5 Commits

Author	SHA1	Message	Date
Soumya Sambu	9541ad9650	python3: Fix CVE-2024-7592 ... There is a LOW severity vulnerability affecting CPython, specifically the 'http.cookies' standard library module. When parsing cookies that contained backslashes for quoted characters in the cookie value, the parser would use an algorithm with quadratic complexity, resulting in excess CPU resources being used while parsing the value. References: https://nvd.nist.gov/vuln/detail/CVE-2024-7592 Upstream-Patch: dcc3eaef98 (From OE-Core rev: 3bb9684eef5227e7b1280ee9051884310b0d0b7f) Signed-off-by: Soumya Sambu <soumya.sambu@windriver.com> Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-09-09 06:08:10 -07:00
Trevor Gamblin	754724ec73	python3: skip test_multiprocessing/test_active_children test ... This test is causing problems on the Autobuilder, so disable it for now. (From OE-Core rev: 9eafd0c56b279a7c3025b0dcd00745baead15bb6) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit ac000b00ec615b3e51dda8d819015d5e7110ed88) Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-08-01 06:08:09 -07:00
Trevor Gamblin	a28f4c97b3	python3: skip test_concurrent_futures/test_deadlock ... These tests are causing hangs on the Autobuilder, so disable them for now. (From OE-Core rev: 141c348ce83552beae88e115d9c4db5802c6e0f4) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 291f37808f1a2b2fdc8190696867f974994457c0) Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-08-01 06:08:09 -07:00
Khem Raj	8a203e0f2a	python3: Treat UID/GID overflow as failure ... This fixes ptest failures on 32bit architectures AssertionError: Failed ptests: {'python3': ['test_extractall_none_gid', 'test_extractall_none_gname', 'test_extractall_none_mode', 'test_extractall_none_mtime', 'test_extractall_none_uid', 'test_extractall_none_uname', 'setUpClass', 'python3']} (From OE-Core rev: 371124fa4bf1a255a4fc646b028398db8c9f3681) Signed-off-by: Khem Raj <raj.khem@gmail.com> Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 43104b547cb79693c83df0882773ae8dd74b1d35) Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-08-01 06:08:09 -07:00
Trevor Gamblin	5da7e1b38a	python3: upgrade 3.12.3 -> 3.12.4 ... This release contains numerous security updates and fixes to regressions. Changelog: https://docs.python.org/release/3.12.4/whatsnew/changelog.html#python-3-12-4-final Results of ptests in core-image-ptest-python3 (qemux86-64): == Tests result: SUCCESS == 26 tests skipped: test.test_asyncio.test_windows_events test.test_asyncio.test_windows_utils test.test_gdb.test_backtrace test.test_gdb.test_cfunction test.test_gdb.test_cfunction_full test.test_gdb.test_misc test.test_gdb.test_pretty_print test_asdl_parser test_clinic test_devpoll test_idle test_ioctl test_kqueue test_launcher test_msilib test_startfile test_tcl test_tix test_tkinter test_ttk test_ttk_textonly test_turtle test_winapi test_winconsoleio test_winreg test_wmi 9 tests skipped (resource denied): test_curses test_ossaudiodev test_smtpnet test_socketserver test_urllib2net test_urllibnet test_winsound test_xmlrpc_net test_zipfile64 454 tests OK. Total duration: 2 min 45 sec Total tests: run=41,470 skipped=1,548 Total test files: run=480/489 skipped=26 resource_denied=9 Result: SUCCESS DURATION: 165 END: /usr/lib/python3/ptest 2024-06-10T17:03 STOP: ptest-runner TOTAL: 1 FAIL: 0 (From OE-Core rev: 621b0298e1829a86002ebb57d99850907e775b43) Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com> Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org> (cherry picked from commit 012aeee398af4d4cce4012f71007cfb31266dd6c) Signed-off-by: Steve Sakoman <steve@sakoman.com>	2024-07-03 06:28:34 -07:00