subtree updates
meta-openembedded: f3018013ff..3b245e4fe8:
Adrian Bunk (8):
Remove start-stop-daemon
dvb-apps: Remove workaround patch for ancient target compilers
Remove ipsec-tools and umip
gpsd: Switch PACKAGECONFIG[qt] from Qt4 to Qt5
samba: Upgrade 4.8.11 -> 4.8.12
recipes-devtools: Move back from meta-networking to meta-perl
wireless-regdb: Upgrade 2019.03.01 -> 2019.06.03
mcelog: Remove manual RDEPENDS from PN-ptest to PN package
Alejandro del Castillo (1):
apache2: add all extra/*.conf to conffiles
Alistair Francis (1):
python-obd: Uprade from 0.7.0 to 0.7.1
Andreas Müller (1):
python-six: put python2/3 variant together
Andrei Gherzan (2):
modemmanager: Update to 1.10.0
networkmanager: Update to 1.18.0
Ankit Navik (1):
safec: Initial recipe for safe C library
Carlos Rafael Giani (1):
openh264: Fix armv7ve build
Changqing Li (11):
syslog-ng: add rconflict for package syslog-ng-libs
netkit-telnet: add rconflicts
samba/libldb: add rconflicts
php-fpm-apache: fix module path
phoronix-test-suite: upgrade from 8.6.0 -> 8.8.1
python-pygobject: upgrade 3.28.3 -> 3.32.1
rrdtool: upgrade 1.7.1 -> 1.7.2
php: upgrade 7.3.4 -> 7.3.6
xf86-video-ati: upgrade 18.0.1 -> 19.0.1
pavucontrol: upgrade 3.0 -> 4.0
multipath-tools: upgrade 0.8.0 -> 0.8.1
Herman van Hazendonk (1):
Geoclue: Update to 2.5.3
Hongxu Jia (4):
rrdtool: improve reproducibility
crash: do not use unstable github archive tarballs
postgresql: improve reproducibility
net-snmp: split net-snmp-config to package net-snmp-dev
Hongzhi.Song (1):
spice: fix compile errors on 32bit system
Horvath, Chris (1):
lcov: Upgrade 1.11 -> 1.14
James Feist (1):
libgpiod: Enable cxx bindings by default
Kai Kang (16):
xfce4-session: 4.13.1 -> 4.13.2
xfce4-screensaver: add recipe
packagegroup-xfce-extended: add xfce4-screensaver
lxdm: provides fake gdmflexiserver for xfce desktop environment
thunar: 1.8.4 -> 1.8.6
xfdesktop: 4.13.3 -> 4.13.4
xfce4-panel: 4.13.4 -> 4.13.5
thunar-volman: 0.9.1 -> 0.9.2
xfce4-appfinder: 4.13.2 -> 4.13.3
libxfce4util: 4.13.2 -> 4.13.3
xfwm4: 4.13.1 -> 4.13.2
xfconf: 4.13.6 -> 4.13.7
libxfce4ui: 4.13.4 -> 4.13.5
xfce4-power-manager: 1.6.1 -> 1.6.2
xfce4-settings: set default theme Adwaita
lxdm: provides fake gdmflexiserver for xfce desktop environment
Khem Raj (8):
libnfc: Fix build with musl
openocd: Fix build on x86_64
spice,spice-protocol: Uprev to 0.14.0
udisks: Install bash_completion script in OE familiar dir
udisks: Remove bash dependency
python-jsmin,python-pytoml,python-which: Add recipes
mozjs: Upgrade to version 60.x
polkit: Upgrade to 0.116
Liwei Song (1):
turbostat: copy bits.h from kernel to turbostat
Marek Belisko (1):
libsrtp: Fix compilation and add pkgconfig
Martin Jansa (17):
igmpproxy: remove 0001-src-igmpproxy.h-Include-sys-types.h-for-u_short-u_in.patch and _GNU_SOURCE
ne10, libopus: add armv7ve override as well
pidgin: upgrade to 2.13.0
funyahoo-plusplus, icyque, pidgin-sipe, purple-skypeweb: add couple plugins for pidgin
hunspell: use git fetcher instead of github archive
hunspell-dictionaries: import from meta-luneos to make hunspell in meta-oe a bit more useful
ttf-mplus, ttf-vlgothic: add ttf-mplus license
android-tools-conf: import one more improvement for android-gadget-setup from meta-luneos
uriparser: upgrade to 0.9.3
libmikmod: fix SRC_URI
leptonica: fix SRC_URI
libmikmod: upgrade to 3.3.11.1
open-vm-tools: refresh the patches so that they can be easily applied with devtool or git am
open-vm-tools: import gcc9 fixes from fedora
spice: append to CFLAGS instead of +=
cpprest: temporary ignore deprecated-copy and redundant-move errors detected by gcc9
oprofile: drop virtual/kernel dependency and switch back to TUNE_PKGARCH
Mingli Yu (4):
mariadb: Upgrade to 10.3.15
kea: Upgrade to 1.5.0
hwloc: Upgrade to 1.11.12
kea: replace -Og with -O
Naveen Saini (1):
pm-graph: add recipe
Oleksandr Kravchuk (12):
opensaf: update to 5.19.03
python-ldap: update to 3.2.0
rp-pppoe: update to 3.13
atftp: update to 0.7.2
ipcalc: update to 2.2.3
mtr: update to 0.92
nbd: update to 3.19
mdns: update to 878.200.35
lldpd: update to 1.0.3
libp11: update to 0.4.10
nano: update to 4.2
libspatialite: update to 4.3.0a
Ovidiu Panait (1):
xfsprogs: Fix host contamination
Paolo Valente (1):
s-suite: push SRCREV to version 3.4
Pascal Bach (1):
rocksdb: 5.18.3 -> 6.0.2
Qi.Chen@windriver.com (2):
polkit: fix CVE-2019-6133
.gitignore: add *.pyc and *.pyo
Randy MacLeod (1):
imagemagick: update from 7.0.8-43 to 7.0.8-47
Robert Joslyn (4):
cryptsetup: Add PACKAGECONFIG options
lmsensors: Update to 3.5.0
xfce4-session: Add xrdb RDEPENDS
xfce4-session: Reformat DEPENDS and RDEPENDS
Slater, Joseph (1):
php-7: mark two tests as expected to fail
Stefan Agner (1):
haveged: fix CPU cache size detection
Tim Orling (13):
libterm-readkey-perl: upgrade 2.37 -> 2.38; fix upstream check; enable ptest
libtest-deep-perl: add recipe for v1.128
libcgi-perl: upgrade 4.38 -> 4.43; enable ptest
libcrypt-openssl-guess-perl: rename from libcrypt-openssl-guess; enable ptest
libcrypt-openssl-rsa-perl: upgrade 0.30 -> 0.31; enable ptest
libcrypt-openssl-random-perl: upgrade 0.11 -> 0.15; enable ptest
libextutils-installpaths-perl: upgrade 0.011 -> 0.012; enable ptest
libexutils-config-perl: enable ptest
libhtml-tagset-perl: add recipe for v3.20
libhtml-parser-perl: enable ptest
libstrictures-perl: upgrade 2.000003 -> 2.000006; enable ptest
libxml-libxml-perl: enable ptest
libcapture-tiny-perl: upgrade 0.46 -> 0.48; enable ptest
William A. Kennington III via Openembedded-devel (1):
cli11: 1.6.2 -> 1.7.1
Yi Zhao (8):
python-ldap: add python-pyasn1 and python-pyasn1-modules as runtime dependencies
fuse: upgrade 2.9.8 -> 2.9.9
yaffs2-utils: update to latest master
xfsprogs: upgrade 4.18.0 -> 5.0.0
fcgi: upgrade 2.4.1+git -> 2.4.2
xdebug: upgrade 2.7.0RC2 -> 2.7.2
phpmyadmin: upgrade 4.8.5 -> 4.9.0.1
openipmi: upgrade 2.0.25 -> 2.0.27
Zang Ruochen (13):
python-pywbem: solved the conflict with python3-pywbem
python3-pywbem:solved the conflict with python-pywbem
python-pbr: upgrade 5.2.0 -> 5.2.1
python-mako: upgrade 1.0.10 -> 1.0.12
python-babel: upgrade 2.6.0 -> 2.7.0
python-cachetools: upgrade 3.1.0 -> 3.1.1
python-cryptography: upgrade 2.6.1 -> 2.7
python-cryptography-vectors: upgrade 2.6.1 -> 2.7
python-cython: upgrade 0.29.7 -> 0.29.10
python-lxml: upgrade 4.3.3 -> 4.3.4
python-psutil: upgrade 5.6.2 -> 5.6.3
python-requests: upgrade 2.21.0 -> 2.22.0
python-urllib3: upgrade 1.25.2 -> 1.25.3
nick83ola (5):
nginx: update to version 1.17.0
nginx: update stable version to 1.16.0
nginx: add PACKAGECONFIG[http-auth-request]
nginx: fix kill path in nginx systemd unit file
uthash: do not use unstable github archive tarballs
thstead (1):
Upgraded python-pysnmp from version 4.3.5. to 4.4.9.
