linux/poky.git/meta/recipes-devtools/python/python3, branch yocto-4.0.14 Mirror of git.yoctoproject.org/poky https://git.enea.com/cgit/linux/poky.git/atom?h=yocto-4.0.14 2023-08-02T14:47:13+00:00 python3: fix missing comma in get_module_deps3.py 2023-08-02T14:47:13+00:00 Ross Burton ross.burton@arm.com 2023-07-05T10:34:34+00:00 urn:sha1:4b5f2ecf67f5eda9f3f2be6cd0767966094a28ab Wes Tarro <wes.tarro@azuresummit.com> noticed a missing comma in a preplace() call, add it. That said, calling replace() with one argument results in a TypeError, so this is obviously dead code. (From OE-Core rev: 3a79a210665efae1af6d68e9e923a739c82d800e) Signed-off-by: Ross Burton <ross.burton@arm.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 9b2e2c8d809e7ca34451ec9702b029a00dfb410b) Signed-off-by: Steve Sakoman <steve@sakoman.com> python3: upgrade 3.10.9 -> 3.10.12 2023-08-02T14:47:13+00:00 Tim Orling ticotimo@gmail.com 2023-07-23T22:06:40+00:00 urn:sha1:7658d8f2c979a23278be653d87bfecedccd77577 Security and bugfix updates. * Drop cve-2023-24329.patch as it is merged in 3.10.12 CVE: CVE-2023-24329 Includes openssl 1.1.1u which addresses: CVE: CVE-2023-0286 CVE: CVE-2022-4304 CVE: CVE-2022-4203 https://docs.python.org/release/3.10.12/whatsnew/changelog.html#python-3-10-12-final https://docs.python.org/release/3.10.12/whatsnew/changelog.html#python-3-10-11-final https://docs.python.org/release/3.10.12/whatsnew/changelog.html#python-3-10-10-final License-Update: Update Copyright years to include 2023 (From OE-Core rev: 4df594dbc1b391afbe703f663fb2d5c9e9d35078) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> python3: fix CVE-2023-24329 2023-03-23T22:45:33+00:00 Joe Slater joe.slater@windriver.com 2023-03-16T15:54:09+00:00 urn:sha1:6af5a447a16f34700e2c911992a19b0dae75de28 Backport fix from cpython 3.11 branch. (From OE-Core rev: 37defd828cc6a8267139928730d766167905d21a) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> python3: upgrade 3.10.8 -> 3.10.9 2022-12-23T23:05:50+00:00 Florin Diaconescu florin.diaconescu009@gmail.com 2022-12-15T11:42:55+00:00 urn:sha1:c4bbc6d9c5077b26d6d8e48aa47927b3cbb023e0 Security and bug fixes. Drop patch for CVE-2022-42919 and CVE-2022-37454 which were merged in 3.10.9 Fixes: * CVE-2022-45061 (gh-98433) https://nvd.nist.gov/vuln/detail/CVE-2022-45061 List of changes: https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-9-final (From OE-Core rev: f98b9c71686eb5ce5115ee73155a7d0389831ef0) Signed-off-by: Florin Diaconescu <florin.diaconescu009@gmail.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> python3: advance to version 3.10.8 2022-12-13T15:23:34+00:00 Joe Slater joe.slater@windriver.com 2022-12-07T22:55:03+00:00 urn:sha1:eea9ca003fdc971dc13b545c4b7949f06e1beae8 Fixes CVE-2022-37460. Also add patch to fix CVE-2022-37454. (From OE-Core rev: b446dd69b79783ea232514e1c5212595ec28e553) Signed-off-by: Joe Slater <joe.slater@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> python3: fix CVE-2022-42919 local privilege escalation via the multiprocessing forkserver start method 2022-12-01T19:35:04+00:00 Vivek Kumbhar vkumbhar@mvista.com 2022-11-24T12:28:13+00:00 urn:sha1:9510218414f822d1d5fd4b8417137d8ef1de81ff Upstream-Status: Backport from https://github.com/python/cpython/commit/eae692eed18892309bcc25a2c0f8980038305ea2 (From OE-Core rev: 9ed7184930707c98afabca8c6b712df874ad659f) Signed-off-by: Vivek Kumbhar <vkumbhar@mvista.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> get_module_deps3.py: Check attribute '__file__' 2022-11-24T15:30:01+00:00 Leon Anavi leon.anavi@konsulko.com 2022-11-02T19:18:00+00:00 urn:sha1:f9679ac9f89d371c1934ccb319eb3c3eae33d61d Check if the module object has attribute '__file__' to fix and avoid errors like: AttributeError: module '_abc' has no attribute '__file__'. Did you mean: '__name__'? (From OE-Core rev: 1684457df9fb7029a276df4438c8fc4a17e3e1e9) Signed-off-by: Leon Anavi <leon.anavi@konsulko.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> (cherry picked from commit 8acce12c1a4cf37ac312c92d62a6ae93a349dddf) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> python3: upgrade 3.10.4 -> 3.10.7 2022-10-20T14:36:02+00:00 Tim Orling ticotimo@gmail.com 2022-10-11T19:56:01+00:00 urn:sha1:6a3c3653323309c3a0cd4747bbc01227718bd1c9 Security and bug fixes. Drop patch for gh-92036 which was merged in 3.10.5 Refresh 0017-setup.py-do-not-report-missing-dependencies-for-disa.pathc Fixes: * CVE-2020-10735 https://nvd.nist.gov/vuln/detail/CVE-2020-10735 * CVE-2021-28861 https://nvd.nist.gov/vuln/detail/CVE-2021-28861 * CVE-2018-25032 https://nvd.nist.gov/vuln/detail/CVE-2018-25032 For a list of changes see: https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-7-final https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-6-final https://docs.python.org/3.10/whatsnew/changelog.html#python-3-10-6-final (From OE-Core rev: 3efae85283b19fa1b30af7fed7fa89d7a50337db) Signed-off-by: Tim Orling <tim.orling@konsulko.com> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> python3: Backport patch to fix an issue in subinterpreters 2022-07-25T14:11:46+00:00 Markus Volk f_l_k@t-online.de 2022-07-04T13:21:41+00:00 urn:sha1:8fa95bb5991e2b7f104366b5dd53551f190919bb This adds a backport patch that fixes a problem in subinterpreters related to the garbagecollector. Without the patch, there are random segfaults in several Kodi addons that use python3-sqlite3. Presumably there are real world issues in other programs as well. (From OE-Core rev: 39d57ef7e341a048b94bc5dd9c29d58f57e06f19) Signed-off-by: Markus Volk <f_l_k@t-online.de> Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> python: Avoid shebang overflow on python-config.py 2022-06-24T22:57:42+00:00 Paulo Neves ptsneves@gmail.com 2022-06-14T15:10:59+00:00 urn:sha1:141de70a3990a9736bdee7692604c423e56e81b7 The native path may be too big, leading to shebang overflow. Just use the #!/usr/bin/env python3. (From OE-Core rev: 8a86bd88f0b46b0f413b98df20891cb9aa84c271) Signed-off-by: Paulo Neves <ptsneves@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 84783dee09e48cb930c7cd27944eaf3f03997237) Signed-off-by: Steve Sakoman <steve@sakoman.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>