diff options
| author | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-08-20 16:16:51 +0300 |
|---|---|---|
| committer | Brad Bishop <bradleyb@fuzziesquirrel.com> | 2019-08-20 16:17:54 +0300 |
| commit | 08902b01500fb82ac050ec2dce9b6c4358075a17 (patch) | |
| tree | 76dad89580e2a758feb672731745c5f4c0f6ef30 /poky/meta/recipes-devtools/python | |
| parent | 754b8faf0be432fcdcacb340fe95117cac890e40 (diff) | |
| download | openbmc-08902b01500fb82ac050ec2dce9b6c4358075a17.tar.xz | |
poky: subtree update:835f7eac06..20946c63c2
Aaron Chan (1):
python3-dbus: Add native and nativesdk variants
Adrian Bunk (8):
gnome: Remove the gnome class
bind: Remove RECIPE_NO_UPDATE_REASON and follow the ESV releases
webkitgtk: Reenable on mips
mtd-utils: Upgrade to 2.1.1
Change ftp:// URIs to http(s)://
webkitgtk: Stop disabling gold on aarch64 and mips
grub/libmpc/gdb: Use GNU_MIRROR in more recipes
screen: Backport fix for an implicit function declaration
Alexander Kanavin (28):
btrfs-tools: update 5.1.1 -> 5.2.1
libmodulemd: update to 2.6.0
libwebp: upgrade 1.0.2 -> 1.0.3
createrepo-c: upgrade 0.14.2 -> 0.14.3
webkitgtk: upgrade 2.24.2 -> 2.24.3
bzip2: fix upstream version check
stress-ng: add a recipe that replaces the original stress
meson: update 0.50.1 -> 0.51.1
meson.bbclass: do not pass native compiler/linker flags via command line
meson: add a backported patch to address vala cross-compilation errors
libedit: fix upstream verison check
maintainers.inc: assign acpica to Ross
stress-ng: add a patch to remove unneeded bash dependency
elfutils: use PRIVATE_LIBS for the ptest package
apt: add a missing perl runtime dependency
attr: add a missing perl runtime dependency
ofono: correct the python3 runtime dependency
bluez5: correct the python3 runtime dependency
local.conf.sample: do not add sdl to nativesdk qemu config
maintainers.inc: give python recipes to Oleksandr Kravchuk
python-numpy: remove the python 2.x version of the recipe
python-scons: remove the python 2.x version of the recipe
python-nose: remove the python 2.x version of the recipe
lib/oeqa/utils/qemurunner.py: add runqemuparams after kvm/nographic/snapshot/slirp
mesa: enable glx-tls option in native and nativesdk builds
insane.bbclass: in file-rdeps do not look into RDEPENDS recursively
sudo: correct SRC_URI
ovmf: fix upstream version check
Andreas Obergschwandtner (1):
bzip2: set the autoconf package version to the recipe version
Anuj Mittal (11):
mpg123: upgrade 1.25.10 -> 1.25.11
libsdl: remove
pulseaudio: don't include consolekit when systemd is enabled
libsdl2: upgrade 2.0.9 -> 2.0.10
grub: upgrade 2.02 -> 2.04
patch: fix CVE-2019-13636
python: fix CVE-2018-20852
python: CVE-2019-9947 is same as CVE-2019-9740
libtasn1: upgrade 4.13 -> 4.14
pango: upgrade 1.42.4 -> 1.44.3
harfbuzz: upgrade 2.4.0 -> 2.5.3
Bartosz Golaszewski (1):
qemu: add a patch fixing the native build on newer kernels
Bedel, Alban (3):
rng-tools: start rngd early in the boot process again
kernel-uboot: remove useless special casing of arm64 Image
boost: Fix build and enable context and coroutines on aarch64
Bruce Ashfield (2):
linux-yocto/4.19: update to v4.19.61
linux-yocto-dev: bump to 5.3-rcX
Changqing Li (6):
runqemu: add lockfile for port used when slirp enabled
runqemu: fix get portlock fail for multi users
qemuboot-x86: move QB_SYSTEM_NAME to corresponding conf
genericx86-64.conf/genericx86.conf: add QB_SYSTEM_NAME
grub/grub-efi: fix conflict for aach64
go-runtime: remove conflict files from -dev packages
Chen Qi (1):
sudo: use nonarch_libdir instead of libdir for tmpfiles.d
Chin Huat Ang (1):
cve-update-db-native: fix https proxy issues
Chris Laplante via bitbake-devel (1):
bitbake: fetch2/wget: avoid 'maximum recursion depth' RuntimeErrors when handling 403 codes
Daniel Ammann (2):
image_types: Remove remnants of hdddirect
bitbake: toaster: Sync list of fs_types with oe-core
Denys Dmytriyenko (2):
