Changelog:
https://metadata.ftp-master.debian.org/changelogs/main/a/apt/apt_3.0.3_changelog
Dropped patches which are included in this release, or became obsolete:
0001-Fix-compilation-error-with-clang-libc-18.patch - included in this release
0001-Fix-musl-build.patch - included in this release
0001-Raise-cmake_minimum_required-to-3.13-to-avoid-warnin.patch - included in this release
0001-Remove-using-std-binary_function.patch - became obsolete, fixed upstream
0001-aptwebserver.cc-Include-array.patch - became obsolete, fixed upstream
0001-strutl-Add-missing-include-cstdint-gcc-15.patch - included in this release
Added a new patch to avoid compilation error with musl:
error: 'basename' was not declared in this scope; did you mean 'rename'?
Adapted DEPENDS list - gnutls and gcrypt dependencies were dropped in favor of openssl
in version 2.9.19.
Added a new PACKAGECONFIG, 'usrmerge', which displays a gentle warning if the system
isn't a usrmerge system during package installation.
Added new COMMON_ARCH CMake argument - if it is not defined, CMake is trying to
determine the value of this variable by running dpkg, which is usually a futile
endeavour. It is used in config creation, and to print some system info.
Also adapt a self test: the apt-key command has been deprecated since a while,
and in this release it was completely removed. Instead sources.list file
contains the signature data, on a per-repository basis.
(From OE-Core rev: 1413a6144679a8347a3487f1950612ee20ff382c)
Signed-off-by: Gyorgy Sarvari <skandigraun@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
- Add site-packages path to pdm info and print interpreter URL in
pdm python install -v.
- Support explicit free-threaded Python selection via version suffix t.
- Multiple lockfile/pylock improvements and hash handling fixes.
- Windows path resolution fixes for uv; CLI help formatting preserved.
- Dependencies: require packaging>22.0; bump truststore to 0.10.4.
- Misc: fix AI coding fast apply error
(From OE-Core rev: 5d693522c3aedef8fcbe8ba7ca3b112262427a51)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Bugs fixed
LP#2116333: lxml.sax._getNsTag() could fail with an exception on malformed input.
GH#467: Some test adaptations were made for libxml2 2.15. Patch by Nick Wellnhofer.
LP2119510, GH#473: A Python compatibility test was fixed for Python 3.14+. Patch by Lumír Balhar.
GH#471: Wheels for “riscv64” on recent Python versions were added. Patch by ffgan.
GH#469: The wheel build no longer requires the wheel package unconditionally. Patch by Miro Hrončok.
Binary wheels use the library version libxml2 2.14.5.
Windows binary wheels continue to use a security patched library version libxml2 2.11.9.
(From OE-Core rev: 4194aa5de0523070f98a82b5019ba8f94107a14f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
With the previous patch "ptest-cargo: move run-ptest rc variable
initialisation", rc is initialised by the ptest-cargo class.
Remove the (now) redundant initialisation and the related comment.
(From OE-Core rev: 004df6e50d37a68e37d800d9470d8716abaa6d44)
Signed-off-by: Yoann Congal <yoann.congal@smile.fr>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Rust stable version upgraded to 1.89.0
https://blog.rust-lang.org/2025/08/07/Rust-1.89.0/
* Drop merged patches with rust v1.89.0.
- 0001-Disable-libunwind-cross-architecture-unwinding.patch
- triagebot.patch
* Update and rebase existing patches with rust v1.89.0.
- revert-link-std-statically-in-rustc_driver-feature.patch
- rust-oe-selftest.patch
- 0001-src-core-build_steps-tool.rs-switch-off-lto-for-rust.patch
- 0001-riscv32-Define-plain-syscalls-as-their-time64-varian.patch
(To fix build failures for riscv with musl, this patch adds
aliases for plain syscalls to their time64 variants in libc-0.2.174,
These changes are in addition to similar fixes already applied
to libc-0.2.172)
- 0001-Define-more-ioctl-codes-on-riscv32gc-unknown-linux-g.patch
(Changes for libc-0.2.170 are no longer needed, as that version
is not present in rust v1.89.0 vendor sources)
* OE-selftests:
- Doc-tests fail in 55 crates,test-float-parse tests also fail.
