++++++++++++++---------------------
+ 4 files changed, 48 insertions(+), 27 deletions(-)
+diff --git a/embed.fnc b/embed.fnc
+index aedb4baef19..d7cd04d3fc3 100644
+--- a/embed.fnc
+++ b/embed.fnc
+@@ -2481,6 +2481,7 @@ Es        |SSize_t|study_chunk    |NN RExC_state_t *pRExC_state \
+                                 |I32 stopparen|U32 recursed_depth \
+                                |NULLOK regnode_ssc *and_withp \
+                                |U32 flags|U32 depth
+Es     |void   |rck_elide_nothing|NN regnode *node
+ EsR    |SV *   |get_ANYOFM_contents|NN const regnode * n
+ EsRn   |U32    |add_data       |NN RExC_state_t* const pRExC_state \
+                                |NN const char* const s|const U32 n
+diff --git a/embed.h b/embed.h
+index 75c91f77f45..356a8b98d96 100644
+--- a/embed.h
+++ b/embed.h
+@@ -1208,6 +1208,7 @@
+ #define parse_lparen_question_flags(a) S_parse_lparen_question_flags(aTHX_ a)
+ #define parse_uniprop_string(a,b,c,d,e,f,g,h,i)        Perl_parse_uniprop_string(aTHX_ a,b,c,d,e,f,g,h,i)
+ #define populate_ANYOF_from_invlist(a,b)       S_populate_ANYOF_from_invlist(aTHX_ a,b)
+#define rck_elide_nothing(a)   S_rck_elide_nothing(aTHX_ a)
+ #define reg(a,b,c,d)           S_reg(aTHX_ a,b,c,d)
+ #define reg2Lanode(a,b,c,d)    S_reg2Lanode(aTHX_ a,b,c,d)
+ #define reg_node(a,b)          S_reg_node(aTHX_ a,b)
+diff --git a/proto.h b/proto.h
+index 141ddbaee6d..f316fe134e1 100644
+--- a/proto.h
+++ b/proto.h
+@@ -5543,6 +5543,9 @@ PERL_CALLCONV SV *        Perl_parse_uniprop_string(pTHX_ const char * const name, cons
+ STATIC void    S_populate_ANYOF_from_invlist(pTHX_ regnode *node, SV** invlist_ptr);
+ #define PERL_ARGS_ASSERT_POPULATE_ANYOF_FROM_INVLIST   \
+        assert(node); assert(invlist_ptr)
+STATIC void    S_rck_elide_nothing(pTHX_ regnode *node);
+#define PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING     \
+       assert(node)
+ PERL_STATIC_NO_RET void        S_re_croak2(pTHX_ bool utf8, const char* pat1, const char* pat2, ...)
+                        __attribute__noreturn__;
+ #define PERL_ARGS_ASSERT_RE_CROAK2     \
+diff --git a/regcomp.c b/regcomp.c
+index 5f86be8086d..4ba2980db66 100644
+--- a/regcomp.c
+++ b/regcomp.c
+@@ -4450,6 +4450,44 @@ S_unwind_scan_frames(pTHX_ const void *p)
+     } while (f);
+ }
+ 
+/* Follow the next-chain of the current node and optimize away
+   all the NOTHINGs from it.
+ */
+STATIC void
+S_rck_elide_nothing(pTHX_ regnode *node)
+{
+    dVAR;
+
+    PERL_ARGS_ASSERT_RCK_ELIDE_NOTHING;
+
+    if (OP(node) != CURLYX) {
+        const int max = (reg_off_by_arg[OP(node)]
+                        ? I32_MAX
+                          /* I32 may be smaller than U16 on CRAYs! */
+                        : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
+        int off = (reg_off_by_arg[OP(node)] ? ARG(node) : NEXT_OFF(node));
+        int noff;
+        regnode *n = node;
+
+        /* Skip NOTHING and LONGJMP. */
+        while (
+            (n = regnext(n))
+            && (
+                (PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
+                || ((OP(n) == LONGJMP) && (noff = ARG(n)))
+            )
+            && off + noff < max
+        ) {
+            off += noff;
+        }
+        if (reg_off_by_arg[OP(node)])
+            ARG(node) = off;
+        else
+            NEXT_OFF(node) = off;
+    }
+    return;
+}
+
+ /* the return from this sub is the minimum length that could possibly match */
+ STATIC SSize_t
+ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+@@ -4550,28 +4588,10 @@ S_study_chunk(pTHX_ RExC_state_t *pRExC_state, regnode **scanp,
+          */
+         JOIN_EXACT(scan,&min_subtract, &unfolded_multi_char, 0);
+ 
+-       /* Follow the next-chain of the current node and optimize
+-          away all the NOTHINGs from it.  */
+-       if (OP(scan) != CURLYX) {
+-           const int max = (reg_off_by_arg[OP(scan)]
+-                      ? I32_MAX
+-                      /* I32 may be smaller than U16 on CRAYs! */
+-                      : (I32_MAX < U16_MAX ? I32_MAX : U16_MAX));
+-           int off = (reg_off_by_arg[OP(scan)] ? ARG(scan) : NEXT_OFF(scan));
+-           int noff;
+-           regnode *n = scan;
+-
+-           /* Skip NOTHING and LONGJMP. */
+-           while ((n = regnext(n))
+-                  && ((PL_regkind[OP(n)] == NOTHING && (noff = NEXT_OFF(n)))
+-                      || ((OP(n) == LONGJMP) && (noff = ARG(n))))
+-                  && off + noff < max)
+-               off += noff;
+-           if (reg_off_by_arg[OP(scan)])
+-               ARG(scan) = off;
+-           else
+-               NEXT_OFF(scan) = off;
+-       }
+        /* Follow the next-chain of the current node and optimize
+           away all the NOTHINGs from it.
+         */
+        rck_elide_nothing(scan);
+ 
+        /* The principal pseudo-switch.  Cannot be a switch, since we
+           look into several different things.  */
+@@ -5745,11 +5765,7 @@ Perl_re_printf( aTHX_  "LHS=%" UVuf " RHS=%" UVuf "\n",
+                if (data && (fl & SF_HAS_EVAL))
+                    data->flags |= SF_HAS_EVAL;
+              optimize_curly_tail:
+-               if (OP(oscan) != CURLYX) {
+-                   while (PL_regkind[OP(next = regnext(oscan))] == NOTHING
+-                          && NEXT_OFF(next))
+-                       NEXT_OFF(oscan) += NEXT_OFF(next);
+-               }
+               rck_elide_nothing(oscan);
+                continue;
+ 
+            default:
diff --git a/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch
new file mode 100644
index 0000000000..0bacd6b192
--- /dev/null
+++ b/meta/recipes-devtools/perl/files/CVE-2020-10878_2.patch
@@ -0,0 +1,36 @@
+From 3295b48defa0f8570114877b063fe546dd348b3c Mon Sep 17 00:00:00 2001
+From: Karl Williamson <khw@cpan.org>
+Date: Thu, 20 Feb 2020 17:49:36 +0000
+Subject: [PATCH] regcomp: use long jumps if there is any possibility of
+ overflow
+(CVE-2020-10878) Be conservative for backporting, we'll aim to do
+something more aggressive for bleadperl.
+(cherry picked from commit 9d7759db46f3b31b1d3f79c44266b6ba42a47fc6)
+Upstream-Status: Backport [https://github.com/perl/perl5/commit/3295b48defa0f8570114877b063fe546dd348b3c] 
+CVE: CVE-2020-10878
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ regcomp.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+diff --git a/regcomp.c b/regcomp.c
+index 4ba2980db66..73c35a67020 100644
+--- a/regcomp.c
+++ b/regcomp.c
+@@ -7762,6 +7762,13 @@ Perl_re_op_compile(pTHX_ SV ** const patternp, int pat_count,
+ 
+         /* We have that number in RExC_npar */
+         RExC_total_parens = RExC_npar;
+
+        /* XXX For backporting, use long jumps if there is any possibility of
+         * overflow */
+        if (RExC_size > U16_MAX && ! RExC_use_BRANCHJ) {
+            RExC_use_BRANCHJ = TRUE;
+            flags |= RESTART_PARSE;
+        }
+     }
+     else if (! MUST_RESTART(flags)) {
+        ReREFCNT_dec(Rx);
diff --git a/meta/recipes-devtools/perl/files/encodefix.patch b/meta/recipes-devtools/perl/files/encodefix.patch
new file mode 100644
index 0000000000..396ed0d53e
--- /dev/null
+++ b/meta/recipes-devtools/perl/files/encodefix.patch
@@ -0,0 +1,20 @@
+The code is encoding host compiler parameters into target builds. Avoid
+this for our target builds (patch is target specific, not native)
+Upstream-Status: Inappropriate [Cross compile hack]
+RP 2020/2/18
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Index: perl-5.30.1/cpan/Encode/bin/enc2xs
+===================================================================
+--- perl-5.30.1.orig/cpan/Encode/bin/enc2xs
+++ perl-5.30.1/cpan/Encode/bin/enc2xs
+@@ -195,7 +195,7 @@ sub compiler_info {
+     # above becomes false.
+     my $sized  = $declaration && !($compat && !$pedantic);
+ 
+-    return ($cpp, $static, $sized);
+    return (0, 1, 1);
+ }
+ 
+ 
diff --git a/meta/recipes-devtools/perl/files/fix-setgroup.patch b/meta/recipes-devtools/perl/files/fix-setgroup.patch
deleted file mode 100644
index 2b490e6067..0000000000
--- a/meta/recipes-devtools/perl/files/fix-setgroup.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-Test script to reproduce the problem:
-#!/usr/bin/env perl
-$) = "2 2";
-print $!;
-Result from perl 5.28 under strace:
-setgroups(1, [2])                       = 0
-setresgid(-1, 2, -1)                    = 0
-Result from perl 5.30 under strace:
-setgroups(1, [-1])                      = -1 EINVAL (Invalid argument)
-setresgid(-1, 2, -1)                    = 0
-Patch which broke this upstream:
-https://perl5.git.perl.org/perl.git/commitdiff/5d4a52b5c68a11bfc97c2e24806993b84a61eade
-Issue is that the new function changes the endptr to the end of the
-scanned number and needs to be reset to the end of the string for 
-each iteration of the loop.
-[YOCTO #13391]
-RP
-2019/6/14
-Upstream-Status: Pending
-Index: perl-5.30.0/mg.c
-===================================================================
--- perl-5.30.0.orig/mg.c
-+++ perl-5.30.0/mg.c
-@@ -3179,6 +3256,7 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg)
-            const char *p = SvPV_const(sv, len);
-             Groups_t *gary = NULL;
-             const char* endptr = p + len;
-+            const char* realend = p + len;
-             UV uv;
- #ifdef _SC_NGROUPS_MAX
-            int maxgrp = sysconf(_SC_NGROUPS_MAX);
-@@ -3209,6 +3287,7 @@ Perl_magic_set(pTHX_ SV *sv, MAGIC *mg)
-                     Newx(gary, i + 1, Groups_t);
-                 else
-                     Renew(gary, i + 1, Groups_t);
-+                endptr = realend;
-                 if (grok_atoUV(p, &uv, &endptr))
-                     gary[i] = (Groups_t)uv;
-                 else {
diff --git a/meta/recipes-devtools/perl/files/perl-configpm-switch.patch b/meta/recipes-devtools/perl/files/perl-configpm-switch.patch
index 3c2cecb8c1..80ce4a6de7 100644
--- a/meta/recipes-devtools/perl/files/perl-configpm-switch.patch
+++ b/meta/recipes-devtools/perl/files/perl-configpm-switch.patch
@@ -1,4 +1,4 @@
-From 7f313cac31c55cbe62a4d0cdfa8321cc05a8eb3a Mon Sep 17 00:00:00 2001
+From 5120acaa2be5787d9657f6b91bc8ee3c2d664fbe Mon Sep 17 00:00:00 2001
 From: Alexander Kanavin <alex.kanavin@gmail.com>
 Date: Sun, 27 May 2007 21:04:11 +0000
 Subject: [PATCH] perl: 5.8.7 -> 5.8.8 (from OE)
@@ -20,7 +20,7 @@ Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
 1 file changed, 16 insertions(+), 2 deletions(-)
 diff --git a/configpm b/configpm
-index 09c4a3b..6a0a680 100755
+index c8de8bf..204613c 100755
 --- a/configpm
 +++ b/configpm
 @@ -687,7 +687,7 @@ sub FETCH {
diff --git a/meta/recipes-devtools/perl/files/racefix.patch b/meta/recipes-devtools/perl/files/racefix.patch
new file mode 100644
index 0000000000..bac42d26ae
--- /dev/null
+++ b/meta/recipes-devtools/perl/files/racefix.patch
@@ -0,0 +1,24 @@
+In our builds Config_heavy.pl sometimes has lines:
+cwarnflags=XXX
+ccstdflags=XXX
+and sometimes does not.
+The reason is that this information is pulled from cflags by configpm and yet
+there is no dependency in the Makefile. Add one to fix this.
+Upstream-Status: Submitted [https://github.com/arsv/perl-cross/pull/89]
+RP 2020/2/19
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Index: perl-5.30.1/Makefile
+===================================================================
+--- perl-5.30.1.orig/Makefile
+++ perl-5.30.1/Makefile
+@@ -204,7 +204,7 @@ configpod: $(CONFIGPOD)
+ git_version.h lib/Config_git.pl: make_patchnum.pl | miniperl$X
+        ./miniperl_top make_patchnum.pl
+ 
+-lib/Config.pm lib/Config_heavy.pl lib/Config.pod: config.sh \
+lib/Config.pm lib/Config_heavy.pl lib/Config.pod: config.sh cflags \
+                lib/Config_git.pl Porting/Glossary | miniperl$X
+        ./miniperl_top configpm
+ 
diff --git a/meta/recipes-devtools/perl/liberror-perl_0.17028.bb b/meta/recipes-devtools/perl/liberror-perl_0.17029.bb
index 8c6bbcba94..038808f0cd 100644
--- a/meta/recipes-devtools/perl/liberror-perl_0.17028.bb
+++ b/meta/recipes-devtools/perl/liberror-perl_0.17029.bb
@@ -32,8 +32,8 @@ RDEPENDS_${PN}-ptest += " \
 SRC_URI = "http://cpan.metacpan.org/authors/id/S/SH/SHLOMIF/Error-${PV}.tar.gz"
-SRC_URI[md5sum] = "ec3522c60a43a368f19c0f89e2205cb1"
+SRC_URI[md5sum] = "6732b1c6207e4a9a3e2987c88368039a"
-SRC_URI[sha256sum] = "3ad85c5e58b31c8903006298424a51bba39f1840e324f5ae612eabc8b935e960"
+SRC_URI[sha256sum] = "1a23f7913032aed6d4b68321373a3899ca66590f4727391a091ec19c95bf7adc"
 S = "${WORKDIR}/Error-${PV}"
diff --git a/meta/recipes-devtools/perl/libmodule-build-perl/run-ptest b/meta/recipes-devtools/perl/libmodule-build-perl/run-ptest
index 0d63d1513b..d802781f9e 100644
--- a/meta/recipes-devtools/perl/libmodule-build-perl/run-ptest
+++ b/meta/recipes-devtools/perl/libmodule-build-perl/run-ptest
@@ -6,8 +6,6 @@ for case in `find t -type f -name '*.t'`; do
    cat $case.output
    if [ $ret -ne 0 ]; then
        echo "FAIL: ${case%.t}"
-    elif grep -i 'SKIP' $case.output; then
-        echo "SKIP: ${case%.t}"
    else
        echo "PASS: ${case%.t}"
    fi
diff --git a/meta/recipes-devtools/perl/libmodule-build-perl_0.4229.bb b/meta/recipes-devtools/perl/libmodule-build-perl_0.4229.bb
index f759f862fb..e3ba40d96c 100644
--- a/meta/recipes-devtools/perl/libmodule-build-perl_0.4229.bb
+++ b/meta/recipes-devtools/perl/libmodule-build-perl_0.4229.bb
@@ -36,7 +36,10 @@ do_patch[postfuncs] += "do_patch_module_build"
 do_install_ptest() {
        cp -r ${B}/inc ${D}${PTEST_PATH}
        cp -r ${B}/blib ${D}${PTEST_PATH}
+        cp -r ${B}/_build ${D}${PTEST_PATH}
+        cp -r ${B}/lib ${D}${PTEST_PATH}
        chown -R root:root ${D}${PTEST_PATH}
+        sed -i -e "s,'perl' => .*,'perl' => '/usr/bin/perl'\,,g" ${D}${PTEST_PATH}/_build/build_params
 }
 RDEPENDS_${PN} += " \
diff --git a/meta/recipes-devtools/perl/perl_5.30.0.bb b/meta/recipes-devtools/perl/perl_5.30.1.bb
index 838e52c67b..b633acfcea 100644
--- a/meta/recipes-devtools/perl/perl_5.30.0.bb
+++ b/meta/recipes-devtools/perl/perl_5.30.1.bb
@@ -8,7 +8,7 @@ LIC_FILES_CHKSUM = "file://Copying;md5=5b122a36d0f6dc55279a0ebc69f3c60b \
 SRC_URI = "https://www.cpan.org/src/5.0/perl-${PV}.tar.gz;name=perl \
-           https://github.com/arsv/perl-cross/releases/download/1.3/perl-cross-1.3.tar.gz;name=perl-cross \
+           https://github.com/arsv/perl-cross/releases/download/1.3.1/perl-cross-1.3.1.tar.gz;name=perl-cross \
           file://perl-rdepends.txt \
           file://0001-configure_tool.sh-do-not-quote-the-argument-to-comma.patch \
           file://0001-ExtUtils-MakeMaker-add-LDFLAGS-when-linking-binary-m.patch \
@@ -18,19 +18,26 @@ SRC_URI = "https://www.cpan.org/src/5.0/perl-${PV}.tar.gz;name=perl \
           file://0001-perl-cross-add-LDFLAGS-when-linking-libperl.patch \
           file://perl-dynloader.patch \
           file://0001-configure_path.sh-do-not-hardcode-prefix-lib-as-libr.patch \
-           file://fix-setgroup.patch \
           file://0001-enc2xs-Add-environment-variable-to-suppress-comments.patch \
           file://0002-Constant-Fix-up-shebang.patch \
+           file://0001-tests-adjust-to-correctly-exclude-unbuilt-extensions.patch \
           file://determinism.patch  \
+           file://racefix.patch \
+           file://CVE-2020-10543.patch \
+           file://CVE-2020-10878_1.patch \
+           file://CVE-2020-10878_2.patch \
           "
 SRC_URI_append_class-native = " \
           file://perl-configpm-switch.patch \
 "
+SRC_URI_append_class-target = " \
+           file://encodefix.patch \
+"
-SRC_URI[perl.md5sum] = "9770584cdf9b5631c38097645ce33549"
+SRC_URI[perl.md5sum] = "6438eb7b8db9bbde28e01086de376a46"
-SRC_URI[perl.sha256sum] = "851213c754d98ccff042caa40ba7a796b2cee88c5325f121be5cbb61bbf975f2"
+SRC_URI[perl.sha256sum] = "bf3d25571ff1ee94186177c2cdef87867fd6a14aa5a84f0b1fb7bf798f42f964"
-SRC_URI[perl-cross.md5sum] = "4dda3daf9c4fe42b3d6a5dd052852a48"
+SRC_URI[perl-cross.md5sum] = "1e463b105cfa56d251a86979af23e3a7"
-SRC_URI[perl-cross.sha256sum] = "49edea1ea2cd6c5c47386ca71beda8d150c748835781354dbe7f75b1df27e703"
+SRC_URI[perl-cross.sha256sum] = "edce0b0c2f725e2db3f203d6d8e9f3f7161256f5d1590551e40694f21200141d"
 S = "${WORKDIR}/perl-${PV}"
@@ -113,6 +120,14 @@ print(datetime.fromtimestamp($SOURCE_DATE_EPOCH, timezone.utc).strftime('%a %b %
 do_compile() {
    oe_runmake
+    # This isn't generated reliably so delete and re-generate.
