* [PATCH] python3-six: Add ptest support
From: Shilong.Jiao @ 2026-06-09 1:41 UTC (permalink / raw)
To: openembedded-core
From: Shilong Jiao <Shilong.Jiao@windriver.com>
Add ptest for python3-six using pytest to run the test_six.py
test suite included in the source package.
PASS: test_six.py::test_add_doc
PASS: test_six.py::test_import_module
PASS: test_six.py::test_integer_types
PASS: test_six.py::test_string_types
PASS: test_six.py::test_class_types
PASS: test_six.py::test_text_type
PASS: test_six.py::test_binary_type
PASS: test_six.py::test_MAXSIZE
PASS: test_six.py::test_lazy
PASS: test_six.py::test_move_items[cStringIO]
PASS: test_six.py::test_move_items[filter]
PASS: test_six.py::test_move_items[filterfalse]
PASS: test_six.py::test_move_items[input]
PASS: test_six.py::test_move_items[intern]
PASS: test_six.py::test_move_items[map]
PASS: test_six.py::test_move_items[getcwd]
PASS: test_six.py::test_move_items[getcwdb]
PASS: test_six.py::test_move_items[getoutput]
PASS: test_six.py::test_move_items[range]
PASS: test_six.py::test_move_items[reload_module]
PASS: test_six.py::test_move_items[reduce]
PASS: test_six.py::test_move_items[shlex_quote]
PASS: test_six.py::test_move_items[StringIO]
PASS: test_six.py::test_move_items[UserDict]
PASS: test_six.py::test_move_items[UserList]
PASS: test_six.py::test_move_items[UserString]
PASS: test_six.py::test_move_items[xrange]
PASS: test_six.py::test_move_items[zip]
PASS: test_six.py::test_move_items[zip_longest]
PASS: test_six.py::test_move_items[builtins]
PASS: test_six.py::test_move_items[configparser]
PASS: test_six.py::test_move_items[collections_abc]
PASS: test_six.py::test_move_items[copyreg]
PASS: test_six.py::test_move_items[dbm_gnu]
PASS: test_six.py::test_move_items[dbm_ndbm]
PASS: test_six.py::test_move_items[_dummy_thread]
PASS: test_six.py::test_move_items[http_cookiejar]
PASS: test_six.py::test_move_items[http_cookies]
PASS: test_six.py::test_move_items[html_entities]
PASS: test_six.py::test_move_items[html_parser]
PASS: test_six.py::test_move_items[http_client]
PASS: test_six.py::test_move_items[email_mime_base]
PASS: test_six.py::test_move_items[email_mime_image]
PASS: test_six.py::test_move_items[email_mime_multipart]
PASS: test_six.py::test_move_items[email_mime_nonmultipart]
PASS: test_six.py::test_move_items[email_mime_text]
PASS: test_six.py::test_move_items[BaseHTTPServer]
PASS: test_six.py::test_move_items[CGIHTTPServer]
PASS: test_six.py::test_move_items[SimpleHTTPServer]
PASS: test_six.py::test_move_items[cPickle]
PASS: test_six.py::test_move_items[queue]
PASS: test_six.py::test_move_items[reprlib]
PASS: test_six.py::test_move_items[socketserver]
PASS: test_six.py::test_move_items[_thread]
SKIP: test_six.py::test_move_items[tkinter]
SKIP: test_six.py::test_move_items[tkinter_dialog]
SKIP: test_six.py::test_move_items[tkinter_filedialog]
SKIP: test_six.py::test_move_items[tkinter_scrolledtext]
SKIP: test_six.py::test_move_items[tkinter_simpledialog]
SKIP: test_six.py::test_move_items[tkinter_tix]
SKIP: test_six.py::test_move_items[tkinter_ttk]
SKIP: test_six.py::test_move_items[tkinter_constants]
SKIP: test_six.py::test_move_items[tkinter_dnd]
SKIP: test_six.py::test_move_items[tkinter_colorchooser]
SKIP: test_six.py::test_move_items[tkinter_commondialog]
SKIP: test_six.py::test_move_items[tkinter_tkfiledialog]
SKIP: test_six.py::test_move_items[tkinter_font]
SKIP: test_six.py::test_move_items[tkinter_messagebox]
SKIP: test_six.py::test_move_items[tkinter_tksimpledialog]
PASS: test_six.py::test_move_items[urllib_parse]
PASS: test_six.py::test_move_items[urllib_error]
PASS: test_six.py::test_move_items[urllib]
PASS: test_six.py::test_move_items[urllib_robotparser]
PASS: test_six.py::test_move_items[xmlrpc_client]
PASS: test_six.py::test_move_items[xmlrpc_server]
PASS: test_six.py::test_move_items_urllib_parse[ParseResult]
PASS: test_six.py::test_move_items_urllib_parse[SplitResult]
PASS: test_six.py::test_move_items_urllib_parse[parse_qs]
PASS: test_six.py::test_move_items_urllib_parse[parse_qsl]
PASS: test_six.py::test_move_items_urllib_parse[urldefrag]
PASS: test_six.py::test_move_items_urllib_parse[urljoin]
PASS: test_six.py::test_move_items_urllib_parse[urlparse]
PASS: test_six.py::test_move_items_urllib_parse[urlsplit]
PASS: test_six.py::test_move_items_urllib_parse[urlunparse]
PASS: test_six.py::test_move_items_urllib_parse[urlunsplit]