Łukasz Łaguna (1):
gsl: update to version 2.5
meta-security: 9f5cc2a7eb..c28b72e91d:
Armin Kuster (17):
checksec: update to 1.11.1
keyutils: fix library install path
checksec: add runtime test
meta-integrity: port over from meta-intel-iot-security
layer.conf: add LAYERSERIES_COMPAT
README: update
ima-evm-utils: cleanup and update to tip
ima.cfg: update to 5.0 kernel
linux: update bbappend
base-files: add appending to automount securityfs
ima-policy-hashed: add new recipe
ima_policy_simple: add another sample policy
policy: add ima appraise all policy
data: remove policies
initramfs: clean up to pull in packages.
runtime qa: moderize ima test
image: add image for testing
Changqing Li (1):
samhain: add rconflict for client and server mode
Zang Ruochen (4):
bastille: solved the conflict with perl-module-text-wrap and base-files
python-scapy: Remove redundant sed operations
python-scapy: solved the conflict with python3-scapy
python3-scapy: solved the conflict with python-scapy
leimaohui (1):
python3-fail2ban: Fix build error of xrange.
poky: 797916f93a..111b7173fe:
Adrian Bunk (25):
nss-myhostname: Stop trying to build for musl
systemd: Some upstreamable musl patches have been upstreamed
libnss-mdns: Stop trying to build for musl
icu: Remove workaround for musl issue fixed upstream 2 years ago
socat: Remove workaround for musl issue now fixed upstream
ofono: Use external ell instead of an internal copy
ofono: Fix another race condition during the build
squashfs-tools: Mark as incompatible with musl
apt: Remove workaround patches for no longer supported host distributions
m4/tar: Remove remove-gets.patch
pinentry: Switch pinentry-qt from Qt4 to Qt5
librsvg: Replace workaround for old host systems with upstream fix
vim: Move PACKAGECONFIG[gtkgui] from GTK 2 to GTK 3
Remove Go 1.11
go: Remove INSANE_SKIP_* textrel that are now handled in go.bbclass
dpkg: Remove workaround patches for no longer supported host distributions
lrzsz: Add implicit declaration fixes from Debian
tcp-wrappers: Add compile warning fixes from Debian
libpam: Upgrade 1.3.0 -> 1.3.1
vte: Fix the license information
gcc: Remove 0006-gcc-disable-MASK_RELAX_PIC_CALLS-bit.patch
openssl: Upgrade 1.1.1b -> 1.1.1c
Remove manual RDEPENDS from PN-ptest to PN package
ref-manual: Remove irda feature
lttng-modules: Upgrade 2.10.9 -> 2.10.10
Adrian Freihofer (3):
qemurunner: fix undefined variable
testimage: consider QB_DEFAULT_FSTYPE
runqemu: QB_FSINFO to support fstype wic images
Alejandro Enedino Hernandez Samaniego (1):
python-numpy: Avoid installing copy of f2py script
Alejandro Hernandez Samaniego (2):
newlib: Upgrade to 3.1.0
newlib: export CC_FOR_TARGET as CC
Alejandro del Castillo (1):
opkg-utils: upgrade to version 0.4.1
Alex Kiernan (2):
kernel-fitimage: uboot-sign: Check UBOOT_DTB_BINARY before adding deps
systemd: Backport OpenSSL BUF_MEM fix
Alexander Kanavin (53):
vim: split the common part into vim.inc
libpcre2: upgrade 10.32 -> 10.33
librepo: upgrade 1.9.6 -> 1.10.2
libmodulemd: upgrade 2.2.3 -> 2.4.0
libmodulemd: fix erroneous linking against v2 library when v1 was requested
createrepo-c: upgrade 0.12.2 -> 0.14.0
libdazzle: upgrade 3.32.1 -> 3.32.2
adwaita-icon-theme: upgrade 3.30.1 -> 3.32.0
bison: upgrade 3.1 -> 3.3.2
atk: upgrade 2.30.0 -> 2.32.0
python3-mako: upgrade 1.0.9 -> 1.0.10
nss: upgrade 3.43 -> 3.44
go: update 1.12.1->1.12.5
systemtap: upgrade 4.0 -> 4.1
gawk: upgrade 4.2.1 -> 5.0.0
alsa-plugins: upgrade 1.1.8 -> 1.1.9
alsa-utils: upgrade 1.1.8 -> 1.1.9
alsa-lib: upgrade 1.1.8 -> 1.1.9
lz4: upgrade 1.9.0 -> 1.9.1
libxcrypt: upgrade 4.4.4 -> 4.4.6
python3-pip: upgrade 19.0.3 -> 19.1.1
pkgconf: upgrade 1.6.0 -> 1.6.1
at-spi2-core: upgrade 2.30.0 -> 2.32.1
at-spi2-atk: upgrade 2.30.0 -> 2.32.0
glib-networking: upgrade 2.60.1 -> 2.60.2
libsoup-2.4: upgrade 2.66.1 -> 2.66.2
x264: upgrade to latest revision
linux-firmware: upgrade to latest revision
python3-pbr: upgrade 5.1.3 -> 5.2.0
bash-completion: upgrade 2.8 -> 2.9
gst-examples: upgrade to 1.16.0
acpica: upgrade 20190405 -> 20190509
freetype: upgrade 2.9.1 -> 2.10.0
usbutils: upgrade 010->012
webkitgtk: update to 2.24.2
epiphany: update to 3.32.2
btrfs-tools: update to 5.1
iproute2: upgrade 5.0.0 -> 5.1.0
chkconfig: do not use unstable github archive tarballs
chkconfig: fix upstream version check
perl: update to 5.30.0
piglit: upgrade to latest revision
ccache: fix upstream version check
Revert "ncurses: fix incorrect UPSTREAM_CHECK_GITTAGREGEX"
sysstat: add UPSTREAM_VERSION_UNKNOWN
python3-pygments: add a recipe
gtk-doc: upgrade 1.29 -> 1.30
libpsl: fix the gtk-doc 1.30 build
source-highlight: remove the recipe
mesa-demos: update to 8.4.0
glib-2.0: udpate 2.58.3 -> 2.60.3
gdk-pixbuf: update 2.38.0 -> 2.38.1
gtk+3: update 3.24.5 -> 3.24.8
Alistair Francis (3):
gdb: Upgrade from 8.2.1 to 8.3
gnu-config: Update to latest SHA
qemu: Backport the arm segfault fix
Andreas Müller (1):
gsettings-desktop-schemas: upgrade 3.28.1 -> 3.32.0
Andrei Gherzan (1):
ca-certificates: Fix openssl runtime dependencies
Anuj Mittal (8):