+    # https://github.com/arsv/perl-cross/issues/86
+    if [ -e pod/perltoc.pod ]; then
+        bbnote Rebuilding perltoc.pod
+        rm -f pod/perltoc.pod
+        oe_runmake pod/perltoc.pod
+    fi
 }
 do_install() {
@@ -202,6 +217,7 @@ require perl-ptest.inc
 FILES_${PN} = "${bindir}/perl ${bindir}/perl.real ${bindir}/perl${PV} ${libdir}/libperl.so* \
               ${libdir}/perl5/site_perl \
               ${libdir}/perl5/${PV}/Config.pm \
+               ${libdir}/perl5/${PV}/${TARGET_ARCH}-linux/Config.pm \
               ${libdir}/perl5/${PV}/*/Config_git.pl \
               ${libdir}/perl5/${PV}/*/Config_heavy-target.pl \
               ${libdir}/perl5/config.sh \
@@ -210,6 +226,9 @@ FILES_${PN} = "${bindir}/perl ${bindir}/perl.real ${bindir}/perl${PV} ${libdir}/
               ${libdir}/perl5/${PV}/warnings \
               ${libdir}/perl5/${PV}/vars.pm \
               ${libdir}/perl5/site_perl \
+               ${libdir}/perl5/${PV}/ExtUtils/MANIFEST.SKIP \
+               ${libdir}/perl5/${PV}/ExtUtils/xsubpp \
+               ${libdir}/perl5/${PV}/ExtUtils/typemap \
               "
 RPROVIDES_${PN} += "perl-module-strict perl-module-vars perl-module-config perl-module-warnings \
                    perl-module-warnings-register"
@@ -220,9 +239,6 @@ FILES_${PN}-dev_append = " ${libdir}/perl5/${PV}/*/CORE"
 FILES_${PN}-doc_append = " ${libdir}/perl5/${PV}/Unicode/Collate/*.txt \
                           ${libdir}/perl5/${PV}/*/.packlist \
-                           ${libdir}/perl5/${PV}/ExtUtils/MANIFEST.SKIP \
-                           ${libdir}/perl5/${PV}/ExtUtils/xsubpp \
-                           ${libdir}/perl5/${PV}/ExtUtils/typemap \
                           ${libdir}/perl5/${PV}/Encode/encode.h \
                         "
 PACKAGES += "${PN}-misc"
@@ -258,7 +274,7 @@ python split_perl_packages () {
    do_split_packages(d, libdir, r'Module/([^\/]*)\.pm', '${PN}-module-%s', 'perl module %s', recursive=True, allow_dirs=False, match_path=True, prepend=False)
    do_split_packages(d, libdir, r'Module/([^\/]*)/.*', '${PN}-module-%s', 'perl module %s', recursive=True, allow_dirs=False, match_path=True, prepend=False)
    do_split_packages(d, libdir, r'.*linux/([^\/].*)\.(pm|pl|e2x)', '${PN}-module-%s', 'perl module %s', recursive=True, allow_dirs=False, match_path=True, prepend=False)
-    do_split_packages(d, libdir, r'(^(?!(CPAN\/|CPANPLUS\/|Module\/|unicore\/)[^\/]).*)\.(pm|pl|e2x)', '${PN}-module-%s', 'perl module %s', recursive=True, allow_dirs=False, match_path=True, prepend=False)
+    do_split_packages(d, libdir, r'(^(?!(CPAN\/|CPANPLUS\/|Module\/|unicore\/|.*linux\/)[^\/]).*)\.(pm|pl|e2x)', '${PN}-module-%s', 'perl module %s', recursive=True, allow_dirs=False, match_path=True, prepend=False)
    # perl-modules should recommend every perl module, and only the
    # modules. Don't attempt to use the result of do_split_packages() as some
diff --git a/meta/recipes-devtools/pseudo/pseudo.inc b/meta/recipes-devtools/pseudo/pseudo.inc
index 7ff8e449e9..50e30064bd 100644
--- a/meta/recipes-devtools/pseudo/pseudo.inc
+++ b/meta/recipes-devtools/pseudo/pseudo.inc
@@ -16,6 +16,7 @@ INSANE_SKIP_${PN}-dbg += "libdir"
 PROVIDES += "virtual/fakeroot"
 MAKEOPTS = ""
+MAKEOPTS_class-native = "'RPATH=-Wl,--rpath=XORIGIN/../../../sqlite3-native/usr/lib/'"
 inherit siteinfo pkgconfig
@@ -115,6 +116,7 @@ do_install () {
 }
 do_install_append_class-native () {
+        chrpath ${D}${bindir}/pseudo -r `chrpath ${D}${bindir}/pseudo | cut -d = -f 2 | sed s/XORIGIN/\\$ORIGIN/`
        install -d ${D}${sysconfdir}
        # The fallback files should never be modified
        install -m 444 ${WORKDIR}/fallback-passwd ${D}${sysconfdir}/passwd
diff --git a/meta/recipes-devtools/python-numpy/files/aarch64/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/aarch64/_numpyconfig.h
deleted file mode 100644
index 109deb0435..0000000000
--- a/meta/recipes-devtools/python-numpy/files/aarch64/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/aarch64/config.h b/meta/recipes-devtools/python-numpy/files/aarch64/config.h
deleted file mode 100644
index c30b868f2f..0000000000
--- a/meta/recipes-devtools/python-numpy/files/aarch64/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_QUAD_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/arm/config.h b/meta/recipes-devtools/python-numpy/files/arm/config.h
deleted file mode 100644
index 17ef186d56..0000000000
--- a/meta/recipes-devtools/python-numpy/files/arm/config.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/* ./src.linux-i686-2.5/numpy/core/include/numpy/config.h */
-/* #define SIZEOF_SHORT 2 */
-/* #define SIZEOF_INT 4 */
-/* #define SIZEOF_LONG 4 */
-/* #define SIZEOF_FLOAT 4 */
-/* #define SIZEOF_DOUBLE 8 */
-#define SIZEOF_LONG_DOUBLE 12
-#define SIZEOF_PY_INTPTR_T 4
-/* #define SIZEOF_LONG_LONG 8 */
-#define SIZEOF_PY_LONG_LONG 8
-/* #define CHAR_BIT 8 */
-#define MATHLIB m
-#define HAVE_FLOAT_FUNCS
-#define HAVE_LOG1P
-#define HAVE_EXPM1
-#define HAVE_INVERSE_HYPERBOLIC
-#define HAVE_INVERSE_HYPERBOLIC_FLOAT
-#define HAVE_ISNAN
-#define HAVE_ISINF
-#define HAVE_RINT
diff --git a/meta/recipes-devtools/python-numpy/files/arm/numpyconfig.h b/meta/recipes-devtools/python-numpy/files/arm/numpyconfig.h
deleted file mode 100644
index c4bf6547f0..0000000000
--- a/meta/recipes-devtools/python-numpy/files/arm/numpyconfig.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/* cat ./src.linux-i686-2.5/numpy/core/include/numpy/numpyconfig.h */
-/*
- *  * This file is generated by numpy/core/setup.pyc. DO NOT EDIT 
- *   */
-#define NPY_SIZEOF_SHORT 2 
-#define NPY_SIZEOF_INT 4 
-#define NPY_SIZEOF_LONG 4 
-#define NPY_SIZEOF_FLOAT 4 
-#define NPY_SIZEOF_DOUBLE 8 
-#define NPY_SIZEOF_LONGDOUBLE 12 
-#define NPY_SIZEOF_PY_INTPTR_T 4 
-#define NPY_NO_SMP 0
-#define NPY_SIZEOF_LONGLONG 8 
-#define NPY_SIZEOF_PY_LONG_LONG 8 
-/* #define CHAR_BIT 8 */
diff --git a/meta/recipes-devtools/python-numpy/files/armeb/config.h b/meta/recipes-devtools/python-numpy/files/armeb/config.h
deleted file mode 100644
index 17ef186d56..0000000000
--- a/meta/recipes-devtools/python-numpy/files/armeb/config.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/* ./src.linux-i686-2.5/numpy/core/include/numpy/config.h */
-/* #define SIZEOF_SHORT 2 */
-/* #define SIZEOF_INT 4 */
-/* #define SIZEOF_LONG 4 */
-/* #define SIZEOF_FLOAT 4 */
-/* #define SIZEOF_DOUBLE 8 */
-#define SIZEOF_LONG_DOUBLE 12
-#define SIZEOF_PY_INTPTR_T 4
-/* #define SIZEOF_LONG_LONG 8 */
-#define SIZEOF_PY_LONG_LONG 8
-/* #define CHAR_BIT 8 */
-#define MATHLIB m
-#define HAVE_FLOAT_FUNCS
-#define HAVE_LOG1P
-#define HAVE_EXPM1
-#define HAVE_INVERSE_HYPERBOLIC
-#define HAVE_INVERSE_HYPERBOLIC_FLOAT
-#define HAVE_ISNAN
-#define HAVE_ISINF
-#define HAVE_RINT
diff --git a/meta/recipes-devtools/python-numpy/files/armeb/numpyconfig.h b/meta/recipes-devtools/python-numpy/files/armeb/numpyconfig.h
deleted file mode 100644
index c4bf6547f0..0000000000
--- a/meta/recipes-devtools/python-numpy/files/armeb/numpyconfig.h
+++ /dev/null
@@ -1,17 +0,0 @@
-/* cat ./src.linux-i686-2.5/numpy/core/include/numpy/numpyconfig.h */
-/*
- *  * This file is generated by numpy/core/setup.pyc. DO NOT EDIT 
- *   */
-#define NPY_SIZEOF_SHORT 2 
-#define NPY_SIZEOF_INT 4 
-#define NPY_SIZEOF_LONG 4 
-#define NPY_SIZEOF_FLOAT 4 
-#define NPY_SIZEOF_DOUBLE 8 
-#define NPY_SIZEOF_LONGDOUBLE 12 
-#define NPY_SIZEOF_PY_INTPTR_T 4 
-#define NPY_NO_SMP 0
-#define NPY_SIZEOF_LONGLONG 8 
-#define NPY_SIZEOF_PY_LONG_LONG 8 
-/* #define CHAR_BIT 8 */
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/_numpyconfig.h
deleted file mode 100644
index debb390094..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/config.h b/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/config.h
deleted file mode 100644
index c30b868f2f..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn32eb/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_QUAD_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn32el/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/mipsarchn32el/_numpyconfig.h
deleted file mode 100644
index 8e2b5d0940..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn32el/_numpyconfig.h
+++ /dev/null
@@ -1,31 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn32el/config.h b/meta/recipes-devtools/python-numpy/files/mipsarchn32el/config.h
deleted file mode 100644
index 48727039ae..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn32el/config.h
+++ /dev/null
@@ -1,138 +0,0 @@
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_QUAD_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/_numpyconfig.h
deleted file mode 100644
index debb390094..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/config.h b/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/config.h
deleted file mode 100644
index c30b868f2f..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn64eb/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_QUAD_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn64el/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/mipsarchn64el/_numpyconfig.h
deleted file mode 100644
index debb390094..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn64el/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarchn64el/config.h b/meta/recipes-devtools/python-numpy/files/mipsarchn64el/config.h
deleted file mode 100644
index 48727039ae..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarchn64el/config.h
+++ /dev/null
@@ -1,138 +0,0 @@
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_QUAD_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/_numpyconfig.h
deleted file mode 100644
index 4c465c216c..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 8
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 16
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 4
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/config.h b/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/config.h
deleted file mode 100644
index 2f6135adce..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarcho32eb/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 4
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_DOUBLE_BE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarcho32el/config.h b/meta/recipes-devtools/python-numpy/files/mipsarcho32el/config.h
deleted file mode 100644
index 17ef186d56..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarcho32el/config.h
+++ /dev/null
@@ -1,21 +0,0 @@
-/* ./src.linux-i686-2.5/numpy/core/include/numpy/config.h */
-/* #define SIZEOF_SHORT 2 */
-/* #define SIZEOF_INT 4 */
-/* #define SIZEOF_LONG 4 */
-/* #define SIZEOF_FLOAT 4 */
-/* #define SIZEOF_DOUBLE 8 */
-#define SIZEOF_LONG_DOUBLE 12
-#define SIZEOF_PY_INTPTR_T 4
-/* #define SIZEOF_LONG_LONG 8 */
-#define SIZEOF_PY_LONG_LONG 8
-/* #define CHAR_BIT 8 */
-#define MATHLIB m
-#define HAVE_FLOAT_FUNCS
-#define HAVE_LOG1P
-#define HAVE_EXPM1
-#define HAVE_INVERSE_HYPERBOLIC
-#define HAVE_INVERSE_HYPERBOLIC_FLOAT
-#define HAVE_ISNAN
-#define HAVE_ISINF
-#define HAVE_RINT
diff --git a/meta/recipes-devtools/python-numpy/files/mipsarcho32el/numpyconfig.h b/meta/recipes-devtools/python-numpy/files/mipsarcho32el/numpyconfig.h
deleted file mode 100644
index 0b7cd51af4..0000000000
--- a/meta/recipes-devtools/python-numpy/files/mipsarcho32el/numpyconfig.h
+++ /dev/null
@@ -1,18 +0,0 @@
-/* cat ./src.linux-i686-2.5/numpy/core/include/numpy/numpyconfig.h */
-/*
- *  * This file is generated by numpy/core/setup.pyc. DO NOT EDIT 
- *   */
-#define NPY_SIZEOF_SHORT 2 
-#define NPY_SIZEOF_INT 4 
-#define NPY_SIZEOF_LONG 4 
-#define NPY_SIZEOF_FLOAT 4 
-#define NPY_SIZEOF_DOUBLE 8 
-#define NPY_SIZEOF_LONGDOUBLE 12 
-#define NPY_SIZEOF_PY_INTPTR_T 4 
-#define NPY_NO_SMP 0
-#define NPY_SIZEOF_LONGLONG 8 
-#define NPY_SIZEOF_PY_LONG_LONG 8 
-#define NPY_SIZEOF_OFF_T 8
-/* #define CHAR_BIT 8 */
diff --git a/meta/recipes-devtools/python-numpy/files/powerpc/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/powerpc/_numpyconfig.h
deleted file mode 100644
index 6e7262ad91..0000000000
--- a/meta/recipes-devtools/python-numpy/files/powerpc/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 4
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/powerpc/config.h b/meta/recipes-devtools/python-numpy/files/powerpc/config.h
deleted file mode 100644
index f65d39d5de..0000000000
--- a/meta/recipes-devtools/python-numpy/files/powerpc/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 4
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_DOUBLE_DOUBLE_BE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/powerpc64/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/powerpc64/_numpyconfig.h
deleted file mode 100644
index debb390094..0000000000
--- a/meta/recipes-devtools/python-numpy/files/powerpc64/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/powerpc64/config.h b/meta/recipes-devtools/python-numpy/files/powerpc64/config.h
deleted file mode 100644
index c30b868f2f..0000000000
--- a/meta/recipes-devtools/python-numpy/files/powerpc64/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_QUAD_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/riscv64/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/riscv64/_numpyconfig.h
deleted file mode 100644
index 109deb0435..0000000000
--- a/meta/recipes-devtools/python-numpy/files/riscv64/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/riscv64/config.h b/meta/recipes-devtools/python-numpy/files/riscv64/config.h
deleted file mode 100644
index c30b868f2f..0000000000
--- a/meta/recipes-devtools/python-numpy/files/riscv64/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_IEEE_QUAD_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/x86-64/_numpyconfig.h b/meta/recipes-devtools/python-numpy/files/x86-64/_numpyconfig.h
deleted file mode 100644
index b330361649..0000000000
--- a/meta/recipes-devtools/python-numpy/files/x86-64/_numpyconfig.h
+++ /dev/null
@@ -1,32 +0,0 @@
-#define NPY_HAVE_ENDIAN_H 1
-#define NPY_SIZEOF_SHORT SIZEOF_SHORT
-#define NPY_SIZEOF_INT SIZEOF_INT
-#define NPY_SIZEOF_LONG SIZEOF_LONG
-#define NPY_SIZEOF_FLOAT 4
-#define NPY_SIZEOF_COMPLEX_FLOAT 8
-#define NPY_SIZEOF_DOUBLE 8
-#define NPY_SIZEOF_OFF_T 8
-#define NPY_SIZEOF_COMPLEX_DOUBLE 16
-#define NPY_SIZEOF_LONGDOUBLE 16
-#define NPY_SIZEOF_COMPLEX_LONGDOUBLE 32
-#define NPY_ENABLE_SEPARATE_COMPILATION 1
-#define NPY_SIZEOF_PY_INTPTR_T 8
-#define NPY_SIZEOF_PY_LONG_LONG 8
-#define NPY_SIZEOF_LONGLONG 8
-#define NPY_NO_SMP 0
-#define NPY_HAVE_DECL_ISNAN
-#define NPY_HAVE_DECL_ISINF
-#define NPY_HAVE_DECL_ISFINITE
-#define NPY_HAVE_DECL_SIGNBIT
-#define NPY_USE_C99_COMPLEX 1
-#define NPY_HAVE_COMPLEX_DOUBLE 1
-#define NPY_HAVE_COMPLEX_FLOAT 1
-#define NPY_HAVE_COMPLEX_LONG_DOUBLE 1
-#define NPY_USE_C99_FORMATS 1
-#define NPY_VISIBILITY_HIDDEN __attribute__((visibility("hidden")))
-#define NPY_ABI_VERSION 0x01000009
-#define NPY_API_VERSION 0x0000000A
-#ifndef __STDC_FORMAT_MACROS
-#define __STDC_FORMAT_MACROS 1
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/x86-64/config.h b/meta/recipes-devtools/python-numpy/files/x86-64/config.h
deleted file mode 100644
index 0ce63b7d22..0000000000
--- a/meta/recipes-devtools/python-numpy/files/x86-64/config.h
+++ /dev/null
@@ -1,139 +0,0 @@
-#define HAVE_ENDIAN_H 1
-#define SIZEOF_PY_INTPTR_T 8
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN 1
-#define HAVE_COS 1
-#define HAVE_TAN 1
-#define HAVE_SINH 1
-#define HAVE_COSH 1
-#define HAVE_TANH 1
-#define HAVE_FABS 1
-#define HAVE_FLOOR 1
-#define HAVE_CEIL 1
-#define HAVE_SQRT 1
-#define HAVE_LOG10 1
-#define HAVE_LOG 1
-#define HAVE_EXP 1
-#define HAVE_ASIN 1
-#define HAVE_ACOS 1
-#define HAVE_ATAN 1
-#define HAVE_FMOD 1
-#define HAVE_MODF 1
-#define HAVE_FREXP 1
-#define HAVE_LDEXP 1
-#define HAVE_RINT 1
-#define HAVE_TRUNC 1
-#define HAVE_EXP2 1
-#define HAVE_LOG2 1
-#define HAVE_ATAN2 1
-#define HAVE_POW 1
-#define HAVE_NEXTAFTER 1
-#define HAVE_SINF 1
-#define HAVE_COSF 1
-#define HAVE_TANF 1
-#define HAVE_SINHF 1
-#define HAVE_COSHF 1
-#define HAVE_TANHF 1
-#define HAVE_FABSF 1
-#define HAVE_FLOORF 1
-#define HAVE_CEILF 1
-#define HAVE_RINTF 1
-#define HAVE_TRUNCF 1
-#define HAVE_SQRTF 1
-#define HAVE_LOG10F 1
-#define HAVE_LOGF 1
-#define HAVE_LOG1PF 1
-#define HAVE_EXPF 1
-#define HAVE_EXPM1F 1
-#define HAVE_ASINF 1
-#define HAVE_ACOSF 1
-#define HAVE_ATANF 1
-#define HAVE_ASINHF 1
-#define HAVE_ACOSHF 1
-#define HAVE_ATANHF 1
-#define HAVE_HYPOTF 1
-#define HAVE_ATAN2F 1
-#define HAVE_POWF 1
-#define HAVE_FMODF 1
-#define HAVE_MODFF 1
-#define HAVE_FREXPF 1
-#define HAVE_LDEXPF 1
-#define HAVE_EXP2F 1
-#define HAVE_LOG2F 1
-#define HAVE_COPYSIGNF 1
-#define HAVE_NEXTAFTERF 1
-#define HAVE_SINL 1
-#define HAVE_COSL 1
-#define HAVE_TANL 1
-#define HAVE_SINHL 1
-#define HAVE_COSHL 1
-#define HAVE_TANHL 1
-#define HAVE_FABSL 1
-#define HAVE_FLOORL 1
-#define HAVE_CEILL 1
-#define HAVE_RINTL 1
-#define HAVE_TRUNCL 1
-#define HAVE_SQRTL 1
-#define HAVE_LOG10L 1
-#define HAVE_LOGL 1
-#define HAVE_LOG1PL 1
-#define HAVE_EXPL 1
-#define HAVE_EXPM1L 1
-#define HAVE_ASINL 1
-#define HAVE_ACOSL 1
-#define HAVE_ATANL 1
-#define HAVE_ASINHL 1