PASS: test_six.py::test_move_items_urllib_parse[quote]
PASS: test_six.py::test_move_items_urllib_parse[quote_plus]
PASS: test_six.py::test_move_items_urllib_parse[unquote]
PASS: test_six.py::test_move_items_urllib_parse[unquote_plus]
PASS: test_six.py::test_move_items_urllib_parse[unquote_to_bytes]
PASS: test_six.py::test_move_items_urllib_parse[urlencode]
PASS: test_six.py::test_move_items_urllib_parse[splitquery]
PASS: test_six.py::test_move_items_urllib_parse[splittag]
PASS: test_six.py::test_move_items_urllib_parse[splituser]
PASS: test_six.py::test_move_items_urllib_parse[splitvalue]
PASS: test_six.py::test_move_items_urllib_parse[uses_fragment]
PASS: test_six.py::test_move_items_urllib_parse[uses_netloc]
PASS: test_six.py::test_move_items_urllib_parse[uses_params]
PASS: test_six.py::test_move_items_urllib_parse[uses_query]
PASS: test_six.py::test_move_items_urllib_parse[uses_relative]
PASS: test_six.py::test_move_items_urllib_error[URLError]
PASS: test_six.py::test_move_items_urllib_error[HTTPError]
PASS: test_six.py::test_move_items_urllib_error[ContentTooShortError]
PASS: test_six.py::test_move_items_urllib_request[urlopen]
PASS: test_six.py::test_move_items_urllib_request[install_opener]
PASS: test_six.py::test_move_items_urllib_request[build_opener]
PASS: test_six.py::test_move_items_urllib_request[pathname2url]
PASS: test_six.py::test_move_items_urllib_request[url2pathname]
PASS: test_six.py::test_move_items_urllib_request[getproxies]
PASS: test_six.py::test_move_items_urllib_request[Request]
PASS: test_six.py::test_move_items_urllib_request[OpenerDirector]
PASS: test_six.py::test_move_items_urllib_request[HTTPDefaultErrorHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPRedirectHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPCookieProcessor]
PASS: test_six.py::test_move_items_urllib_request[ProxyHandler]
PASS: test_six.py::test_move_items_urllib_request[BaseHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPPasswordMgr]
PASS: test_six.py::test_move_items_urllib_request[HTTPPasswordMgrWithDefaultRealm]
PASS: test_six.py::test_move_items_urllib_request[AbstractBasicAuthHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPBasicAuthHandler]
PASS: test_six.py::test_move_items_urllib_request[ProxyBasicAuthHandler]
PASS: test_six.py::test_move_items_urllib_request[AbstractDigestAuthHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPDigestAuthHandler]
PASS: test_six.py::test_move_items_urllib_request[ProxyDigestAuthHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPSHandler]
PASS: test_six.py::test_move_items_urllib_request[FileHandler]
PASS: test_six.py::test_move_items_urllib_request[FTPHandler]
PASS: test_six.py::test_move_items_urllib_request[CacheFTPHandler]
PASS: test_six.py::test_move_items_urllib_request[UnknownHandler]
PASS: test_six.py::test_move_items_urllib_request[HTTPErrorProcessor]
PASS: test_six.py::test_move_items_urllib_request[urlretrieve]
PASS: test_six.py::test_move_items_urllib_request[urlcleanup]
PASS: test_six.py::test_move_items_urllib_request[proxy_bypass]
PASS: test_six.py::test_move_items_urllib_request[parse_http_list]
PASS: test_six.py::test_move_items_urllib_request[parse_keqv_list]
PASS: test_six.py::test_move_items_urllib_response[addbase]
PASS: test_six.py::test_move_items_urllib_response[addclosehook]
PASS: test_six.py::test_move_items_urllib_response[addinfo]
PASS: test_six.py::test_move_items_urllib_response[addinfourl]
PASS: test_six.py::test_move_items_urllib_robotparser[RobotFileParser]
PASS: test_six.py::test_import_moves_error_1
PASS: test_six.py::test_import_moves_error_2
PASS: test_six.py::test_import_moves_error_3
PASS: test_six.py::test_from_imports
PASS: test_six.py::test_filter
PASS: test_six.py::test_filter_false
PASS: test_six.py::test_map
PASS: test_six.py::test_getoutput
PASS: test_six.py::test_zip
PASS: test_six.py::test_zip_longest
PASS: test_six.py::TestCustomizedMoves::test_moved_attribute
PASS: test_six.py::TestCustomizedMoves::test_moved_module
PASS: test_six.py::TestCustomizedMoves::test_custom_move_module
PASS: test_six.py::TestCustomizedMoves::test_custom_move_attribute
PASS: test_six.py::TestCustomizedMoves::test_empty_remove
PASS: test_six.py::test_get_unbound_function
PASS: test_six.py::test_get_method_self
PASS: test_six.py::test_get_method_function