Revert "image_types: use pigz to create .gz files"
Revert "pigz: pigz is not gzip"
libva: upgrade 2.4.0 -> 2.4.1
ffmpeg: add PACKAGECONFIG for mfx
libpam: fix upstream version check
serf: cleanup recipe
scons: inherit python3native
python3-scons: fix regex replacing python by python3
Bonnans, Laurent (1):
kernel-uboot: compress arm64 kernels
Bruce Ashfield (11):
linux-yocto/5.0: update to v5.0.13
linux-yocto/4.19: update to v4.19.40
linux-yocto/4.19: update to v4.19.44
kernel: package modules.builtin.modinfo
linux-yocto-dev: bump to v5.2-rc
linux-yocto/5.0: update to v5.0.17
linux-yocto-rt/5.0: update to -rt9
linux-yocto/5.0: update to v5.0.19
linux-yocto-rt/5.0: update to -rt11
linux-yocto/5.0: fix systemtap on arm
linux-yocto: ptest: Add SCSI debug configuration for util-linux
Carlos Rafael Giani (6):
gstreamer1.0-plugins-base: upgrade to version 1.16.0
gstreamer1.0-plugins-good: upgrade to version 1.16.0
gstreamer1.0-plugins-bad: upgrade to version 1.16.0
gstreamer1.0-plugins-ugly: upgrade to version 1.16.0
gstreamer1.0-libav: upgrade to version 1.16.0
gstreamer1.0-vaapi: upgrade to version 1.16.0
Changqing Li (8):
connman: add networkmanager as rconflict
dropbear: add openssh/openssh-sshd as rconflict
busybox-inittab/sysvinit-inittab: add rconflicts
inetutils: fix wrong package name
systemd: add rconflicts
tiny-init: add rconflicts
multilib: add override for image recipe
qemu: fix qemu ptest cannot work
Chee Yang Lee (3):
wic: bootimg-efi: add label source parameter
wic/engine: include .wks.in in wic search and list
wic/plugins: kernel image refer to KERNEL_IMAGETYPE
Chen Qi (5):
libxfont2: set CVE_PRODUCT
systemd: avoid musl specific patches affect glibc systems
util-linux: upgrade to 2.33.2
oescripts.py: avoid error when cairo module is not available
context.py: fix skipping function
Chris Laplante (5):
base.bbclass: Add OE_EXTRA_IMPORTS
bitbake: knotty: allow progress rate for indeterminate bars
bitbake: build: extract progress handler creation logic into its own method
bitbake: build/progress: use context managers for progress handlers
bitbake: build: implement custom progress handlers injected via OE_EXTRA_IMPORTS
David Frey (1):
bluez5: manage udev dependency with PACKAGECONFIG
David Reyna (1):
bitbake: toaster: Fix Thud Bitbake release metadata
Diego Rondini (1):
bluez5: fix obex packaging
Douglas Royds via Openembedded-core (1):
json-c: Backport --disable-werror patch to allow compilation under icecc
Fabio Berton (3):
mesa: Update 19.0.3 -> 19.0.5
mesa: Update 19.0.5 -> 19.0.6
mesa: Update 19.0.6 -> 19.1.0
Filip Jareš (1):
recipes: Fix license "names"/versions.
Haiqing Bai (1):
kernel.bbclass: Make task clean depend on cleaning of make-mod-scripts
He Zhe (1):
lttng-modules: Add git based recipe
Hongxu Jia (5):
grub/grub-efi: fix unrecognized command line option '-pipe-Wno-error' in CFLAGS
lib/oe/reciputils.py: support character `+' in git pv
groff: improve reproducibility
diffutils/run-ptest: support to run at arbitrary path
openssh: fix potential signed overflow in pointer arithmatic
Jaewon Lee (2):
gstreamer1.0-python_1.16.0.bb: Override libpython dir
devicetree.bbclass: Combine stderr into stdout to see actual dtc error
Jean-Marie LEMETAYER (4):
npm: get npm package name from npm pack
npm: fix node and npm default directory conflict
npm: remove some temporary build files
bitbake: bitbake: fetch2/npm: fix npw view parsing
Jiping Ma (1):
dhcp:"dhclient -x eth0" action is not correct.
Joe Slater (1):
slang: modify an array test
Jon Mason (2):
resulttool: modify to be multi-machine
resulttool: Remove prints if no tests occur
Jonathan Rajotte (4):
lttng-tools: prevent test timeout when lttng-modules is not present
lttng-tools: add lttng-modules to ptest dependencies
liburcu: update to 0.11.0
liburcu: update to 0.11.1
Joshua Watt (11):
avahi: Add PACKAGECONFIG for libdns_sd
perl: Preserve attributes when applying cross files
btrfs-tools: Pass DEBUG_MAP_PREFIX flags to Python
bitbake: bitbake: cooker: Rename __depends in all multiconfigs
bitbake: bitbake: Show base multiconfig environment
perl: Set build date to SOURCE_DATE_EPOCH
glibc-locale: DEPEND on virtual/libc
zip: Remove build date to improve reproducibility
classes/package: Sort ELF file list
bash: Replace uninative loader path in ptest
oeqa: Add reproducible build selftest
Kai Kang (3):
systemd-conf: configure wired network with dhcp
qemu/qemu-system-native: depend bison-native
openssl: fix failure of ptest test_shlibload
Kevin Hao (3):
runqemu: Add the support to pass multi ports to tcpserial parameter
oeqa/utils/qemurunner: Set both the threadport&serverport with tcpserial parameter
tune-thunderx: Set the correct PACKAGE_EXTRA_ARCHS_tune-thunderx
Khem Raj (6):
mesa: Fix a case when gbm is enabled but DRIDRIVERS is not defined
ofono: Add TEMP_FAILURE_RETRY optional definition
Revert "musl: Add TEMP_FAILURE_RETRY from glibc"
binutils: Workaround mips assembler crash on target
musl: Upgrade to master tip
gdb: Let gdbserver be empty for riscv64
Lei Maohui (1):
meson.bbclass: Make meson support aarch64_be.
