diff options
Diffstat (limited to 'meta-python')
18 files changed, 372 insertions, 17 deletions
diff --git a/meta-python/recipes-core/images/meta-python-image.bb b/meta-python/recipes-core/images/meta-python-image.bb index cc75fe6e4b..6353d389b5 100644 --- a/meta-python/recipes-core/images/meta-python-image.bb +++ b/meta-python/recipes-core/images/meta-python-image.bb @@ -2,5 +2,4 @@ require meta-python-image-base.bb SUMMARY = "meta-python build test image" -IMAGE_INSTALL += "packagegroup-meta-python \ - packagegroup-meta-python3" +IMAGE_INSTALL += "packagegroup-meta-python3" diff --git a/meta-python/recipes-core/images/meta-python-ptest-image.bb b/meta-python/recipes-core/images/meta-python-ptest-image.bb index 7ee15354a2..d497016d41 100644 --- a/meta-python/recipes-core/images/meta-python-ptest-image.bb +++ b/meta-python/recipes-core/images/meta-python-ptest-image.bb @@ -2,4 +2,4 @@ require meta-python-image-base.bb SUMMARY = "meta-python ptest test image" -IMAGE_INSTALL += "packagegroup-meta-python-ptest" +IMAGE_INSTALL += "packagegroup-meta-python3-ptest" diff --git a/meta-python/recipes-devtools/python/python-lxml.inc b/meta-python/recipes-devtools/python/python-lxml.inc index 05b5eae462..0276a3e81a 100644 --- a/meta-python/recipes-devtools/python/python-lxml.inc +++ b/meta-python/recipes-devtools/python/python-lxml.inc @@ -18,6 +18,8 @@ LIC_FILES_CHKSUM = "file://LICENSES.txt;md5=e4c045ebad958ead4b48008f70838403 \ DEPENDS += "libxml2 libxslt" +SRC_URI += "file://CVE-2022-2309.patch" + SRC_URI[md5sum] = "f088e452ed45b030b6f84269f1e84d11" SRC_URI[sha256sum] = "8620ce80f50d023d414183bf90cc2576c2837b88e00bea3f33ad2630133bbb60" diff --git a/meta-python/recipes-devtools/python/python-pint.inc b/meta-python/recipes-devtools/python/python-pint.inc index d022c41a57..5d880a0397 100644 --- a/meta-python/recipes-devtools/python/python-pint.inc +++ b/meta-python/recipes-devtools/python/python-pint.inc @@ -14,8 +14,6 @@ SRC_URI[sha256sum] = "308f1070500e102f83b6adfca6db53debfce2ffc5d3cbe3f6c367da359 DEPENDS += "python3-setuptools-scm-native" -BBCLASSEXTEND = "native nativesdk" - SRC_URI += " \ file://run-ptest \ " diff --git a/meta-python/recipes-devtools/python/python3-cmd2_0.9.23.bb b/meta-python/recipes-devtools/python/python3-cmd2_0.9.23.bb index 803ca4a404..24e38cfb4e 100644 --- a/meta-python/recipes-devtools/python/python3-cmd2_0.9.23.bb +++ b/meta-python/recipes-devtools/python/python3-cmd2_0.9.23.bb @@ -16,5 +16,3 @@ RDEPENDS_${PN} += "\ ${PYTHON_PN}-pyperclip \ ${PYTHON_PN}-wcwidth \ " - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-cryptography/CVE-2023-23931.patch b/meta-python/recipes-devtools/python/python3-cryptography/CVE-2023-23931.patch new file mode 100644 index 0000000000..6ef50a0084 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-cryptography/CVE-2023-23931.patch @@ -0,0 +1,45 @@ +From 9fbf84efc861668755ab645530ec7be9cf3c6696 Mon Sep 17 00:00:00 2001 +From: Alex Gaynor <alex.gaynor@gmail.com> +Date: Tue, 7 Feb 2023 11:34:18 -0500 +Subject: [PATCH] Don't allow update_into to mutate immutable objects (#8230) + +Upstream-Status: Backport [https://github.com/pyca/cryptography/commit/9fbf84efc861668755ab645530ec7be9cf3c6696] +CVE: CVE-2023-23931 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + src/cryptography/hazmat/backends/openssl/ciphers.py | 2 +- + tests/hazmat/primitives/test_ciphers.py | 8 ++++++++ + 2 files changed, 9 insertions(+), 1 deletion(-) + +diff --git a/src/cryptography/hazmat/backends/openssl/ciphers.py b/src/cryptography/hazmat/backends/openssl/ciphers.py +index 286583f9325..075d68fb905 100644 +--- a/src/cryptography/hazmat/backends/openssl/ciphers.py ++++ b/src/cryptography/hazmat/backends/openssl/ciphers.py +@@ -156,7 +156,7 @@ def update_into(self, data: bytes, buf: bytes) -> int: + data_processed = 0 + total_out = 0 + outlen = self._backend._ffi.new("int *") +- baseoutbuf = self._backend._ffi.from_buffer(buf) ++ baseoutbuf = self._backend._ffi.from_buffer(buf, require_writable=True) + baseinbuf = self._backend._ffi.from_buffer(data) + + while data_processed != total_data_len: +diff --git a/tests/hazmat/primitives/test_ciphers.py b/tests/hazmat/primitives/test_ciphers.py +index 02127dd9cab..bf3b047dec2 100644 +--- a/tests/hazmat/primitives/test_ciphers.py ++++ b/tests/hazmat/primitives/test_ciphers.py +@@ -318,6 +318,14 @@ def test_update_into_buffer_too_small(self, backend): + with pytest.raises(ValueError): + encryptor.update_into(b"testing", buf) + ++ def test_update_into_immutable(self, backend): ++ key = b"\x00" * 16 ++ c = ciphers.Cipher(AES(key), modes.ECB(), backend) ++ encryptor = c.encryptor() ++ buf = b"\x00" * 32 ++ with pytest.raises((TypeError, BufferError)): ++ encryptor.update_into(b"testing", buf) ++ + @pytest.mark.supported( + only_if=lambda backend: backend.cipher_supported( + AES(b"\x00" * 16), modes.GCM(b"\x00" * 12) diff --git a/meta-python/recipes-devtools/python/python3-cryptography/CVE-2024-26130.patch b/meta-python/recipes-devtools/python/python3-cryptography/CVE-2024-26130.patch new file mode 100644 index 0000000000..c0acb9066b --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-cryptography/CVE-2024-26130.patch @@ -0,0 +1,66 @@ +From 97d231672763cdb5959a3b191e692a362f1b9e55 Mon Sep 17 00:00:00 2001 +From: Alex Gaynor <alex.gaynor@gmail.com> +Date: Mon, 19 Feb 2024 11:50:28 -0500 +Subject: [PATCH] Fixes #10422 -- don't crash when a PKCS#12 key and cert don't +match (#10423) + +Upstream-Status: Backport [https://github.com/pyca/cryptography/commit/97d231672763cdb5959a3b191e692a362f1b9e55] +CVE: CVE-2024-26130 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + .../hazmat/backends/openssl/backend.py | 9 +++++++++ + tests/hazmat/primitives/test_pkcs12.py | 18 ++++++++++++++++++ + 2 files changed, 27 insertions(+) + +diff --git a/src/cryptography/hazmat/backends/openssl/backend.py b/src/cryptography/hazmat/backends/openssl/backend.py +index 7e9fa20..ce3fc8c 100644 +--- a/src/cryptography/hazmat/backends/openssl/backend.py ++++ b/src/cryptography/hazmat/backends/openssl/backend.py +@@ -1046,6 +1046,15 @@ class Backend(object): + raise NotImplementedError( + 'Extension not supported: {}'.format(extension.oid) + ) ++ if p12 == self._ffi.NULL: ++ errors = self._consume_errors() ++ raise ValueError( ++ ( ++ "Failed to create PKCS12 (does the key match the " ++ "certificate?)" ++ ), ++ errors, ++ ) + + ext_struct = encode(self, extension.value) + nid = self._lib.OBJ_txt2nid( +diff --git a/tests/hazmat/primitives/test_pkcs12.py b/tests/hazmat/primitives/test_pkcs12.py +index f084d57..c4160b0 100644 +--- a/tests/hazmat/primitives/test_pkcs12.py ++++ b/tests/hazmat/primitives/test_pkcs12.py +@@ -17,6 +17,24 @@ from cryptography.hazmat.primitives.serialization.pkcs12 import ( + + from .utils import load_vectors_from_file + ++ @pytest.mark.supported( ++ only_if=lambda backend: backend._lib.Cryptography_HAS_PKCS12_SET_MAC, ++ skip_message="Requires OpenSSL with PKCS12_set_mac", ++ ) ++ def test_set_mac_key_certificate_mismatch(self, backend): ++ cacert, _ = _load_ca(backend) ++ key = ec.generate_private_key(ec.SECP256R1()) ++ encryption = ( ++ serialization.PrivateFormat.PKCS12.encryption_builder() ++ .hmac_hash(hashes.SHA256()) ++ .build(b"password") ++ ) ++ ++ with pytest.raises(ValueError): ++ serialize_key_and_certificates( ++ b"name", key, cacert, [], encryption ++ ) ++ + + @pytest.mark.requires_backend_interface(interface=DERSerializationBackend) + class TestPKCS12(object): +-- +2.25.1 + diff --git a/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb b/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb index e50c97df45..63bc0e0d6d 100644 --- a/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb +++ b/meta-python/recipes-devtools/python/python3-cryptography_2.8.bb @@ -14,6 +14,8 @@ SRC_URI += " \ file://0001-chunked-update_into-5419.patch \ file://0002-chunking-didn-t-actually-work-5499.patch \ file://0003-correct-buffer-overflows-cause-by-integer-overflow-i.patch \ + file://CVE-2023-23931.patch \ + file://CVE-2024-26130.patch \ " inherit pypi setuptools3 diff --git a/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch b/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch new file mode 100644 index 0000000000..ff3fcee6e2 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-lxml/CVE-2022-2309.patch @@ -0,0 +1,94 @@ +From ccbda4b0669f418b2f00c4f099733cebe633eb47 Mon Sep 17 00:00:00 2001 +From: Hitendra Prajapati <hprajapati@mvista.com> +Date: Fri, 29 Jul 2022 10:16:59 +0530 +Subject: [PATCH] CVE-2022-2309 + +Upstream-Status: Backport [https://github.com/lxml/lxml/commit/86368e9cf70a0ad23cccd5ee32de847149af0c6f] +CVE: CVE-2022-2309 +Signed-off-by: Hitendra Prajapati <hprajapati@mvista.com> +--- + src/lxml/apihelpers.pxi | 7 ++++--- + src/lxml/iterparse.pxi | 11 ++++++----- + src/lxml/tests/test_etree.py | 20 ++++++++++++++++++++ + 3 files changed, 30 insertions(+), 8 deletions(-) + +diff --git a/src/lxml/apihelpers.pxi b/src/lxml/apihelpers.pxi +index 5eb3416..88a031d 100644 +--- a/src/lxml/apihelpers.pxi ++++ b/src/lxml/apihelpers.pxi +@@ -246,9 +246,10 @@ cdef dict _build_nsmap(xmlNode* c_node): + while c_node is not NULL and c_node.type == tree.XML_ELEMENT_NODE: + c_ns = c_node.nsDef + while c_ns is not NULL: +- prefix = funicodeOrNone(c_ns.prefix) +- if prefix not in nsmap: +- nsmap[prefix] = funicodeOrNone(c_ns.href) ++ if c_ns.prefix or c_ns.href: ++ prefix = funicodeOrNone(c_ns.prefix) ++ if prefix not in nsmap: ++ nsmap[prefix] = funicodeOrNone(c_ns.href) + c_ns = c_ns.next + c_node = c_node.parent + return nsmap +diff --git a/src/lxml/iterparse.pxi b/src/lxml/iterparse.pxi +index 4c20506..3da7485 100644 +--- a/src/lxml/iterparse.pxi ++++ b/src/lxml/iterparse.pxi +@@ -419,7 +419,7 @@ cdef int _countNsDefs(xmlNode* c_node): + count = 0 + c_ns = c_node.nsDef + while c_ns is not NULL: +- count += 1 ++ count += (c_ns.href is not NULL) + c_ns = c_ns.next + return count + +@@ -430,9 +430,10 @@ cdef int _appendStartNsEvents(xmlNode* c_node, list event_list) except -1: + count = 0 + c_ns = c_node.nsDef + while c_ns is not NULL: +- ns_tuple = (funicode(c_ns.prefix) if c_ns.prefix is not NULL