-#define HAVE_ACOSHL 1
-#define HAVE_ATANHL 1
-#define HAVE_HYPOTL 1
-#define HAVE_ATAN2L 1
-#define HAVE_POWL 1
-#define HAVE_FMODL 1
-#define HAVE_MODFL 1
-#define HAVE_FREXPL 1
-#define HAVE_LDEXPL 1
-#define HAVE_EXP2L 1
-#define HAVE_LOG2L 1
-#define HAVE_COPYSIGNL 1
-#define HAVE_NEXTAFTERL 1
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H 1
-#define HAVE_CREAL 1
-#define HAVE_CIMAG 1
-#define HAVE_CABS 1
-#define HAVE_CARG 1
-#define HAVE_CEXP 1
-#define HAVE_CSQRT 1
-#define HAVE_CLOG 1
-#define HAVE_CCOS 1
-#define HAVE_CSIN 1
-#define HAVE_CPOW 1
-#define HAVE_CREALF 1
-#define HAVE_CIMAGF 1
-#define HAVE_CABSF 1
-#define HAVE_CARGF 1
-#define HAVE_CEXPF 1
-#define HAVE_CSQRTF 1
-#define HAVE_CLOGF 1
-#define HAVE_CCOSF 1
-#define HAVE_CSINF 1
-#define HAVE_CPOWF 1
-#define HAVE_CREALL 1
-#define HAVE_CIMAGL 1
-#define HAVE_CABSL 1
-#define HAVE_CARGL 1
-#define HAVE_CEXPL 1
-#define HAVE_CSQRTL 1
-#define HAVE_CLOGL 1
-#define HAVE_CCOSL 1
-#define HAVE_CSINL 1
-#define HAVE_CPOWL 1
-#define HAVE_LDOUBLE_INTEL_EXTENDED_16_BYTES_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/x86/config.h b/meta/recipes-devtools/python-numpy/files/x86/config.h
deleted file mode 100644
index 08e41e3d99..0000000000
--- a/meta/recipes-devtools/python-numpy/files/x86/config.h
+++ /dev/null
@@ -1,108 +0,0 @@
-#define SIZEOF_PY_INTPTR_T 4
-#define SIZEOF_PY_LONG_LONG 8
-#define MATHLIB m
-#define HAVE_SIN
-#define HAVE_COS
-#define HAVE_TAN
-#define HAVE_SINH
-#define HAVE_COSH
-#define HAVE_TANH
-#define HAVE_FABS
-#define HAVE_FLOOR
-#define HAVE_CEIL
-#define HAVE_SQRT
-#define HAVE_LOG10
-#define HAVE_LOG
-#define HAVE_EXP
-#define HAVE_ASIN
-#define HAVE_ACOS
-#define HAVE_ATAN
-#define HAVE_FMOD
-#define HAVE_MODF
-#define HAVE_FREXP
-#define HAVE_LDEXP
-#define HAVE_RINT
-#define HAVE_TRUNC
-#define HAVE_EXP2
-#define HAVE_LOG2
-#define HAVE_ATAN2
-#define HAVE_POW
-#define HAVE_NEXTAFTER
-#define HAVE_SINF
-#define HAVE_COSF
-#define HAVE_TANF
-#define HAVE_SINHF
-#define HAVE_COSHF
-#define HAVE_TANHF
-#define HAVE_FABSF
-#define HAVE_FLOORF
-#define HAVE_CEILF
-#define HAVE_RINTF
-#define HAVE_TRUNCF
-#define HAVE_SQRTF
-#define HAVE_LOG10F
-#define HAVE_LOGF
-#define HAVE_LOG1PF
-#define HAVE_EXPF
-#define HAVE_EXPM1F
-#define HAVE_ASINF
-#define HAVE_ACOSF
-#define HAVE_ATANF
-#define HAVE_ASINHF
-#define HAVE_ACOSHF
-#define HAVE_ATANHF
-#define HAVE_HYPOTF
-#define HAVE_ATAN2F
-#define HAVE_POWF
-#define HAVE_FMODF
-#define HAVE_MODFF
-#define HAVE_FREXPF
-#define HAVE_LDEXPF
-#define HAVE_EXP2F
-#define HAVE_LOG2F
-#define HAVE_COPYSIGNF
-#define HAVE_NEXTAFTERF
-#define HAVE_SINL
-#define HAVE_COSL
-#define HAVE_TANL
-#define HAVE_SINHL
-#define HAVE_COSHL
-#define HAVE_TANHL
-#define HAVE_FABSL
-#define HAVE_FLOORL
-#define HAVE_CEILL
-#define HAVE_RINTL
-#define HAVE_TRUNCL
-#define HAVE_SQRTL
-#define HAVE_LOG10L
-#define HAVE_LOGL
-#define HAVE_LOG1PL
-#define HAVE_EXPL
-#define HAVE_EXPM1L
-#define HAVE_ASINL
-#define HAVE_ACOSL
-#define HAVE_ATANL
-#define HAVE_ASINHL
-#define HAVE_ACOSHL
-#define HAVE_ATANHL
-#define HAVE_HYPOTL
-#define HAVE_ATAN2L
-#define HAVE_POWL
-#define HAVE_FMODL
-#define HAVE_MODFL
-#define HAVE_FREXPL
-#define HAVE_LDEXPL
-#define HAVE_EXP2L
-#define HAVE_LOG2L
-#define HAVE_COPYSIGNL
-#define HAVE_NEXTAFTERL
-#define HAVE_DECL_SIGNBIT
-#define HAVE_COMPLEX_H
-#define HAVE_LDOUBLE_INTEL_EXTENDED_12_BYTES_LE 1
-#ifndef __cplusplus
-/* #undef inline */
-#endif
-#ifndef _NPY_NPY_CONFIG_H_
-#error config.h should never be included directly, include npy_config.h instead
-#endif
diff --git a/meta/recipes-devtools/python-numpy/files/x86/numpyconfig.h b/meta/recipes-devtools/python-numpy/files/x86/numpyconfig.h
deleted file mode 100644
index ff7938cd96..0000000000
--- a/meta/recipes-devtools/python-numpy/files/x86/numpyconfig.h
+++ /dev/null
@@ -1,24 +0,0 @@
-#ifndef _NPY_NUMPYCONFIG_H_
-#define _NPY_NUMPYCONFIG_H_
-#include "_numpyconfig.h"
-/* 
- * On Mac OS X, because there is only one configuration stage for all the archs
- * in universal builds, any macro which depends on the arch needs to be
- * harcoded
- */
-#ifdef __APPLE__
-        #undef NPY_SIZEOF_LONG
-        #undef NPY_SIZEOF_PY_INTPTR_T
-        #ifdef __LP64__
-                #define NPY_SIZEOF_LONG                 8
-                #define NPY_SIZEOF_PY_INTPTR_T  8
-        #else
-                #define NPY_SIZEOF_LONG                 4
-                #define NPY_SIZEOF_PY_INTPTR_T  4
-        #endif
-#endif
-#endif
diff --git a/meta/recipes-devtools/python-numpy/python-numpy.inc b/meta/recipes-devtools/python-numpy/python-numpy.inc
index a12e72f964..f68b90e6b9 100644
--- a/meta/recipes-devtools/python-numpy/python-numpy.inc
+++ b/meta/recipes-devtools/python-numpy/python-numpy.inc
@@ -8,7 +8,6 @@ SRCNAME = "numpy"
 SRC_URI = "https://github.com/${SRCNAME}/${SRCNAME}/releases/download/v${PV}/${SRCNAME}-${PV}.tar.gz \
           file://0001-Don-t-search-usr-and-so-on-for-libraries-by-default-.patch \
           file://0001-npy_cpu-Add-riscv-support.patch \
-           ${CONFIGFILESURI} \
           file://0001-numpy-random-setup.py-remove-the-detection-of-x86-ta.patch \
           "
 SRC_URI[md5sum] = "c48b2ad785f82cdfe28c907ce35e2a71"
@@ -20,77 +19,10 @@ UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"
 # Needed for building with gcc 4.x from centos 7
 CFLAGS_append_class-native = " -std=c99"
-CONFIGFILESURI ?= ""
-CONFIGFILESURI_aarch64 = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_arm = " \
-    file://config.h \
-    file://numpyconfig.h \
-"
-CONFIGFILESURI_armeb = " \
-    file://config.h \
-    file://numpyconfig.h \
-"
-CONFIGFILESURI_mipsarcho32el = " \
-    file://config.h \
-    file://numpyconfig.h \
-"
-CONFIGFILESURI_x86 = " \
-    file://config.h \
-    file://numpyconfig.h \
-"
-CONFIGFILESURI_x86-64 = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_mipsarcho32eb = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_powerpc = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_powerpc64 = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_mipsarchn64eb = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_mipsarchn64el = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_mipsarchn32eb = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_mipsarchn32el = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
-CONFIGFILESURI_riscv64 = " \
-    file://config.h \
-    file://_numpyconfig.h \
-"
 S = "${WORKDIR}/numpy-${PV}"
 CLEANBROKEN = "1"
-# Make the build fail and replace *config.h with proper one
-# This is a ugly, ugly hack - Koen
-do_compile_prepend_class-target() {
-    ${STAGING_BINDIR_NATIVE}/${PYTHON_PN}-native/${PYTHON_PN} setup.py build ${DISTUTILS_BUILD_ARGS} || \
-    true
-    cp ${WORKDIR}/*config.h ${S}/build/$(ls ${S}/build | grep src)/numpy/core/include/numpy/
-}
 FILES_${PN}-staticdev += "${PYTHON_SITEPACKAGES_DIR}/numpy/core/lib/*.a"
 # install what is needed for numpy.test()
diff --git a/meta/recipes-devtools/python/python-native_2.7.17.bb b/meta/recipes-devtools/python/python-native_2.7.18.bb
index 335318bab8..335318bab8 100644
--- a/meta/recipes-devtools/python/python-native_2.7.17.bb
+++ b/meta/recipes-devtools/python/python-native_2.7.18.bb
diff --git a/meta/recipes-devtools/python/python.inc b/meta/recipes-devtools/python/python.inc
index 19a2f3e743..fe281586fc 100644
--- a/meta/recipes-devtools/python/python.inc
+++ b/meta/recipes-devtools/python/python.inc
@@ -5,13 +5,13 @@ SECTION = "devel/python"
 # bump this on every change in contrib/python/generate-manifest-2.7.py
 INC_PR = "r1"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=e466242989bd33c1bd2b6a526a742498"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=203a6dbc802ee896020a47161e759642"
 SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
           "
-SRC_URI[md5sum] = "b3b6d2c92f42a60667814358ab9f0cfd"
+SRC_URI[md5sum] = "fd6cc8ec0a78c44036f825e739f36e5a"
-SRC_URI[sha256sum] = "4d43f033cdbd0aa7b7023c81b0e986fd11e653b5248dac9144d508f11812ba41"
+SRC_URI[sha256sum] = "b62c0e7937551d0cc02b8fd5cb0f544f9405bafc9a54d3808ed4594812edef43"
 # python recipe is actually python 2.x
 # also, exclude pre-releases for both python 2.x and 3.x
diff --git a/meta/recipes-devtools/python/python3-testtools/no_traceback2.patch b/meta/recipes-devtools/python/python3-testtools/no_traceback2.patch
new file mode 100644
index 0000000000..594510342b
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-testtools/no_traceback2.patch
@@ -0,0 +1,23 @@
+traceback2 adds traceback for python2. Rather than depend on traceback2, we're
+python3 only so just use traceback.
+This caused breakage in oe-selftest -j which uses testtools on the autobuilder
+using buildtools-tarball.
+Upstream-Status: Inappropriate [Our recipe is python3 specific]
+(Once py2 is EOL upstream probably could/should take this)
+Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
+Index: testtools-2.3.0/testtools/content.py
+===================================================================
+--- testtools-2.3.0.orig/testtools/content.py
+++ testtools-2.3.0/testtools/content.py
+@@ -19,8 +19,7 @@ import os
+ import sys
+ 
+ from extras import try_import
+-# To let setup.py work, make this a conditional import.
+-traceback = try_import('traceback2')
+import traceback
+ 
+ from testtools.compat import (
+     _b,
diff --git a/meta/recipes-devtools/python/python3-testtools_2.3.0.bb b/meta/recipes-devtools/python/python3-testtools_2.3.0.bb
index 896ecee65c..a254b90a75 100644
--- a/meta/recipes-devtools/python/python3-testtools_2.3.0.bb
+++ b/meta/recipes-devtools/python/python3-testtools_2.3.0.bb
@@ -1,2 +1,4 @@
 inherit setuptools3
 require python-testtools.inc
+SRC_URI += "file://no_traceback2.patch"
diff --git a/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch b/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch
new file mode 100644
index 0000000000..acf8e1e9b5
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/0001-Don-t-search-system-for-headers-libraries.patch
@@ -0,0 +1,29 @@
+From 85e8f86ad2b7dec0848cd55b8e810a5e2722b20a Mon Sep 17 00:00:00 2001
+From: Jeremy Puhlman <jpuhlman@mvista.com>
+Date: Wed, 4 Mar 2020 00:06:42 +0000
+Subject: [PATCH] Don't search system for headers/libraries
+Upstream-Status: Inappropriate [oe-core specific]
+Signed-off-by: Jeremy Puhlman <jpuhlman@mvista.com>
+---
+ setup.py | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/setup.py b/setup.py
+index 9da1b3a..59782c0 100644
+--- a/setup.py
+++ b/setup.py
+@@ -674,8 +674,8 @@ class PyBuildExt(build_ext):
+             add_dir_to_list(self.compiler.include_dirs,
+                             sysconfig.get_config_var("INCLUDEDIR"))
+ 
+-        system_lib_dirs = ['/lib64', '/usr/lib64', '/lib', '/usr/lib']
+-        system_include_dirs = ['/usr/include']
+        system_lib_dirs = []
+        system_include_dirs = []
+         # lib_dirs and inc_dirs are used to search for files;
+         # if a file is found in one of those directories, it can
+         # be assumed that no additional -I,-L directives are needed.
+-- 
+2.24.1
diff --git a/meta/recipes-devtools/python/python3/0017-setup.py-do-not-report-missing-dependencies-for-disa.patch b/meta/recipes-devtools/python/python3/0017-setup.py-do-not-report-missing-dependencies-for-disa.patch
new file mode 100644
index 0000000000..c15295c034
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/0017-setup.py-do-not-report-missing-dependencies-for-disa.patch
@@ -0,0 +1,31 @@
+From e3b59cb9658e1d3efa3535840939a0fa92a70a5a Mon Sep 17 00:00:00 2001
+From: Alexander Kanavin <alex.kanavin@gmail.com>
+Date: Mon, 7 Oct 2019 13:22:14 +0200
+Subject: [PATCH] setup.py: do not report missing dependencies for disabled
+ modules
+Reporting those missing dependencies is misleading as the modules would not
+have been built anyway. This particularly matters in oe-core's automated
+build completeness checker which relies on the report.
+Upstream-Status: Inappropriate [oe-core specific]
+Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
+---
+ setup.py | 4 ++++
+ 1 file changed, 4 insertions(+)
+diff --git a/setup.py b/setup.py
+index 4b53668..0097643 100644
+--- a/setup.py
+++ b/setup.py
+@@ -365,6 +365,10 @@ class PyBuildExt(build_ext):
+                 print("%-*s   %-*s   %-*s" % (longest, e, longest, f,
+                                               longest, g))
+ 
+        # There is no need to report missing module dependencies,
+        # if the modules have been disabled in the first place.
+        missing = list(set(missing) - set(sysconf_dis))
+
+         if missing:
+             print()
+             print("Python build finished successfully!")
diff --git a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch
index 0bafec73c0..d49604ba4d 100644
--- a/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch
+++ b/meta/recipes-devtools/python/python3/12-distutils-prefix-is-inside-staging-area.patch
@@ -1,4 +1,4 @@
-From 6229502e5ae6cbb22240594f002638e9ef78f831 Mon Sep 17 00:00:00 2001
+From a274ba778838824efcacaba57c415b7262f779ec Mon Sep 17 00:00:00 2001
 From: Khem Raj <raj.khem@gmail.com>
 Date: Tue, 14 May 2013 15:00:26 -0700
 Subject: [PATCH] python3: Add target and native recipes
diff --git a/meta/recipes-devtools/python/python3/CVE-2020-14422.patch b/meta/recipes-devtools/python/python3/CVE-2020-14422.patch
new file mode 100644
index 0000000000..31ad82d7c5
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/CVE-2020-14422.patch
@@ -0,0 +1,79 @@
+From b98e7790c77a4378ec4b1c71b84138cb930b69b7 Mon Sep 17 00:00:00 2001
+From: Tapas Kundu <39723251+tapakund@users.noreply.github.com>
+Date: Wed, 1 Jul 2020 00:50:21 +0530
+Subject: [PATCH] [3.7] bpo-41004: Resolve hash collisions for IPv4Interface
+ and IPv6Interface (GH-21033) (GH-21231)
+CVE-2020-14422
+The __hash__() methods of classes IPv4Interface and IPv6Interface had issue
+of generating constant hash values of 32 and 128 respectively causing hash collisions.
+The fix uses the hash() function to generate hash values for the objects
+instead of XOR operation
+(cherry picked from commit b30ee26e366bf509b7538d79bfec6c6d38d53f28)
+Co-authored-by: Ravi Teja P <rvteja92@gmail.com>
+Signed-off-by: Tapas Kundu <tkundu@vmware.com>
+Upstream-Status: Backport [https://github.com/python/cpython/commit/b98e7790c77a4378ec4b1c71b84138cb930b69b7]
+CVE: CVE-2020-14422
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ Lib/ipaddress.py                                      |  4 ++--
+ Lib/test/test_ipaddress.py                            | 11 +++++++++++
+ .../Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst |  1 +
+ 3 files changed, 14 insertions(+), 2 deletions(-)
+ create mode 100644 Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
+diff --git a/Lib/ipaddress.py b/Lib/ipaddress.py
+index 80249288d73ab..54882934c3dc1 100644
+--- a/Lib/ipaddress.py
+++ b/Lib/ipaddress.py
+@@ -1442,7 +1442,7 @@ def __lt__(self, other):
+             return False
+ 
+     def __hash__(self):
+-        return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+        return hash((self._ip, self._prefixlen, int(self.network.network_address)))
+ 
+     __reduce__ = _IPAddressBase.__reduce__
+ 
+@@ -2088,7 +2088,7 @@ def __lt__(self, other):
+             return False
+ 
+     def __hash__(self):
+-        return self._ip ^ self._prefixlen ^ int(self.network.network_address)
+        return hash((self._ip, self._prefixlen, int(self.network.network_address)))
+ 
+     __reduce__ = _IPAddressBase.__reduce__
+ 
+diff --git a/Lib/test/test_ipaddress.py b/Lib/test/test_ipaddress.py
+index 455b893fb126f..1fb6a929dc2d9 100644
+--- a/Lib/test/test_ipaddress.py
+++ b/Lib/test/test_ipaddress.py
+@@ -2091,6 +2091,17 @@ def testsixtofour(self):
+                          sixtofouraddr.sixtofour)
+         self.assertFalse(bad_addr.sixtofour)
+ 
+    # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+    def testV4HashIsNotConstant(self):
+        ipv4_address1 = ipaddress.IPv4Interface("1.2.3.4")
+        ipv4_address2 = ipaddress.IPv4Interface("2.3.4.5")
+        self.assertNotEqual(ipv4_address1.__hash__(), ipv4_address2.__hash__())
+
+    # issue41004 Hash collisions in IPv4Interface and IPv6Interface
+    def testV6HashIsNotConstant(self):
+        ipv6_address1 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:1")
+        ipv6_address2 = ipaddress.IPv6Interface("2001:658:22a:cafe:200:0:0:2")
+        self.assertNotEqual(ipv6_address1.__hash__(), ipv6_address2.__hash__())
+ 
+ if __name__ == '__main__':
+     unittest.main()
+diff --git a/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
+new file mode 100644
+index 0000000000000..f5a9db52fff52
+--- /dev/null
+++ b/Misc/NEWS.d/next/Security/2020-06-29-16-02-29.bpo-41004.ovF0KZ.rst
+@@ -0,0 +1 @@
+CVE-2020-14422: The __hash__() methods of  ipaddress.IPv4Interface and ipaddress.IPv6Interface incorrectly generated constant hash values of 32 and 128 respectively. This resulted in always causing hash collisions. The fix uses hash() to generate hash values for the tuple of (address, mask length, network address).