Luca Boccassi (2):
python*-setuptools: add separate packages for pkg_resources module
mdadm: use ${systemd_unitdir} rather than /lib/systemd
Maciej Pijanowski (1):
recipetool: add python3 support
Mariano López (3):
util-linux: Add missing ptest dependencies
util-linux: Stop udevd to run ptests
linux-yocto: Add scsi_debug module when ptest is in DISTRO_FEATURES
Mark Hatle (1):
bitbake: svn.py: Stop SVN from directly pulling from an external layer w/o fetcher
Martin Jansa (5):
python: add a fix for CVE-2019-9948 and CVE-2019-9636
glib-networking: add PACKAGECONFIG for openssl
bc: use u-a for bc as well
opkg-utils: fix opkg-list-fields script
pigz: install pigz, unpigz, pigzcat in native and nativesdk builds again
Matthias Schiffer (1):
bitbake: fetch2: runfetchcmd(): unset _PYTHON_SYSCONFIGDATA_NAME
Matthias Schoepfer via Openembedded-core (1):
python3: fix build on softfloat mips
Michael Ho (1):
base.bbclass: add named SRCREVs to the sstate hash
Mike Crowe (1):
cmake: Avoid passing empty prefix to os.path.relpath
Mingli Yu (3):
elfutils: fix ptest failures
dbus: Upgrade to 1.12.16
dbus-test: Upgrade 1.12.16
Nicola Lunghi (3):
connman: fix segfault with musl >v1.1.21
rng-tools: recipe cleanup
rng-tools: harmonise systemd and sysvinit
Oleksandr Kravchuk (6):
ethtool: update to 5.1
file: update to 5.37
p11-kit: update to 0.23.16.1
popt: fix SRC_URI
selftest/devtool: fix URI to MarkupSafe package
bitbake: cooker: list all nonexistent bblayer directories
Oliver Stäbler (1):
packagegroup-core-full-cmdline: Make nfs-utils/rpcbind optional
Peter Kjellerstedt (3):
texinfo-dummy-native: A little clean up of template.py
texinfo-dummy-native: Rewrite template.py to use argparse
package.bbclass: Clean up writing of runtime pkgdata files
Philippe Normand (9):
gstreamer1.0: upgrade to version 1.16.0
gstreamer1.0-omx: upgrade to version 1.16.0
gstreamer1.0-rtsp-server: upgrade to version 1.16.0
gstreamer1.0-python: upgrade to version 1.16.0
gst-validate: upgrade to version 1.16.0
cmake: Use compiler launcher variable when ccache is enabled
at-spi2: Make X11 support truly optional
gnutls: Use ca-certificates as default trust store file
gnutls: Use the sysconfdir variable for the ca-certificates path
Quentin Schulz (2):
meta: license: fix non-SPDX license being removed from INCOMPATIBLE_LICENSE
selftests: add tests for INCOMPATIBLE_LICENSE
Randy MacLeod (6):
valgrind: Make ptest timestamps copasetic
valgrind: add 'file' to ptest depends
util-linux: add setpriv utility
libcap-ng: split into libcap-ng/libcap-ng-python
ptest-runner: enable child procs as session leader
bash: use setpriv, sed.sed to run ptests
Richard Purdie (46):
perl-rdepends: Add missing module dependencies
bash: Fix bash-ptest dependencies
openssh: Add sudo dependency for ptest
libpcre: Add make dependency for ptest
m4: Add coreutils and diffutils dependency for ptest
perl/modules: Add various missing ptest perl module dependencies
layer.conf: Whitelist lttng-tools->lttng-modules dependency
tcmode-default: Make gcc9 the default
lttng-tools: Fix patch Upstream-Status
mesa: Fix patch Upstream-Status
uninative-tarball: Fix file generation after class changes
populate_sdk_base: Use highest compression level for xz
uninative-tarball: Use xz compression and SDK_ARCHIVE_CMD
strace: Tweak ptest disk space management
ptest-packagelists: Add mdadm
util-linux: Fix ptest dependencies
mdadm: Add missing ptest dependency
yocto-uninative: Update to 2.5 release
uninative: Switch from bz2 to xz
bitbake: main: Fix error message typo
qemuarm64: Add QB_CPU_KVM to allow kvm acceleration
runqemu: Add support for kvm on aarch64
useradd: Fix build architecture corruption of sstate artefacts
useradd: Ensure do_populate_sysroot has dependency on useradd variables
beaglebone-yocto: Add missing wic image u-boot deploy dependency
quilt: Add patch depends for quilt-ptest
libtest-needs-perl: Fix ptest dependencies
libtimedate-perl: Fix ptest dependencies
perl: Add missing perl module dependency
liburi-perl: Fix module ptest dependencies
libconvert-aan1-perl: Fix module and ptest dependencies
libxml-sax-perl: Fix module ptest dependencies
libxml-perl: Fix module and ptest dependencies
e2fsprogs: Fix missing ptest dependencies
glib-2.0: ptest fixes
openssh: Add missing ptest dependency on coreutils
gpg_sign/selftest: Fix secmem parameter handling
gawk: ptest fixes
openssh: Document skipped test dependency
multiconfig: Adapt to bitbake switch 'multiconfig' -> 'mc'
bitbake: multiconfig: Switch from 'multiconfig' -> 'mc'
bitbake: cooker: Add compability handling for multiconfig: prefix migration
build-appliance-image: Update to master head revision
bitbake: cooker: Ensure mcdeps are processed even if only one multiconfig
perl: Fix setgroup call regression from 5.30
perl: Move perl-sanity -> perl
Ross Burton (13):
insane: add sanity checks to SRC_URI
libidn2: upgrade to 2.2.0
local.conf.sample: change default MACHINE to qemux86-64
libical: tidy up Perl finding
wic/filemap: handle FIGETBSZ failing
libxslt: add comment saying when a workaround can be removed
parted: swap patches for the commits that landed upstream
parted: drop patch for linux <2.6.20 support
python-nose: python3-nose should be default
bluez: fix test case failures with GCC 9
efivar: add
efibootmgr: add
gstreamer1.0-libav: disable API documentation
Sakib Sajal (4):
bash: add iso8859-1 gconv RDEPENDS needed by bash-ptest.
bash: add big5hkscs gconv RDEPENDS needed by bash-ptest.
bash: run bash ptest as non-root user
ptest-runner: update SRCREV to latest HEAD on ptest-runner2 repo
Scott Rifenbark (17):
sdk-manual: Added link to BB manual fetcher section.
ref-manual: Updated "do_fetch" to have a link to "Fetchers"
dev-manual, ref-manual: removed "distrodata" class
ref-manual: Removed bugzilla.bbclass
ref-manual: Removed "distutils-tools" class.
ref-manual: Udated devtool help output examples.
ref-manual: New section "Checking Upgrade Status of a Recipe"
dev-manual: Added check-upgrade-status blurb to upgrading recipes
ref-manual: do_checkpkg - added link to checking upgrade status
ref-manual: Updates to check-recipe-upgrade devtool command
ref-manual: Grammar correction
dev-manual: Added new section for creating NPM packages
Makefile: Updated to support new NPM package creation section
dev-manual: Updated the "Working with Packages" list
ref-manual: Updated "npm.bbclass" section.
overview-manual: Updated SCM section
dev-manual: Fixed grammar issue.