wayland-protocols: upgrade 1.17 -> 1.18
weston: upgrade 6.0.0 -> 6.0.1
Diego Rondini (1):
image_types.bbclass: make gzipped images rsyncable
Dmitry Eremin-Solenikov (1):
kernel.bbclass: fix installation of modules signing certificates
Frederic Ouellet (1):
systemd: Add partial support of drop-in configuration files to systemd-systemctl-native
Hongxu Jia (1):
grub: add grub-native
Jason Wessel (6):
sqlite3: Fix zlib determinism problem
pseudo: Fix openat() with a symlink pointing to a directory
image_types_wic.bbclass: Copy the .wks and .env files to deploy image dir
wic: Add partition type for msdos partition tables
wic: Make disk partition size consistently computed
dpkg: Provide update-alternative for start-stop-daemon
Johann Fridriksson (1):
ruby: Adding zlib-native to native dependencies
Joshua Lock via Openembedded-core (3):
sstate: fix log message
classes/sstate: don't use unsigned sstate when verification enabled
classes/sstate: regenerate sstate when signing enabled
Joshua Watt (1):
bitbake: hashserv: SQL Optimizations
Kai Kang (3):
subversion: add packageconfig boost
epiphany: set imcompatible with tune mips
e2fsprogs: 1.44.5 -> 1.45.3
Khem Raj (23):
strace: Upgrade to 5.2
linux-libc-header: Fix ptrace.h and prctl.h conflict on aarch64
libnss-nis: Fix build with glibc 2.30
lttng-ust: Check for gettid libc API
ltp: Fix build with glibc 2.30
lttng-tools: Fix build with glibc 2.30
xserver-xorg: Backport patch to remove using sys/io.h
Apache-2.0-with-LLVM-exception: Add new license file
libedit: Move from meta-oe
groff: Fix math.h inclusion from system headers issue
webkitgtk: Fix compile failures with clang
glibc: Update to glibc 2.30
virglrender: Fix endianness check on musl
syslinux: Override hardcoded toolnames in Makefile
systemd-boot: Add option to specify cross objcopy and use it
mesa,llvm,meson: Update llvm to 8.0.1 plus define and use LLVM version globally
musl: Update to master tip
oeqa/buildgalculator.py: Add dependency on gtk+3
oeqa/parselogs: grep for exact errors list keywords
gcc-runtime: Move content from gcclibdir into libdir
gdb: Do not set musl specific CFLAGS
linuxloader: Add entries for riscv64
musl: Delete GLIBC_LDSO before creating symlink with lnr
Luca Boccassi (1):
python3-pygobject: remove python3-setuptools from RDEPENDS
Mads Andreasen (1):
bitbake: fetch2/npm: Use npm pack to download node modules instead of wget
Mark Hatle (2):
glibc-package.inc: Add linux-libc-headers-dev to glibc-dev
bitbake: layerindexlib: Fix parsing of recursive layer dependencies
Martin Jansa (3):
icecc.bbclass: catch subprocess.CalledProcessError
powertop: import a fix from buildroot
meson: backport fix for builds with -Werror=return-type
Ming Liu (5):
libx11-compose-data: add recipe
libxkbcommon: RDEPENDS on libx11 compose data
weston: change to use meson build system
license_image.bbclass: drop invalid comments
opensbi: handle deploy task under sstate
Naveen Saini (2):
gdk-pixbuf: enable x11 PACKAGECONFIG option
image_types_wic: add syslinux-native dependency conditional
Oleksandr Kravchuk (17):
python3-pip: update to 19.2.1
python3-git: update to 2.1.12
ethtool: update to 5.2
python3-git: update to 2.1.13
xorgproto: update to 2019.1
xserver-xorg: update to 1.20.5
ell: update to 0.21
libinput: update to 1.14.0
wpa-supplicant: update to 2.9
aspell: update to 0.60.7
linux-firmware: add PE back
xf86-input-libinput: update to 0.29.0
git: update to 2.22.1
xrandr: update to 1.5.1
python3-git: update to 3.0.0
librepo: update to 1.10.5
libevent: update to 2.1.11
Pascal Bach (2):
cmake: 3.14.5 -> 3.15.1
cmake: 3.15.1 -> 3.15.2
Paul Eggleton (2):
scripts/create-pull-request: improve handling of non-SSH remote URLs
scripts/create-pull-request: fix putting subject containing / into cover letter
Piotr Tworek (2):
pulseaudio: Backport upstream fix new alsa compatibility.
libdrm: Move amdgpu.ids file into libdrm-amdgpu package.