PASS: test_six.py::test_get_function_closure
PASS: test_six.py::test_get_function_code
PASS: test_six.py::test_get_function_defaults
PASS: test_six.py::test_get_function_globals
PASS: test_six.py::test_dictionary_iterators
PASS: test_six.py::test_dictionary_views
PASS: test_six.py::test_advance_iterator
PASS: test_six.py::test_iterator
PASS: test_six.py::test_callable
PASS: test_six.py::test_create_bound_method
PASS: test_six.py::test_create_unbound_method
PASS: test_six.py::test_b
PASS: test_six.py::test_u
PASS: test_six.py::test_u_escapes
PASS: test_six.py::test_unichr
PASS: test_six.py::test_int2byte
PASS: test_six.py::test_byte2int
PASS: test_six.py::test_bytesindex
PASS: test_six.py::test_bytesiter
PASS: test_six.py::test_StringIO
PASS: test_six.py::test_BytesIO
PASS: test_six.py::test_exec_
PASS: test_six.py::test_reraise
PASS: test_six.py::test_raise_from
PASS: test_six.py::test_print_
PASS: test_six.py::test_print_exceptions
PASS: test_six.py::test_with_metaclass
PASS: test_six.py::test_with_metaclass_typing
PASS: test_six.py::test_with_metaclass_pep_560
PASS: test_six.py::test_with_metaclass_prepare
PASS: test_six.py::test_wraps
PASS: test_six.py::test_wraps_raises_on_missing_updated_field_on_wrapper
PASS: test_six.py::test_add_metaclass
PASS: test_six.py::test_add_metaclass_nested
PASS: test_six.py::test_assertCountEqual
PASS: test_six.py::test_assertRegex
PASS: test_six.py::test_assertNotRegex
PASS: test_six.py::test_assertRaisesRegex
PASS: test_six.py::test_python_2_unicode_compatible
DURATION: 2
TOTAL: 1 FAIL: 0
Signed-off-by: Shilong Jiao <Shilong.Jiao@windriver.com>
---
meta/conf/distro/include/ptest-packagelists.inc | 1 +
.../recipes-devtools/python/python3-six/run-ptest | 8 ++++++++
.../recipes-devtools/python/python3-six_1.17.0.bb | 15 ++++++++++++++-
3 files changed, 23 insertions(+), 1 deletion(-)
create mode 100755 meta/recipes-devtools/python/python3-six/run-ptest
diff --git a/meta/conf/distro/include/ptest-packagelists.inc b/meta/conf/distro/include/ptest-packagelists.inc
index 0eaa09eb33..a340418211 100644
--- a/meta/conf/distro/include/ptest-packagelists.inc
+++ b/meta/conf/distro/include/ptest-packagelists.inc
@@ -88,6 +88,7 @@ PTESTS_FAST = "\
python3-pytz \
python3-pyyaml \
python3-rpds-py \
+ python3-six \
python3-trove-classifiers \
python3-vcs-versioning \
python3-uritools \
diff --git a/meta/recipes-devtools/python/python3-six/run-ptest b/meta/recipes-devtools/python/python3-six/run-ptest
new file mode 100755
index 0000000000..285c442b3c
--- /dev/null
+++ b/meta/recipes-devtools/python/python3-six/run-ptest
@@ -0,0 +1,8 @@
+#!/bin/bash
+
+PTEST_DIR=$(dirname $(readlink -f $0))
+python3 -m pytest -v --tb=short $PTEST_DIR/test_six.py 2>&1 | \
+ sed -n -e 's/^\(.*::[^ ]*\) PASSED.*/PASS: \1/p' \
+ -e 's/^\(.*::[^ ]*\) FAILED.*/FAIL: \1/p' \
+ -e 's/^\(.*::[^ ]*\) SKIPPED.*/SKIP: \1/p' \
+ -e 's/^\(.*::[^ ]*\) ERROR.*/FAIL: \1/p'
diff --git a/meta/recipes-devtools/python/python3-six_1.17.0.bb b/meta/recipes-devtools/python/python3-six_1.17.0.bb
index 693f1818d3..213b3dc593 100644
--- a/meta/recipes-devtools/python/python3-six_1.17.0.bb
+++ b/meta/recipes-devtools/python/python3-six_1.17.0.bb
@@ -1,4 +1,17 @@
-inherit setuptools3
+inherit setuptools3 ptest
require python-six.inc
SRC_URI[sha256sum] = "ff70335d468e7eb6ec65b95b99d3a2836546063f63acc5171de367e834932a81"
+
+SRC_URI += "file://run-ptest"
+
+RDEPENDS:${PN}-ptest += " \
+ bash \
+ python3-pytest \
+ python3-unittest-automake-output \
+"
+
+do_install_ptest() {
+ install -d ${D}${PTEST_PATH}
+ install -m 0644 ${S}/test_six.py ${D}${PTEST_PATH}/
+}
--
2.34.1
^ permalink raw reply related
* [wrynose][PATCH 6/6] python3: reference upstream ticket in a test skip
From: Peter Marko @ 2026-06-08 21:56 UTC (permalink / raw)
To: openembedded-core; +Cc: peter.marko
In-Reply-To: <20260608215654.3664494-1-peter.marko@siemens.com>
From: Ross Burton <ross.burton@arm.com>
I've filed a ticket upstream for the libedit-related test failure in
test_bang_completion_without_do_shell(), add a reference to the comment.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: b5c24e1491dcb9ab0f782df6be6582fbd2151724)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
meta/recipes-devtools/python/python3_3.14.5.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools/python/python3_3.14.5.bb b/meta/recipes-devtools/python/python3_3.14.5.bb
