| Commit message (Collapse) | Author | Age | Files | Lines |
|---|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
Changelog:
============
-gh-104432: Fix potential unaligned memory access on C APIs involving returned
sequences of char * pointers within the grp and socket modules. These were
revealed using a -fsaniziter=alignment build on ARM macOS.
-gh-77377: Ensure that multiprocessing synchronization objects created in a fork
context are not sent to a different process created in a spawn context.
This changes a segfault into an actionable RuntimeError in the parent process.
-gh-106092: Fix a segmentation fault caused by a use-after-free bug in frame_dealloc when the trashcan delays the deallocation of a PyFrameObject.
-gh-106719: No longer suppress arbitrary errors in the __annotations__ getter and setter in the type and module types.
-gh-106723: Propagate frozen_modules to multiprocessing spawned process interpreters.
-gh-105979: Fix crash in _imp.get_frozen_object() due to improper exception handling.
-gh-105840: Fix possible crashes when specializing function calls with too many __defaults__.
-gh-105588: Fix an issue that could result in crashes when compiling malformed ast nodes.
-gh-105375: Fix bugs in the builtins module where exceptions could end up being overwritten.
-gh-105375: Fix bug in the compiler where an exception could end up being overwritten.
-gh-105375: Improve error handling in PyUnicode_BuildEncodingMap() where an exception could end up being overwritten.
-gh-105235: Prevent out-of-bounds memory access during mmap.find() calls.
--gh-101006: Improve error handling when read marshal data.
(From OE-Core rev: 70df63c2fe59ab781152b6981caf0828ececc54e)
Signed-off-by: Wang Mingyu <wangmy@fujitsu.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
default stack size for threads is approx 140k on musl which is fine in
most cases but some of python apps e.g. python3-lz4 bindings run into
thread stack size overflow. Increase the default size to 2M on musl,
glibc defaults to 8M, so we are good there.
This default stack size change is limited to interpreter and stdlib
modules only, thats why CFLAGS_NODIST instead of CFLAGS
(From OE-Core rev: 7f9c14aa51fe9180e56cc6922415aef873de9cb6)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
For some reason in the migration of CVE_CHECK_IGNORE to CVE_STATUS[1], this
CVE was commented out.
[1] oe-core 1634ed40
(From OE-Core rev: 07deefea29169ba8d663c869f26b31d3f37a1c9f)
(From OE-Core rev: 20a8f5d928c0b3022609678d7c21b06912df058f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Luca Ceresoli <luca.ceresoli@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
| |
- Try to add convert and apply statuses for old CVEs
- Drop some obsolete ignores, while they are not relevant for current
version
(From OE-Core rev: 1634ed4048cf56788cd5c2c1bdc979b70afcdcd7)
Signed-off-by: Andrej Valek <andrej.valek@siemens.com>
Reviewed-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
| |
This CVE shouldn't have been filed as the "exploit" is described in the
documentation as how the library behaves.
(From OE-Core rev: c652f094d86c4efb7ff99accba63b8169493ab18)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
|
| |
This is based on a previous patch from Alex Kanavin (thanks Alex),
but it retains our use of sed to parse the test output into a usable
form. The intent was to use the test module's --junit-xml feature and
parse the resulting log instead of using sed, but various errors were
encountered when testing this method, so that will need further
investigation before we can consider adopting it. Two missing ptest
dependencies on python3-cgitb and python3-zipapp were already merged
in a previous patch, so only gcc, g++, and binutils were left to add
as ptest RDEPENDS.
ptest output and runtime with this change:
== Tests result: SUCCESS ==
405 tests OK.
29 tests skipped:
test_asdl_parser test_check_c_globals test_clinic test_curses
test_devpoll test_gdb test_idle test_ioctl test_kqueue
test_launcher test_msilib test_ossaudiodev test_readline
test_smtpnet test_socketserver test_startfile test_tcl test_tix
test_tk test_ttk_guionly test_ttk_textonly test_turtle
test_urllib2net test_urllibnet test_winconsoleio test_winreg
test_winsound test_xmlrpc_net test_zipfile64
Total duration: 5 min 3 sec
[YOCTO #13298]
(From OE-Core rev: 50a719d3002a4119e8b2be43aec8fe01aa0c2a40)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
| |
|
|
|
|
|
|
|
|
|
|
| |
Without these, test_cgitb and test_zipapp both fail when running the
python3 ptests.
Also reorder the ${PN}-misc list to be alphabetical.
(From OE-Core rev: 379c5fac766472da7c32937acc6fdf8363bdd935)
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
|
|
(From OE-Core rev: f7f163ebe8c53de4314d04595c1fbcc7af2deccc)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
|