These tests are excluded to ensure the overall test suite passes.
Test Results Summary:
+-----------+--------+---------+
| Machine | Passed | Ignored |
+-----------+--------+---------+
| arm-32 | 29,239 | 1,468 |
| arm-64 | 29,329 | 1,412 |
| x86-32 | 29,231 | 1,449 |
| x86-64 | 29,484 | 1,225 |
| riscv-64 | 29,304 | 1,436 |
+-----------+--------+---------+
(From OE-Core rev: fca454a188592c9fa854e93ff1a9c3e70a681e23)
Signed-off-by: Jayasurya Maganuru <Maganuru.Jayasurya@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Currently CVE_PRODUCT is set to llvm:llvm from common.inc.
There is historical entry for openmp in the DB.
This entry is ignored, but it shows that there can also be future ones.
(From OE-Core rev: ba94d5f1756647ce9d4ddd664bdf6fc975f952cd)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The don't show up in CVE metrics anymore since they were either fixed
upstream or recipe version was upgraded meanwhile.
* bind CVE-2019-6470: cpe got corrected in nvd db
* libxml2 CVE-2023-45322: version is now higher than NVD cpe
* zlib CVE-2023-45853: version is now higher than NVD cpe
* gcc CVE-2021-37322: version is now higher than NVD cpe
* python3
* CVE-2007-4559: version is now higher than NVD cpe
* CVE-2019-18348: version is now higher than NVD cpe
* CVE-2020-15523: version is now higher than NVD cpe
* CVE-2022-26488: version is now higher than NVD cpe
* CVE-2015-20107: version is now higher than NVD cpe
* CVE-2023-36632: version is now higher than NVD cpe
* rust
* CVE-2024-24576: NVD has no cpe, but we have newer version as fix
* CVE-2024-43402: version is now higher than NVD cpe
* cups CVE-2021-25317: version is now higher than NVD cpe
* ghostscript CVE-2023-38559: version is now higher than NVD cpe
* libtirpc CVE-2021-46828: version is now higher than NVD cpe
* unzip CVE-2008-0888: version is now higher than NVD cpe
* ffmpeg CVE-2023-39018: cpe got corrected in nvd db
* libxslt CVE-2022-29824: version is now higher than NVD cpe
* libyaml
* CVE-2024-35325: CVE is now rejected in NVD DB
* CVE-2024-35326: CVE is now rejected in NVD DB
* CVE-2024-35328: CVE is now rejected in NVD DB
Also add comment for iputils regarding reports for FKIE/NVD2.
Also remove some trailing spaces in python recipe.
(From OE-Core rev: 73ee9789183aa95072af2b51ac9e08203f4e33f9)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
- Drop support for Python 3.8
- Officially support Python 3.13
- Avoid a deprecation warning emitted by a dependency when using the tag-pattern option
(From OE-Core rev: bbc00f129553e3c9ccaca0a62afdbc22eb573590)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
- Some method calls with 0 or 1 argument failed to use ``PyObject_VectorCallMethod()``.
- Walrus assignments of literal Python integers could generate invalid C code.
(Github issue :issue:`6989`)
- ``cython.pythread_type_lock`` (also used as fallback for ``cython.pymutex``)
could stall on heavily contended locks.
(Github issue :issue:`6999`)
- C string arrays (not pointers) always coerced to the Python default string type,
even on explicit casts to other string types.
(Github issue :issue:`7020`)
- Unterminated ``\N{}`` character escapes in strings could unrail the parser.
(Github issue :issue:`7056`)
- An internal C function was not marked as ``static`` and leaked a linker symbol.
(Github issue :issue:`6957`)
- Some Unicode letters were not recognised as lexically valid name parts.
(Github issue :issue:`7059`)
- Compatibility with PyPy3.8 was lost by accident.
- The Linux binary wheels of 3.1.2 used SSSE3 CPU instructions which are not available on some CPUs.