index 919cfde9ae..02bda8ddcf 100644
--- a/meta/recipes-devtools/python/python3_3.14.5.bb
+++ b/meta/recipes-devtools/python/python3_3.14.5.bb
@@ -271,6 +271,7 @@ SKIPPED_TESTS = " \
# but not bang completion. test_bang_completion_without_do_shell() passes if
# building with readline, but we don't want to change the default, so skip the
# test.
+# https://github.com/python/cpython/issues/150922
SKIPPED_TESTS += " \
--ignore test_bang_completion_without_do_shell \
"
^ permalink raw reply related
* [wrynose][PATCH 5/6] python3: sanitize userbase in _sysconfig_vars JSON to avoid host path leak
From: Peter Marko @ 2026-06-08 21:56 UTC (permalink / raw)
To: openembedded-core; +Cc: peter.marko
In-Reply-To: <20260608215654.3664494-1-peter.marko@siemens.com>
From: Bin Cao <bin.cao.cn@windriver.com>
The _sysconfig_vars__linux_x86_64-linux-gnu.json file contains a
"userbase" field that is populated from the build host user's $HOME
at build time. This leaks the build host user's home directory path
into the target rootfs.
The existing py_package_preprocess() cleanup for this JSON file only
strips known OE build path prefixes (STAGING_DIR_TARGET, RECIPE_SYSROOT,
etc.), but the userbase value comes from the build user's $HOME
environment variable which doesn't match any of those patterns.
Set userbase to an empty string in the packaged JSON. This is safe
because at runtime, sysconfig.get_config_vars() always recomputes
userbase by calling _getuserbase(), which resolves the actual target
user's ~/.local path dynamically. The static value in the JSON is
never used for runtime path resolution.
Signed-off-by: Bin Cao <bin.cao.cn@windriver.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: beb245ef60c63359cd4f5e285d2f31c5c572b51e)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
meta/recipes-devtools/python/python3_3.14.5.bb | 1 +
1 file changed, 1 insertion(+)
diff --git a/meta/recipes-devtools/python/python3_3.14.5.bb b/meta/recipes-devtools/python/python3_3.14.5.bb
index 501de75fb1..919cfde9ae 100644
--- a/meta/recipes-devtools/python/python3_3.14.5.bb
+++ b/meta/recipes-devtools/python/python3_3.14.5.bb
@@ -390,6 +390,7 @@ py_package_preprocess () {
-e 's:${RECIPE_SYSROOT_NATIVE}::g' \
-e 's:${RECIPE_SYSROOT}::g' \
-e 's:${BASE_WORKDIR}/${MULTIMACH_TARGET_SYS}::g' \
+ -e 's|"userbase": ".*"|"userbase": ""|g' \
${PKGD}/${libdir}/python${PYTHON_MAJMIN}/_sysconfig_vars*.json
}
^ permalink raw reply related
* [wrynose][PATCH 3/6] python3: use SKIPPED_TESTS instead of test skip patches
From: Peter Marko @ 2026-06-08 21:56 UTC (permalink / raw)
To: openembedded-core; +Cc: peter.marko
In-Reply-To: <20260608215654.3664494-1-peter.marko@siemens.com>
From: Trevor Gamblin <tgamblin@baylibre.com>
Drop all 13 patches carried for skipping various known ptest failures
and replace them with usage of the SKIPPED_TESTS variable, which we have
started doing in recent commits (e.g. 40b0815dc9). Most but not all of
the test skips are due to load variability, distinguish between them by
using multiple SKIPPED_TESTS:append blocks with comments taken from the
patch files indicating their purpose. This adds 62 lines to the Python 3
recipe, but it also means that we no longer have to maintain the patch
files across version upgrades, where they often break due to changes in
the test modules upstream.
Results look the same as those from my last upgrade run:
|== Tests result: SUCCESS ==
|
|28 tests skipped:
| test.test_asyncio.test_windows_events
| test.test_asyncio.test_windows_utils test.test_gdb.test_backtrace
| test.test_gdb.test_cfunction test.test_gdb.test_cfunction_full
| test.test_gdb.test_misc test.test_gdb.test_pretty_print
| test_android test_apple test_asdl_parser test_clinic test_devpoll
| test_free_threading test_generated_cases test_idle test_kqueue
| test_launcher test_msvcrt test_startfile test_tcl test_tkinter
| test_ttk test_ttk_textonly test_turtle test_winapi
| test_winconsoleio test_winreg test_wmi
|
|9 tests skipped (resource denied):
| test_curses test_peg_generator test_smtpnet test_socketserver
| test_urllib2net test_urllibnet test_winsound test_xpickle
| test_zipfile64
|
|455 tests OK.
