This issue describes expected behaviour, do not use tarfile with
untrusted data.
(From OE-Core rev: f4c22e83f2e68ff157da5ea1303acc2931d63f5f)
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This CVE is issue on _Py_CheckPython3 uses uninitialized dllpath when embedder sets module path with Py_SetPath.
Since it is .dll issue (on windows only), hence whitelist it.
https://bugs.python.org/issue29778
(From OE-Core rev: 4ceb08bfe6c6dca486040f39d58b285c37d3bc91)
Signed-off-by: Lee Chee Yang <chee.yang.lee@intel.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
python3 configure compiles on object file and then greps for strings in
it for endianness for target ,when using LTO the .o files are not nomal
ELF onjects so this test fails, since we are using --enable-lto to
enable this here we dont need to inject extra paths via bitbake anyway
therefore reset LTO variable for target
(From OE-Core rev: 2ccaa99871af8cb5b41e12a619e1bfbea4ca6f33)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Drop 0001-Do-not-hardcode-lib-as-location-for-site-packages-an.patch,
0001-configure.ac-fix-LIBPL.patch and 0001-python3-Do-not-hardcode-lib-for-distutils.patch
as they are all replaced by the new --platlibdir option to ./configure
Rename 0001-Lib-sysconfig.py-fix-another-place-where-lib-is-hard.patch to
0001-Lib-sysconfig.py-use-libdir-values-from-configuratio.patch
and describe the changes better.
License-Update: documentation now dual license under PSF & BSD
(not relevant for the recipe.
(From OE-Core rev: 7347556b18b45c5f9afc2cade565a75c95876914)
Signed-off-by: Alexander Kanavin <alex.kanavin@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