(Github issue :issue:`7038`)
(From OE-Core rev: 14c2006bce8861eaf2b65d5c71097e67d1af19cf)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Changelog:
==========
- Fix reconciliation of default, flag_value and type parameters for
flag options, as well as parsing and normalization of environment variables.
- Fix typing issue in BadParameter and MissingParameter exceptions for the
parameter param_hint that did not allow for a sequence of string where the
underlying functino _join_param_hints allows for it.
- Use the value of Enum choices to render their default value in help
screen.
- Fix completion for the Z shell (zsh) for completion items containing
colons.
- Don't include envvar in error hint when not configured.
- Fix a rare race in click.testing.StreamMixer's finalization that manifested
as a ValueError on close in a multi-threaded test session.
(From OE-Core rev: 8a5a2fabac46df8ce22c6d645af6b278283c9c00)
Signed-off-by: Liu Yiding <liuyd.fnst@fujitsu.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Take a partial patch to disable portion of test_makedev, its also applied
in alpine. NODEV does not exist on musl
Add test_null_dlsym to ignore list on musl, it needs GNU ifunc support
and musl does not implement GNU ifuncs
fixes
Failed ptests:
{'python3': ['test_null_dlsym', 'test_makedev', 'python3']}
(From OE-Core rev: c197de49d6b406be5fc79b6e17c397c834efc1b0)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
when running oe-selftest for gcc some of the output pattern matchng test cases
were getting failed due to below issue.
Output line 1 was:
Warning: Permanently added '192.168.7
Should match (from /poky/poky/build-st/tmp/work-shared/gcc-15.1.0-r0/sources/
gcc-15.1.0/gcc/testsuite/gcc.dg/dg-output-file-1-lp64.txt):
This is a test output for lp64 target
Failed test for output line 1 This is a test output for lp64 target
(From OE-Core rev: 08200d7ac9d96996dbc1f913bcc0c8bee13592f8)
Signed-off-by: Harish Sadineni <Harish.Sadineni@windriver.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Do not rely on how python detects the platform triplet
We have been lucky to get it cross-compiling since our build hosts
are also using glibc, so the headers and gcc install locations match
and the values it detects are mostly what we will need for glibc
based targets, but when we use musl e.g. the problems show up where
python3 is not able to automitically discover python modules so any
python package having compiled .so modules fail to load.
Example is ptest failures with TCLIBC = "musl"
and running core-image-ptest-python3-rpds-py
This is revamp of patch [1], currently its working for glibc
based cross-compiling because we build on linux systems which are also
glibc based, but python on musl shows the problem.
When python was upgraded to 3.12 [2], this patch was wrongly dropped
and sadly regression went unnoticed, without this patch
Python's automatic module discovery does not work when it is cross-compiled
this is because it tries host tools and compiler installation during configure
to detect it. .so modules e.g. modulename.cpython-*.so are not seen as a result.
This is seen when running python3-rpds-py ptests where it should load
rpds.cpython-313-x86_64-linux-musl.so rpds.so but it does not and the module test
fail.
root@qemux86-64:/usr/lib/python3-rpds-py/ptest# python3 -c "
import sysconfig
import importlib.machinery
print('Extension suffixes:', importlib.machinery.EXTENSION_SUFFIXES)
print('Soabi:', sysconfig.get_config_var('SOABI'))
print('Ext suffix:', sysconfig.get_config_var('EXT_SUFFIX'))
print('Module suffix:', sysconfig.get_config_var('SO'))
"
Extension suffixes: ['.cpython-313.so', '.abi3.so', '.so']
Soabi: cpython-313
Ext suffix: .cpython-313.so
Module suffix: None
And after fix it is.