|
|Total duration: 3 min 9 sec
|Total tests: run=47,012 (filtered) skipped=2,336
|Total test files: run=483/492 (filtered) skipped=28 resource_denied=9
|Result: SUCCESS
|DURATION: 190
|END: /usr/lib/python3/ptest
|2026-05-29T02:22
|STOP: ptest-runner
|TOTAL: 1 FAIL: 0
Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: a8b2baa6020f96468a98200619ec37c460694c4c)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
...sts-due-to-load-variability-on-YP-AB.patch | 79 -----------------
...kip-flaky-test_default_timeout-tests.patch | 49 -----------
..._fileno-test-due-to-load-variability.patch | 29 -------
...ctive_children-skip-problematic-test.patch | 34 --------
...1-test_cmd-skip-bang-completion-test.patch | 31 -------
...pes.test_find-skip-without-tools-sdk.patch | 33 --------
...-test_deadlock-skip-problematic-test.patch | 27 ------
..._active_thread-skip-problematic-test.patch | 30 -------
...-test_unix_console.test_cursor_back_.patch | 46 ----------
...t_readline-skip-limited-history-test.patch | 46 ----------
...-test_shutdown-skip-problematic-test.patch | 43 ----------
...orlines-skip-due-to-load-variability.patch | 29 -------
...kip-test_sysconfig.test_sysconfigdat.patch | 32 -------
.../recipes-devtools/python/python3_3.14.5.bb | 84 +++++++++++++++----
14 files changed, 70 insertions(+), 522 deletions(-)
delete mode 100644 meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_deadlock-skip-problematic-test.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_shutdown-skip-problematic-test.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
delete mode 100644 meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch
diff --git a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
deleted file mode 100644
index a236268efb..0000000000
--- a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
+++ /dev/null
@@ -1,79 +0,0 @@
-From aa32aef19d3a54a25dc16b3b77e29e902ee8abd7 Mon Sep 17 00:00:00 2001
-From: Yi Fan Yu <yifan.yu@windriver.com>
-Date: Thu, 1 Apr 2021 13:08:37 -0700
-Subject: [PATCH] Skip failing tests due to load variability on YP AB
-
-Skip these tests until AB-INT is solved.
-
-[YOCTO #14296]
-
-Upstream-Status: Inappropriate [OE-Specific]
-
-Signed-off-by: Yi Fan Yu <yifan.yu@windriver.com>
-
-Skip two additional tests due to suspected load variability failures.
-
-[YOCTO #15131]
-[YOCTO #15177]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
-
-Refresh to apply on top of Python 3.14.0.
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/_test_multiprocessing.py | 3 +++
- Lib/test/test_time.py | 2 ++
- 2 files changed, 5 insertions(+)
-
-diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.py
-index 9a72362c022..008e6a505a5 100644
---- a/Lib/test/_test_multiprocessing.py
-+++ b/Lib/test/_test_multiprocessing.py
-@@ -774,6 +774,7 @@ class _TestProcess(BaseTestCase):
- close_queue(q)
-
- @support.requires_resource('walltime')
-+ @unittest.skip('timing related test, dependent on load')
- def test_many_processes(self):
- if self.TYPE == 'threads':
- self.skipTest('test not appropriate for {}'.format(self.TYPE))
-@@ -2398,6 +2399,7 @@ class _TestBarrier(BaseTestCase):
- except threading.BrokenBarrierError:
- results.append(True)
-
-+ @unittest.skip('timing related test, dependent on load')
- def test_timeout(self):
- """
- Test wait(timeout)
-@@ -5550,6 +5552,7 @@ class TestWait(unittest.TestCase):
- time.sleep(period)
-
- @support.requires_resource('walltime')
-+ @unittest.skip('timing related test, dependent on load')
- def test_wait_integer(self):
- from multiprocessing.connection import wait
-
-diff --git a/Lib/test/test_time.py b/Lib/test/test_time.py
-index 5312faa5077..36873d9a400 100644
---- a/Lib/test/test_time.py
-+++ b/Lib/test/test_time.py
-@@ -548,6 +548,7 @@ class TimeTestCase(unittest.TestCase):
- def test_perf_counter(self):
- time.perf_counter()
-
-+ @unittest.skip('timing related test, dependent on load')
- @unittest.skipIf(
- support.is_wasi, "process_time not available on WASI"
- )
-@@ -567,6 +568,7 @@ class TimeTestCase(unittest.TestCase):
- self.assertTrue(info.monotonic)
- self.assertFalse(info.adjustable)
-
-+ @unittest.skip('timing related test, dependent on load')
- def test_thread_time(self):
- if not hasattr(time, 'thread_time'):
- if sys.platform.startswith(('linux', 'android', 'win')):
---
-2.52.0
-
diff --git a/meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch b/meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch
deleted file mode 100644
index d41037f9ea..0000000000
--- a/meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch
+++ /dev/null
@@ -1,49 +0,0 @@
-From baf2dda48e51fcb17a716e52cc5c4e162a6bb7d3 Mon Sep 17 00:00:00 2001
-From: Antonin Godard <antonin.godard@bootlin.com>
-Date: Mon, 19 Jan 2026 11:38:36 +0100
-Subject: [PATCH] Skip flaky test_default_timeout tests
-
-We have been observing issues with this test on the Autobuilder:
-https://bugzilla.yoctoproject.org/show_bug.cgi?id=15885
-
-The logs on the ticket above do not allow us to know which of the two
-"test_default_timeout" tests is failing, so disable both with
-self.skipTest().
