Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=styhead-5.1.4 2025-02-14T15:49:09+00:00 2025-02-14T15:49:09+00:00 Peter Marko peter.marko@siemens.com 2025-02-08T23:23:19+00:00 urn:sha1:61e2aebcb5efc5daa57a82d76550b4022342a6dd Release notes: https://docs.python.org/release/3.12.9/whatsnew/changelog.html#python-3-12-9 Solves CVE-2025-0938, CVE-2024-12254 and 3 other vulnerabilities without CVE number assigment. Add a patch to fix failure of a new test. (From OE-Core rev: cb0187ed2962e4c140c4f59ce08f94b18b05004c) Signed-off-by: Peter Marko <peter.marko@siemens.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2025-01-09T14:02:48+00:00 Guðni Már Gilbert gudni.m.g@gmail.com 2024-12-25T11:26:50+00:00 urn:sha1:c2dcb76eb1c994c28bb1c31fe07678da1e2222fe Changelog: https://docs.python.org/release/3.12.8/whatsnew/changelog.html#python-3-12-8 (From OE-Core rev: 751cf7a576dbb949763703e655e951bcd583f251) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2025-01-09T14:02:48+00:00 Guðni Már Gilbert gudni.m.g@gmail.com 2024-12-25T11:26:49+00:00 urn:sha1:1b4d8585f0fe9e5a570d7ab7fb7bd36494c98ce2 Changelog: https://docs.python.org/release/3.12.7/whatsnew/changelog.html#python-3-12-7 (From OE-Core rev: 103cb3a5390214bd95a75c4db4b00f64b456b7f1) Signed-off-by: Guðni Már Gilbert <gudni.m.g@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> 2024-09-13T06:15:49+00:00 Divya Chellam divya.chellam@windriver.com 2024-09-12T06:44:07+00:00 urn:sha1:0249d9c8932674b8b00ec0d0a261f616794eee36 Includes security fixes for CVE-2024-7592, CVE-2024-8088, CVE-2024-6232 and other bug fixes. Removed below patches, as the fix is included in 3.12.6 upgrade: 1. CVE-2024-7592.patch Release Notes: https://www.python.org/downloads/release/python-3126/ (From OE-Core rev: aa492b1fd5973c37b8fa2cd17d28199eba46afcc) Signed-off-by: Divya Chellam <divya.chellam@windriver.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-09-01T11:28:10+00:00 Khem Raj raj.khem@gmail.com 2024-08-25T15:17:18+00:00 urn:sha1:0c0e19a024e32d2105a75a60b4fc21ff9ff8b191 (From OE-Core rev: 340867efbbf517393c12466d0490f96ef7c45642) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-08-15T13:56:05+00:00 Trevor Gamblin tgamblin@baylibre.com 2024-08-14T18:27:20+00:00 urn:sha1:96b61275be85b46712308b6ec5695865e0716c2e Python 3.12.5 is failing a newer ptest for reading/writing limited history when editline (default) is set in PACKAGECONFIG. Skip it for now until a proper fix (if any) is determined. A bug has been opened upstream: https://github.com/python/cpython/issues/123018 (From OE-Core rev: de569ddffd5ea36b70c56df21dec9c892e5dee7d) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-07-24T21:51:39+00:00 Ross Burton ross.burton@arm.com 2024-07-23T14:51:01+00:00 urn:sha1:14e487aad97d7f03c89da321edd9ed6bdc0c2c7c importlib.metadata is part of -core, but that will import zipfile which is part of -compression. Obviously this shows that our packaging of the Python modules is not optimal. I plan to follow up with a redesign of the splitting which focuses on simply pulling out the larger or esoteric modules and having a more featureful core. (From OE-Core rev: 0f8d985b290def1fbb356aede152a10424c9d2f1) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-07-23T11:45:22+00:00 Ross Burton ross.burton@arm.com 2024-07-23T08:28:12+00:00 urn:sha1:09efffa6a967b9b99203afc8b6a43a95068d0c7d There are still issues with importlib.metadata and empty directories, which surface when doing builds with existing build trees. I've raised this on the upstream ticket that Alex Kanavin has already filed[1] so hopefully we can have a resolution soon. This reverts commit 058c3a6e2b30103202f3995930825fc2f366274f. [1] https://github.com/python/importlib_metadata/issues/489 (From OE-Core rev: 020c9438fa4d90824dcf7068ccf3722b3b7b8ccf) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-07-01T12:56:03+00:00 Alexander Kanavin alex@linutronix.de 2024-06-28T15:01:16+00:00 urn:sha1:058c3a6e2b30103202f3995930825fc2f366274f https://github.com/python/importlib_metadata/issues/489 Upstream discussion revealed that: - the issue was happening due to a bug in setuptools - the bug was fixed in setuptools 63 (I confirmed this: empty dist-info directories no longer seem to trigger any issues if the patch is dropped) - the patch would obscure any further issues of this kind instead of exposing them for easy fixing, so they suggest we drop it and report if anything else pops up (From OE-Core rev: 1a4f25abf29b47949782641c68cc7d3e4136988a) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> 2024-06-24T11:43:40+00:00 Alexander Kanavin alex@linutronix.de 2024-06-19T08:59:45+00:00 urn:sha1:68c15a58ce120ab92d44aabe7a0f9ca96223f1f3 (From OE-Core rev: d77511cc9add70857e4a9d7237b23d7d6ae14e98) Signed-off-by: Alexander Kanavin <alex@linutronix.de> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>