Randy MacLeod (1):
ptest-runner: update from 2.3.1 to 2.3.2
Rasmus Villemoes (1):
iproute2: drop pointless configure-cross.patch
Ricardo Neri (5):
ovmf: Update to version edk2-stable201905
ovmf: Set PV
ovmf: Use HOSTTOOLS' python3
ovmf: Generate test Platform key and first Key Exchange Key
runqemu: Add support to handle EnrollDefaultKeys PK/KEK1 certificate
Ricardo Ribalda Delgado (2):
packagegroup-core-base-utils: Make it machine specific
inetutils: Fix abort on invalid files
Richard Purdie (50):
package: Improve determinism
sstate: Reduce race windows
bitbake: siggen: Import unihash code from OE-Core
bitbake: cache: Add SimpleCache class
bitbake: runqueue: Improve scenequeue processing logic
bitbake: siggen: Add new unitaskhashes data variable which is cached
bitbake: siggen: Convert to use self.unitaskhashes
bitbake: runqueue: Enable dynamic task adjustment to hash equivalency
bitbake: runqueue: Improve determinism
bitbake: cooker/hashserv: Allow autostarting of a local hash server using BB_HASHSERVE
bitbake: hashserv: Turn off sqlite synchronous mode
bitbake: prserv: Use a memory journal
bitbake: hashserv: Use separate threads for answering requests and handling them
bitbake: hashserv: Switch from threads to multiprocessing
bitbake: runqueue: Clean up BB_HASHCHECK_FUNCTION API
bitbake: siggen: Clean up task reference formats
bitbake: build/utils: Drop bb.build.FuncFailed
bitbake: tests/runqueue: Add hashserv+runqueue test
bitbake: bitbake: Bump version to 1.43.1 for API changes
sanity.conf: Require bitbake 1.43.1
classes/lib: Remove bb.build.FuncFailed
sstatesig: Move unihash siggen code to bitbake
sstatesig: Add debug for incorrect hash server settings
sstatesig: Adpat to recent bitbake hash equiv runqueue changes
sstatesig: Update to handle BB_HASHSERVE
sstate/sstatesig: Update to new form of BB_HASHCHECK_FUNCTION
sstatesig: Updates to match bitbake siggen changes
gstreamer: Add fix for glibc 2.30
sstatesig: Fix leftover splitting issue from siggen change
python3-pygobject: Add missing pkgutil RDEPENDS
bitbake: runqueue: Fix corruption issue
bitbake: runqueue: Improve setscene task handling logic
bitbake: tests/runqueue: Add further hash equivalence tests
bitbake: cooker: Improve hash server startup code to avoid exit tracebacks
bitbake: runqueue: Wait for covered tasks to complete before trying setscene
bitbake: runqueue: Fix next_buildable_task performance problem
bitbake: runqueue: Improve scenequeue debugging
bitbake: runqueue: Recompute holdoff tasks from scratch
bitbake: runqueue: Fix event timing race
bitbake: runqueue: Drop debug statement causing performance issues
bitbake: runqueue: Add further debug information
bitbake: runqueue: Add missing setscene task corner case
bitbake: runqueue: Ensure we clear the stamp cache
poky: Retire opensuse 42.3 from SANITY_TESTED_DISTROS
gcc-cross-canadian: Drop obsolete shlibs exclusion
bitbake: tests/runqueue: Fix tests
bitbake: runqueue: Fix data corruption problem
bitbake: runqueue: Ensure data is handled correctly
bitbake: hashserv: Ensure we don't accumulate sockets in TIME_WAIT state
bitbake: runqueue: Ensure target_tids is filtered
Robert Yang (3):
bitbake: cooker: Cleanup the queue before call process.join()
bitbake: knotty: Fix for the Second Keyboard Interrupt
bitbake: bitbake: server/process: Handle BBHandledException to avoid unexpected exceptions
Ross Burton (23):
