On Mon, 21 Jun 2021 at 22:51, Richard Purdie <
richard.pur...@linuxfoundation.org> wrote:
> I think we're all fine with disabling these tests. The issue is that
> IMAGE_FEATURES isn't available in a recipe. As such we may as well
> unconditionally disable them as that is effectively what the
On Mon, 2021-06-21 at 10:30 -0700, Tim Orling wrote:
>
>
> On Mon, Jun 21, 2021 at 5:00 AM Alexander Kanavin
> wrote:
> > Wait. How does this work, if IMAGE_FEATURES are set from image recipes, and
> > not globally?
> >
> > I'm afraid this may have to be reverted, as it just made it to
On Mon, Jun 21, 2021 at 1:16 PM Alexander Kanavin
wrote:
> On Mon, 21 Jun 2021 at 19:30, Tim Orling wrote:
>
>>
>>
>> On Mon, Jun 21, 2021 at 5:00 AM Alexander Kanavin
>> wrote:
>>
>>> Wait. How does this work, if IMAGE_FEATURES are set from image recipes,
>>> and not globally?
>>>
>>> I'm
On Mon, 21 Jun 2021 at 19:30, Tim Orling wrote:
>
>
> On Mon, Jun 21, 2021 at 5:00 AM Alexander Kanavin
> wrote:
>
>> Wait. How does this work, if IMAGE_FEATURES are set from image recipes,
>> and not globally?
>>
>> I'm afraid this may have to be reverted, as it just made it to master.
>>
>>
>
coreutils is using gnulib as a submodule. In the tarball used by the recipe the
gnulib source is included. The patch comes from
gnulib
https://github.com/coreutils/gnulib/commit/47bf2cf3184027c1eb9c1dfeea5c5b8b2d69710d
In the next release of coreutils this fix will be included.
It caused ‘find’
All,
The triage team is starting to try and collect up and classify bugs which a
newcomer to the project would be able to work on in a way which means people
can find them. They're being listed on the triage page under the appropriate
heading:
As the generated local.conf includes BBMULTICONFIG, the referenced files
in conf/multiconfig also need to be copied. Otherwise with
BBMULTICONFIG="abc" for instance, building the esdk fails with:
ERROR: ParseError at
On Mon, Jun 21, 2021 at 5:00 AM Alexander Kanavin
wrote:
> Wait. How does this work, if IMAGE_FEATURES are set from image recipes,
> and not globally?
>
> I'm afraid this may have to be reverted, as it just made it to master.
>
>
These tests have only been passing (since.python3 3.9.0 upgrade)
On Mon, Jun 21, 2021 at 9:07 AM Steve Sakoman wrote:
> Thanks for the patch!
>
> I'm going to wait a bit on merging this because we are evaluating
> doing a series of bug fix version bumps for python. If successful
> this CVE would be among those fixed by the version bumps.
>
>
Making ptest images based on core-image-minimal uncovered quite a
few missing depenendcies from various recipes, here they are.
(From OE-Core rev: 2cda6242f2f0f6f9c6bdef72bbb271eab7e5e1f5)
Signed-off-by: Alexander Kanavin
Signed-off-by: Richard Purdie
Backport to Python 3.8.10 (only python3
Release Date: May 3, 2021
This is the tenth and final regular maintenance release of Python 3.8
Note: The release you're looking at is Python 3.8.10, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
FIXME:
AssertionError: Failed
Release Date: April 2, 2021
Note: The release you're looking at is Python 3.8.9, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
* Refresh test_local.py patch for upstream changes
* Add DEPENDS on autoconf-archive:
- bpo-43617:
Conditionally skip test_ctypes.test_find unless
IMAGE_FEATURES contains 'tools-sdk' as these test
cases require full packagegroup-core-buildessential
Fixes:
AssertionError: Failed ptests:
{'python3': ['test_find_library_with_gcc', 'test_find_library_with_ld']}
Signed-off-by: Tim Orling
---
Release Date: Feb. 19, 2021
Note: The release you're looking at is Python 3.8.8, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
Notable changes in Python 3.8.8
Earlier Python versions allowed using both ; and & as query parameter
Release Date: Dec. 21, 2020
Note: The release you're looking at is Python 3.8.7, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
* Drop patch for CVE-2020-27619 fixed in 3.8.7
References:
Release Date: July 13, 2020
Note: The release you're looking at is Python 3.8.4, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
* Drop patch for CVE-2020-14422 fixed in 3.8.4
* Refresh CVE-2021-23336 patch
References:
Release Date: Sept. 24, 2020
Note: The release you're looking at is Python 3.8.6, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
References:
https://www.python.org/downloads/release/python-386/
Release Date: May 13, 2020
Note: The release you're looking at is Python 3.8.3, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
Notable changes in Python 3.8.3:
The constant values of future flags in the __future__ module are updated
Release Date: July 20, 2020
Note: The release you're looking at is Python 3.8.5, a bugfix release for the
legacy 3.8 series. Python 3.9 is now the latest feature release series of
Python 3.
