Drop upstreamed patch and refresh remaining patches.
* https://www.python.org/downloads/release/python-31210/
Python 3.12.10 is the latest maintenance release of Python 3.12, and
the last full maintenance release. Subsequent releases of 3.12 will be
security-fixes only.
* https://www.python.org/downloads/release/python-31211/
Security content in this release
* gh-135034: [CVE 2024-12718] [CVE 2025-4138] [CVE 2025-4330]
[CVE 2025-4435] [CVE 2025-4517] Fixes multiple issues that allowed
tarfile extraction filters (filter="data" and filter="tar") to be
bypassed using crafted symlinks and hard links.
* gh-133767: Fix use-after-free in the “unicode-escape” decoder with a
non-“strict” error handler.
* gh-128840: Short-circuit the processing of long IPv6 addresses early
in ipaddress to prevent excessive memory consumption and a minor
denial-of-service.
gh-133767 got meawhile CVE-2025-4516 assigned.
(From OE-Core rev: 6cca08b2857efd5481e837ecd6bb295cb8a99ee1)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Release notes:
https://docs.python.org/release/3.12.9/whatsnew/changelog.html#python-3-12-9
Solves CVE-2025-0938, CVE-2024-12254 and 3 other vulnerabilities without
CVE number assigment.
Add a patch to fix failure of a new test.
(From OE-Core rev: 685b2719ae9b44c238e63942efabe52e5df7d640)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Steve Sakoman <steve@sakoman.com>
Drop distutils and smtpd modules from packaging, as both are gone in 3.12.
Rebase:
0020-configure.ac-setup.py-do-not-add-a-curses-include-pa.patch
(drop setup.py chunk as the file is gone)
Drop patches:
0001-Do-not-add-usr-lib-termcap-to-linker-flags-to-avoid-.patch
(setup.py gone, lib/termcap not mentioned anywhere else)
0001-Don-t-search-system-for-headers-libraries.patch
(setup.py gone, usr/lib64 not mentioned anywhere else)
0001-Makefile-do-not-compile-.pyc-in-parallel.patch
(replaced with COMPILEALL_OPTS= in EXTRA_OEMAKE)
0001-setup.py-Do-not-detect-multiarch-paths-when-cross-co.patch
(setup.py gone, add_multiarch_paths not mentioned anywhere else)
0017-setup.py-do-not-report-missing-dependencies-for-disa.patch
(has been superseded by Setup.local tweak in do_configure:prepend)
12-distutils-prefix-is-inside-staging-area.patch
(distutils has been removed upstream, so this old, unplesant hack can be finally dropped)
avoid_warning_about_tkinter.patch
(setup.py gone, tkinter detection logic performed in configure.ac)
(From OE-Core rev: 716d82352545d3667a658b69d65d6127678dd150)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
There is really no reason why we can't: it only needs to be available
in two versions (native/target), and the correct one can be picked
via PATH priority order.
This eliminates two un-upstreamable patches, one of which relies
on soon to be removed distutils.
(From OE-Core rev: d0145ead0f80ba4bde8e24617a8725f38eda8339)
Signed-off-by: Alexander Kanavin <alex@linutronix.de>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
The native path may be too big, leading to shebang
overflow. Just use the #!/usr/bin/env python3.
(From OE-Core rev: 84783dee09e48cb930c7cd27944eaf3f03997237)
Signed-off-by: Paulo Neves <ptsneves@gmail.com>
Signed-off-by: Alexandre Belloni <alexandre.belloni@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