libidn2: remove build paths from libidn2.pc
gnutls: don't use HOSTTOOLS_DIR/bash as a shell on target
libical: upgrade to 3.0.5
perl: fix whitespace
perl: add PACKAGECONFIG for db
fortran-helloworld: neaten recipe
python3: remove empty python3-distutils-staticdev
python3: support recommends in manifest
python3: split out the Windows distutils installer stubs
insane: check if the recipe incorrectly uses DEPENDS_${PN}
libxx86misc: remove this now redundant library
xserver-xorg: clean up xorgproto dependencies
xserver-xorg: add PACKAGECONFIG for DGA
xdpyinfo: don't depend on DGA
libxx86dga: remove obsolete client libary
xserver-xorg: remove embedded build path in the source
libx11: update to 1.6.8
sanity: update for new bb.build.exec_func() behaviour
libx11-diet: remove
qemu: fix patch Upstream-Status
xserver-xorg: refresh build path removal patch
waffle: upgrade 1.5.2 -> 1.6.0
libx11: replace libtool patch with upstreamed patch
Tim Blechmann (1):
deb: allow custom dpkg command
Trevor Gamblin (2):
gzip: update ptest package dependencies
patch: fix CVE-2019-13638
Wenlin Kang (1):
db: add switch for building database verification
Will Page (1):
uboot: fixes to uboot-extlinux-config attribute values
William Bourque (1):
meta/lib/oeqa: Remove ext4 for bootimg-biosplusefi
Yi Zhao (1):
libx11-compose-data: upgrade 1.6.7 -> 1.6.8
Yuan Chao (4):
glib-2.0:upgrade 2.60.5 -> 2.60.6
nettle:upgrade 3.4.1 -> 3.5.1
python3-pbr:upgrade 5.4.1 -> 5.4.2
gpgme:upgrade 1.13.0 -> 1.13.1
Zang Ruochen (8):
msmtp: upgrade 1.8.4 -> 1.8.5
curl: upgrade 7.65.2 -> 7.65.3
iso-codes: upgrade 4.2 -> 4.3
python-scons:upgrade 3.0.5 -> 3.1.0
libgudev:upgrade 232 -> 233
libglu:upgrade 9.0.0 -> 9.0.1
man-db:upgrade 2.8.5 -> 2.8.6.1
libnewt:upgrade 0.52.20 -> 0.52.21
Zheng Ruoqin (1):
python3-mako: 1.0.14 -> 1.1.0
Zoltan Kuscsik (1):
kmscube: update to latest revision
Change-Id: I2cd1a0d59da46725b1aba5a79b63eb6121b3c79e
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
Diffstat (limited to 'poky/meta/recipes-devtools/python')
16 files changed, 158 insertions, 63 deletions
diff --git a/poky/meta/recipes-devtools/python/python-nose_1.3.7.bb b/poky/meta/recipes-devtools/python/python-nose_1.3.7.bb deleted file mode 100644 index fab609df9..000000000 --- a/poky/meta/recipes-devtools/python/python-nose_1.3.7.bb +++ /dev/null @@ -1,6 +0,0 @@ -inherit setuptools -require python-nose.inc - -do_install_append() { - rm ${D}${bindir}/nosetests -} diff --git a/poky/meta/recipes-devtools/python/python-scons-native_3.0.5.bb b/poky/meta/recipes-devtools/python/python-scons-native_3.0.5.bb deleted file mode 100644 index 68b63c935..000000000 --- a/poky/meta/recipes-devtools/python/python-scons-native_3.0.5.bb +++ /dev/null @@ -1,8 +0,0 @@ -require python-scons_${PV}.bb -inherit native pythonnative -DEPENDS = "python-native" -RDEPENDS_${PN} = "" - -do_install_append() { - create_wrapper ${D}${bindir}/scons SCONS_LIB_DIR='${STAGING_DIR_HOST}/${PYTHON_SITEPACKAGES_DIR}' PYTHONNOUSERSITE='1' -} diff --git a/poky/meta/recipes-devtools/python/python-scons_3.0.5.bb b/poky/meta/recipes-devtools/python/python-scons_3.0.5.bb deleted file mode 100644 index 939c15bcc..000000000 --- a/poky/meta/recipes-devtools/python/python-scons_3.0.5.bb +++ /dev/null @@ -1,24 +0,0 @@ -SUMMARY = "Software Construction tool (make/autotools replacement)" -SECTION = "devel/python" -LICENSE = "MIT" -LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=37bb53a08e6beaea0c90e7821d731284" - -SRC_URI = "${SOURCEFORGE_MIRROR}/scons/scons-${PV}.tar.gz" -SRC_URI[md5sum] = "9f9c163e8bd48cf8cd92f03e85ca6395" -SRC_URI[sha256sum] = "df676f23dc6d4bfa384fc389d95dcd21ab907e6349d4c848958ba4befb73c73e" - -S = "${WORKDIR}/scons-${PV}" - -UPSTREAM_CHECK_URI = "http://scons.org/pages/download.html" -UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar" - -inherit setuptools - -RDEPENDS_${PN} = "\ - python-fcntl \ - python-io \ - python-json \ - python-subprocess \ - python-shell \ - python-pprint \ - " diff --git a/poky/meta/recipes-devtools/python/python.inc b/poky/meta/recipes-devtools/python/python.inc index 8d0e90862..70481002b 100644 --- a/poky/meta/recipes-devtools/python/python.inc +++ b/poky/meta/recipes-devtools/python/python.inc @@ -13,6 +13,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \ file://bpo-36216-cve-2019-9636.patch \ file://bpo-36216-cve-2019-9636-fix.patch \ file://CVE-2019-9740.patch \ + file://CVE-2018-20852.patch \ " SRC_URI[md5sum] = "30157d85a2c0479c09ea2cbe61f2aaf5" diff --git a/poky/meta/recipes-devtools/python/python/CVE-2018-20852.patch b/poky/meta/recipes-devtools/python/python/CVE-2018-20852.patch new file mode 100644 index 000000000..23c784a21 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python/CVE-2018-20852.patch @@ -0,0 +1,123 @@ +From 979daae300916adb399ab5b51410b6ebd0888f13 Mon Sep 17 00:00:00 2001 +From: Xtreak <tir.karthi@gmail.com> +Date: Sat, 15 Jun 2019 20:59:43 +0530 +Subject: [PATCH] [2.7] bpo-35121: prefix dot in domain for proper subdomain + validation (GH-10258) (GH-13426) + +This is a manual backport of ca7fe5063593958e5efdf90f068582837f07bd14 since 2.7 has `http.cookiejar` in `cookielib` + + +https://bugs.python.org/issue35121 +CVE: CVE-2018-20852 +Upstream-Status: Backport [https://github.com/python/cpython/pull/13426] +Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> +--- + Lib/cookielib.py | 13 ++++++-- + Lib/test/test_cookielib.py | 30 +++++++++++++++++++ + .../2019-05-20-00-35-12.bpo-35121.RRi-HU.rst | 4 +++ + 3 files changed, 45 insertions(+), 2 deletions(-) + create mode 100644 Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst + +diff --git a/Lib/cookielib.py b/Lib/cookielib.py +index 2dd7c48728e0..0b471a42f296 100644 +--- a/Lib/cookielib.py ++++ b/Lib/cookielib.py +@@ -1139,6 +1139,11 @@ def return_ok_domain(self, cookie, request): + req_host, erhn = eff_request_host(request) + domain = cookie.domain + ++ if domain and not domain.startswith("."): ++ dotdomain = "." + domain ++ else: ++ dotdomain = domain ++ + # strict check of non-domain cookies: Mozilla does this, MSIE5 doesn't + if (cookie.version == 0 and + (self.strict_ns_domain & self.DomainStrictNonDomain) and +@@ -1151,7 +1156,7 @@ def return_ok_domain(self, cookie, request): + _debug(" effective request-host name %s does not domain-match " + "RFC 2965 cookie domain %s", erhn, domain) + return False +- if cookie.version == 0 and not ("."+erhn).endswith(domain): ++ if cookie.version == 0 and not ("."+erhn).endswith(dotdomain): + _debug(" request-host %s does not match Netscape cookie domain " + "%s", req_host, domain) + return False +@@ -1165,7 +1170,11 @@ def domain_return_ok(self, domain, request): + req_host = "."+req_host + if not erhn.startswith("."): + erhn = "."