-
-Excerpt from `ptest-runner python3`:
-
- test_default_timeout (test.test_multiprocessing_fork.test_manager.WithManagerTestBarrier.test_default_timeout)
- SKIP: Test the barrier's default timeout 'skip flaky timeout test'
-
-Upstream-Status: Inappropriate [OE specific, but might be related to https://github.com/python/cpython/issues/129266#issuecomment-2613058866]
-
-Signed-off-by: Antonin Godard <antonin.godard@bootlin.com>
----
- Lib/test/_test_multiprocessing.py | 1 +
- Lib/test/lock_tests.py | 1 +
- 2 files changed, 2 insertions(+)
-
-diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.py
-index e8064e7..9ab1f9e 100644
---- a/Lib/test/_test_multiprocessing.py
-+++ b/Lib/test/_test_multiprocessing.py
-@@ -2424,6 +2424,7 @@ class _TestBarrier(BaseTestCase):
- """
- Test the barrier's default timeout
- """
-+ self.skipTest('skip flaky timeout test')
- barrier = self.Barrier(self.N, timeout=0.5)
- results = self.DummyList()
- self.run_threads(self._test_default_timeout_f, (barrier, results))
-diff --git a/Lib/test/lock_tests.py b/Lib/test/lock_tests.py
-index 8c8f890..43e9b90 100644
---- a/Lib/test/lock_tests.py
-+++ b/Lib/test/lock_tests.py
-@@ -1215,6 +1215,7 @@ class BarrierTests(BaseTestCase):
- """
- Test the barrier's default timeout
- """
-+ self.skipTest('skip flaky timeout test')
- timeout = 0.100
- barrier = self.barriertype(2, timeout=timeout)
- def f():
diff --git a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
deleted file mode 100644
index b186bdcb88..0000000000
--- a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From c5bdd39f8ebc4e6c58a47d7e424eac028eddb4ff Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Fri, 15 Sep 2023 08:48:33 -0400
-Subject: [PATCH] skip no_stdout_fileno test due to load variability
-
-Skip test_input_no_stdout_fileno so that it doesn't fail on systems
-under heavy load.
-
-Upstream-Status: Inappropriate [OE-Specific]
-
-[YOCTO #15210]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_builtin.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/test_builtin.py b/Lib/test/test_builtin.py
-index c5394de..ed17fb6 100644
---- a/Lib/test/test_builtin.py
-+++ b/Lib/test/test_builtin.py
-@@ -2738,6 +2738,7 @@ class PtyTests(unittest.TestCase):
- "byte 0xe9 in position 4: ordinal not in "
- "range(128)")
-
-+ @unittest.skip("Test may fail under heavy load")
- def test_input_no_stdout_fileno(self):
- # Issue #24402: If stdin is the original terminal but stdout.fileno()
- # fails, do not use the original stdout file descriptor
diff --git a/meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch b/meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch
deleted file mode 100644
index d7202aa575..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch
+++ /dev/null
@@ -1,34 +0,0 @@
-From 9c9aac87f48eaece5b99ea347b639c21eea84e6d Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Thu, 13 Jun 2024 10:54:31 -0400
-Subject: [PATCH] test_active_children: skip problematic test
-
-This test is failing in some tests on the Autobuilder. Since it's of a
-similar nature to other failing/hanging tests, disable it for now.
-
-Upstream-Status: Inappropriate [OE-Specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
-
-Refresh to apply on top of Python 3.14.0.
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/_test_multiprocessing.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.py
-index 008e6a505a5..746de8945f0 100644
---- a/Lib/test/_test_multiprocessing.py
-+++ b/Lib/test/_test_multiprocessing.py
-@@ -667,6 +667,7 @@ class _TestProcess(BaseTestCase):
- self.assertIsInstance(cpus, int)
- self.assertGreaterEqual(cpus, 1)
-
-+ @unittest.skip("skipping problematic test")
- def test_active_children(self):
- self.assertEqual(type(self.active_children()), list)
-
---
-2.51.0
-
diff --git a/meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch b/meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch
deleted file mode 100644
index f1ba044cc3..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch
+++ /dev/null
@@ -1,31 +0,0 @@
-From 614e3aefec85b51a611f85a55b6760f12e29b953 Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Mon, 27 Oct 2025 09:52:46 -0400
-Subject: [PATCH] test_cmd: skip bang completion test
-
-We compile Python3 with editline support by default, which has tab completion
-but not bang completion. If building with readline,
-test_bang_completion_without_do_shell() passes. Skip the test because of this.