Drop patches fixed in 3.8.5:
- CVE-2019-20907
- CVE-2019-26116
References:
Every dot release in the 3.8.y series is by definition a bugfix release.
We have been individually patching individual CVEs, when they could
instead have been handled by bumping the dot release.
The only CVE currently known to not be patched by this series is
CVE-2021-29921 which does not yet
Thanks for the patch!
I'm going to wait a bit on merging this because we are evaluating
doing a series of bug fix version bumps for python. If successful
this CVE would be among those fixed by the version bumps.
Steve
On Mon, Jun 21, 2021 at 4:49 AM Minjae Kim wrote:
>
> Remove the pydoc
On Mon, Jun 21, 2021 at 5:38 AM Jasper Orschulko via
lists.openembedded.org
wrote:
>
> Hi Steve,
>
> sorry about that. Accidental checkout of dunfell-next. I sent a new patch.
No worries! V2 applied without issue.
Thanks,
Steve
>
> Best regards,
> Jasper
>
> On 21 June 2021 17:26:14 CEST,
Hi Steve,
sorry about that. Accidental checkout of dunfell-next. I sent a new patch.
Best regards,
Jasper
On 21 June 2021 17:26:14 CEST, Steve Sakoman wrote:
>Sadly this patch won't apply.
>
>Could you rebase it on the current head of dunfell? It seems you
>generated this patch with an older
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to
submit a crafted file to be processed by an application linked with libxml2
could trigger a use-after-free. The greatest impact from this flaw is to
confidentiality, integrity, and availability.
Upstream-Status:
Sadly this patch won't apply.
Could you rebase it on the current head of dunfell? It seems you
generated this patch with an older version of dunfell that is missing
"libxml: fix CVE-2021-3517 CVE-2021-3537":
Remove the pydoc getfile feature
CVE-2021-3426: Remove the "getfile" feature of the pydoc module which
could be abused to read arbitrary files on the disk (directory
traversal vulnerability). Moreover, even source code of Python
modules can contain sensitive data like passwords. Vulnerability
There's a flaw in libxml2 in versions before 2.9.11. An attacker who is able to
submit a crafted file to be processed by an application linked with libxml2
could trigger a use-after-free. The greatest impact from this flaw is to
confidentiality, integrity, and availability.
Upstream-Status:
Wait. How does this work, if IMAGE_FEATURES are set from image recipes, and
not globally?
I'm afraid this may have to be reverted, as it just made it to master.
Alex
On Sat, 19 Jun 2021 at 02:00, Tim Orling wrote:
> Conditionally skip test_ctypes.test_find unless
> IMAGE_FEATURES contains
From: Ming Liu
A "install -d" command is missing when dealing with
${UBOOT_NODTB_BINARY} in install_spl_helper function, this can lead
to invalid install error saying:
| install: cannot create .../usr/share/u-boot-nodtb-2021.04-r0.bin': No such
file or directory
Let's drop all "install -d"
From: Ming Liu
A following error was observed:
| Can't write signature for 'signature@1' signature node in
'c...@imx6ull-colibri-wifi-eval-v3.dtb' conf node:
| uboot-mkimage Can't add hashes to FIT blob: -1
This is caused by a wrong return value being used in uboot source.
The return value
On Fri, 2021-06-18 at 10:30 +0800, Yu, Mingli wrote:
> From: Mingli Yu
>
> After the commit(60dcb230f6 perl: split perl-cross into its own recipe)
> introduced, the source files mainly come from two parts, one is from
> SRI_URI during do_fetch and the other with below means during do_configure.
Hi Alex,
On 6/21/21 4:26 PM, Alexandre Belloni wrote:
[Please note: This e-mail is from an EXTERNAL e-mail address]
Hello,
On 18/06/2021 10:30:36+0800, Yu, Mingli wrote:
From: Mingli Yu
After the commit(60dcb230f6 perl: split perl-cross into its own recipe)
introduced, the source files
Hello,
On 18/06/2021 10:30:36+0800, Yu, Mingli wrote:
> From: Mingli Yu
>
> After the commit(60dcb230f6 perl: split perl-cross into its own recipe)
> introduced, the source files mainly come from two parts, one is from
> SRI_URI during do_fetch and the other with below means during
33 matches
Mail list logo