Tim Orling (8):
libxml-parser-perl: fix ptest dependencies
perl-rdepends.txt: improve dependencies for perl module ptests
perl: install Config_git.pl
perl-rdepends.txt: fix perl-module-data-dumper dependencies
python3-scons-{native}: add recipe for v3.0.5
scons.bbclass: use python3-scons
serf: switch to python3-scons-native
oeqa/runtime: add simple test for scons
Tom Rini (2):
vim: Rework things so vim adds features not vim-tiny removes
vim: Update to 8.1.1518 to fix CVE-2019-12735
Yeoh Ee Peng (3):
resulttool/resultutils: Enable add extra configurations to results
resulttool/store: Enable add EXECUTED_BY config to results
resulttool/merge: Enable control TESTSERIES and extra configurations
Zang Ruochen (3):
openssh: Upgrade 7.9p1 -> 8.0p1
dbus: Upgrade 1.12.12 -> 1.12.14
dbus-test: Upgrade 1.12.12 -> 1.12.14
Zhixiong Chi (2):
gcc: reduce the variables in symtab
gcc: CVE-2018-12886
sangeeta jain (1):
resulttool/manualexecution: Enable creation of test case configuration
meta-raspberrypi: 7059c37451..40283f583b:
Andrei Gherzan (1):
gstreamer1.0-omx: Forward port bbappend and patches to v1.16.x
Khem Raj (4):
linux-raspberrypi_4.19.bb: Update to 4.19.44
rpi-default-versions: Switch defaults to 4.19
userland: Update to 20190501
firmware: Update 20190220 -> 20190517
malus-brandywine (1):
sdcard_image-rpi : minor bug in use of FATPAYLOAD
Change-Id: Idab4e8c2666bc776d0b47988a32dcb9f04885aff
Signed-off-by: Brad Bishop <bradleyb@fuzziesquirrel.com>
diff --git a/poky/meta/recipes-devtools/python/python-mako.inc b/poky/meta/recipes-devtools/python/python-mako.inc
index 97c624b..20808fe 100644
--- a/poky/meta/recipes-devtools/python/python-mako.inc
+++ b/poky/meta/recipes-devtools/python/python-mako.inc
@@ -8,8 +8,8 @@
inherit pypi
-SRC_URI[md5sum] = "d739720f3f0d6a1cb6a96ea7a4760c3e"
-SRC_URI[sha256sum] = "0728c404877cd4ca72c409c0ea372dc5f3b53fa1ad2bb434e1d216c0444ff1fd"
+SRC_URI[md5sum] = "a94d376078dda65f834ea5049a81ebb5"
+SRC_URI[sha256sum] = "7165919e78e1feb68b4dbe829871ea9941398178fa58e6beedb9ba14acf63965"
RDEPENDS_${PN} = "${PYTHON_PN}-html \
${PYTHON_PN}-netclient \
diff --git a/poky/meta/recipes-devtools/python/python-nose_1.3.7.bb b/poky/meta/recipes-devtools/python/python-nose_1.3.7.bb
index 6d69d2d..fab609d 100644
--- a/poky/meta/recipes-devtools/python/python-nose_1.3.7.bb
+++ b/poky/meta/recipes-devtools/python/python-nose_1.3.7.bb
@@ -1,2 +1,6 @@
inherit setuptools
require python-nose.inc
+
+do_install_append() {
+ rm ${D}${bindir}/nosetests
+}
diff --git a/poky/meta/recipes-devtools/python/python-setuptools.inc b/poky/meta/recipes-devtools/python/python-setuptools.inc
index 357aa07..f49e078 100644
--- a/poky/meta/recipes-devtools/python/python-setuptools.inc
+++ b/poky/meta/recipes-devtools/python/python-setuptools.inc
@@ -37,3 +37,14 @@
}
BBCLASSEXTEND = "native nativesdk"
+
+# The pkg-resources module can be used by itself, without the package downloader
+# and easy_install. Ship it in a separate package so that it can be used by
+# minimal distributions.
+PACKAGES =+ "${PYTHON_PN}-pkg-resources "
+FILES_${PYTHON_PN}-pkg-resources = "${PYTHON_SITEPACKAGES_DIR}/pkg_resources/*"
+# Due to the way OE-Core implemented native recipes, the native class cannot
+# have a dependency on something that is not a recipe name. Work around that by
+# manually setting RPROVIDES.
+RDEPENDS_${PN}_append = " ${PYTHON_PN}-pkg-resources"
+RPROVIDES_append_class-native = " ${PYTHON_PN}-pkg-resources-native"
diff --git a/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch b/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
new file mode 100644
index 0000000..b267237
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948-fix.patch
@@ -0,0 +1,55 @@
+From 179a5f75f1121dab271fe8f90eb35145f9dcbbda Mon Sep 17 00:00:00 2001
+From: Sihoon Lee <push0ebp@gmail.com>
+Date: Fri, 17 May 2019 02:41:06 +0900
+Subject: [PATCH] Update test_urllib.py and urllib.py\nchange assertEqual into
+ assertRasies in DummyURLopener test, and simplify mitigation
+
+Upstream-Status: Submitted https://github.com/python/cpython/pull/11842
+
+CVE: CVE-2019-9948
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ Lib/test/test_urllib.py | 11 +++--------
+ Lib/urllib.py | 4 ++--
+ 2 files changed, 5 insertions(+), 10 deletions(-)
+
+diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
+index e5f210e62a18..1e23dfb0bb16 100644
+--- a/Lib/test/test_urllib.py
++++ b/Lib/test/test_urllib.py
+@@ -1027,14 +1027,9 @@ def test_local_file_open(self):
+ class DummyURLopener(urllib.URLopener):
+ def open_local_file(self, url):
+ return url
+- self.assertEqual(DummyURLopener().open(
+- 'local-file://example'), '//example')
+- self.assertEqual(DummyURLopener().open(
+- 'local_file://example'), '//example')
+- self.assertRaises(IOError, urllib.urlopen,
+- 'local-file://example')
+- self.assertRaises(IOError, urllib.urlopen,
+- 'local_file://example')
++ for url in ('local_file://example', 'local-file://example'):
++ self.assertRaises(IOError, DummyURLopener().open, url)
++ self.assertRaises(IOError, urllib.urlopen, url)
+
+ # Just commented them out.
+ # Can't really tell why keep failing in windows and sparc.
+diff --git a/Lib/urllib.py b/Lib/urllib.py
+index a24e9a5c68fb..39b834054e9e 100644
+--- a/Lib/urllib.py
++++ b/Lib/urllib.py
+@@ -203,10 +203,10 @@ def open(self, fullurl, data=None):
+ name = 'open_' + urltype
+ self.type = urltype
+ name = name.replace('-', '_')
+-
++
+ # bpo-35907: # disallow the file reading with the type not allowed
+ if not hasattr(self, name) or \
+- (self == _urlopener and name == 'open_local_file'):
++ getattr(self, name) == self.open_local_file:
+ if proxy:
+ return self.open_unknown_proxy(proxy, fullurl, data)
+ else:
diff --git a/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch b/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
new file mode 100644
index 0000000..f4c225d
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python/bpo-35907-cve-2019-9948.patch
@@ -0,0 +1,55 @@
+From 8f99cc799e4393bf1112b9395b2342f81b3f45ef Mon Sep 17 00:00:00 2001
+From: push0ebp <push0ebp@shl-MacBook-Pro.local>
+Date: Thu, 14 Feb 2019 02:05:46 +0900
+Subject: [PATCH] bpo-35907: Avoid file reading as disallowing the unnecessary
+ URL scheme in urllib
+
+Upstream-Status: Submitted https://github.com/python/cpython/pull/11842
+
+CVE: CVE-2019-9948
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ Lib/test/test_urllib.py | 12 ++++++++++++
+ Lib/urllib.py | 5 ++++-
+ 2 files changed, 16 insertions(+), 1 deletion(-)
+
+diff --git a/Lib/test/test_urllib.py b/Lib/test/test_urllib.py
+index 1ce9201c0693..e5f210e62a18 100644
+--- a/Lib/test/test_urllib.py
++++ b/Lib/test/test_urllib.py
+@@ -1023,6 +1023,18 @@ def open_spam(self, url):
+ "spam://c:|windows%/:=&?~#+!$,;'@()*[]|/path/"),
+ "//c:|windows%/:=&?~#+!$,;'@()*[]|/path/")
+
++ def test_local_file_open(self):
++ class DummyURLopener(urllib.URLopener):
++ def open_local_file(self, url):
++ return url
++ self.assertEqual(DummyURLopener().open(
++ 'local-file://example'), '//example')
++ self.assertEqual(DummyURLopener().open(
++ 'local_file://example'), '//example')
++ self.assertRaises(IOError, urllib.urlopen,
++ 'local-file://example')
++ self.assertRaises(IOError, urllib.urlopen,
++ 'local_file://example')
+
+ # Just commented them out.
+ # Can't really tell why keep failing in windows and sparc.