else '', +- funicode(c_ns.href)) +- event_list.append( (u"start-ns", ns_tuple) ) +- count += 1 ++ if c_ns.href: ++ ns_tuple = (funicodeOrEmpty(c_ns.prefix), ++ funicode(c_ns.href)) ++ event_list.append( (u"start-ns", ns_tuple) ) ++ count += 1 + c_ns = c_ns.next + return count +diff --git a/src/lxml/tests/test_etree.py b/src/lxml/tests/test_etree.py +index b997e4d..69e1bf1 100644 +--- a/src/lxml/tests/test_etree.py ++++ b/src/lxml/tests/test_etree.py +@@ -1448,6 +1448,26 @@ class ETreeOnlyTestCase(HelperTestCase): + [1,2,1,4], + counts) + ++ def test_walk_after_parse_failure(self): ++ # This used to be an issue because libxml2 can leak empty namespaces ++ # between failed parser runs. iterwalk() failed to handle such a tree. ++ try: ++ etree.XML('''<anot xmlns="1">''') ++ except etree.XMLSyntaxError: ++ pass ++ else: ++ assert False, "invalid input did not fail to parse" ++ ++ et = etree.XML('''<root> </root>''') ++ try: ++ ns = next(etree.iterwalk(et, events=('start-ns',))) ++ except StopIteration: ++ # This would be the expected result, because there was no namespace ++ pass ++ else: ++ # This is a bug in libxml2 ++ assert not ns, repr(ns) ++ + def test_itertext_comment_pi(self): + # https://bugs.launchpad.net/lxml/+bug/1844674 + XML = self.etree.XML +-- +2.25.1 + diff --git a/meta-python/recipes-devtools/python/python3-matplotlib_3.2.1.bb b/meta-python/recipes-devtools/python/python3-matplotlib_3.2.1.bb index f6d8c53d05..57d38e60ba 100644 --- a/meta-python/recipes-devtools/python/python3-matplotlib_3.2.1.bb +++ b/meta-python/recipes-devtools/python/python3-matplotlib_3.2.1.bb @@ -32,6 +32,5 @@ RDEPENDS_${PN} = "\ python3-dateutil \ python3-kiwisolver \ python3-pytz \ + python3-pillow \ " - -BBCLASSEXTEND = "native" diff --git a/meta-python/recipes-devtools/python/python3-pillow/0001-CVE-2022-45198.patch b/meta-python/recipes-devtools/python/python3-pillow/0001-CVE-2022-45198.patch new file mode 100644 index 0000000000..0f0cfa7804 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/0001-CVE-2022-45198.patch @@ -0,0 +1,26 @@ +From 7df88fc2319852ace202a650703d631200080e3b Mon Sep 17 00:00:00 2001 +From: Andrew Murray <radarhere@users.noreply.github.com> +Date: Thu, 30 Jun 2022 12:47:35 +1000 +Subject: [PATCH] Added GIF decompression bomb check + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/884437f8a2b953a0abd2a3b130a87fcfb438092e] +CVE: CVE-2022-45198 +Signed-off-by: Shubham Kulkarni <skulkarni@mvista.com> +--- + src/PIL/GifImagePlugin.py | 1 + + 1 file changed, 1 insertion(+) + +diff --git a/src/PIL/GifImagePlugin.py b/src/PIL/GifImagePlugin.py +index 9d8e96f..c477fdd 100644 +--- a/src/PIL/GifImagePlugin.py ++++ b/src/PIL/GifImagePlugin.py +@@ -238,6 +238,7 @@ class GifImageFile(ImageFile.ImageFile): + x1, y1 = x0 + i16(s[4:]), y0 + i16(s[6:]) + if x1 > self.size[0] or y1 > self.size[1]: + self._size = max(x1, self.size[0]), max(y1, self.size[1]) ++ Image._decompression_bomb_check(self._size) + self.dispose_extent = x0, y0, x1, y1 + flags = i8(s[8]) + +-- +2.7.4 diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch new file mode 100644 index 0000000000..f9e3c49505 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-1.patch @@ -0,0 +1,31 @@ +From 45c726fd4daa63236a8f3653530f297dc87b160a Mon Sep 17 00:00:00 2001 +From: Eric Soroos <eric-github@soroos.net> +Date: Fri, 27 Oct 2023 11:21:18 +0200 +Subject: [PATCH] Don't