-
-Upstream-Status: Inappropriate [embedded-specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_cmd.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/test_cmd.py b/Lib/test/test_cmd.py
-index dbfec42fc21..c33dab8d10d 100644
---- a/Lib/test/test_cmd.py
-+++ b/Lib/test/test_cmd.py
-@@ -295,6 +295,7 @@ class CmdTestReadline(unittest.TestCase):
- self.assertIn(b'ab_completion_test', output)
- self.assertIn(b'tab completion success', output)
-
-+ @unittest.skip('no bang completion without readline')
- def test_bang_completion_without_do_shell(self):
- script = textwrap.dedent("""
- import cmd
---
-2.51.0
-
diff --git a/meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch b/meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch
deleted file mode 100644
index cdcd9302d6..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch
+++ /dev/null
@@ -1,33 +0,0 @@
-From 0e9d0c58e77ef540d9601ce84a1aa79d9ce6ee9b Mon Sep 17 00:00:00 2001
-From: Tim Orling <timothy.t.orling@intel.com>
-Date: Fri, 18 Jun 2021 11:56:50 -0700
-Subject: [PATCH] test_ctypes.test_find: skip without tools-sdk
-
-These tests need full packagegroup-core-buildessential, the
-easiest way to dynamically check for that is looking for
-'tools-sdk' in IMAGE_FEATURES.
-
-Upstream-Status: Inappropriate [oe-specific]
-
-Signed-off-by: Tim Orling <timothy.t.orling@intel.com>
----
- Lib/test/test_ctypes/test_find.py | 2 ++
- 1 file changed, 2 insertions(+)
-
-diff --git a/Lib/test/test_ctypes/test_find.py b/Lib/test/test_ctypes/test_find.py
-index 85b2861..b033203 100644
---- a/Lib/test/test_ctypes/test_find.py
-+++ b/Lib/test/test_ctypes/test_find.py
-@@ -117,10 +117,12 @@ class FindLibraryLinux(unittest.TestCase):
- # LD_LIBRARY_PATH)
- self.assertEqual(find_library(libname), 'lib%s.so' % libname)
-
-+ @unittest.skip("Needs IMAGE_FEATURE += \"tools-sdk\"")
- def test_find_library_with_gcc(self):
- with unittest.mock.patch("ctypes.util._findSoname_ldconfig", lambda *args: None):
- self.assertNotEqual(find_library('c'), None)
-
-+ @unittest.skip("Needs IMAGE_FEATURE += \"tools-sdk\"")
- def test_find_library_with_ld(self):
- with unittest.mock.patch("ctypes.util._findSoname_ldconfig", lambda *args: None), \
- unittest.mock.patch("ctypes.util._findLib_gcc", lambda *args: None):
diff --git a/meta/recipes-devtools/python/python3/0001-test_deadlock-skip-problematic-test.patch b/meta/recipes-devtools/python/python3/0001-test_deadlock-skip-problematic-test.patch
deleted file mode 100644
index 3336e2913a..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_deadlock-skip-problematic-test.patch
+++ /dev/null
@@ -1,27 +0,0 @@
-From 5a44f74549b32395109342e9299510c32db71068 Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Wed, 12 Jun 2024 10:29:03 -0400
-Subject: [PATCH] test_deadlock: skip problematic test
-
-This test hangs frequently when run on the Autobuilder. Disable it in
-testing until the cause can be determined.
-
-Upstream-Status: Inappropriate [OE-Specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_concurrent_futures/test_deadlock.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/test_concurrent_futures/test_deadlock.py b/Lib/test/test_concurrent_futures/test_deadlock.py
-index 3c30c45..008d6c0 100644
---- a/Lib/test/test_concurrent_futures/test_deadlock.py
-+++ b/Lib/test/test_concurrent_futures/test_deadlock.py
-@@ -90,6 +90,7 @@ class ErrorAtUnpickle(object):
- return _raise_error_ignore_stderr, (UnpicklingError, )
-
-
-+@unittest.skip("skipping problematic test")
- class ExecutorDeadlockTest:
- TIMEOUT = support.LONG_TIMEOUT
-
diff --git a/meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch b/meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch
deleted file mode 100644
index bc436e077a..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch
+++ /dev/null
@@ -1,30 +0,0 @@
-From 0524821f8fcbdea2fbd90f199e7fb4950f50530f Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Tue, 3 Mar 2026 09:27:10 -0500
-Subject: [PATCH] test_only_active_thread: skip problematic test
-
-This test hangs frequently when run on the Autobuilder. Disable it in
-testing for now.
-
-Upstream-Status: Inappropriate [OE-Specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_external_inspection.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/test_external_inspection.py b/Lib/test/test_external_inspection.py
-index a709b837161..7a87092c10e 100644
---- a/Lib/test/test_external_inspection.py
-+++ b/Lib/test/test_external_inspection.py
-@@ -1154,6 +1154,7 @@ class TestGetStackTrace(unittest.TestCase):
- ],
- )
-
-+ @unittest.skip("skipping problematic test")
- @skip_if_not_supported
- @unittest.skipIf(
- sys.platform == "linux" and not PROCESS_VM_READV_SUPPORTED,
---
-2.53.0
-
diff --git a/meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch b/meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch
deleted file mode 100644
index 97f7871266..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 66a806ea05ecaf483753de3719041944daae42b0 Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Mon, 27 Oct 2025 13:21:14 -0400
-Subject: [PATCH] test_pyrepl: skip test_unix_console.test_cursor_back_write
-
-This test was not run prior to 3.14 due to Python not having access to
-the curses resource. In 3.14, PyREPL's dependency on curses has been
-removed, instead relying on the terminfo module. This results in a
-terminal capability list that does not include ICH1, resulting in an
-"optimization" occurring from PyREPL's side that causes
-test_cursor_back_write() to fail. Specifically, the test tests the
-following writes in sequence:
-
-1. b"1"
-2. TERM_CAPABILITIES["cub"] + b":1"
-3. ANY, b"2"
-
-The first two writes are read correctly, but the result for the third
-write is seeing the equivalent of:
-
-ANY, b"21"
-
-Skip this test.