diff --git a/meta/recipes-devtools/python/python3_3.7.6.bb b/meta/recipes-devtools/python/python3_3.7.8.bb
index b33b7028d4..b18b3cd47d 100644
--- a/meta/recipes-devtools/python/python3_3.7.6.bb
+++ b/meta/recipes-devtools/python/python3_3.7.8.bb
@@ -3,7 +3,7 @@ HOMEPAGE = "http://www.python.org"
 LICENSE = "PSFv2"
 SECTION = "devel/python"
-LIC_FILES_CHKSUM = "file://LICENSE;md5=e466242989bd33c1bd2b6a526a742498"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=203a6dbc802ee896020a47161e759642"
 SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
           file://run-ptest \
@@ -28,18 +28,21 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
           file://reformat_sysconfig.py \
           file://0001-Use-FLAG_REF-always-for-interned-strings.patch \
           file://0001-test_locale.py-correct-the-test-output-format.patch \
+           file://0017-setup.py-do-not-report-missing-dependencies-for-disa.patch \
+           file://CVE-2020-14422.patch \
           "
 SRC_URI_append_class-native = " \
           file://0001-distutils-sysconfig-append-STAGING_LIBDIR-python-sys.patch \
           file://12-distutils-prefix-is-inside-staging-area.patch \
+           file://0001-Don-t-search-system-for-headers-libraries.patch \
           "
 SRC_URI_append_class-nativesdk = " \
           file://0001-main.c-if-OEPYTHON3HOME-is-set-use-instead-of-PYTHON.patch \
           "
-SRC_URI[md5sum] = "c08fbee72ad5c2c95b0f4e44bf6fd72c"
+SRC_URI[md5sum] = "a224ef2249a18824f48fba9812f4006f"
-SRC_URI[sha256sum] = "55a2cce72049f0794e9a11a84862e9039af9183603b78bc60d89539f82cf533f"
+SRC_URI[sha256sum] = "43a543404b363f0037f89df8478f19db2dbc0d6f3ffee310bc2997fa71854a63"
 # exclude pre-releases for both python 2.x and 3.x
 UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
@@ -65,7 +68,7 @@ ALTERNATIVE_LINK_NAME[python-config] = "${bindir}/python${PYTHON_BINABI}-config"
 ALTERNATIVE_TARGET[python-config] = "${bindir}/python${PYTHON_BINABI}-config-${MULTILIB_SUFFIX}"
-DEPENDS = "bzip2-replacement-native libffi bzip2 gdbm openssl sqlite3 zlib virtual/libintl xz virtual/crypt util-linux libtirpc libnsl2"
+DEPENDS = "bzip2-replacement-native libffi bzip2 openssl sqlite3 zlib virtual/libintl xz virtual/crypt util-linux libtirpc libnsl2"
 DEPENDS_append_class-target = " python3-native"
 DEPENDS_append_class-nativesdk = " python3-native"
@@ -90,13 +93,23 @@ python() {
        d.setVar('PACKAGECONFIG_PGO', '')
 }
-PACKAGECONFIG_class-target ??= "readline ${PACKAGECONFIG_PGO}"
+PACKAGECONFIG_class-target ??= "readline ${PACKAGECONFIG_PGO} gdbm"
-PACKAGECONFIG_class-native ??= "readline"
+PACKAGECONFIG_class-native ??= "readline gdbm"
-PACKAGECONFIG_class-nativesdk ??= "readline"
+PACKAGECONFIG_class-nativesdk ??= "readline gdbm"
 PACKAGECONFIG[readline] = ",,readline"
 # Use profile guided optimisation by running PyBench inside qemu-user
 PACKAGECONFIG[pgo] = "--enable-optimizations,,qemu-native"
 PACKAGECONFIG[tk] = ",,tk"
+PACKAGECONFIG[gdbm] = ",,gdbm"
+do_configure_prepend () {
+    mkdir -p ${B}/Modules
+    cat > ${B}/Modules/Setup.local << EOF
+*disabled*
+${@bb.utils.contains('PACKAGECONFIG', 'gdbm', '', '_gdbm _dbm', d)}
+${@bb.utils.contains('PACKAGECONFIG', 'readline', '', 'readline', d)}
+EOF
+}
 CPPFLAGS_append = " -I${STAGING_INCDIR}/ncursesw -I${STAGING_INCDIR}/uuid"
diff --git a/meta/recipes-devtools/python/python_2.7.17.bb b/meta/recipes-devtools/python/python_2.7.18.bb
index 5b856a5097..5b856a5097 100644
--- a/meta/recipes-devtools/python/python_2.7.17.bb
+++ b/meta/recipes-devtools/python/python_2.7.18.bb
diff --git a/meta/recipes-devtools/qemu/qemu.inc b/meta/recipes-devtools/qemu/qemu.inc
index bb444b63d9..ec32c90ad5 100644
--- a/meta/recipes-devtools/qemu/qemu.inc
+++ b/meta/recipes-devtools/qemu/qemu.inc
@@ -27,9 +27,23 @@ SRC_URI = "https://download.qemu.org/${BPN}-${PV}.tar.xz \
           file://0008-linux-user-Fix-webkitgtk-hangs-on-32-bit-x86-target.patch \
           file://0009-Fix-webkitgtk-builds.patch \
           file://0010-configure-Add-pkg-config-handling-for-libgcrypt.patch \
+           file://0011-linux-user-remove-host-stime-syscall.patch \
           file://CVE-2019-15890.patch \
           file://CVE-2019-12068.patch \
-           "
+           file://CVE-2020-1711.patch \
+           file://CVE-2019-20382.patch \
+           file://CVE-2020-7039-1.patch \
+           file://CVE-2020-7039-2.patch \
+           file://CVE-2020-7039-3.patch \
+           file://CVE-2020-7211.patch \
+           file://CVE-2020-11869.patch \
+           file://CVE-2020-13765.patch \
+           file://CVE-2020-10702.patch \
+           file://CVE-2020-16092.patch \
+           file://CVE-2020-10756.patch \
+           file://CVE-2020-15863.patch \
+           file://CVE-2020-14364.patch \
+           "
 UPSTREAM_CHECK_REGEX = "qemu-(?P<pver>\d+(\.\d+)+)\.tar"
 SRC_URI[md5sum] = "cdf2b5ca52b9abac9bacb5842fa420f8"
@@ -164,6 +178,7 @@ PACKAGECONFIG[spice] = "--enable-spice,--disable-spice,spice"
 # usbredir will be in meta-networking layer
 PACKAGECONFIG[usb-redir] = "--enable-usb-redir,--disable-usb-redir,usbredir"
 PACKAGECONFIG[snappy] = "--enable-snappy,--disable-snappy,snappy"
+PACKAGECONFIG[glusterfs] = "--enable-glusterfs,--disable-glusterfs,glusterfs"
 INSANE_SKIP_${PN} = "arch"
diff --git a/meta/recipes-devtools/qemu/qemu/0011-linux-user-remove-host-stime-syscall.patch b/meta/recipes-devtools/qemu/qemu/0011-linux-user-remove-host-stime-syscall.patch
new file mode 100644
index 0000000000..659e6be45d
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/0011-linux-user-remove-host-stime-syscall.patch
@@ -0,0 +1,61 @@
+From 0f1f2d4596aee037d3ccbcf10592466daa54107f Mon Sep 17 00:00:00 2001
+From: Laurent Vivier <laurent@vivier.eu>
+Date: Tue, 12 Nov 2019 15:25:56 +0100
+Subject: [PATCH] linux-user: remove host stime() syscall
+stime() has been withdrawn from glibc
+(12cbde1dae6f "Use clock_settime to implement stime; withdraw stime.")
+Implement the target stime() syscall using host
+clock_settime(CLOCK_REALTIME, ...) as it is done internally in glibc.
+Tested qemu-ppc/x86_64 with:
+        #include <time.h>
+        #include <stdio.h>
+        int main(void)
+        {
+                time_t t;
+                int ret;
+                /* date -u -d"2019-11-12T15:11:00" "+%s" */
+                t = 1573571460;
+                ret = stime(&t);
+                printf("ret %d\n", ret);
+                return 0;
+        }
+        # date; ./stime; date
+        Tue Nov 12 14:18:32 UTC 2019
+        ret 0
+        Tue Nov 12 15:11:00 UTC 2019
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=0f1f2d4596aee037d3ccbcf10592466daa54107f]
+Buglink: https://bugs.launchpad.net/qemu/+bug/1852115
+Reported-by: Cole Robinson <crobinso@redhat.com>
+Signed-off-by: Laurent Vivier <laurent@vivier.eu>
+Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+Message-Id: <20191112142556.6335-1-laurent@vivier.eu>
+---
+ linux-user/syscall.c | 8 +++++---
+ 1 file changed, 5 insertions(+), 3 deletions(-)
+--- a/linux-user/syscall.c
+++ b/linux-user/syscall.c
+@@ -7651,10 +7651,12 @@ static abi_long do_syscall1(void *cpu_en
+ #ifdef TARGET_NR_stime /* not on alpha */
+     case TARGET_NR_stime:
+         {
+-            time_t host_time;
+-            if (get_user_sal(host_time, arg1))
+            struct timespec ts;
+            ts.tv_nsec = 0;
+            if (get_user_sal(ts.tv_sec, arg1)) {
+                 return -TARGET_EFAULT;
+-            return get_errno(stime(&host_time));
+            }
+            return get_errno(clock_settime(CLOCK_REALTIME, &ts));
+         }
+ #endif
+ #ifdef TARGET_NR_alarm /* not on alpha */
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2019-20382.patch b/meta/recipes-devtools/qemu/qemu/CVE-2019-20382.patch
new file mode 100644
index 0000000000..183d100398
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2019-20382.patch
@@ -0,0 +1,1018 @@
+From 6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0 Mon Sep 17 00:00:00 2001
+From: Li Qiang <liq3ea@163.com>
+Date: Sat, 31 Aug 2019 08:39:22 -0700
+Subject: [PATCH] vnc: fix memory leak when vnc disconnect
+Currently when qemu receives a vnc connect, it creates a 'VncState' to
+represent this connection. In 'vnc_worker_thread_loop' it creates a
+local 'VncState'. The connection 'VcnState' and local 'VncState' exchange
+data in 'vnc_async_encoding_start' and 'vnc_async_encoding_end'.
+In 'zrle_compress_data' it calls 'deflateInit2' to allocate the libz library
+opaque data. The 'VncState' used in 'zrle_compress_data' is the local
+'VncState'. In 'vnc_zrle_clear' it calls 'deflateEnd' to free the libz
+library opaque data. The 'VncState' used in 'vnc_zrle_clear' is the connection
+'VncState'. In currently implementation there will be a memory leak when the
+vnc disconnect. Following is the asan output backtrack:
+Direct leak of 29760 byte(s) in 5 object(s) allocated from:
+    0 0xffffa67ef3c3 in __interceptor_calloc (/lib64/libasan.so.4+0xd33c3)
+    1 0xffffa65071cb in g_malloc0 (/lib64/libglib-2.0.so.0+0x571cb)
+    2 0xffffa5e968f7 in deflateInit2_ (/lib64/libz.so.1+0x78f7)
+    3 0xaaaacec58613 in zrle_compress_data ui/vnc-enc-zrle.c:87
+    4 0xaaaacec58613 in zrle_send_framebuffer_update ui/vnc-enc-zrle.c:344
+    5 0xaaaacec34e77 in vnc_send_framebuffer_update ui/vnc.c:919
+    6 0xaaaacec5e023 in vnc_worker_thread_loop ui/vnc-jobs.c:271
+    7 0xaaaacec5e5e7 in vnc_worker_thread ui/vnc-jobs.c:340
+    8 0xaaaacee4d3c3 in qemu_thread_start util/qemu-thread-posix.c:502
+    9 0xffffa544e8bb in start_thread (/lib64/libpthread.so.0+0x78bb)
+    10 0xffffa53965cb in thread_start (/lib64/libc.so.6+0xd55cb)
+This is because the opaque allocated in 'deflateInit2' is not freed in
+'deflateEnd'. The reason is that the 'deflateEnd' calls 'deflateStateCheck'
+and in the latter will check whether 's->strm != strm'(libz's data structure).
+This check will be true so in 'deflateEnd' it just return 'Z_STREAM_ERROR' and
+not free the data allocated in 'deflateInit2'.
+The reason this happens is that the 'VncState' contains the whole 'VncZrle',
+so when calling 'deflateInit2', the 's->strm' will be the local address.
+So 's->strm != strm' will be true.
+To fix this issue, we need to make 'zrle' of 'VncState' to be a pointer.
+Then the connection 'VncState' and local 'VncState' exchange mechanism will
+work as expection. The 'tight' of 'VncState' has the same issue, let's also turn
+it to a pointer.
+Reported-by: Ying Fang <fangying1@huawei.com>
+Signed-off-by: Li Qiang <liq3ea@163.com>
+Message-id: 20190831153922.121308-1-liq3ea@163.com
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=6bf21f3d83e95bcc4ba35a7a07cc6655e8b010b0]
+CVE: CVE-2019-20382
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ ui/vnc-enc-tight.c    | 219 +++++++++++++++++++++++++-------------------------
+ ui/vnc-enc-zlib.c     |  11 +--
+ ui/vnc-enc-zrle.c     |  68 ++++++++--------
+ ui/vnc-enc-zrle.inc.c |   2 +-
+ ui/vnc.c              |  28 ++++---
+ ui/vnc.h              |   4 +-
+ 6 files changed, 170 insertions(+), 162 deletions(-)
+diff --git a/ui/vnc-enc-tight.c b/ui/vnc-enc-tight.c
+index 9084c22..1e08518 100644
+--- a/ui/vnc-enc-tight.c
+++ b/ui/vnc-enc-tight.c
+@@ -116,7 +116,7 @@ static int send_png_rect(VncState *vs, int x, int y, int w, int h,
+ 
+ static bool tight_can_send_png_rect(VncState *vs, int w, int h)
+ {
+-    if (vs->tight.type != VNC_ENCODING_TIGHT_PNG) {
+    if (vs->tight->type != VNC_ENCODING_TIGHT_PNG) {
+         return false;
+     }
+ 
+@@ -144,7 +144,7 @@ tight_detect_smooth_image24(VncState *vs, int w, int h)
+     int pixels = 0;
+     int pix, left[3];
+     unsigned int errors;
+-    unsigned char *buf = vs->tight.tight.buffer;
+    unsigned char *buf = vs->tight->tight.buffer;
+ 
+     /*
+      * If client is big-endian, color samples begin from the second
+@@ -215,7 +215,7 @@ tight_detect_smooth_image24(VncState *vs, int w, int h)
+         int pixels = 0;                                                 \
+         int sample, sum, left[3];                                       \
+         unsigned int errors;                                            \
+-        unsigned char *buf = vs->tight.tight.buffer;                    \
+        unsigned char *buf = vs->tight->tight.buffer;                    \
+                                                                         \
+         endian = 0; /* FIXME */                                         \
+                                                                         \
+@@ -296,8 +296,8 @@ static int
+ tight_detect_smooth_image(VncState *vs, int w, int h)
+ {
+     unsigned int errors;
+-    int compression = vs->tight.compression;
+-    int quality = vs->tight.quality;
+    int compression = vs->tight->compression;
+    int quality = vs->tight->quality;
+ 
+     if (!vs->vd->lossy) {
+         return 0;
+@@ -309,7 +309,7 @@ tight_detect_smooth_image(VncState *vs, int w, int h)
+         return 0;
+     }
+ 
+-    if (vs->tight.quality != (uint8_t)-1) {
+    if (vs->tight->quality != (uint8_t)-1) {
+         if (w * h < VNC_TIGHT_JPEG_MIN_RECT_SIZE) {
+             return 0;
+         }
+@@ -320,9 +320,9 @@ tight_detect_smooth_image(VncState *vs, int w, int h)
+     }
+ 
+     if (vs->client_pf.bytes_per_pixel == 4) {
+-        if (vs->tight.pixel24) {
+        if (vs->tight->pixel24) {
+             errors = tight_detect_smooth_image24(vs, w, h);
+-            if (vs->tight.quality != (uint8_t)-1) {
+            if (vs->tight->quality != (uint8_t)-1) {
+                 return (errors < tight_conf[quality].jpeg_threshold24);
+             }
+             return (errors < tight_conf[compression].gradient_threshold24);
+@@ -352,7 +352,7 @@ tight_detect_smooth_image(VncState *vs, int w, int h)
+         uint##bpp##_t c0, c1, ci;                                       \
+         int i, n0, n1;                                                  \
+                                                                         \
+-        data = (uint##bpp##_t *)vs->tight.tight.buffer;                 \
+        data = (uint##bpp##_t *)vs->tight->tight.buffer;                \
+                                                                         \
+         c0 = data[0];                                                   \
+         i = 1;                                                          \
+@@ -423,9 +423,9 @@ static int tight_fill_palette(VncState *vs, int x, int y,
+ {
+     int max;
+ 
+-    max = count / tight_conf[vs->tight.compression].idx_max_colors_divisor;
+    max = count / tight_conf[vs->tight->compression].idx_max_colors_divisor;
+     if (max < 2 &&
+-        count >= tight_conf[vs->tight.compression].mono_min_rect_size) {
+        count >= tight_conf[vs->tight->compression].mono_min_rect_size) {
+         max = 2;
+     }
+     if (max >= 256) {
+@@ -558,7 +558,7 @@ tight_filter_gradient24(VncState *vs, uint8_t *buf, int w, int h)
+     int x, y, c;
+ 
+     buf32 = (uint32_t *)buf;
+-    memset(vs->tight.gradient.buffer, 0, w * 3 * sizeof(int));
+    memset(vs->tight->gradient.buffer, 0, w * 3 * sizeof(int));
+ 
+     if (1 /* FIXME */) {
+         shift[0] = vs->client_pf.rshift;
+@@ -575,7 +575,7 @@ tight_filter_gradient24(VncState *vs, uint8_t *buf, int w, int h)
+             upper[c] = 0;
+             here[c] = 0;
+         }
+-        prev = (int *)vs->tight.gradient.buffer;
+        prev = (int *)vs->tight->gradient.buffer;
+         for (x = 0; x < w; x++) {
+             pix32 = *buf32++;
+             for (c = 0; c < 3; c++) {
+@@ -615,7 +615,7 @@ tight_filter_gradient24(VncState *vs, uint8_t *buf, int w, int h)
+         int prediction;                                                 \
+         int x, y, c;                                                    \
+                                                                         \
+-        memset (vs->tight.gradient.buffer, 0, w * 3 * sizeof(int));     \
+        memset(vs->tight->gradient.buffer, 0, w * 3 * sizeof(int));     \
+                                                                         \
+         endian = 0; /* FIXME */                                         \
+                                                                         \
+@@ -631,7 +631,7 @@ tight_filter_gradient24(VncState *vs, uint8_t *buf, int w, int h)
+                 upper[c] = 0;                                           \
+                 here[c] = 0;                                            \
+             }                                                           \
+-            prev = (int *)vs->tight.gradient.buffer;                    \
+            prev = (int *)vs->tight->gradient.buffer;                    \