allow __ or builtins in env dictionarys for + ImageMath.eval + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/45c726fd4daa63236a8f3653530f297dc87b160a] +CVE: CVE-2023-50447 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + src/PIL/ImageMath.py | 4 ++++ + 1 file changed, 4 insertions(+) + +diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py +index 392151c10..4cea3855e 100644 +--- a/src/PIL/ImageMath.py ++++ b/src/PIL/ImageMath.py +@@ -261,6 +261,10 @@ def eval(expression, _dict={}, **kw): + args.update(_dict) + args.update(kw) + for k, v in list(args.items()): ++ if '__' in k or hasattr(__builtins__, k): ++ msg = f"'{k}' not allowed" ++ raise ValueError(msg) ++ + if hasattr(v, "im"): + args[k] = _Operand(v) + +-- +2.25.1 + diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch new file mode 100644 index 0000000000..9c5d3fbcdc --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-2.patch @@ -0,0 +1,54 @@ +From 0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80 Mon Sep 17 00:00:00 2001 +From: Andrew Murray <radarhere@users.noreply.github.com> +Date: Sat, 28 Oct 2023 15:58:52 +1100 +Subject: [PATCH] Allow ops + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/0ca3c33c59927e1c7e0c14dbc1eea1dfb2431a80] +CVE: CVE-2023-50447 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + Tests/test_imagemath.py | 4 ++++ + src/PIL/ImageMath.py | 9 +++++---- + 2 files changed, 9 insertions(+), 4 deletions(-) + +diff --git a/Tests/test_imagemath.py b/Tests/test_imagemath.py +index da41b3a12..14a58a532 100644 +--- a/Tests/test_imagemath.py ++++ b/Tests/test_imagemath.py +@@ -56,6 +56,10 @@ class TestImageMath(PillowTestCase): + pixel(ImageMath.eval("float(B)**33", images)), "F 8589934592.0" + ) + ++ def test_prevent_double_underscores(): ++ with pytest.raises(ValueError): ++ ImageMath.eval("1", {"__": None}) ++ + def test_logical(self): + self.assertEqual(pixel(ImageMath.eval("not A", images)), 0) + self.assertEqual(pixel(ImageMath.eval("A and B", images)), "L 2") +diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py +index 4cea3855e..776604e3f 100644 +--- a/src/PIL/ImageMath.py ++++ b/src/PIL/ImageMath.py +@@ -258,13 +258,14 @@ def eval(expression, _dict={}, **kw): + + # build execution namespace + args = ops.copy() +- args.update(_dict) +- args.update(kw) +- for k, v in list(args.items()): +- if '__' in k or hasattr(__builtins__, k): ++ for k in list(_dict.keys()) + list(kw.keys()): ++ if "__" in k or hasattr(__builtins__, k): + msg = f"'{k}' not allowed" + raise ValueError(msg) + ++ args.update(_dict) ++ args.update(kw) ++ for k, v in list(args.items()): + if hasattr(v, "im"): + args[k] = _Operand(v) + +-- +2.25.1 + diff --git a/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch new file mode 100644 index 0000000000..b93425ee58 --- /dev/null +++ b/meta-python/recipes-devtools/python/python3-pillow/CVE-2023-50447-3.patch @@ -0,0 +1,44 @@ +From 557ba59d13de919d04b3fd4cdef8634f7d4b3348 Mon Sep 17 00:00:00 2001 +From: Andrew Murray <radarhere@users.noreply.github.com> +Date: Sat, 30 Dec 2023 09:30:12 +1100 +Subject: [PATCH] Include further builtins + +Upstream-Status: Backport [https://github.com/python-pillow/Pillow/commit/557ba59d13de919d04b3fd4cdef8634f7d4b3348] +CVE: CVE-2023-50447 +Signed-off-by: Vijay Anusuri <vanusuri@mvista.com> +--- + Tests/test_imagemath.py | 4 ++++ + src/PIL/ImageMath.py | 2 +- + 2 files changed, 5 insertions(+), 1 deletion(-) + +diff --git a/Tests/test_imagemath.py b/Tests/test_imagemath.py +index 14a58a532..5bba832e2 100644 +--- a/Tests/test_imagemath.py ++++ b/Tests/test_imagemath.py +@@ -60,6 +60,10 @@ class TestImageMath(PillowTestCase): + with pytest.raises(ValueError): + ImageMath.eval("1", {"__": None}) + ++ def test_prevent_builtins(): ++ with pytest.raises(ValueError): ++ ImageMath.eval("(lambda: exec('exit()'))()", {"exec": None}) ++ + def test_logical(self): + self.assertEqual(pixel(ImageMath.eval("not A", images)), 0) + self.assertEqual(pixel(ImageMath.eval("A and B", images)), "L 2") +diff --git a/src/PIL/ImageMath.py b/src/PIL/ImageMath.py +index 776604e3f..c6bc22180 100644 +--- a/src/PIL/ImageMath.py ++++ b/src/PIL/ImageMath.py +@@ -259,7 +259,7 @@ def eval(expression, _dict={}, **kw): + # build execution namespace + args = ops.copy() + for k in list(_dict.keys()) + list(kw.keys()): +- if "__" in k or hasattr(__builtins__, k): ++ if "__" in k or hasattr(builtins, k): + msg = f"'{k}' not allowed" + raise ValueError(msg) + +-- +2.25.1 + diff --git a/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb b/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb index 80b7e941ae..6567b32d0d 100644 --- a/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb +++ b/meta-python/recipes-devtools/python/python3-pillow_6.2.1.bb @@ -8,6 +8,10 @@ LIC_FILES_CHKSUM = "file://LICENSE;md5=55c0f320370091249c1755c0d2b48e89" SRC_URI = "git://github.com/python-pillow/Pillow.git;branch=6.2.x;protocol=https \ file://0001-support-cross-compiling.patch \ file://0001-explicitly-set-compile-options.patch \ + file://0001-CVE-2022-45198.patch \ + file://CVE-2023-50447-1.patch \ + file://CVE-2023-50447-2.patch \ + file://CVE-2023-50447-3.patch \ " SRCREV ?= "6e0f07bbe38def22d36ee176b2efd9ea74b453a6" @@ -34,5 +38,3 @@ CVE_PRODUCT = "pillow" S = "${WORKDIR}/git" RPROVIDES_${PN} += "python3-imaging" - -BBCLASSEXTEND = "native" diff --git a/meta-python/recipes-devtools/python/python3-pyflakes_2.1.1.bb b/meta-python/recipes-devtools/python/python3-pyflakes_2.1.1.bb index c138822400..6636fda839 100644 --- a/meta-python/recipes-devtools/python/python3-pyflakes_2.1.1.bb +++ b/meta-python/recipes-devtools/python/python3-pyflakes_2.1.1.bb @@ -12,5 +12,3 @@ RDEPENDS_${PN} += " \ ${PYTHON_PN}-prettytable \ ${PYTHON_PN}-cmd2 \ ${PYTHON_PN}-pyparsing" - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb b/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb index b6de42f7c1..60a26f58bc 100644 --- a/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb +++ b/meta-python/recipes-devtools/python/python3-robotframework-seriallibrary_0.3.1.bb @@ -16,5 +16,3 @@ RDEPENDS_${PN} += " \ ${PYTHON_PN}-pyserial \ ${PYTHON_PN}-robotframework \ " - -BBCLASSEXTEND = "native nativesdk" diff --git a/meta-python/recipes-extended/python-cson/python3-cson_git.bb b/meta-python/recipes-extended/python-cson/python3-cson_git.bb index 4d234d311d..8e8f3fb2a6 100644 --- a/meta-python/recipes-extended/python-cson/python3-cson_git.bb +++ b/meta-python/recipes-extended/python-cson/python3-cson_git.bb @@ -12,8 +12,7 @@ SRC_URI = "git://github.com/gt3389b/python-cson.git;branch=master;protocol=https S = "${WORKDIR}/git" -RDEPENDS_${PN}_class-native = "" -DEPENDS_append_class-native = " python-native " +RDEPENDS_${PN} = "python3-json" inherit setuptools3 |