+diff --git a/Lib/urllib.py b/Lib/urllib.py
+index d85504a5cb7e..a24e9a5c68fb 100644
+--- a/Lib/urllib.py
++++ b/Lib/urllib.py
+@@ -203,7 +203,10 @@ def open(self, fullurl, data=None):
+ name = 'open_' + urltype
+ self.type = urltype
+ name = name.replace('-', '_')
+- if not hasattr(self, name):
++
++ # bpo-35907: # disallow the file reading with the type not allowed
++ if not hasattr(self, name) or \
++ (self == _urlopener and name == 'open_local_file'):
+ if proxy:
+ return self.open_unknown_proxy(proxy, fullurl, data)
+ else:
diff --git a/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch b/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
new file mode 100644
index 0000000..2ce4d2c
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636-fix.patch
@@ -0,0 +1,28 @@
+From 06b5ee585d6e76bdbb4002f642d864d860cbbd2b Mon Sep 17 00:00:00 2001
+From: Steve Dower <steve.dower@python.org>
+Date: Tue, 12 Mar 2019 08:23:33 -0700
+Subject: [PATCH] bpo-36216: Only print test messages when verbose
+
+CVE: CVE-2019-9636
+
+Upstream-Status: Backport https://github.com/python/cpython/pull/12291/commits/06b5ee585d6e76bdbb4002f642d864d860cbbd2b
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ Lib/test/test_urlparse.py | 3 ++-
+ 1 file changed, 2 insertions(+), 1 deletion(-)
+
+diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
+index 73b0228ea8e3..1830d0b28688 100644
+--- a/Lib/test/test_urlparse.py
++++ b/Lib/test/test_urlparse.py
+@@ -644,7 +644,8 @@ def test_urlsplit_normalization(self):
+ for scheme in [u"http", u"https", u"ftp"]:
+ for c in denorm_chars:
+ url = u"{}://netloc{}false.netloc/path".format(scheme, c)
+- print "Checking %r" % url
++ if test_support.verbose:
++ print "Checking %r" % url
+ with self.assertRaises(ValueError):
+ urlparse.urlsplit(url)
+
diff --git a/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch b/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
new file mode 100644
index 0000000..352b13b
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python/bpo-36216-cve-2019-9636.patch
@@ -0,0 +1,111 @@
+From 3e3669c9c41a27e1466e2c28b3906e3dd0ce3e7e Mon Sep 17 00:00:00 2001
+From: Steve Dower <steve.dower@python.org>
+Date: Thu, 7 Mar 2019 08:25:22 -0800
+Subject: [PATCH] bpo-36216: Add check for characters in netloc that normalize
+ to separators (GH-12201)
+
+CVE: CVE-2019-9636
+
+Upstream-Status: Backport https://github.com/python/cpython/pull/12216/commits/3e3669c9c41a27e1466e2c28b3906e3dd0ce3e7e
+
+Signed-off-by: Martin Jansa <Martin.Jansa@gmail.com>
+---
+ Doc/library/urlparse.rst | 20 ++++++++++++++++
+ Lib/test/test_urlparse.py | 24 +++++++++++++++++++
+ Lib/urlparse.py | 17 +++++++++++++
+ .../2019-03-06-09-38-40.bpo-36216.6q1m4a.rst | 3 +++
+ 4 files changed, 64 insertions(+)
+ create mode 100644 Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
+
+diff --git a/Lib/test/test_urlparse.py b/Lib/test/test_urlparse.py
+index 4e1ded73c266..73b0228ea8e3 100644
+--- a/Lib/test/test_urlparse.py
++++ b/Lib/test/test_urlparse.py
+@@ -1,4 +1,6 @@
+ from test import test_support
++import sys
++import unicodedata
+ import unittest
+ import urlparse
+
+@@ -624,6 +626,28 @@ def test_portseparator(self):
+ self.assertEqual(urlparse.urlparse("http://www.python.org:80"),
+ ('http','www.python.org:80','','','',''))
+
++ def test_urlsplit_normalization(self):
++ # Certain characters should never occur in the netloc,
++ # including under normalization.
++ # Ensure that ALL of them are detected and cause an error
++ illegal_chars = u'/:#?@'
++ hex_chars = {'{:04X}'.format(ord(c)) for c in illegal_chars}
++ denorm_chars = [
++ c for c in map(unichr, range(128, sys.maxunicode))
++ if (hex_chars & set(unicodedata.decomposition(c).split()))
++ and c not in illegal_chars
++ ]
++ # Sanity check that we found at least one such character
++ self.assertIn(u'\u2100', denorm_chars)
++ self.assertIn(u'\uFF03', denorm_chars)
++
++ for scheme in [u"http", u"https", u"ftp"]:
++ for c in denorm_chars:
++ url = u"{}://netloc{}false.netloc/path".format(scheme, c)
++ print "Checking %r" % url
++ with self.assertRaises(ValueError):
++ urlparse.urlsplit(url)
++
+ def test_main():
+ test_support.run_unittest(UrlParseTestCase)
+
+diff --git a/Lib/urlparse.py b/Lib/urlparse.py
+index f7c2b032b097..54eda08651ab 100644
+--- a/Lib/urlparse.py
++++ b/Lib/urlparse.py
+@@ -165,6 +165,21 @@ def _splitnetloc(url, start=0):
+ delim = min(delim, wdelim) # use earliest delim position
+ return url[start:delim], url[delim:] # return (domain, rest)
+
++def _checknetloc(netloc):
++ if not netloc or not isinstance(netloc, unicode):
++ return
++ # looking for characters like \u2100 that expand to 'a/c'
++ # IDNA uses NFKC equivalence, so normalize for this check
++ import unicodedata
++ netloc2 = unicodedata.normalize('NFKC', netloc)
++ if netloc == netloc2:
++ return
++ _, _, netloc = netloc.rpartition('@') # anything to the left of '@' is okay
++ for c in '/?#@:':
++ if c in netloc2:
++ raise ValueError("netloc '" + netloc2 + "' contains invalid " +
++ "characters under NFKC normalization")
++
+ def urlsplit(url, scheme='', allow_fragments=True):
+ """Parse a URL into 5 components:
+ <scheme>://<netloc>/<path>?<query>#<fragment>
+@@ -193,6 +208,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
+ url, fragment = url.split('#', 1)
+ if '?' in url:
+ url, query = url.split('?', 1)
++ _checknetloc(netloc)
+ v = SplitResult(scheme, netloc, url, query, fragment)
+ _parse_cache[key] = v
+ return v
+@@ -216,6 +232,7 @@ def urlsplit(url, scheme='', allow_fragments=True):
+ url, fragment = url.split('#', 1)
+ if '?' in url:
+ url, query = url.split('?', 1)
++ _checknetloc(netloc)
+ v = SplitResult(scheme, netloc, url, query, fragment)
+ _parse_cache[key] = v
+ return v
+diff --git a/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
+new file mode 100644
+index 000000000000..1e1ad92c6feb
+--- /dev/null
++++ b/Misc/NEWS.d/next/Security/2019-03-06-09-38-40.bpo-36216.6q1m4a.rst
+@@ -0,0 +1,3 @@
++Changes urlsplit() to raise ValueError when the URL contains characters that
++decompose under IDNA encoding (NFKC-normalization) into characters that
++affect how the URL is parsed.