+             for (x = 0; x < w; x++) {                                   \
+                 pix = *buf;                                             \
+                 if (endian) {                                           \
+@@ -785,7 +785,7 @@ static void extend_solid_area(VncState *vs, int x, int y, int w, int h,
+ static int tight_init_stream(VncState *vs, int stream_id,
+                              int level, int strategy)
+ {
+-    z_streamp zstream = &vs->tight.stream[stream_id];
+    z_streamp zstream = &vs->tight->stream[stream_id];
+ 
+     if (zstream->opaque == NULL) {
+         int err;
+@@ -803,15 +803,15 @@ static int tight_init_stream(VncState *vs, int stream_id,
+             return -1;
+         }
+ 
+-        vs->tight.levels[stream_id] = level;
+        vs->tight->levels[stream_id] = level;
+         zstream->opaque = vs;
+     }
+ 
+-    if (vs->tight.levels[stream_id] != level) {
+    if (vs->tight->levels[stream_id] != level) {
+         if (deflateParams(zstream, level, strategy) != Z_OK) {
+             return -1;
+         }
+-        vs->tight.levels[stream_id] = level;
+        vs->tight->levels[stream_id] = level;
+     }
+     return 0;
+ }
+@@ -839,11 +839,11 @@ static void tight_send_compact_size(VncState *vs, size_t len)
+ static int tight_compress_data(VncState *vs, int stream_id, size_t bytes,
+                                int level, int strategy)
+ {
+-    z_streamp zstream = &vs->tight.stream[stream_id];
+    z_streamp zstream = &vs->tight->stream[stream_id];
+     int previous_out;
+ 
+     if (bytes < VNC_TIGHT_MIN_TO_COMPRESS) {
+-        vnc_write(vs, vs->tight.tight.buffer, vs->tight.tight.offset);
+        vnc_write(vs, vs->tight->tight.buffer, vs->tight->tight.offset);
+         return bytes;
+     }
+ 
+@@ -852,13 +852,13 @@ static int tight_compress_data(VncState *vs, int stream_id, size_t bytes,
+     }
+ 
+     /* reserve memory in output buffer */
+-    buffer_reserve(&vs->tight.zlib, bytes + 64);
+    buffer_reserve(&vs->tight->zlib, bytes + 64);
+ 
+     /* set pointers */
+-    zstream->next_in = vs->tight.tight.buffer;
+-    zstream->avail_in = vs->tight.tight.offset;
+-    zstream->next_out = vs->tight.zlib.buffer + vs->tight.zlib.offset;
+-    zstream->avail_out = vs->tight.zlib.capacity - vs->tight.zlib.offset;
+    zstream->next_in = vs->tight->tight.buffer;
+    zstream->avail_in = vs->tight->tight.offset;
+    zstream->next_out = vs->tight->zlib.buffer + vs->tight->zlib.offset;
+    zstream->avail_out = vs->tight->zlib.capacity - vs->tight->zlib.offset;
+     previous_out = zstream->avail_out;
+     zstream->data_type = Z_BINARY;
+ 
+@@ -868,14 +868,14 @@ static int tight_compress_data(VncState *vs, int stream_id, size_t bytes,
+         return -1;
+     }
+ 
+-    vs->tight.zlib.offset = vs->tight.zlib.capacity - zstream->avail_out;
+    vs->tight->zlib.offset = vs->tight->zlib.capacity - zstream->avail_out;
+     /* ...how much data has actually been produced by deflate() */
+     bytes = previous_out - zstream->avail_out;
+ 
+     tight_send_compact_size(vs, bytes);
+-    vnc_write(vs, vs->tight.zlib.buffer, bytes);
+    vnc_write(vs, vs->tight->zlib.buffer, bytes);
+ 
+-    buffer_reset(&vs->tight.zlib);
+    buffer_reset(&vs->tight->zlib);
+ 
+     return bytes;
+ }
+@@ -927,16 +927,17 @@ static int send_full_color_rect(VncState *vs, int x, int y, int w, int h)
+ 
+     vnc_write_u8(vs, stream << 4); /* no flushing, no filter */
+ 
+-    if (vs->tight.pixel24) {
+-        tight_pack24(vs, vs->tight.tight.buffer, w * h, &vs->tight.tight.offset);
+    if (vs->tight->pixel24) {
+        tight_pack24(vs, vs->tight->tight.buffer, w * h,
+                     &vs->tight->tight.offset);
+         bytes = 3;
+     } else {
+         bytes = vs->client_pf.bytes_per_pixel;
+     }
+ 
+     bytes = tight_compress_data(vs, stream, w * h * bytes,
+-                                tight_conf[vs->tight.compression].raw_zlib_level,
+-                                Z_DEFAULT_STRATEGY);
+                            tight_conf[vs->tight->compression].raw_zlib_level,
+                            Z_DEFAULT_STRATEGY);
+ 
+     return (bytes >= 0);
+ }
+@@ -947,14 +948,14 @@ static int send_solid_rect(VncState *vs)
+ 
+     vnc_write_u8(vs, VNC_TIGHT_FILL << 4); /* no flushing, no filter */
+ 
+-    if (vs->tight.pixel24) {
+-        tight_pack24(vs, vs->tight.tight.buffer, 1, &vs->tight.tight.offset);
+    if (vs->tight->pixel24) {
+        tight_pack24(vs, vs->tight->tight.buffer, 1, &vs->tight->tight.offset);
+         bytes = 3;
+     } else {
+         bytes = vs->client_pf.bytes_per_pixel;
+     }
+ 
+-    vnc_write(vs, vs->tight.tight.buffer, bytes);
+    vnc_write(vs, vs->tight->tight.buffer, bytes);
+     return 1;
+ }
+ 
+@@ -963,7 +964,7 @@ static int send_mono_rect(VncState *vs, int x, int y,
+ {
+     ssize_t bytes;
+     int stream = 1;
+-    int level = tight_conf[vs->tight.compression].mono_zlib_level;
+    int level = tight_conf[vs->tight->compression].mono_zlib_level;
+ 
+ #ifdef CONFIG_VNC_PNG
+     if (tight_can_send_png_rect(vs, w, h)) {
+@@ -991,26 +992,26 @@ static int send_mono_rect(VncState *vs, int x, int y,
+         uint32_t buf[2] = {bg, fg};
+         size_t ret = sizeof (buf);
+ 
+-        if (vs->tight.pixel24) {
+        if (vs->tight->pixel24) {
+             tight_pack24(vs, (unsigned char*)buf, 2, &ret);
+         }
+         vnc_write(vs, buf, ret);
+ 
+-        tight_encode_mono_rect32(vs->tight.tight.buffer, w, h, bg, fg);
+        tight_encode_mono_rect32(vs->tight->tight.buffer, w, h, bg, fg);
+         break;
+     }
+     case 2:
+         vnc_write(vs, &bg, 2);
+         vnc_write(vs, &fg, 2);
+-        tight_encode_mono_rect16(vs->tight.tight.buffer, w, h, bg, fg);
+        tight_encode_mono_rect16(vs->tight->tight.buffer, w, h, bg, fg);
+         break;
+     default:
+         vnc_write_u8(vs, bg);
+         vnc_write_u8(vs, fg);
+-        tight_encode_mono_rect8(vs->tight.tight.buffer, w, h, bg, fg);
+        tight_encode_mono_rect8(vs->tight->tight.buffer, w, h, bg, fg);
+         break;
+     }
+-    vs->tight.tight.offset = bytes;
+    vs->tight->tight.offset = bytes;
+ 
+     bytes = tight_compress_data(vs, stream, bytes, level, Z_DEFAULT_STRATEGY);
+     return (bytes >= 0);
+@@ -1040,7 +1041,7 @@ static void write_palette(int idx, uint32_t color, void *opaque)
+ static bool send_gradient_rect(VncState *vs, int x, int y, int w, int h)
+ {
+     int stream = 3;
+-    int level = tight_conf[vs->tight.compression].gradient_zlib_level;
+    int level = tight_conf[vs->tight->compression].gradient_zlib_level;
+     ssize_t bytes;
+ 
+     if (vs->client_pf.bytes_per_pixel == 1) {
+@@ -1050,23 +1051,23 @@ static bool send_gradient_rect(VncState *vs, int x, int y, int w, int h)
+     vnc_write_u8(vs, (stream | VNC_TIGHT_EXPLICIT_FILTER) << 4);
+     vnc_write_u8(vs, VNC_TIGHT_FILTER_GRADIENT);
+ 
+-    buffer_reserve(&vs->tight.gradient, w * 3 * sizeof (int));
+    buffer_reserve(&vs->tight->gradient, w * 3 * sizeof(int));
+ 
+-    if (vs->tight.pixel24) {
+-        tight_filter_gradient24(vs, vs->tight.tight.buffer, w, h);
+    if (vs->tight->pixel24) {
+        tight_filter_gradient24(vs, vs->tight->tight.buffer, w, h);
+         bytes = 3;
+     } else if (vs->client_pf.bytes_per_pixel == 4) {
+-        tight_filter_gradient32(vs, (uint32_t *)vs->tight.tight.buffer, w, h);
+        tight_filter_gradient32(vs, (uint32_t *)vs->tight->tight.buffer, w, h);
+         bytes = 4;
+     } else {
+-        tight_filter_gradient16(vs, (uint16_t *)vs->tight.tight.buffer, w, h);
+        tight_filter_gradient16(vs, (uint16_t *)vs->tight->tight.buffer, w, h);
+         bytes = 2;
+     }
+ 
+-    buffer_reset(&vs->tight.gradient);
+    buffer_reset(&vs->tight->gradient);
+ 
+     bytes = w * h * bytes;
+-    vs->tight.tight.offset = bytes;
+    vs->tight->tight.offset = bytes;
+ 
+     bytes = tight_compress_data(vs, stream, bytes,
+                                 level, Z_FILTERED);
+@@ -1077,7 +1078,7 @@ static int send_palette_rect(VncState *vs, int x, int y,
+                              int w, int h, VncPalette *palette)
+ {
+     int stream = 2;
+-    int level = tight_conf[vs->tight.compression].idx_zlib_level;
+    int level = tight_conf[vs->tight->compression].idx_zlib_level;
+     int colors;
+     ssize_t bytes;
+ 
+@@ -1104,12 +1105,12 @@ static int send_palette_rect(VncState *vs, int x, int y,
+         palette_iter(palette, write_palette, &priv);
+         vnc_write(vs, header, sizeof(header));
+ 
+-        if (vs->tight.pixel24) {
+        if (vs->tight->pixel24) {
+             tight_pack24(vs, vs->output.buffer + old_offset, colors, &offset);
+             vs->output.offset = old_offset + offset;
+         }
+ 
+-        tight_encode_indexed_rect32(vs->tight.tight.buffer, w * h, palette);
+        tight_encode_indexed_rect32(vs->tight->tight.buffer, w * h, palette);
+         break;
+     }
+     case 2:
+@@ -1119,7 +1120,7 @@ static int send_palette_rect(VncState *vs, int x, int y,
+ 
+         palette_iter(palette, write_palette, &priv);
+         vnc_write(vs, header, sizeof(header));
+-        tight_encode_indexed_rect16(vs->tight.tight.buffer, w * h, palette);
+        tight_encode_indexed_rect16(vs->tight->tight.buffer, w * h, palette);
+         break;
+     }
+     default:
+@@ -1127,7 +1128,7 @@ static int send_palette_rect(VncState *vs, int x, int y,
+         break;
+     }
+     bytes = w * h;
+-    vs->tight.tight.offset = bytes;
+    vs->tight->tight.offset = bytes;
+ 
+     bytes = tight_compress_data(vs, stream, bytes,
+                                 level, Z_DEFAULT_STRATEGY);
+@@ -1146,7 +1147,7 @@ static int send_palette_rect(VncState *vs, int x, int y,
+ static void jpeg_init_destination(j_compress_ptr cinfo)
+ {
+     VncState *vs = cinfo->client_data;
+-    Buffer *buffer = &vs->tight.jpeg;
+    Buffer *buffer = &vs->tight->jpeg;
+ 
+     cinfo->dest->next_output_byte = (JOCTET *)buffer->buffer + buffer->offset;
+     cinfo->dest->free_in_buffer = (size_t)(buffer->capacity - buffer->offset);
+@@ -1156,7 +1157,7 @@ static void jpeg_init_destination(j_compress_ptr cinfo)
+ static boolean jpeg_empty_output_buffer(j_compress_ptr cinfo)
+ {
+     VncState *vs = cinfo->client_data;
+-    Buffer *buffer = &vs->tight.jpeg;
+    Buffer *buffer = &vs->tight->jpeg;
+ 
+     buffer->offset = buffer->capacity;
+     buffer_reserve(buffer, 2048);
+@@ -1168,7 +1169,7 @@ static boolean jpeg_empty_output_buffer(j_compress_ptr cinfo)
+ static void jpeg_term_destination(j_compress_ptr cinfo)
+ {
+     VncState *vs = cinfo->client_data;
+-    Buffer *buffer = &vs->tight.jpeg;
+    Buffer *buffer = &vs->tight->jpeg;
+ 
+     buffer->offset = buffer->capacity - cinfo->dest->free_in_buffer;
+ }
+@@ -1187,7 +1188,7 @@ static int send_jpeg_rect(VncState *vs, int x, int y, int w, int h, int quality)
+         return send_full_color_rect(vs, x, y, w, h);
+     }
+ 
+-    buffer_reserve(&vs->tight.jpeg, 2048);
+    buffer_reserve(&vs->tight->jpeg, 2048);
+ 
+     cinfo.err = jpeg_std_error(&jerr);
+     jpeg_create_compress(&cinfo);
+@@ -1222,9 +1223,9 @@ static int send_jpeg_rect(VncState *vs, int x, int y, int w, int h, int quality)
+ 
+     vnc_write_u8(vs, VNC_TIGHT_JPEG << 4);
+ 
+-    tight_send_compact_size(vs, vs->tight.jpeg.offset);
+-    vnc_write(vs, vs->tight.jpeg.buffer, vs->tight.jpeg.offset);
+-    buffer_reset(&vs->tight.jpeg);
+    tight_send_compact_size(vs, vs->tight->jpeg.offset);
+    vnc_write(vs, vs->tight->jpeg.buffer, vs->tight->jpeg.offset);
+    buffer_reset(&vs->tight->jpeg);
+ 
+     return 1;
+ }
+@@ -1240,7 +1241,7 @@ static void write_png_palette(int idx, uint32_t pix, void *opaque)
+     VncState *vs = priv->vs;
+     png_colorp color = &priv->png_palette[idx];
+ 
+-    if (vs->tight.pixel24)
+    if (vs->tight->pixel24)
+     {
+         color->red = (pix >> vs->client_pf.rshift) & vs->client_pf.rmax;
+         color->green = (pix >> vs->client_pf.gshift) & vs->client_pf.gmax;
+@@ -1267,10 +1268,10 @@ static void png_write_data(png_structp png_ptr, png_bytep data,
+ {
+     VncState *vs = png_get_io_ptr(png_ptr);
+ 
+-    buffer_reserve(&vs->tight.png, vs->tight.png.offset + length);
+-    memcpy(vs->tight.png.buffer + vs->tight.png.offset, data, length);
+    buffer_reserve(&vs->tight->png, vs->tight->png.offset + length);
+    memcpy(vs->tight->png.buffer + vs->tight->png.offset, data, length);
+ 
+-    vs->tight.png.offset += length;
+    vs->tight->png.offset += length;
+ }
+ 
+ static void png_flush_data(png_structp png_ptr)
+@@ -1295,8 +1296,8 @@ static int send_png_rect(VncState *vs, int x, int y, int w, int h,
+     png_infop info_ptr;
+     png_colorp png_palette = NULL;
+     pixman_image_t *linebuf;
+-    int level = tight_png_conf[vs->tight.compression].png_zlib_level;
+-    int filters = tight_png_conf[vs->tight.compression].png_filters;
+    int level = tight_png_conf[vs->tight->compression].png_zlib_level;
+    int filters = tight_png_conf[vs->tight->compression].png_filters;
+     uint8_t *buf;
+     int dy;
+ 
+@@ -1340,21 +1341,23 @@ static int send_png_rect(VncState *vs, int x, int y, int w, int h,
+         png_set_PLTE(png_ptr, info_ptr, png_palette, palette_size(palette));
+ 
+         if (vs->client_pf.bytes_per_pixel == 4) {
+-            tight_encode_indexed_rect32(vs->tight.tight.buffer, w * h, palette);
+            tight_encode_indexed_rect32(vs->tight->tight.buffer, w * h,
+                                        palette);
+         } else {
+-            tight_encode_indexed_rect16(vs->tight.tight.buffer, w * h, palette);
+            tight_encode_indexed_rect16(vs->tight->tight.buffer, w * h,
+                                        palette);
+         }
+     }
+ 
+     png_write_info(png_ptr, info_ptr);
+ 
+-    buffer_reserve(&vs->tight.png, 2048);
+    buffer_reserve(&vs->tight->png, 2048);
+     linebuf = qemu_pixman_linebuf_create(PIXMAN_BE_r8g8b8, w);
+     buf = (uint8_t *)pixman_image_get_data(linebuf);
+     for (dy = 0; dy < h; dy++)
+     {
+         if (color_type == PNG_COLOR_TYPE_PALETTE) {
+-            memcpy(buf, vs->tight.tight.buffer + (dy * w), w);
+            memcpy(buf, vs->tight->tight.buffer + (dy * w), w);
+         } else {
+             qemu_pixman_linebuf_fill(linebuf, vs->vd->server, w, x, y + dy);
+         }
+@@ -1372,27 +1375,27 @@ static int send_png_rect(VncState *vs, int x, int y, int w, int h,
+ 
+     vnc_write_u8(vs, VNC_TIGHT_PNG << 4);
+ 
+-    tight_send_compact_size(vs, vs->tight.png.offset);
+-    vnc_write(vs, vs->tight.png.buffer, vs->tight.png.offset);
+-    buffer_reset(&vs->tight.png);
+    tight_send_compact_size(vs, vs->tight->png.offset);
+    vnc_write(vs, vs->tight->png.buffer, vs->tight->png.offset);
+    buffer_reset(&vs->tight->png);
+     return 1;
+ }
+ #endif /* CONFIG_VNC_PNG */
+ 
+ static void vnc_tight_start(VncState *vs)
+ {
+-    buffer_reset(&vs->tight.tight);
+    buffer_reset(&vs->tight->tight);
+ 
+     // make the output buffer be the zlib buffer, so we can compress it later
+-    vs->tight.tmp = vs->output;
+-    vs->output = vs->tight.tight;
+    vs->tight->tmp = vs->output;
+    vs->output = vs->tight->tight;
+ }
+ 
+ static void vnc_tight_stop(VncState *vs)
+ {
+     // switch back to normal output/zlib buffers
+-    vs->tight.tight = vs->output;
+-    vs->output = vs->tight.tmp;
+    vs->tight->tight = vs->output;
+    vs->output = vs->tight->tmp;
+ }
+ 
+ static int send_sub_rect_nojpeg(VncState *vs, int x, int y, int w, int h,
+@@ -1426,9 +1429,9 @@ static int send_sub_rect_jpeg(VncState *vs, int x, int y, int w, int h,
+     int ret;
+ 
+     if (colors == 0) {
+-        if (force || (tight_jpeg_conf[vs->tight.quality].jpeg_full &&
+        if (force || (tight_jpeg_conf[vs->tight->quality].jpeg_full &&
+                       tight_detect_smooth_image(vs, w, h))) {
+-            int quality = tight_conf[vs->tight.quality].jpeg_quality;
+            int quality = tight_conf[vs->tight->quality].jpeg_quality;
+ 
+             ret = send_jpeg_rect(vs, x, y, w, h, quality);
+         } else {
+@@ -1440,9 +1443,9 @@ static int send_sub_rect_jpeg(VncState *vs, int x, int y, int w, int h,
+         ret = send_mono_rect(vs, x, y, w, h, bg, fg);
+     } else if (colors <= 256) {
+         if (force || (colors > 96 &&
+-                      tight_jpeg_conf[vs->tight.quality].jpeg_idx &&
+                      tight_jpeg_conf[vs->tight->quality].jpeg_idx &&
+                       tight_detect_smooth_image(vs, w, h))) {
+-            int quality = tight_conf[vs->tight.quality].jpeg_quality;
+            int quality = tight_conf[vs->tight->quality].jpeg_quality;
+ 