root@qemux86-64:~# python3 -c "
import sysconfig
import importlib.machinery
print('Extension suffixes:', importlib.machinery.EXTENSION_SUFFIXES)
print('Soabi:', sysconfig.get_config_var('SOABI'))
print('Ext suffix:', sysconfig.get_config_var('EXT_SUFFIX'))
print('Module suffix:', sysconfig.get_config_var('SO'))
"
Extension suffixes: ['.cpython-313-x86_64-linux-musl.so', '.abi3.so', '.so']
Soabi: cpython-313-x86_64-linux-musl
Ext suffix: .cpython-313-x86_64-linux-musl.so
Module suffix: None
[1] https://git.openembedded.org/openembedded-core/commit/?id=407744b00d702e3133304e1b43064a5634ca02cf
[2] https://git.openembedded.org/openembedded-core/commit/?id=716d82352545d3667a658b69d65d6127678dd150
(From OE-Core rev: 7bb157e48f5e5272db7506c7eb3118209dc3b35f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
musl's thread startup/teardown sequences and frame-pointer handling
differ from glibc. elfutils can fail to terminate unwinds properly
in multithreaded musl apps which leads to truncated or bogus traces
and then the test's "must contain main" assertion fails.
Skip this test on musl systems
(From OE-Core rev: 6f89b8386b70d35cb27bb90348857ddecda5ed3e)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The pwritev and pwrite64 are wrappers over pwritev2 syscall in
musl but strace assumes glibc behavior, ignore them for now
(From OE-Core rev: 38f4f3bfbe2f9625737af15422423b00c32ee076)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
PERL built with GCC 15 and -march=x86-64-v3 fails several
op/pack.t cases due to aggressive lowering of __builtin_memcpy
and inlined/fortified string ops. In pp_pack, some in-place copies
can overlap, treating memcpy as non-overlapping yields corrupted
bytes (zeros or wrong prefixes).
The issue does not reproduce with -march=core2.
When using x86-64-v3 memcpy gets emitted very aggressively
(vectorized / reordered) and assumes no overlap.
The flags force calls through libc (overlap-safe behavior),
restoring deterministic pack/unpack and fixing the test failures.
Inline functions could be faster in execution but correctness is
more important
Fixes [YOCTO #15950]
(From OE-Core rev: 6d557b16f1e45e616c6eb208e4d7a2f2839a2e4f)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Upgrade to the latest upstream release (2025-08-05), which includes:
- Added new -N/--arg-names option to show syscall argument names
- Implemented PTRACE_SET_SYSCALL_INFO ptrace API support from Linux 6.16
- Decoding updates for SO_RCVPRIORITY, SO_PASSRIGHTS, RTA_NH_ID, RTA_FLOWLABEL
- Enhanced statx syscall decoding and numerous new constant/ioctl updates
(From OE-Core rev: de55fbe7f8ca2567a8743dcbcd533430cc642ca4)
Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
Elfutils tests do not all run cleanly on musl systems. Make the current set
as baseline by making the failing tests as XFAILS. This helps to not regress
further more.
(From OE-Core rev: c962949c7d70a40f94fb41c342b7a282578069ed)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
elfuitls testsuites do not pass on all kind of distro features e.g.
with musl there are failures and with ld-is-lld less numer but it shows
failures too. Make run-ptest treat these as known failures.
(From OE-Core rev: 54f4588d49f5164aa8a404a1cb6a9984fd2b49cd)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
set GOARCH to HOST_GOARCH which is set from SDKMACHINE,
since GOARCH defaults to TARGET_GOARCH, which is set from MACHINE (wrong arch).
Also fix do_install to correctly install all binaries from
${GO_BUILD_BINDIR} by using 'find -type f' to avoid issues when the
directory contains subdirectories (e.g. "linux_arm").
(From OE-Core rev: 31e3bd61c7986bc044e547aa5cb9caba7b32bf22)
Signed-off-by: Osama Abdelkader <osama.abdelkader@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
This test fails [1] with x86-64-v3, surfaces when we switch default
tune for qemux86-64 to be x86-64-v3 or newer
Test seems to compare exact floating point numbers but it might not be
precise enough and comparison may fail.
[1] https://github.com/numpy/numpy/issues/27460
(From OE-Core rev: aaf986bfa93b91a64cbf1c4e23b7fe961bdbb1f7)
Signed-off-by: Khem Raj <raj.khem@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