+\ No newline at end of file
diff --git a/poky/meta/recipes-devtools/python/python3-mako_1.0.9.bb b/poky/meta/recipes-devtools/python/python3-mako_1.0.10.bb
similarity index 100%
rename from poky/meta/recipes-devtools/python/python3-mako_1.0.9.bb
rename to poky/meta/recipes-devtools/python/python3-mako_1.0.10.bb
diff --git a/poky/meta/recipes-devtools/python/python3-nose_1.3.7.bb b/poky/meta/recipes-devtools/python/python3-nose_1.3.7.bb
index 8bc1f49..13dbf96 100644
--- a/poky/meta/recipes-devtools/python/python3-nose_1.3.7.bb
+++ b/poky/meta/recipes-devtools/python/python3-nose_1.3.7.bb
@@ -1,6 +1,2 @@
inherit setuptools3
require python-nose.inc
-
-do_install_append() {
- mv ${D}${bindir}/nosetests ${D}${bindir}/nosetests3
-}
diff --git a/poky/meta/recipes-devtools/python/python3-pbr_5.1.3.bb b/poky/meta/recipes-devtools/python/python3-pbr_5.1.3.bb
deleted file mode 100644
index d9b6ce7..0000000
--- a/poky/meta/recipes-devtools/python/python3-pbr_5.1.3.bb
+++ /dev/null
@@ -1,5 +0,0 @@
-inherit setuptools3
-require python-pbr.inc
-SRC_URI[md5sum] = "08972dca5fd2a959f27842090973edd6"
-SRC_URI[sha256sum] = "8c361cc353d988e4f5b998555c88098b9d5964c2e11acf7b0d21925a66bb5824"
-
diff --git a/poky/meta/recipes-devtools/python/python3-pbr_5.2.0.bb b/poky/meta/recipes-devtools/python/python3-pbr_5.2.0.bb
new file mode 100644
index 0000000..ed6832e
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3-pbr_5.2.0.bb
@@ -0,0 +1,5 @@
+inherit setuptools3
+require python-pbr.inc
+SRC_URI[md5sum] = "2bca008fd08d035a2f78c606d876a6db"
+SRC_URI[sha256sum] = "d950c64aeea5456bbd147468382a5bb77fe692c13c9f00f0219814ce5b642755"
+
diff --git a/poky/meta/recipes-devtools/python/python3-pip_19.0.3.bb b/poky/meta/recipes-devtools/python/python3-pip_19.1.1.bb
similarity index 81%
rename from poky/meta/recipes-devtools/python/python3-pip_19.0.3.bb
rename to poky/meta/recipes-devtools/python/python3-pip_19.1.1.bb
index 4fdc7ee..baf32f4 100644
--- a/poky/meta/recipes-devtools/python/python3-pip_19.0.3.bb
+++ b/poky/meta/recipes-devtools/python/python3-pip_19.1.1.bb
@@ -6,8 +6,8 @@
DEPENDS += "python3 python3-setuptools-native"
-SRC_URI[md5sum] = "1c5edb0924a0d7d79f3a2e3df05009b4"
-SRC_URI[sha256sum] = "6e6f197a1abfb45118dbb878b5c859a0edbdd33fd250100bc015b67fded4b9f2"
+SRC_URI[md5sum] = "4fb98a060f21c731d6743b90a714fc73"
+SRC_URI[sha256sum] = "44d3d7d3d30a1eb65c7e5ff1173cdf8f7467850605ac7cc3707b6064bddd0958"
inherit pypi distutils3
diff --git a/poky/meta/recipes-devtools/python/python3-pygments_2.4.2.bb b/poky/meta/recipes-devtools/python/python3-pygments_2.4.2.bb
new file mode 100644
index 0000000..35c0ac6
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3-pygments_2.4.2.bb
@@ -0,0 +1,20 @@
+SUMMARY = "Pygments is a syntax highlighting package written in Python."
+DESCRIPTION = "Pygments is a syntax highlighting package written in Python."
+HOMEPAGE = "http://pygments.org/"
+LICENSE = "BSD-2-Clause"
+LIC_FILES_CHKSUM = "file://LICENSE;md5=e1d7b7bffbfeaa14083fd2bd3236aea8"
+
+inherit setuptools3
+SRC_URI[md5sum] = "5ecc3fbb2a783e917b369271fc0e6cd1"
+SRC_URI[sha256sum] = "881c4c157e45f30af185c1ffe8d549d48ac9127433f2c380c24b84572ad66297"
+
+DEPENDS += "\
+ ${PYTHON_PN} \
+ "
+
+PYPI_PACKAGE = "Pygments"
+
+inherit pypi
+
+BBCLASSEXTEND = "native nativesdk"
+
diff --git a/poky/meta/recipes-devtools/python/python3-scons-native_3.0.5.bb b/poky/meta/recipes-devtools/python/python3-scons-native_3.0.5.bb
new file mode 100644
index 0000000..5cd5956
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3-scons-native_3.0.5.bb
@@ -0,0 +1,8 @@
+require python3-scons_${PV}.bb
+inherit native python3native
+DEPENDS = "python3-native"
+RDEPENDS_${PN} = ""
+
+do_install_append() {
+ create_wrapper ${D}${bindir}/scons SCONS_LIB_DIR='${STAGING_DIR_HOST}/${PYTHON_SITEPACKAGES_DIR}' PYTHONNOUSERSITE='1'
+}
diff --git a/poky/meta/recipes-devtools/python/python3-scons_3.0.5.bb b/poky/meta/recipes-devtools/python/python3-scons_3.0.5.bb
new file mode 100644
index 0000000..7fb75a6
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3-scons_3.0.5.bb
@@ -0,0 +1,29 @@
+SUMMARY = "Software Construction tool (make/autotools replacement)"
+SECTION = "devel/python"
+LICENSE = "MIT"
+LIC_FILES_CHKSUM = "file://LICENSE.txt;md5=37bb53a08e6beaea0c90e7821d731284"
+
+SRC_URI = "${SOURCEFORGE_MIRROR}/scons/scons-${PV}.tar.gz"
+SRC_URI[md5sum] = "9f9c163e8bd48cf8cd92f03e85ca6395"
+SRC_URI[sha256sum] = "df676f23dc6d4bfa384fc389d95dcd21ab907e6349d4c848958ba4befb73c73e"
+
+S = "${WORKDIR}/scons-${PV}"
+
+UPSTREAM_CHECK_URI = "http://scons.org/pages/download.html"
+UPSTREAM_CHECK_REGEX = "(?P<pver>\d+(\.\d+)+)\.tar"
+
+inherit setuptools3
+
+do_install_prepend() {
+ sed -i -e "1s,#!.*python.*,#!${USRBINPATH}/env python3," ${S}/script/*
+}
+
+RDEPENDS_${PN} = "\
+ python3-core \
+ python3-fcntl \
+ python3-io \
+ python3-json \
+ python3-shell \
+ python3-pickle \
+ python3-pprint \
+ "
diff --git a/poky/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch b/poky/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch
new file mode 100644
index 0000000..e7af886
--- /dev/null
+++ b/poky/meta/recipes-devtools/python/python3/0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch
@@ -0,0 +1,201 @@
+From 7535c39951b9d15dd64c4669092a8582ba555466 Mon Sep 17 00:00:00 2001
+From: Matthias Schoepfer <matthias.schoepfer@ithinx.io>
+Date: Fri, 31 May 2019 15:34:34 +0200
+Subject: [PATCH] bpo-36852: proper detection of mips architecture for soft
+ float
+
+When (cross) compiling for softfloat mips, __mips_hard_float will not be
+defined and detection of OS triplet in configure.ac / configure will fail.
+
+This also has to do with the custom detection of the build triplet. Trying
+to do this in a more autoconf/autotools manner.
+
+Upstream-Status: Submitted [https://github.com/python/cpython/pull/13196]
+Signed-off-by: Matthias Schoepfer <matthias.schoepfer@ithinx.io>
+---
+ configure.ac | 169 ++++++---------------------------------------------
+ 1 file changed, 17 insertions(+), 152 deletions(-)
+
+diff --git a/configure.ac b/configure.ac
+index a7de901e08..a73e2de51b 100644
+--- a/configure.ac
++++ b/configure.ac
+@@ -727,158 +727,23 @@ fi
+ MULTIARCH=$($CC --print-multiarch 2>/dev/null)
+ AC_SUBST(MULTIARCH)
+
+-AC_MSG_CHECKING([for the platform triplet based on compiler characteristics])
+-cat >> conftest.c <<EOF
+-#undef bfin
+-#undef cris
+-#undef fr30
+-#undef linux
+-#undef hppa
+-#undef hpux
+-#undef i386
+-#undef mips
+-#undef powerpc
+-#undef sparc
+-#undef unix
+-#if defined(__ANDROID__)
+- # Android is not a multiarch system.