+             ret = send_jpeg_rect(vs, x, y, w, h, quality);
+         } else {
+@@ -1480,20 +1483,20 @@ static int send_sub_rect(VncState *vs, int x, int y, int w, int h)
+         qemu_thread_atexit_add(&vnc_tight_cleanup_notifier);
+     }
+ 
+-    vnc_framebuffer_update(vs, x, y, w, h, vs->tight.type);
+    vnc_framebuffer_update(vs, x, y, w, h, vs->tight->type);
+ 
+     vnc_tight_start(vs);
+     vnc_raw_send_framebuffer_update(vs, x, y, w, h);
+     vnc_tight_stop(vs);
+ 
+ #ifdef CONFIG_VNC_JPEG
+-    if (!vs->vd->non_adaptive && vs->tight.quality != (uint8_t)-1) {
+    if (!vs->vd->non_adaptive && vs->tight->quality != (uint8_t)-1) {
+         double freq = vnc_update_freq(vs, x, y, w, h);
+ 
+-        if (freq < tight_jpeg_conf[vs->tight.quality].jpeg_freq_min) {
+        if (freq < tight_jpeg_conf[vs->tight->quality].jpeg_freq_min) {
+             allow_jpeg = false;
+         }
+-        if (freq >= tight_jpeg_conf[vs->tight.quality].jpeg_freq_threshold) {
+        if (freq >= tight_jpeg_conf[vs->tight->quality].jpeg_freq_threshold) {
+             force_jpeg = true;
+             vnc_sent_lossy_rect(vs, x, y, w, h);
+         }
+@@ -1503,7 +1506,7 @@ static int send_sub_rect(VncState *vs, int x, int y, int w, int h)
+     colors = tight_fill_palette(vs, x, y, w * h, &bg, &fg, color_count_palette);
+ 
+ #ifdef CONFIG_VNC_JPEG
+-    if (allow_jpeg && vs->tight.quality != (uint8_t)-1) {
+    if (allow_jpeg && vs->tight->quality != (uint8_t)-1) {
+         ret = send_sub_rect_jpeg(vs, x, y, w, h, bg, fg, colors,
+                                  color_count_palette, force_jpeg);
+     } else {
+@@ -1520,7 +1523,7 @@ static int send_sub_rect(VncState *vs, int x, int y, int w, int h)
+ 
+ static int send_sub_rect_solid(VncState *vs, int x, int y, int w, int h)
+ {
+-    vnc_framebuffer_update(vs, x, y, w, h, vs->tight.type);
+    vnc_framebuffer_update(vs, x, y, w, h, vs->tight->type);
+ 
+     vnc_tight_start(vs);
+     vnc_raw_send_framebuffer_update(vs, x, y, w, h);
+@@ -1538,8 +1541,8 @@ static int send_rect_simple(VncState *vs, int x, int y, int w, int h,
+     int rw, rh;
+     int n = 0;
+ 
+-    max_size = tight_conf[vs->tight.compression].max_rect_size;
+-    max_width = tight_conf[vs->tight.compression].max_rect_width;
+    max_size = tight_conf[vs->tight->compression].max_rect_size;
+    max_width = tight_conf[vs->tight->compression].max_rect_width;
+ 
+     if (split && (w > max_width || w * h > max_size)) {
+         max_sub_width = (w > max_width) ? max_width : w;
+@@ -1648,16 +1651,16 @@ static int tight_send_framebuffer_update(VncState *vs, int x, int y,
+ 
+     if (vs->client_pf.bytes_per_pixel == 4 && vs->client_pf.rmax == 0xFF &&
+         vs->client_pf.bmax == 0xFF && vs->client_pf.gmax == 0xFF) {
+-        vs->tight.pixel24 = true;
+        vs->tight->pixel24 = true;
+     } else {
+-        vs->tight.pixel24 = false;
+        vs->tight->pixel24 = false;
+     }
+ 
+ #ifdef CONFIG_VNC_JPEG
+-    if (vs->tight.quality != (uint8_t)-1) {
+    if (vs->tight->quality != (uint8_t)-1) {
+         double freq = vnc_update_freq(vs, x, y, w, h);
+ 
+-        if (freq > tight_jpeg_conf[vs->tight.quality].jpeg_freq_threshold) {
+        if (freq > tight_jpeg_conf[vs->tight->quality].jpeg_freq_threshold) {
+             return send_rect_simple(vs, x, y, w, h, false);
+         }
+     }
+@@ -1669,8 +1672,8 @@ static int tight_send_framebuffer_update(VncState *vs, int x, int y,
+ 
+     /* Calculate maximum number of rows in one non-solid rectangle. */
+ 
+-    max_rows = tight_conf[vs->tight.compression].max_rect_size;
+-    max_rows /= MIN(tight_conf[vs->tight.compression].max_rect_width, w);
+    max_rows = tight_conf[vs->tight->compression].max_rect_size;
+    max_rows /= MIN(tight_conf[vs->tight->compression].max_rect_width, w);
+ 
+     return find_large_solid_color_rect(vs, x, y, w, h, max_rows);
+ }
+@@ -1678,33 +1681,33 @@ static int tight_send_framebuffer_update(VncState *vs, int x, int y,
+ int vnc_tight_send_framebuffer_update(VncState *vs, int x, int y,
+                                       int w, int h)
+ {
+-    vs->tight.type = VNC_ENCODING_TIGHT;
+    vs->tight->type = VNC_ENCODING_TIGHT;
+     return tight_send_framebuffer_update(vs, x, y, w, h);
+ }
+ 
+ int vnc_tight_png_send_framebuffer_update(VncState *vs, int x, int y,
+                                           int w, int h)
+ {
+-    vs->tight.type = VNC_ENCODING_TIGHT_PNG;
+    vs->tight->type = VNC_ENCODING_TIGHT_PNG;
+     return tight_send_framebuffer_update(vs, x, y, w, h);
+ }
+ 
+ void vnc_tight_clear(VncState *vs)
+ {
+     int i;
+-    for (i=0; i<ARRAY_SIZE(vs->tight.stream); i++) {
+-        if (vs->tight.stream[i].opaque) {
+-            deflateEnd(&vs->tight.stream[i]);
+    for (i = 0; i < ARRAY_SIZE(vs->tight->stream); i++) {
+        if (vs->tight->stream[i].opaque) {
+            deflateEnd(&vs->tight->stream[i]);
+         }
+     }
+ 
+-    buffer_free(&vs->tight.tight);
+-    buffer_free(&vs->tight.zlib);
+-    buffer_free(&vs->tight.gradient);
+    buffer_free(&vs->tight->tight);
+    buffer_free(&vs->tight->zlib);
+    buffer_free(&vs->tight->gradient);
+ #ifdef CONFIG_VNC_JPEG
+-    buffer_free(&vs->tight.jpeg);
+    buffer_free(&vs->tight->jpeg);
+ #endif
+ #ifdef CONFIG_VNC_PNG
+-    buffer_free(&vs->tight.png);
+    buffer_free(&vs->tight->png);
+ #endif
+ }
+diff --git a/ui/vnc-enc-zlib.c b/ui/vnc-enc-zlib.c
+index 33e9df2..900ae5b 100644
+--- a/ui/vnc-enc-zlib.c
+++ b/ui/vnc-enc-zlib.c
+@@ -76,7 +76,8 @@ static int vnc_zlib_stop(VncState *vs)
+         zstream->zalloc = vnc_zlib_zalloc;
+         zstream->zfree = vnc_zlib_zfree;
+ 
+-        err = deflateInit2(zstream, vs->tight.compression, Z_DEFLATED, MAX_WBITS,
+        err = deflateInit2(zstream, vs->tight->compression, Z_DEFLATED,
+                           MAX_WBITS,
+                            MAX_MEM_LEVEL, Z_DEFAULT_STRATEGY);
+ 
+         if (err != Z_OK) {
+@@ -84,16 +85,16 @@ static int vnc_zlib_stop(VncState *vs)
+             return -1;
+         }
+ 
+-        vs->zlib.level = vs->tight.compression;
+        vs->zlib.level = vs->tight->compression;
+         zstream->opaque = vs;
+     }
+ 
+-    if (vs->tight.compression != vs->zlib.level) {
+-        if (deflateParams(zstream, vs->tight.compression,
+    if (vs->tight->compression != vs->zlib.level) {
+        if (deflateParams(zstream, vs->tight->compression,
+                           Z_DEFAULT_STRATEGY) != Z_OK) {
+             return -1;
+         }
+-        vs->zlib.level = vs->tight.compression;
+        vs->zlib.level = vs->tight->compression;
+     }
+ 
+     // reserve memory in output buffer
+diff --git a/ui/vnc-enc-zrle.c b/ui/vnc-enc-zrle.c
+index 7493a84..17fd28a 100644
+--- a/ui/vnc-enc-zrle.c
+++ b/ui/vnc-enc-zrle.c
+@@ -37,18 +37,18 @@ static const int bits_per_packed_pixel[] = {
+ 
+ static void vnc_zrle_start(VncState *vs)
+ {
+-    buffer_reset(&vs->zrle.zrle);
+    buffer_reset(&vs->zrle->zrle);
+ 
+     /* make the output buffer be the zlib buffer, so we can compress it later */
+-    vs->zrle.tmp = vs->output;
+-    vs->output = vs->zrle.zrle;
+    vs->zrle->tmp = vs->output;
+    vs->output = vs->zrle->zrle;
+ }
+ 
+ static void vnc_zrle_stop(VncState *vs)
+ {
+     /* switch back to normal output/zlib buffers */
+-    vs->zrle.zrle = vs->output;
+-    vs->output = vs->zrle.tmp;
+    vs->zrle->zrle = vs->output;
+    vs->output = vs->zrle->tmp;
+ }
+ 
+ static void *zrle_convert_fb(VncState *vs, int x, int y, int w, int h,
+@@ -56,24 +56,24 @@ static void *zrle_convert_fb(VncState *vs, int x, int y, int w, int h,
+ {
+     Buffer tmp;
+ 
+-    buffer_reset(&vs->zrle.fb);
+-    buffer_reserve(&vs->zrle.fb, w * h * bpp + bpp);
+    buffer_reset(&vs->zrle->fb);
+    buffer_reserve(&vs->zrle->fb, w * h * bpp + bpp);
+ 
+     tmp = vs->output;
+-    vs->output = vs->zrle.fb;
+    vs->output = vs->zrle->fb;
+ 
+     vnc_raw_send_framebuffer_update(vs, x, y, w, h);
+ 
+-    vs->zrle.fb = vs->output;
+    vs->zrle->fb = vs->output;
+     vs->output = tmp;
+-    return vs->zrle.fb.buffer;
+    return vs->zrle->fb.buffer;
+ }
+ 
+ static int zrle_compress_data(VncState *vs, int level)
+ {
+-    z_streamp zstream = &vs->zrle.stream;
+    z_streamp zstream = &vs->zrle->stream;
+ 
+-    buffer_reset(&vs->zrle.zlib);
+    buffer_reset(&vs->zrle->zlib);
+ 
+     if (zstream->opaque != vs) {
+         int err;
+@@ -93,13 +93,13 @@ static int zrle_compress_data(VncState *vs, int level)
+     }
+ 
+     /* reserve memory in output buffer */
+-    buffer_reserve(&vs->zrle.zlib, vs->zrle.zrle.offset + 64);
+    buffer_reserve(&vs->zrle->zlib, vs->zrle->zrle.offset + 64);
+ 
+     /* set pointers */
+-    zstream->next_in = vs->zrle.zrle.buffer;
+-    zstream->avail_in = vs->zrle.zrle.offset;
+-    zstream->next_out = vs->zrle.zlib.buffer + vs->zrle.zlib.offset;
+-    zstream->avail_out = vs->zrle.zlib.capacity - vs->zrle.zlib.offset;
+    zstream->next_in = vs->zrle->zrle.buffer;
+    zstream->avail_in = vs->zrle->zrle.offset;
+    zstream->next_out = vs->zrle->zlib.buffer + vs->zrle->zlib.offset;
+    zstream->avail_out = vs->zrle->zlib.capacity - vs->zrle->zlib.offset;
+     zstream->data_type = Z_BINARY;
+ 
+     /* start encoding */
+@@ -108,8 +108,8 @@ static int zrle_compress_data(VncState *vs, int level)
+         return -1;
+     }
+ 
+-    vs->zrle.zlib.offset = vs->zrle.zlib.capacity - zstream->avail_out;
+-    return vs->zrle.zlib.offset;
+    vs->zrle->zlib.offset = vs->zrle->zlib.capacity - zstream->avail_out;
+    return vs->zrle->zlib.offset;
+ }
+ 
+ /* Try to work out whether to use RLE and/or a palette.  We do this by
+@@ -259,14 +259,14 @@ static int zrle_send_framebuffer_update(VncState *vs, int x, int y,
+     size_t bytes;
+     int zywrle_level;
+ 
+-    if (vs->zrle.type == VNC_ENCODING_ZYWRLE) {
+-        if (!vs->vd->lossy || vs->tight.quality == (uint8_t)-1
+-            || vs->tight.quality == 9) {
+    if (vs->zrle->type == VNC_ENCODING_ZYWRLE) {
+        if (!vs->vd->lossy || vs->tight->quality == (uint8_t)-1
+            || vs->tight->quality == 9) {
+             zywrle_level = 0;
+-            vs->zrle.type = VNC_ENCODING_ZRLE;
+-        } else if (vs->tight.quality < 3) {
+            vs->zrle->type = VNC_ENCODING_ZRLE;
+        } else if (vs->tight->quality < 3) {
+             zywrle_level = 3;
+-        } else if (vs->tight.quality < 6) {
+        } else if (vs->tight->quality < 6) {
+             zywrle_level = 2;
+         } else {
+             zywrle_level = 1;
+@@ -337,30 +337,30 @@ static int zrle_send_framebuffer_update(VncState *vs, int x, int y,
+ 
+     vnc_zrle_stop(vs);
+     bytes = zrle_compress_data(vs, Z_DEFAULT_COMPRESSION);
+-    vnc_framebuffer_update(vs, x, y, w, h, vs->zrle.type);
+    vnc_framebuffer_update(vs, x, y, w, h, vs->zrle->type);
+     vnc_write_u32(vs, bytes);
+-    vnc_write(vs, vs->zrle.zlib.buffer, vs->zrle.zlib.offset);
+    vnc_write(vs, vs->zrle->zlib.buffer, vs->zrle->zlib.offset);
+     return 1;
+ }
+ 
+ int vnc_zrle_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
+ {
+-    vs->zrle.type = VNC_ENCODING_ZRLE;
+    vs->zrle->type = VNC_ENCODING_ZRLE;
+     return zrle_send_framebuffer_update(vs, x, y, w, h);
+ }
+ 
+ int vnc_zywrle_send_framebuffer_update(VncState *vs, int x, int y, int w, int h)
+ {
+-    vs->zrle.type = VNC_ENCODING_ZYWRLE;
+    vs->zrle->type = VNC_ENCODING_ZYWRLE;
+     return zrle_send_framebuffer_update(vs, x, y, w, h);
+ }
+ 
+ void vnc_zrle_clear(VncState *vs)
+ {
+-    if (vs->zrle.stream.opaque) {
+-        deflateEnd(&vs->zrle.stream);
+    if (vs->zrle->stream.opaque) {
+        deflateEnd(&vs->zrle->stream);
+     }
+-    buffer_free(&vs->zrle.zrle);
+-    buffer_free(&vs->zrle.fb);
+-    buffer_free(&vs->zrle.zlib);
+    buffer_free(&vs->zrle->zrle);
+    buffer_free(&vs->zrle->fb);
+    buffer_free(&vs->zrle->zlib);
+ }
+diff --git a/ui/vnc-enc-zrle.inc.c b/ui/vnc-enc-zrle.inc.c
+index abf6b86..c107d8a 100644
+--- a/ui/vnc-enc-zrle.inc.c
+++ b/ui/vnc-enc-zrle.inc.c
+@@ -96,7 +96,7 @@ static void ZRLE_ENCODE(VncState *vs, int x, int y, int w, int h,
+ static void ZRLE_ENCODE_TILE(VncState *vs, ZRLE_PIXEL *data, int w, int h,
+                              int zywrle_level)
+ {
+-    VncPalette *palette = &vs->zrle.palette;
+    VncPalette *palette = &vs->zrle->palette;
+ 
+     int runs = 0;
+     int single_pixels = 0;
+diff --git a/ui/vnc.c b/ui/vnc.c
+index bc43c4c..87b8045 100644
+--- a/ui/vnc.c
+++ b/ui/vnc.c
+@@ -1307,6 +1307,8 @@ void vnc_disconnect_finish(VncState *vs)
+     object_unref(OBJECT(vs->sioc));
+     vs->sioc = NULL;
+     vs->magic = 0;
+    g_free(vs->zrle);
+    g_free(vs->tight);
+     g_free(vs);
+ }
+ 
+@@ -2058,8 +2060,8 @@ static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
+ 
+     vs->features = 0;
+     vs->vnc_encoding = 0;
+-    vs->tight.compression = 9;
+-    vs->tight.quality = -1; /* Lossless by default */
+    vs->tight->compression = 9;
+    vs->tight->quality = -1; /* Lossless by default */
+     vs->absolute = -1;
+ 
+     /*
+@@ -2127,11 +2129,11 @@ static void set_encodings(VncState *vs, int32_t *encodings, size_t n_encodings)
+             vs->features |= VNC_FEATURE_LED_STATE_MASK;
+             break;
+         case VNC_ENCODING_COMPRESSLEVEL0 ... VNC_ENCODING_COMPRESSLEVEL0 + 9:
+-            vs->tight.compression = (enc & 0x0F);
+            vs->tight->compression = (enc & 0x0F);
+             break;
+         case VNC_ENCODING_QUALITYLEVEL0 ... VNC_ENCODING_QUALITYLEVEL0 + 9:
+             if (vs->vd->lossy) {
+-                vs->tight.quality = (enc & 0x0F);
+                vs->tight->quality = (enc & 0x0F);
+             }
+             break;
+         default:
+@@ -3034,6 +3036,8 @@ static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc,
+     int i;
+ 
+     trace_vnc_client_connect(vs, sioc);
+    vs->zrle = g_new0(VncZrle, 1);
+    vs->tight = g_new0(VncTight, 1);
+     vs->magic = VNC_MAGIC;
+     vs->sioc = sioc;
+     object_ref(OBJECT(vs->sioc));
+@@ -3045,19 +3049,19 @@ static void vnc_connect(VncDisplay *vd, QIOChannelSocket *sioc,
+     buffer_init(&vs->output,         "vnc-output/%p", sioc);
+     buffer_init(&vs->jobs_buffer,    "vnc-jobs_buffer/%p", sioc);
+ 
+-    buffer_init(&vs->tight.tight,    "vnc-tight/%p", sioc);
+-    buffer_init(&vs->tight.zlib,     "vnc-tight-zlib/%p", sioc);
+-    buffer_init(&vs->tight.gradient, "vnc-tight-gradient/%p", sioc);
+    buffer_init(&vs->tight->tight,    "vnc-tight/%p", sioc);
+    buffer_init(&vs->tight->zlib,     "vnc-tight-zlib/%p", sioc);
+    buffer_init(&vs->tight->gradient, "vnc-tight-gradient/%p", sioc);
+ #ifdef CONFIG_VNC_JPEG
+-    buffer_init(&vs->tight.jpeg,     "vnc-tight-jpeg/%p", sioc);
+    buffer_init(&vs->tight->jpeg,     "vnc-tight-jpeg/%p", sioc);
+ #endif
+ #ifdef CONFIG_VNC_PNG
+-    buffer_init(&vs->tight.png,      "vnc-tight-png/%p", sioc);
+    buffer_init(&vs->tight->png,      "vnc-tight-png/%p", sioc);
+ #endif
+     buffer_init(&vs->zlib.zlib,      "vnc-zlib/%p", sioc);
+-    buffer_init(&vs->zrle.zrle,      "vnc-zrle/%p", sioc);
+-    buffer_init(&vs->zrle.fb,        "vnc-zrle-fb/%p", sioc);
+-    buffer_init(&vs->zrle.zlib,      "vnc-zrle-zlib/%p", sioc);
+    buffer_init(&vs->zrle->zrle,      "vnc-zrle/%p", sioc);
+    buffer_init(&vs->zrle->fb,        "vnc-zrle-fb/%p", sioc);
+    buffer_init(&vs->zrle->zlib,      "vnc-zrle-zlib/%p", sioc);
+ 
+     if (skipauth) {
+         vs->auth = VNC_AUTH_NONE;
+diff --git a/ui/vnc.h b/ui/vnc.h
+index 8643860..fea79c2 100644
+--- a/ui/vnc.h
+++ b/ui/vnc.h
+@@ -338,10 +338,10 @@ struct VncState
+     /* Encoding specific, if you add something here, don't forget to
+      *  update vnc_async_encoding_start()
+      */
+-    VncTight tight;
+    VncTight *tight;
+     VncZlib zlib;
+     VncHextile hextile;
+-    VncZrle zrle;
+    VncZrle *zrle;
+     VncZywrle zywrle;
+ 
+     Notifier mouse_mode_notifier;
+-- 
+1.8.3.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-10702.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-10702.patch
new file mode 100644
index 0000000000..21a3ceb30d
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-10702.patch
@@ -0,0 +1,52 @@
+From de0b1bae6461f67243282555475f88b2384a1eb9 Mon Sep 17 00:00:00 2001
+From: Vincent Dehors <vincent.dehors@smile.fr>
+Date: Thu, 23 Jan 2020 15:22:38 +0000
+Subject: [PATCH] target/arm: Fix PAuth sbox functions
+In the PAC computation, sbox was applied over wrong bits.
+As this is a 4-bit sbox, bit index should be incremented by 4 instead of 16.
+Test vector from QARMA paper (https://eprint.iacr.org/2016/444.pdf) was
+used to verify one computation of the pauth_computepac() function which
+uses sbox2.