+erhn +- if not (req_host.endswith(domain) or erhn.endswith(domain)): ++ if domain and not domain.startswith("."): ++ dotdomain = "." + domain ++ else: ++ dotdomain = domain ++ if not (req_host.endswith(dotdomain) or erhn.endswith(dotdomain)): + #_debug(" request domain %s does not match cookie domain %s", + # req_host, domain) + return False +diff --git a/Lib/test/test_cookielib.py b/Lib/test/test_cookielib.py +index f2dd9727d137..7f7ff614d61d 100644 +--- a/Lib/test/test_cookielib.py ++++ b/Lib/test/test_cookielib.py +@@ -368,6 +368,7 @@ def test_domain_return_ok(self): + ("http://foo.bar.com/", ".foo.bar.com", True), + ("http://foo.bar.com/", "foo.bar.com", True), + ("http://foo.bar.com/", ".bar.com", True), ++ ("http://foo.bar.com/", "bar.com", True), + ("http://foo.bar.com/", "com", True), + ("http://foo.com/", "rhubarb.foo.com", False), + ("http://foo.com/", ".foo.com", True), +@@ -378,6 +379,8 @@ def test_domain_return_ok(self): + ("http://foo/", "foo", True), + ("http://foo/", "foo.local", True), + ("http://foo/", ".local", True), ++ ("http://barfoo.com", ".foo.com", False), ++ ("http://barfoo.com", "foo.com", False), + ]: + request = urllib2.Request(url) + r = pol.domain_return_ok(domain, request) +@@ -938,6 +941,33 @@ def test_domain_block(self): + c.add_cookie_header(req) + self.assertFalse(req.has_header("Cookie")) + ++ c.clear() ++ ++ pol.set_blocked_domains([]) ++ req = Request("http://acme.com/") ++ res = FakeResponse(headers, "http://acme.com/") ++ cookies = c.make_cookies(res, req) ++ c.extract_cookies(res, req) ++ self.assertEqual(len(c), 1) ++ ++ req = Request("http://acme.com/") ++ c.add_cookie_header(req) ++ self.assertTrue(req.has_header("Cookie")) ++ ++ req = Request("http://badacme.com/") ++ c.add_cookie_header(req) ++ self.assertFalse(pol.return_ok(cookies[0], req)) ++ self.assertFalse(req.has_header("Cookie")) ++ ++ p = pol.set_blocked_domains(["acme.com"]) ++ req = Request("http://acme.com/") ++ c.add_cookie_header(req) ++ self.assertFalse(req.has_header("Cookie")) ++ ++ req = Request("http://badacme.com/") ++ c.add_cookie_header(req) ++ self.assertFalse(req.has_header("Cookie")) ++ + def test_secure(self): + from cookielib import CookieJar, DefaultCookiePolicy + +diff --git a/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst b/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst +new file mode 100644 +index 000000000000..77251806163b +--- /dev/null ++++ b/Misc/NEWS.d/next/Security/2019-05-20-00-35-12.bpo-35121.RRi-HU.rst +@@ -0,0 +1,4 @@ ++Don't send cookies of domain A without Domain attribute to domain B when ++domain A is a suffix match of domain B while using a cookiejar with ++:class:`cookielib.DefaultCookiePolicy` policy. Patch by Karthikeyan ++Singaravelan. diff --git a/poky/meta/recipes-devtools/python/python/CVE-2019-9740.patch b/poky/meta/recipes-devtools/python/python/CVE-2019-9740.patch index 066ac6829..95f43e038 100644 --- a/poky/meta/recipes-devtools/python/python/CVE-2019-9740.patch +++ b/poky/meta/recipes-devtools/python/python/CVE-2019-9740.patch @@ -31,6 +31,7 @@ Notes on backport to Python 2.7: Upstream-Status: Backport CVE: CVE-2019-9740 +CVE: CVE-2019-9947 Signed-off-by: Anuj Mittal <anuj.mittal@intel.com> --- Lib/httplib.py | 16 ++++++ diff --git a/poky/meta/recipes-devtools/python/python3-dbus_1.2.8.bb b/poky/meta/recipes-devtools/python/python3-dbus_1.2.8.bb index 923da3c00..2fb1eae96 100644 --- a/poky/meta/recipes-devtools/python/python3-dbus_1.2.8.bb +++ b/poky/meta/recipes-devtools/python/python3-dbus_1.2.8.bb @@ -22,3 +22,5 @@ EXTRA_OECONF += "--disable-documentation" RDEPENDS_${PN} = "python3-io python3-logging python3-stringold python3-threading python3-xml" FILES_${PN}-dev += "${libdir}/pkgconfig" + +BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python3-git_2.1.11.bb b/poky/meta/recipes-devtools/python/python3-git_2.1.11.bb deleted file mode 100644 index ac320fa56..000000000 --- a/poky/meta/recipes-devtools/python/python3-git_2.1.11.bb +++ /dev/null @@ -1,2 +0,0 @@ -require python-git.inc -inherit setuptools3 diff --git a/poky/meta/recipes-devtools/python/python-git.inc b/poky/meta/recipes-devtools/python/python3-git_3.0.0.bb index f973e9f42..b6c837cdf 100644 --- a/poky/meta/recipes-devtools/python/python-git.inc +++ b/poky/meta/recipes-devtools/python/python3-git_3.0.0.bb @@ -10,12 +10,12 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=8b8d26c37c1d5a04f9b0186edbebc183" PYPI_PACKAGE = "GitPython" -inherit pypi +inherit pypi setuptools3 -SRC_URI[md5sum] = "cee43a39a1468084d49d1c49fb675204" -SRC_URI[sha256sum] = "8237dc5bfd6f1366abeee5624111b9d6879393d84745a507de0fda86043b65a8" +SRC_URI[md5sum] = "9412ae9665fd29328f2afc6df887ae81" +SRC_URI[sha256sum] = "629867ebf609cef21bb9d849039e281e25963fb7d714a2f6bacc1ecce4800293" -DEPENDS = "${PYTHON_PN}-gitdb" +DEPENDS += " ${PYTHON_PN}-gitdb" RDEPENDS_${PN} += " \ ${PYTHON_PN}-datetime \ @@ -29,4 +29,5 @@ RDEPENDS_${PN} += " \ ${PYTHON_PN}-unixadmin \ git \ " + BBCLASSEXTEND = "native nativesdk" diff --git a/poky/meta/recipes-devtools/python/python3-mako_1.0.14.bb b/poky/meta/recipes-devtools/python/python3-mako_1.1.0.bb index d2f5188cc..b139e5ab0 100644 --- a/poky/meta/recipes-devtools/python/python3-mako_1.0.14.bb +++ b/poky/meta/recipes-devtools/python/python3-mako_1.1.0.bb @@ -8,8 +8,8 @@ PYPI_PACKAGE = "Mako" inherit pypi setuptools3 -SRC_URI[md5sum] = "e162578170331f0cc6a4adb063c7c0f6" -SRC_URI[sha256sum] = "f5a642d8c5699269ab62a68b296ff990767eb120f51e2e8f3d6afb16bdb57f4b" +SRC_URI[md5sum] = "6c3f2da0b74af529a4c4a537d0848bf2" +SRC_URI[sha256sum] = "a36919599a9b7dc5d86a7a8988f23a9a3a3d083070023bab23d64f7f1d1e0a4b" RDEPENDS_${PN} = "${PYTHON_PN}-html \ ${PYTHON_PN}-netclient \ diff --git a/poky/meta/recipes-devtools/python/python3-pbr_5.4.1.bb b/poky/meta/recipes-devtools/python/python3-pbr_5.4.1.bb deleted file mode 100644 index 338ac8b70..000000000 --- a/poky/meta/recipes-devtools/python/python3-pbr_5.4.1.bb +++ /dev/null @@ -1,5 +0,0 @@ -inherit setuptools3 -require python-pbr.inc - -SRC_URI[md5sum] = "ab6e26026ab306989a636ec2d50a435a" -SRC_URI[sha256sum] = "0ca44dc9fd3b04a22297c2a91082d8df2894862e8f4c86a49dac69eae9e85ca0" diff --git a/poky/meta/recipes-devtools/python/python3-pbr_5.4.2.bb b/poky/meta/recipes-devtools/python/python3-pbr_5.4.2.bb new file mode 100644 index 000000000..d59e744e6 --- /dev/null +++ b/poky/meta/recipes-devtools/python/python3-pbr_5.4.2.bb @@ -0,0 +1,5 @@ +inherit setuptools3 +require python-pbr.inc + +SRC_URI[md5sum] = "ea90e1118a0132da752d45e68d10b2b8" +SRC_URI[sha256sum] = "9b321c204a88d8ab5082699469f52cc94c5da45c51f114113d01b3d993c24cdf" diff --git a/poky/meta/recipes-devtools/python/python3-pip_19.1.1.bb b/poky/meta/recipes-devtools/python/python3-pip_19.2.1.bb index baf32f472..ebf1f25c1 100644 --- a/poky/meta/recipes-devtools/python/python3-pip_19.1.1.bb +++ b/poky/meta/recipes-devtools/python/python3-pip_19.2.1.bb @@ -6,8 +6,8 @@ LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=8ba06d529c955048e5ddd7c45459eb2e" DEPENDS += "python3 python3-setuptools-native" -SRC_URI[md5sum] = "4fb98a060f21c731d6743b90a714fc73" -SRC_URI[sha256sum] = "44d3d7d3d30a1eb65c7e5ff1173cdf8f7467850605ac7cc3707b6064bddd0958" +SRC_URI[md5sum] = "e9ac3e030e88b6c076a20ab371a30742" +SRC_URI[sha256sum] = "258d702483dd749400aec59c23d638a5b2249ae28a0f478b6cab12ad45681a80" inherit pypi distutils3 diff --git a/poky/meta/recipes-devtools/python/python3-pygobject_3.32.2.bb b/poky/meta/recipes-devtools/python/python3-pygobject_3.32.2.bb index 05688be60..476957e88 100644 --- a/poky/meta/recipes-devtools/python/python3-pygobject_3.32.2.bb +++ b/poky/meta/recipes-devtools/python/python3-pygobject_3.32.2.bb @@ -23,11 +23,11 @@ S = "${WORKDIR}/${SRCNAME}-${PV}" PACKAGECONFIG ??= "${@bb.utils.contains_any('DISTRO_FEATURES', [ 'directfb', 'wayland', 'x11' ], 'cairo', '', d)}" +RDEPENDS_${PN} += "python3-pkgutil" + # python3-pycairo is checked on configuration -> DEPENDS # we don't link against python3-pycairo -> RDEPENDS PACKAGECONFIG[cairo] = "-Dpycairo=true,-Dpycairo=false, cairo python3-pycairo, python3-pycairo" -RDEPENDS_${PN} += "python3-setuptools" - BBCLASSEXTEND = "native" PACKAGECONFIG_class-native = "" diff --git a/poky/meta/recipes-devtools/python/python3/python3-manifest.json b/poky/meta/recipes-devtools/python/python3/python3-manifest.json index 0803ac003..ec28c2dbb 100644 --- a/poky/meta/recipes-devtools/python/python3/python3-manifest.json +++ b/poky/meta/recipes-devtools/python/python3/python3-manifest.json @@ -512,17 +512,15 @@ "${libdir}/python${PYTHON_MAJMIN}/__pycache__/difflib.*.pyc" ] }, - "distutils-staticdev": { - "cached": [ - "${libdir}/python${PYTHON_MAJMIN}/config/__pycache__/lib*.a" - ], + "distutils-windows": { + "cached": [], "files": [ - "${libdir}/python${PYTHON_MAJMIN}/config/lib*.a" + "${libdir}/python${PYTHON_MAJMIN}/distutils/command/wininst-*.exe" ], "rdepends": [ "distutils" ], - "summary": "Python distribution utilities (static libraries)" + "summary": "Python distribution utilities (Windows installer stubs)" }, "distutils": { "summary": "Python Distribution Utilities", @@ -801,6 +799,9 @@ "xml", "xmlrpc" ], + "rrecommends": [ + "distutils-windows" + ], "summary": "All Python modules" }, "multiprocessing": { diff --git a/poky/meta/recipes-devtools/python/python3_3.7.4.bb b/poky/meta/recipes-devtools/python/python3_3.7.4.bb index a63abfd6c..59d702498 100644 --- a/poky/meta/recipes-devtools/python/python3_3.7.4.bb +++ b/poky/meta/recipes-devtools/python/python3_3.7.4.bb @@ -229,7 +229,7 @@ python(){ newpackages=[] for key in python_manifest: - pypackage= pn + '-' + key + pypackage = pn + '-' + key if pypackage not in packages: # We need to prepend, otherwise python-misc gets everything @@ -249,8 +249,14 @@ python(){ for value in python_manifest[key]['rdepends']: # Make it work with or without $PN if '${PN}' in value: - value=value.split('-')[1] + value=value.split('-', 1)[1] d.appendVar('RDEPENDS_' + pypackage, ' ' + pn + '-' + value) + + for value in python_manifest[key].get('rrecommends', ()): + if '${PN}' in value: + value=value.split('-', 1)[1] + d.appendVar('RRECOMMENDS_' + pypackage, ' ' + pn + '-' + value) + d.setVar('SUMMARY_' + pypackage, python_manifest[key]['summary']) # Prepending so to avoid python-misc getting everything |