+-#elif defined(__linux__)
+-# if defined(__x86_64__) && defined(__LP64__)
+- x86_64-linux-gnu
+-# elif defined(__x86_64__) && defined(__ILP32__)
+- x86_64-linux-gnux32
+-# elif defined(__i386__)
+- i386-linux-gnu
+-# elif defined(__aarch64__) && defined(__AARCH64EL__)
+-# if defined(__ILP32__)
+- aarch64_ilp32-linux-gnu
+-# else
+- aarch64-linux-gnu
+-# endif
+-# elif defined(__aarch64__) && defined(__AARCH64EB__)
+-# if defined(__ILP32__)
+- aarch64_be_ilp32-linux-gnu
+-# else
+- aarch64_be-linux-gnu
+-# endif
+-# elif defined(__alpha__)
+- alpha-linux-gnu
+-# elif defined(__ARM_EABI__) && defined(__ARM_PCS_VFP)
+-# if defined(__ARMEL__)
+- arm-linux-gnueabihf
+-# else
+- armeb-linux-gnueabihf
+-# endif
+-# elif defined(__ARM_EABI__) && !defined(__ARM_PCS_VFP)
+-# if defined(__ARMEL__)
+- arm-linux-gnueabi
+-# else
+- armeb-linux-gnueabi
+-# endif
+-# elif defined(__hppa__)
+- hppa-linux-gnu
+-# elif defined(__ia64__)
+- ia64-linux-gnu
+-# elif defined(__m68k__) && !defined(__mcoldfire__)
+- m68k-linux-gnu
+-# elif defined(__mips_hard_float) && defined(__mips_isa_rev) && (__mips_isa_rev >=6) && defined(_MIPSEL)
+-# if _MIPS_SIM == _ABIO32
+- mipsisa32r6el-linux-gnu
+-# elif _MIPS_SIM == _ABIN32
+- mipsisa64r6el-linux-gnuabin32
+-# elif _MIPS_SIM == _ABI64
+- mipsisa64r6el-linux-gnuabi64
+-# else
+-# error unknown platform triplet
+-# endif
+-# elif defined(__mips_hard_float) && defined(__mips_isa_rev) && (__mips_isa_rev >=6)
+-# if _MIPS_SIM == _ABIO32
+- mipsisa32r6-linux-gnu
+-# elif _MIPS_SIM == _ABIN32
+- mipsisa64r6-linux-gnuabin32
+-# elif _MIPS_SIM == _ABI64
+- mipsisa64r6-linux-gnuabi64
+-# else
+-# error unknown platform triplet
+-# endif
+-# elif defined(__mips_hard_float) && defined(_MIPSEL)
+-# if _MIPS_SIM == _ABIO32
+- mipsel-linux-gnu
+-# elif _MIPS_SIM == _ABIN32
+- mips64el-linux-gnuabin32
+-# elif _MIPS_SIM == _ABI64
+- mips64el-linux-gnuabi64
+-# else
+-# error unknown platform triplet
+-# endif
+-# elif defined(__mips_hard_float)
+-# if _MIPS_SIM == _ABIO32
+- mips-linux-gnu
+-# elif _MIPS_SIM == _ABIN32
+- mips64-linux-gnuabin32
+-# elif _MIPS_SIM == _ABI64
+- mips64-linux-gnuabi64
+-# else
+-# error unknown platform triplet
+-# endif
+-# elif defined(__or1k__)
+- or1k-linux-gnu
+-# elif defined(__powerpc__) && defined(__SPE__)
+- powerpc-linux-gnuspe
+-# elif defined(__powerpc64__)
+-# if defined(__LITTLE_ENDIAN__)
+- powerpc64le-linux-gnu
+-# else
+- powerpc64-linux-gnu
+-# endif
+-# elif defined(__powerpc__)
+- powerpc-linux-gnu
+-# elif defined(__s390x__)
+- s390x-linux-gnu
+-# elif defined(__s390__)
+- s390-linux-gnu
+-# elif defined(__sh__) && defined(__LITTLE_ENDIAN__)
+- sh4-linux-gnu
+-# elif defined(__sparc__) && defined(__arch64__)
+- sparc64-linux-gnu
+-# elif defined(__sparc__)
+- sparc-linux-gnu
+-# elif defined(__riscv)
+-# if __riscv_xlen == 32
+- riscv32-linux-gnu
+-# elif __riscv_xlen == 64
+- riscv64-linux-gnu
+-# else
+-# error unknown platform triplet
+-# endif
+-# else
+-# error unknown platform triplet
+-# endif
+-#elif defined(__FreeBSD_kernel__)
+-# if defined(__LP64__)
+- x86_64-kfreebsd-gnu
+-# elif defined(__i386__)
+- i386-kfreebsd-gnu
+-# else
+-# error unknown platform triplet
+-# endif
+-#elif defined(__gnu_hurd__)
+- i386-gnu
+-#elif defined(__APPLE__)
+- darwin
+-#else
+-# error unknown platform triplet
+-#endif
+-
+-EOF
+-
+-if $CPP $CPPFLAGS conftest.c >conftest.out 2>/dev/null; then
+- PLATFORM_TRIPLET=`grep -v '^#' conftest.out | grep -v '^ *$' | tr -d ' '`
+- AC_MSG_RESULT([$PLATFORM_TRIPLET])
+-else
+- AC_MSG_RESULT([none])
+-fi
+-rm -f conftest.c conftest.out
++AC_CANONICAL_TARGET
++## Not using $target to filter out vendor
++## Need to handle macos, vxworks and hurd special (?) :-/
++case ${target_os} in
++ darwin*)
++ PLATFORM_TRIPLET=darwin
++ ;;
++ hurd*)
++ PLATFORM_TRIPLET=i386-gnu
++ ;;
++ vxworks*)
++ PLATFORM_TRIPLET=vxworks
++ ;;
++ *)
++ PLATFORM_TRIPLET=${target_cpu}-${target_os}
++ ;;
++esac
+
+ if test x$PLATFORM_TRIPLET != x && test x$MULTIARCH != x; then
+ if test x$PLATFORM_TRIPLET != x$MULTIARCH; then
+--
+2.21.0
+
diff --git a/poky/meta/recipes-devtools/python/python3_3.7.3.bb b/poky/meta/recipes-devtools/python/python3_3.7.3.bb
index 413d35a..832ef1b 100644
--- a/poky/meta/recipes-devtools/python/python3_3.7.3.bb
+++ b/poky/meta/recipes-devtools/python/python3_3.7.3.bb
@@ -23,6 +23,7 @@
file://0003-setup.py-pass-missing-libraries-to-Extension-for-mul.patch \
file://0001-Lib-sysconfig.py-fix-another-place-where-lib-is-hard.patch \
file://0001-Makefile-fix-Issue36464-parallel-build-race-problem.patch \
+ file://0001-bpo-36852-proper-detection-of-mips-architecture-for-.patch \
"
SRC_URI_append_class-native = " \
diff --git a/poky/meta/recipes-devtools/python/python_2.7.16.bb b/poky/meta/recipes-devtools/python/python_2.7.16.bb
index 0e7dd2b..d70342f 100644
--- a/poky/meta/recipes-devtools/python/python_2.7.16.bb
+++ b/poky/meta/recipes-devtools/python/python_2.7.16.bb
@@ -30,7 +30,11 @@
file://support_SOURCE_DATE_EPOCH_in_py_compile_2.7.patch \
file://float-endian.patch \
file://0001-python2-use-cc_basename-to-replace-CC-for-checking-c.patch \
- "
+ file://bpo-35907-cve-2019-9948.patch \
+ file://bpo-35907-cve-2019-9948-fix.patch \
+ file://bpo-36216-cve-2019-9636.patch \
+ file://bpo-36216-cve-2019-9636-fix.patch \
+"
S = "${WORKDIR}/Python-${PV}"