+Launchpad: https://bugs.launchpad.net/bugs/1859713
+Reviewed-by: Richard Henderson <richard.henderson@linaro.org>
+Signed-off-by: Vincent DEHORS <vincent.dehors@smile.fr>
+Signed-off-by: Adrien GRASSEIN <adrien.grassein@smile.fr>
+Message-id: 20200116230809.19078-2-richard.henderson@linaro.org
+Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+Signed-off-by: Peter Maydell <peter.maydell@linaro.org>
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=patch;h=de0b1bae6461f67243282555475f88b2384a1eb9] 
+CVE: CVE-2020-10702
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ target/arm/pauth_helper.c | 4 ++--
+ 1 file changed, 2 insertions(+), 2 deletions(-)
+diff --git a/target/arm/pauth_helper.c b/target/arm/pauth_helper.c
+index d3194f2..0a5f41e 100644
+--- a/target/arm/pauth_helper.c
+++ b/target/arm/pauth_helper.c
+@@ -89,7 +89,7 @@ static uint64_t pac_sub(uint64_t i)
+     uint64_t o = 0;
+     int b;
+ 
+-    for (b = 0; b < 64; b += 16) {
+    for (b = 0; b < 64; b += 4) {
+         o |= (uint64_t)sub[(i >> b) & 0xf] << b;
+     }
+     return o;
+@@ -104,7 +104,7 @@ static uint64_t pac_inv_sub(uint64_t i)
+     uint64_t o = 0;
+     int b;
+ 
+-    for (b = 0; b < 64; b += 16) {
+    for (b = 0; b < 64; b += 4) {
+         o |= (uint64_t)inv_sub[(i >> b) & 0xf] << b;
+     }
+     return o;
+-- 
+1.8.3.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-10756.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-10756.patch
new file mode 100644
index 0000000000..306aef061b
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-10756.patch
@@ -0,0 +1,40 @@
+From c7ede54cbd2e2b25385325600958ba0124e31cc0 Mon Sep 17 00:00:00 2001
+From: Ralf Haferkamp <rhafer@suse.com>
+Date: Fri, 3 Jul 2020 14:51:16 +0200
+Subject: [PATCH] Drop bogus IPv6 messages
+Drop IPv6 message shorter than what's mentioned in the payload
+length header (+ the size of the IPv6 header). They're invalid an could
+lead to data leakage in icmp6_send_echoreply().
+CVE: CVE-2020-10756
+Upstream-Status: Backport
+https://gitlab.freedesktop.org/slirp/libslirp/-/commit/c7ede54cbd2e2b25385325600958ba0124e31cc0
+[SG: Based on libslirp commit c7ede54cbd2e2b25385325600958ba0124e31cc0 and adjusted context]
+Signed-off-by: Stefan Ghinea <stefan.ghinea@windriver.com>
+---
+ slirp/src/ip6_input.c | 7 +++++++
+ 1 file changed, 7 insertions(+)
+diff --git a/slirp/src/ip6_input.c b/slirp/src/ip6_input.c
+index d9d2b7e9..0f2b1785 100644
+--- a/slirp/src/ip6_input.c
+++ b/slirp/src/ip6_input.c
+@@ -49,6 +49,13 @@ void ip6_input(struct mbuf *m)
+         goto bad;
+     }
+ 
+    // Check if the message size is big enough to hold what's
+    // set in the payload length header. If not this is an invalid
+    // packet
+    if (m->m_len < ntohs(ip6->ip_pl) + sizeof(struct ip6)) {
+        goto bad;
+    }
+
+     /* check ip_ttl for a correct ICMP reply */
+     if (ip6->ip_hl == 0) {
+         icmp6_send_error(m, ICMP6_TIMXCEED, ICMP6_TIMXCEED_INTRANS);
+-- 
+2.17.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-11869.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-11869.patch
new file mode 100644
index 0000000000..ca7ffed934
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-11869.patch
@@ -0,0 +1,97 @@
+From ac2071c3791b67fc7af78b8ceb320c01ca1b5df7 Mon Sep 17 00:00:00 2001
+From: BALATON Zoltan <balaton@eik.bme.hu>
+Date: Mon, 6 Apr 2020 22:34:26 +0200
+Subject: [PATCH] ati-vga: Fix checks in ati_2d_blt() to avoid crash
+In some corner cases (that never happen during normal operation but a
+malicious guest could program wrong values) pixman functions were
+called with parameters that result in a crash. Fix this and add more
+checks to disallow such cases.
+Reported-by: Ziming Zhang <ezrakiez@gmail.com>
+Signed-off-by: BALATON Zoltan <balaton@eik.bme.hu>
+Message-id: 20200406204029.19559747D5D@zero.eik.bme.hu
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=commit;h=ac2071c3791b67fc7af78b8ceb320c01ca1b5df7]
+CVE: CVE-2020-11869
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ hw/display/ati_2d.c | 37 ++++++++++++++++++++++++++-----------
+ 1 file changed, 26 insertions(+), 11 deletions(-)
+diff --git a/hw/display/ati_2d.c b/hw/display/ati_2d.c
+index 42e8231..23a8ae0 100644
+--- a/hw/display/ati_2d.c
+++ b/hw/display/ati_2d.c
+@@ -53,12 +53,20 @@ void ati_2d_blt(ATIVGAState *s)
+             s->vga.vbe_start_addr, surface_data(ds), surface_stride(ds),
+             surface_bits_per_pixel(ds),
+             (s->regs.dp_mix & GMC_ROP3_MASK) >> 16);
+-    int dst_x = (s->regs.dp_cntl & DST_X_LEFT_TO_RIGHT ?
+-                 s->regs.dst_x : s->regs.dst_x + 1 - s->regs.dst_width);
+-    int dst_y = (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ?
+-                 s->regs.dst_y : s->regs.dst_y + 1 - s->regs.dst_height);
+    unsigned dst_x = (s->regs.dp_cntl & DST_X_LEFT_TO_RIGHT ?
+                      s->regs.dst_x : s->regs.dst_x + 1 - s->regs.dst_width);
+    unsigned dst_y = (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ?
+                      s->regs.dst_y : s->regs.dst_y + 1 - s->regs.dst_height);
+     int bpp = ati_bpp_from_datatype(s);
+    if (!bpp) {
+        qemu_log_mask(LOG_GUEST_ERROR, "Invalid bpp\n");
+        return;
+    }
+     int dst_stride = DEFAULT_CNTL ? s->regs.dst_pitch : s->regs.default_pitch;
+    if (!dst_stride) {
+        qemu_log_mask(LOG_GUEST_ERROR, "Zero dest pitch\n");
+        return;
+    }
+     uint8_t *dst_bits = s->vga.vram_ptr + (DEFAULT_CNTL ?
+                         s->regs.dst_offset : s->regs.default_offset);
+ 
+@@ -82,12 +90,16 @@ void ati_2d_blt(ATIVGAState *s)
+     switch (s->regs.dp_mix & GMC_ROP3_MASK) {
+     case ROP3_SRCCOPY:
+     {
+-        int src_x = (s->regs.dp_cntl & DST_X_LEFT_TO_RIGHT ?
+-                     s->regs.src_x : s->regs.src_x + 1 - s->regs.dst_width);
+-        int src_y = (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ?
+-                     s->regs.src_y : s->regs.src_y + 1 - s->regs.dst_height);
+        unsigned src_x = (s->regs.dp_cntl & DST_X_LEFT_TO_RIGHT ?
+                       s->regs.src_x : s->regs.src_x + 1 - s->regs.dst_width);
+        unsigned src_y = (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ?
+                       s->regs.src_y : s->regs.src_y + 1 - s->regs.dst_height);
+         int src_stride = DEFAULT_CNTL ?
+                          s->regs.src_pitch : s->regs.default_pitch;
+        if (!src_stride) {
+            qemu_log_mask(LOG_GUEST_ERROR, "Zero source pitch\n");
+            return;
+        }
+         uint8_t *src_bits = s->vga.vram_ptr + (DEFAULT_CNTL ?
+                             s->regs.src_offset : s->regs.default_offset);
+ 
+@@ -137,8 +149,10 @@ void ati_2d_blt(ATIVGAState *s)
+                                     dst_y * surface_stride(ds),
+                                     s->regs.dst_height * surface_stride(ds));
+         }
+-        s->regs.dst_x += s->regs.dst_width;
+-        s->regs.dst_y += s->regs.dst_height;
+        s->regs.dst_x = (s->regs.dp_cntl & DST_X_LEFT_TO_RIGHT ?
+                         dst_x + s->regs.dst_width : dst_x);
+        s->regs.dst_y = (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ?
+                         dst_y + s->regs.dst_height : dst_y);
+         break;
+     }
+     case ROP3_PATCOPY:
+@@ -179,7 +193,8 @@ void ati_2d_blt(ATIVGAState *s)
+                                     dst_y * surface_stride(ds),
+                                     s->regs.dst_height * surface_stride(ds));
+         }
+-        s->regs.dst_y += s->regs.dst_height;
+        s->regs.dst_y = (s->regs.dp_cntl & DST_Y_TOP_TO_BOTTOM ?
+                         dst_y + s->regs.dst_height : dst_y);
+         break;
+     }
+     default:
+-- 
+1.8.3.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-13765.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-13765.patch
new file mode 100644
index 0000000000..9014ba0f13
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-13765.patch
@@ -0,0 +1,48 @@
+From e423455c4f23a1a828901c78fe6d03b7dde79319 Mon Sep 17 00:00:00 2001
+From: Thomas Huth <thuth@redhat.com>
+Date: Wed, 25 Sep 2019 14:16:43 +0200
+Subject: [PATCH] hw/core/loader: Fix possible crash in rom_copy()
+Both, "rom->addr" and "addr" are derived from the binary image
+that can be loaded with the "-kernel" paramer. The code in
+rom_copy() then calculates:
+    d = dest + (rom->addr - addr);
+and uses "d" as destination in a memcpy() some lines later. Now with
+bad kernel images, it is possible that rom->addr is smaller than addr,
+thus "rom->addr - addr" gets negative and the memcpy() then tries to
+copy contents from the image to a bad memory location. This could
+maybe be used to inject code from a kernel image into the QEMU binary,
+so we better fix it with an additional sanity check here.
+Cc: qemu-stable@nongnu.org
+Reported-by: Guangming Liu
+Buglink: https://bugs.launchpad.net/qemu/+bug/1844635
+Message-Id: <20190925130331.27825-1-thuth@redhat.com>
+Reviewed-by: Michael S. Tsirkin <mst@redhat.com>
+Signed-off-by: Thomas Huth <thuth@redhat.com>
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=patch;h=e423455c4f23a1a828901c78fe6d03b7dde79319] 
+CVE: CVE-2020-13765
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ hw/core/loader.c | 2 +-
+ 1 file changed, 1 insertion(+), 1 deletion(-)
+diff --git a/hw/core/loader.c b/hw/core/loader.c
+index 0d60219..5099f27 100644
+--- a/hw/core/loader.c
+++ b/hw/core/loader.c
+@@ -1281,7 +1281,7 @@ int rom_copy(uint8_t *dest, hwaddr addr, size_t size)
+         if (rom->addr + rom->romsize < addr) {
+             continue;
+         }
+-        if (rom->addr > end) {
+        if (rom->addr > end || rom->addr < addr) {
+             break;
+         }
+ 
+-- 
+1.8.3.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch
new file mode 100644
index 0000000000..a109ac08d6
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-14364.patch
@@ -0,0 +1,93 @@
+From b946434f2659a182afc17e155be6791ebfb302eb Mon Sep 17 00:00:00 2001
+From: Gerd Hoffmann <kraxel@redhat.com>
+Date: Tue, 25 Aug 2020 07:36:36 +0200
+Subject: [PATCH] usb: fix setup_len init (CVE-2020-14364)
+Store calculated setup_len in a local variable, verify it, and only
+write it to the struct (USBDevice->setup_len) in case it passed the
+sanity checks.
+This prevents other code (do_token_{in,out} functions specifically)
+from working with invalid USBDevice->setup_len values and overrunning
+the USBDevice->setup_buf[] buffer.
+Fixes: CVE-2020-14364
+Signed-off-by: Gerd Hoffmann <kraxel@redhat.com>
+Tested-by: Gonglei <arei.gonglei@huawei.com>
+Reviewed-by: Li Qiang <liq3ea@gmail.com>
+Message-id: 20200825053636.29648-1-kraxel@redhat.com
+Upstream-Status: Backport
+CVE: CVE-2020-14364
+[https://git.qemu.org/?p=qemu.git;a=patch;h=b946434f2659a182afc17e155be6791ebfb302eb]
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ hw/usb/core.c | 16 ++++++++++------
+ 1 file changed, 10 insertions(+), 6 deletions(-)
+diff --git a/hw/usb/core.c b/hw/usb/core.c
+index 5abd128..5234dcc 100644
+--- a/hw/usb/core.c
+++ b/hw/usb/core.c
+@@ -129,6 +129,7 @@ void usb_wakeup(USBEndpoint *ep, unsigned int stream)
+ static void do_token_setup(USBDevice *s, USBPacket *p)
+ {
+     int request, value, index;
+    unsigned int setup_len;
+ 
+     if (p->iov.size != 8) {
+         p->status = USB_RET_STALL;
+@@ -138,14 +139,15 @@ static void do_token_setup(USBDevice *s, USBPacket *p)
+     usb_packet_copy(p, s->setup_buf, p->iov.size);
+     s->setup_index = 0;
+     p->actual_length = 0;
+-    s->setup_len   = (s->setup_buf[7] << 8) | s->setup_buf[6];
+-    if (s->setup_len > sizeof(s->data_buf)) {
+    setup_len = (s->setup_buf[7] << 8) | s->setup_buf[6];
+    if (setup_len > sizeof(s->data_buf)) {
+         fprintf(stderr,
+                 "usb_generic_handle_packet: ctrl buffer too small (%d > %zu)\n",
+-                s->setup_len, sizeof(s->data_buf));
+                setup_len, sizeof(s->data_buf));
+         p->status = USB_RET_STALL;
+         return;
+     }
+    s->setup_len = setup_len;
+ 
+     request = (s->setup_buf[0] << 8) | s->setup_buf[1];
+     value   = (s->setup_buf[3] << 8) | s->setup_buf[2];
+@@ -259,26 +261,28 @@ static void do_token_out(USBDevice *s, USBPacket *p)
+ static void do_parameter(USBDevice *s, USBPacket *p)
+ {
+     int i, request, value, index;
+    unsigned int setup_len;
+ 
+     for (i = 0; i < 8; i++) {
+         s->setup_buf[i] = p->parameter >> (i*8);
+     }
+ 
+     s->setup_state = SETUP_STATE_PARAM;
+-    s->setup_len   = (s->setup_buf[7] << 8) | s->setup_buf[6];
+     s->setup_index = 0;
+ 
+     request = (s->setup_buf[0] << 8) | s->setup_buf[1];
+     value   = (s->setup_buf[3] << 8) | s->setup_buf[2];
+     index   = (s->setup_buf[5] << 8) | s->setup_buf[4];
+ 
+-    if (s->setup_len > sizeof(s->data_buf)) {
+    setup_len = (s->setup_buf[7] << 8) | s->setup_buf[6];
+    if (setup_len > sizeof(s->data_buf)) {
+         fprintf(stderr,
+                 "usb_generic_handle_packet: ctrl buffer too small (%d > %zu)\n",
+-                s->setup_len, sizeof(s->data_buf));
+                setup_len, sizeof(s->data_buf));
+         p->status = USB_RET_STALL;
+         return;
+     }
+    s->setup_len = setup_len;
+ 
+     if (p->pid == USB_TOKEN_OUT) {
+         usb_packet_copy(p, s->data_buf, s->setup_len);
+-- 
+2.17.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch
new file mode 100644
index 0000000000..9927584d11
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-15863.patch
@@ -0,0 +1,64 @@
+From 5519724a13664b43e225ca05351c60b4468e4555 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella <mcascell@redhat.com>
+Date: Fri, 10 Jul 2020 11:19:41 +0200
+Subject: [PATCH] hw/net/xgmac: Fix buffer overflow in xgmac_enet_send()
+A buffer overflow issue was reported by Mr. Ziming Zhang, CC'd here. It
+occurs while sending an Ethernet frame due to missing break statements
+and improper checking of the buffer size.
+Reported-by: Ziming Zhang <ezrakiez@gmail.com>
+Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Reviewed-by: Peter Maydell <peter.maydell@linaro.org>
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+CVE: CVE-2020-15863
+Upstream-Status: Backport
+[https://git.qemu.org/?p=qemu.git;a=commit;h=5519724a13664b43e225ca05351c60b4468e4555]
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ hw/net/xgmac.c | 14 ++++++++++++--
+ 1 file changed, 12 insertions(+), 2 deletions(-)
+diff --git a/hw/net/xgmac.c b/hw/net/xgmac.c
+index f49df95..f496f7e 100644
+--- a/hw/net/xgmac.c
+++ b/hw/net/xgmac.c
+@@ -217,21 +217,31 @@ static void xgmac_enet_send(XgmacState *s)
+         }
+         len = (bd.buffer1_size & 0xfff) + (bd.buffer2_size & 0xfff);
+ 
+        /*
+         * FIXME: these cases of malformed tx descriptors (bad sizes)
+         * should probably be reported back to the guest somehow
+         * rather than simply silently stopping processing, but we
+         * don't know what the hardware does in this situation.
+         * This will only happen for buggy guests anyway.
+         */
+         if ((bd.buffer1_size & 0xfff) > 2048) {
+             DEBUGF_BRK("qemu:%s:ERROR...ERROR...ERROR... -- "
+                         "xgmac buffer 1 len on send > 2048 (0x%x)\n",
+                          __func__, bd.buffer1_size & 0xfff);
+            break;
+         }
+         if ((bd.buffer2_size & 0xfff) != 0) {
+             DEBUGF_BRK("qemu:%s:ERROR...ERROR...ERROR... -- "
+                         "xgmac buffer 2 len on send != 0 (0x%x)\n",
+                         __func__, bd.buffer2_size & 0xfff);
+            break;
+         }
+-        if (len >= sizeof(frame)) {
+        if (frame_size + len >= sizeof(frame)) {
+             DEBUGF_BRK("qemu:%s: buffer overflow %d read into %zu "
+-                        "buffer\n" , __func__, len, sizeof(frame));
+                        "buffer\n" , __func__, frame_size + len, sizeof(frame));
+             DEBUGF_BRK("qemu:%s: buffer1.size=%d; buffer2.size=%d\n",
+                         __func__, bd.buffer1_size, bd.buffer2_size);
+            break;
+         }
+ 
+         cpu_physical_memory_read(bd.buffer1_addr, ptr, len);
+-- 
+1.9.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch
new file mode 100644
index 0000000000..8ce01e26ad
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-16092.patch
@@ -0,0 +1,49 @@
+From 035e69b063835a5fd23cacabd63690a3d84532a8 Mon Sep 17 00:00:00 2001
+From: Mauro Matteo Cascella <mcascell@redhat.com>
+Date: Sat, 1 Aug 2020 18:42:38 +0200
+Subject: [PATCH] hw/net/net_tx_pkt: fix assertion failure in
+ net_tx_pkt_add_raw_fragment()
+An assertion failure issue was found in the code that processes network
+packets
+while adding data fragments into the packet context. It could be abused
+by a
+malicious guest to abort the QEMU process on the host. This patch
+replaces the
+affected assert() with a conditional statement, returning false if the
+current
+data fragment exceeds max_raw_frags.
+Reported-by: Alexander Bulekov <alxndr@bu.edu>
+Reported-by: Ziming Zhang <ezrakiez@gmail.com>
+Reviewed-by: Dmitry Fleytman <dmitry.fleytman@gmail.com>
+Signed-off-by: Mauro Matteo Cascella <mcascell@redhat.com>
+Signed-off-by: Jason Wang <jasowang@redhat.com>
+Upstream-Status: Backport
+CVE: CVE-2020-16092
+[https://git.qemu.org/?p=qemu.git;a=commit;h=035e69b063835a5fd23cacabd63690a3d84532a8]
+Signed-off-by: Li Wang <li.wang@windriver.com>
+---
+ hw/net/net_tx_pkt.c | 5 ++++-
+ 1 file changed, 4 insertions(+), 1 deletion(-)
+diff --git a/hw/net/net_tx_pkt.c b/hw/net/net_tx_pkt.c
+index 162f802..54d4c3b 100644
+--- a/hw/net/net_tx_pkt.c
+++ b/hw/net/net_tx_pkt.c
+@@ -379,7 +379,10 @@ bool net_tx_pkt_add_raw_fragment(struct NetTxPkt *pkt, hwaddr pa,
+     hwaddr mapped_len = 0;
+     struct iovec *ventry;
+     assert(pkt);
+-    assert(pkt->max_raw_frags > pkt->raw_frags);
+
+    if (pkt->raw_frags >= pkt->max_raw_frags) {
+        return false;
+    }
+ 
+     if (!len) {
+         return true;
+-- 
+2.17.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch
new file mode 100644
index 0000000000..aa7bc82329
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-1711.patch
@@ -0,0 +1,64 @@
+From 693fd2acdf14dd86c0bf852610f1c2cca80a74dc Mon Sep 17 00:00:00 2001
+From: Felipe Franciosi <felipe@nutanix.com>
+Date: Thu, 23 Jan 2020 12:44:59 +0000
+Subject: [PATCH] iscsi: Cap block count from GET LBA STATUS (CVE-2020-1711)
+When querying an iSCSI server for the provisioning status of blocks (via
+GET LBA STATUS), Qemu only validates that the response descriptor zero's
+LBA matches the one requested. Given the SCSI spec allows servers to
+respond with the status of blocks beyond the end of the LUN, Qemu may
+have its heap corrupted by clearing/setting too many bits at the end of
+its allocmap for the LUN.
+A malicious guest in control of the iSCSI server could carefully program
+Qemu's heap (by selectively setting the bitmap) and then smash it.
+This limits the number of bits that iscsi_co_block_status() will try to
+update in the allocmap so it can't overflow the bitmap.
+Upstream-Status: Backport [https://git.qemu.org/?p=qemu.git;a=patch;h=693fd2acdf14dd86c0bf852610f1c2cca80a74dc]
+CVE: CVE-2020-1711
+Fixes: CVE-2020-1711
+Cc: qemu-stable@nongnu.org
+Signed-off-by: Felipe Franciosi <felipe@nutanix.com>
+Signed-off-by: Peter Turschmid <peter.turschm@nutanix.com>
+Signed-off-by: Raphael Norwitz <raphael.norwitz@nutanix.com>
+Signed-off-by: Kevin Wolf <kwolf@redhat.com>
+Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
+---
+ block/iscsi.c | 5 +++--
+ 1 file changed, 3 insertions(+), 2 deletions(-)
+diff --git a/block/iscsi.c b/block/iscsi.c
+index 2aea7e3..cbd5729 100644
+--- a/block/iscsi.c
+++ b/block/iscsi.c
+@@ -701,7 +701,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs,
+     struct scsi_get_lba_status *lbas = NULL;
+     struct scsi_lba_status_descriptor *lbasd = NULL;
+     struct IscsiTask iTask;
+-    uint64_t lba;
+    uint64_t lba, max_bytes;
+     int ret;
+ 
+     iscsi_co_init_iscsitask(iscsilun, &iTask);
+@@ -721,6 +721,7 @@ static int coroutine_fn iscsi_co_block_status(BlockDriverState *bs,
+     }
+ 
+     lba = offset / iscsilun->block_size;
+    max_bytes = (iscsilun->num_blocks - lba) * iscsilun->block_size;
+ 
+     qemu_mutex_lock(&iscsilun->mutex);
+ retry:
+@@ -764,7 +765,7 @@ retry:
+         goto out_unlock;
+     }
+ 
+-    *pnum = (int64_t) lbasd->num_blocks * iscsilun->block_size;
+    *pnum = MIN((int64_t) lbasd->num_blocks * iscsilun->block_size, max_bytes);
+ 
+     if (lbasd->provisioning == SCSI_PROVISIONING_TYPE_DEALLOCATED ||
+         lbasd->provisioning == SCSI_PROVISIONING_TYPE_ANCHORED) {
+-- 
+1.8.3.1
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-1.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-1.patch
new file mode 100644
index 0000000000..df6bca6db6
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-1.patch
@@ -0,0 +1,44 @@
+From b2663d527a1992ba98c0266458b21ada3b9d0d2e Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 27 Feb 2020 12:07:35 +0800
+Subject: [PATCH] tcp_emu: Fix oob access
+The main loop only checks for one available byte, while we sometimes
+need two bytes.
+CVE: CVE-2020-7039
+Upstream-Status: Backport
+[https://gitlab.freedesktop.org/slirp/libslirp/commit/2655fffed7a9e765bcb4701dd876e9dab975f289]
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ slirp/src/tcp_subr.c | 6 ++++++
+ 1 file changed, 6 insertions(+)
+diff --git a/slirp/src/tcp_subr.c b/slirp/src/tcp_subr.c
+index d6dd133..4bea2d4 100644
+--- a/slirp/src/tcp_subr.c
+++ b/slirp/src/tcp_subr.c
+@@ -886,6 +886,8 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+                 break;
+ 
+             case 5:
+                if (bptr == m->m_data + m->m_len - 1)
+                        return 1; /* We need two bytes */
+                 /*
+                  * The difference between versions 1.0 and
+                  * 2.0 is here. For future versions of
+@@ -901,6 +903,10 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+                 /* This is the field containing the port
+                  * number that RA-player is listening to.
+                  */
+
+                if (bptr == m->m_data + m->m_len - 1)
+                        return 1; /* We need two bytes */
+
+                 lport = (((uint8_t *)bptr)[0] << 8) + ((uint8_t *)bptr)[1];
+                 if (lport < 6970)
+                     lport += 256; /* don't know why */
+-- 
+2.7.4
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-2.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-2.patch
new file mode 100644
index 0000000000..4a00fa2afd
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-2.patch
@@ -0,0 +1,59 @@
+From 8f67e76e4148e37f3d8d2bcbdee7417fdedb7669 Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 27 Feb 2020 12:10:34 +0800
+Subject: [PATCH] slirp: use correct size while emulating commands
+While emulating services in tcp_emu(), it uses 'mbuf' size
+'m->m_size' to write commands via snprintf(3). Use M_FREEROOM(m)
+size to avoid possible OOB access.
+Signed-off-by: default avatarPrasad J Pandit <pjp@fedoraproject.org>
+Signed-off-by: Samuel Thibault's avatarSamuel Thibault
+<samuel.thibault@ens-lyon.org>
+Message-Id: <20200109094228.79764-3-ppandit@redhat.com>
+CVE: CVE-2020-7039
+Upstream-Status: Backport
+[https://gitlab.freedesktop.org/slirp/libslirp/commit/82ebe9c370a0e2970fb5695aa19aa5214a6a1c80]
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ slirp/src/tcp_subr.c | 9 ++++-----
+ 1 file changed, 4 insertions(+), 5 deletions(-)
+diff --git a/slirp/src/tcp_subr.c b/slirp/src/tcp_subr.c
+index 4bea2d4..e8ed4ef 100644
+--- a/slirp/src/tcp_subr.c
+++ b/slirp/src/tcp_subr.c
+@@ -696,7 +696,7 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+             n4 = (laddr & 0xff);
+ 
+             m->m_len = bptr - m->m_data; /* Adjust length */
+-            m->m_len += snprintf(bptr, m->m_size - m->m_len,
+            m->m_len += snprintf(bptr, M_FREEROOM(m),
+                                  "ORT %d,%d,%d,%d,%d,%d\r\n%s", n1, n2, n3, n4,
+                                  n5, n6, x == 7 ? buff : "");
+             return 1;
+@@ -731,8 +731,7 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+             n4 = (laddr & 0xff);
+ 
+             m->m_len = bptr - m->m_data; /* Adjust length */
+-            m->m_len +=
+-                snprintf(bptr, m->m_size - m->m_len,
+            m->m_len += snprintf(bptr, M_FREEROOM(m),
+                          "27 Entering Passive Mode (%d,%d,%d,%d,%d,%d)\r\n%s",
+                          n1, n2, n3, n4, n5, n6, x == 7 ? buff : "");
+ 
+@@ -758,8 +757,8 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+         if (m->m_data[m->m_len - 1] == '\0' && lport != 0 &&
+             (so = tcp_listen(slirp, INADDR_ANY, 0, so->so_laddr.s_addr,
+                              htons(lport), SS_FACCEPTONCE)) != NULL)
+-            m->m_len =
+-                snprintf(m->m_data, m->m_size, "%d", ntohs(so->so_fport)) + 1;
+            m->m_len = snprintf(m->m_data, M_ROOM(m),
+                                "%d", ntohs(so->so_fport)) + 1;
+         return 1;
+ 
+     case EMU_IRC:
+-- 
+2.7.4
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-3.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-3.patch
new file mode 100644
index 0000000000..70ce480d80
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-7039-3.patch
@@ -0,0 +1,64 @@
+From 0b03959b72036afce151783720d9e54988cf76ef Mon Sep 17 00:00:00 2001
+From: Changqing Li <changqing.li@windriver.com>
+Date: Thu, 27 Feb 2020 12:15:04 +0800
+Subject: [PATCH] slirp: use correct size while emulating IRC commands
+While emulating IRC DCC commands, tcp_emu() uses 'mbuf' size
+'m->m_size' to write DCC commands via snprintf(3). This may
+lead to OOB write access, because 'bptr' points somewhere in
+the middle of 'mbuf' buffer, not at the start. Use M_FREEROOM(m)
+size to avoid OOB access.
+Reported-by: default avatarVishnu Dev TJ <vishnudevtj@gmail.com>
+Signed-off-by: default avatarPrasad J Pandit <pjp@fedoraproject.org>
+Reviewed-by: Samuel Thibault's avatarSamuel Thibault
+<samuel.thibault@ens-lyon.org>
+Message-Id: <20200109094228.79764-2-ppandit@redhat.com>
+CVE: CVE-2020-7039
+Upstream-Status: Backport
+[https://gitlab.freedesktop.org/slirp/libslirp/commit/ce131029d6d4a405cb7d3ac6716d03e58fb4a5d9]
+Signed-off-by: Changqing Li <changqing.li@windriver.com>
+---
+ slirp/src/tcp_subr.c | 11 ++++++-----
+ 1 file changed, 6 insertions(+), 5 deletions(-)
+diff --git a/slirp/src/tcp_subr.c b/slirp/src/tcp_subr.c
+index e8ed4ef..3a4a8ee 100644
+--- a/slirp/src/tcp_subr.c
+++ b/slirp/src/tcp_subr.c
+@@ -777,7 +777,8 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+                 return 1;
+             }
+             m->m_len = bptr - m->m_data; /* Adjust length */
+-            m->m_len += snprintf(bptr, m->m_size, "DCC CHAT chat %lu %u%c\n",
+            m->m_len += snprintf(bptr, M_FREEROOM(m),
+                                 "DCC CHAT chat %lu %u%c\n",
+                                  (unsigned long)ntohl(so->so_faddr.s_addr),
+                                  ntohs(so->so_fport), 1);
+         } else if (sscanf(bptr, "DCC SEND %256s %u %u %u", buff, &laddr, &lport,
+@@ -787,8 +788,8 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+                 return 1;
+             }
+             m->m_len = bptr - m->m_data; /* Adjust length */
+-            m->m_len +=
+-                snprintf(bptr, m->m_size, "DCC SEND %s %lu %u %u%c\n", buff,
+            m->m_len += snprintf(bptr, M_FREEROOM(m),
+                         "DCC SEND %s %lu %u %u%c\n", buff,
+                          (unsigned long)ntohl(so->so_faddr.s_addr),
+                          ntohs(so->so_fport), n1, 1);
+         } else if (sscanf(bptr, "DCC MOVE %256s %u %u %u", buff, &laddr, &lport,
+@@ -798,8 +799,8 @@ int tcp_emu(struct socket *so, struct mbuf *m)
+                 return 1;
+             }
+             m->m_len = bptr - m->m_data; /* Adjust length */
+-            m->m_len +=
+-                snprintf(bptr, m->m_size, "DCC MOVE %s %lu %u %u%c\n", buff,
+            m->m_len += snprintf(bptr, M_FREEROOM(m),
+                         "DCC MOVE %s %lu %u %u%c\n", buff,
+                          (unsigned long)ntohl(so->so_faddr.s_addr),
+                          ntohs(so->so_fport), n1, 1);
+         }
+-- 
+2.7.4
diff --git a/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch b/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch
new file mode 100644
index 0000000000..11be4c92e7
--- /dev/null
+++ b/meta/recipes-devtools/qemu/qemu/CVE-2020-7211.patch
@@ -0,0 +1,46 @@
+From 14ec36e107a8c9af7d0a80c3571fe39b291ff1d4 Mon Sep 17 00:00:00 2001
+From: Prasad J Pandit <pjp@fedoraproject.org>
+Date: Mon, 13 Jan 2020 17:44:31 +0530
+Subject: [PATCH] slirp: tftp: restrict relative path access
+tftp restricts relative or directory path access on Linux systems.
+Apply same restrictions on Windows systems too. It helps to avoid
+directory traversal issue.
+Fixes: https://bugs.launchpad.net/qemu/+bug/1812451
+Reported-by: Peter Maydell <peter.maydell@linaro.org>
+Signed-off-by: Prasad J Pandit <pjp@fedoraproject.org>
+Reviewed-by: Samuel Thibault <samuel.thibault@ens-lyon.org>
+Message-Id: <20200113121431.156708-1-ppandit@redhat.com>
+Upstream-Status: Backport [https://gitlab.freedesktop.org/slirp/libslirp/-/commit/14ec36e107a8c9af7d0a80c3571fe39b291ff1d4.patch]
+CVE: CVE-2020-7211
+Signed-off-by: Chee Yang Lee <chee.yang.lee@intel.com>
+---
+ slirp/src/tftp.c | 9 +++++++--
+ 1 file changed, 7 insertions(+), 2 deletions(-)
+diff --git a/slirp/src/tftp.c b/slirp/src/tftp.c
+index 093c2e0..e52e71b 100644
+--- a/slirp/src/tftp.c
+++ b/slirp/src/tftp.c
+@@ -344,8 +344,13 @@ static void tftp_handle_rrq(Slirp *slirp, struct sockaddr_storage *srcsas,
+     k += 6; /* skipping octet */
+ 
+     /* do sanity checks on the filename */
+-    if (!strncmp(req_fname, "../", 3) ||
+-        req_fname[strlen(req_fname) - 1] == '/' || strstr(req_fname, "/../")) {
+    if (
+#ifdef G_OS_WIN32
+        strstr(req_fname, "..\\") ||
+        req_fname[strlen(req_fname) - 1] == '\\' ||
+#endif
+        strstr(req_fname, "../") ||
+        req_fname[strlen(req_fname) - 1] == '/') {
+         tftp_send_error(spt, 2, "Access violation", tp);
+         return;
+     }
+-- 
+2.24.1
diff --git a/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
new file mode 100644
index 0000000000..704c850c50
--- /dev/null
+++ b/meta/recipes-devtools/ruby/ruby/fix-CVE-2019-16254.patch
@@ -0,0 +1,106 @@
+From 18d5289b4579822e391b3f5c16541e6552e9f06c Mon Sep 17 00:00:00 2001
+From: Yusuke Endoh <mame@ruby-lang.org>
+Date: Tue, 1 Oct 2019 12:29:18 +0900
+Subject: [PATCH] WEBrick: prevent response splitting and header injection
+This is a follow up to d9d4a28f1cdd05a0e8dabb36d747d40bbcc30f16.
+The commit prevented CRLR, but did not address an isolated CR or an
+isolated LF.
+Upstream-Status: Backport https://github.com/ruby/ruby/commit/3ce238b5f9795581eb84114dcfbdf4aa086bfecc
+CVE: CVE-2019-16254
+Co-Authored-By: NARUSE, Yui <naruse@airemix.jp>
+Signed-off-by: Rahul Chauhan <rahulchauhankitps@gmail.com>
+---
+ lib/webrick/httpresponse.rb       |  3 ++-
+ test/webrick/test_httpresponse.rb | 46 +++++++++++++++++++++++++++++++++++++--
+ 2 files changed, 46 insertions(+), 3 deletions(-)
+diff --git a/lib/webrick/httpresponse.rb b/lib/webrick/httpresponse.rb
+index 6d77692..d26324c 100644
+--- a/lib/webrick/httpresponse.rb
+++ b/lib/webrick/httpresponse.rb
+@@ -367,7 +367,8 @@ def set_error(ex, backtrace=false)
+     private
+     def check_header(header_value)
+-      if header_value =~ /\r\n/
+      header_value = header_value.to_s
+      if /[\r\n]/ =~ header_value
+         raise InvalidHeader
+       else
+         header_value
+diff --git a/test/webrick/test_httpresponse.rb b/test/webrick/test_httpresponse.rb
+index 6263e0a..24a6968 100644
+--- a/test/webrick/test_httpresponse.rb
+++ b/test/webrick/test_httpresponse.rb
+@@ -29,7 +29,7 @@ def setup
+       @res.keep_alive  = true
+     end
+-    def test_prevent_response_splitting_headers
+    def test_prevent_response_splitting_headers_crlf
+       res['X-header'] = "malicious\r\nCookie: hack"
+       io = StringIO.new
+       res.send_response io
+@@ -39,7 +39,7 @@ def test_prevent_response_splitting_headers
+       refute_match 'hack', io.string
+     end
+-    def test_prevent_response_splitting_cookie_headers
+    def test_prevent_response_splitting_cookie_headers_crlf
+       user_input = "malicious\r\nCookie: hack"
+       res.cookies << WEBrick::Cookie.new('author', user_input)
+       io = StringIO.new
+@@ -50,6 +50,48 @@ def test_prevent_response_splitting_cookie_headers
+       refute_match 'hack', io.string
+     end
+    def test_prevent_response_splitting_headers_cr
+      res['X-header'] = "malicious\rCookie: hack"
+      io = StringIO.new
+      res.send_response io
+      io.rewind
+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
+      assert_equal '500', res.code
+      refute_match 'hack', io.string
+    end
+
+    def test_prevent_response_splitting_cookie_headers_cr
+      user_input = "malicious\rCookie: hack"
+      res.cookies << WEBrick::Cookie.new('author', user_input)
+      io = StringIO.new
+      res.send_response io
+      io.rewind
+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
+      assert_equal '500', res.code
+      refute_match 'hack', io.string
+    end
+
+    def test_prevent_response_splitting_headers_lf
+      res['X-header'] = "malicious\nCookie: hack"
+      io = StringIO.new
+      res.send_response io
+      io.rewind
+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
+      assert_equal '500', res.code
+      refute_match 'hack', io.string
+    end
+
+    def test_prevent_response_splitting_cookie_headers_lf
+      user_input = "malicious\nCookie: hack"
+      res.cookies << WEBrick::Cookie.new('author', user_input)
+      io = StringIO.new
+      res.send_response io
+      io.rewind
+      res = Net::HTTPResponse.read_new(Net::BufferedIO.new(io))
+      assert_equal '500', res.code
+      refute_match 'hack', io.string
+    end
+
+     def test_304_does_not_log_warning
+       res.status      = 304
+       res.setup_header
+--
+2.7.4
diff --git a/meta/recipes-devtools/ruby/ruby_2.5.5.bb b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
index 223b0371eb..58bb97f4bd 100644
--- a/meta/recipes-devtools/ruby/ruby_2.5.5.bb
+++ b/meta/recipes-devtools/ruby/ruby_2.5.5.bb
@@ -3,6 +3,7 @@ require ruby.inc
 SRC_URI += " \
           file://0001-configure.ac-check-finite-isinf-isnan-as-macros-firs.patch \
           file://run-ptest \
+           file://fix-CVE-2019-16254.patch \
           "
 SRC_URI[md5sum] = "7e156fb526b8f4bb1b30a3dd8a7ce400"
diff --git a/meta/recipes-devtools/strace/strace/Makefile-ptest.patch b/meta/recipes-devtools/strace/strace/Makefile-ptest.patch
index 08fa5c53b8..36e93a2dcf 100644
--- a/meta/recipes-devtools/strace/strace/Makefile-ptest.patch
+++ b/meta/recipes-devtools/strace/strace/Makefile-ptest.patch
@@ -44,6 +44,6 @@ index 825c989..4623c48 100644
 +       done
 +       for file in $(EXTRA_DIST); do \
 +               install $(srcdir)/$$file $(DESTDIR)/$(TESTDIR); \
-+               sed -i -e 's/$${srcdir=.}/./g' $(DESTDIR)/$(TESTDIR)/$$file; \
+               #sed -i -e 's/$${srcdir=.}/./g' $(DESTDIR)/$(TESTDIR)/$$file; \
 +       done
 +       for i in net scm_rights-fd rt_sigaction; do sed -i -e 's/$$srcdir/./g' $(DESTDIR)/$(TESTDIR)/$$i.test; done
diff --git a/meta/recipes-devtools/strace/strace/run-ptest b/meta/recipes-devtools/strace/strace/run-ptest
index 2fed984e90..4660207220 100755
--- a/meta/recipes-devtools/strace/strace/run-ptest
+++ b/meta/recipes-devtools/strace/strace/run-ptest
@@ -1,3 +1,6 @@
 #!/bin/sh
-export TIMEOUT_DURATION=30
+export TIMEOUT_DURATION=120
-make -B -C tests -k test-suite.log
+chown nobody tests
+chown nobody tests/*
+chown nobody ../ptest
+su nobody -c "make -B -C tests -k test-suite.log"