-
-Upstream-Status: Inappropriate [embedded-specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_pyrepl/test_unix_console.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/test_pyrepl/test_unix_console.py b/Lib/test/test_pyrepl/test_unix_console.py
-index 3b0d2637dab..5a3c8952f61 100644
---- a/Lib/test/test_pyrepl/test_unix_console.py
-+++ b/Lib/test/test_pyrepl/test_unix_console.py
-@@ -186,6 +186,7 @@ class TestConsole(TestCase):
- _os_write.assert_any_call(ANY, TERM_CAPABILITIES["cud"] + b":1")
- con.restore()
-
-+ @unittest.skip('no ich1 support in vt102 terminfo')
- def test_cursor_back_write(self, _os_write):
- events = itertools.chain(
- code_to_events("1"),
---
-2.51.0
-
diff --git a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch b/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
deleted file mode 100644
index c59c6672e0..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
+++ /dev/null
@@ -1,46 +0,0 @@
-From 1a0a145261ba4f97aaff3c0c656ac2e0ad9695a8 Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Tue, 13 Aug 2024 11:07:05 -0400
-Subject: [PATCH] test_readline: skip limited history test
-
-This test was added recently and is failing on the ptest image when
-using the default PACKAGECONFIG settings (i.e. with editline instead of
-readline).. Disable it until the proper fix is determined.
-
-A bug has been opened upstream: https://github.com/python/cpython/issues/123018
-
-Upstream-Status: Inappropriate [OE-specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_readline.py | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/Lib/test/test_readline.py b/Lib/test/test_readline.py
-index 537a9fb..ddf0323 100644
---- a/Lib/test/test_readline.py
-+++ b/Lib/test/test_readline.py
-@@ -74,6 +74,7 @@ class TestHistoryManipulation (unittest.TestCase):
-
- @unittest.skipUnless(hasattr(readline, "append_history_file"),
- "append_history not available")
-+ @unittest.skip("Skipping problematic test")
- def test_write_read_append(self):
- hfile = tempfile.NamedTemporaryFile(delete=False)
- hfile.close()
-@@ -145,6 +146,7 @@ class TestHistoryManipulation (unittest.TestCase):
- self.assertEqual(readline.get_history_item(1), "entrée 1")
- self.assertEqual(readline.get_history_item(2), "entrée 22")
-
-+ @unittest.skip("Skipping problematic test")
- def test_write_read_limited_history(self):
- previous_length = readline.get_history_length()
- self.addCleanup(readline.set_history_length, previous_length)
-@@ -393,6 +395,7 @@ readline.write_history_file(history_file)
- self.assertIn(b"done", output)
-
-
-+ @unittest.skip("Skipping problematic test")
- def test_write_read_limited_history(self):
- previous_length = readline.get_history_length()
- self.addCleanup(readline.set_history_length, previous_length)
diff --git a/meta/recipes-devtools/python/python3/0001-test_shutdown-skip-problematic-test.patch b/meta/recipes-devtools/python/python3/0001-test_shutdown-skip-problematic-test.patch
deleted file mode 100644
index 4e284de613..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_shutdown-skip-problematic-test.patch
+++ /dev/null
@@ -1,43 +0,0 @@
-From b678363156b5d40e09c1d138840180e3ddc7d20b Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Wed, 8 May 2024 11:58:09 -0400
-Subject: [PATCH] test_shutdown: skip problematic test
-
-This test hangs frequently when run on the Autobuilder. Disable it in
-testing until the cause can be determined.
-
-Upstream-Status: Inappropriate [OE-Specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_concurrent_futures/test_shutdown.py | 3 +++
- 1 file changed, 3 insertions(+)
-
-diff --git a/Lib/test/test_concurrent_futures/test_shutdown.py b/Lib/test/test_concurrent_futures/test_shutdown.py
-index 7a4065a..6b878a4 100644
---- a/Lib/test/test_concurrent_futures/test_shutdown.py
-+++ b/Lib/test/test_concurrent_futures/test_shutdown.py
-@@ -20,6 +20,7 @@ def sleep_and_print(t, msg):
- sys.stdout.flush()
-
-
-+@unittest.skip("skipping problematic test")
- class ExecutorShutdownTest:
- def test_run_after_shutdown(self):
- self.executor.shutdown()
-@@ -156,6 +157,7 @@ class ExecutorShutdownTest:
- signal.signal(signal.SIGALRM, old_handler)
-
-
-+@unittest.skip("skipping problematic test")
- class ThreadPoolShutdownTest(ThreadPoolMixin, ExecutorShutdownTest, BaseTestCase):
- def test_threads_terminate(self):
- def acquire_lock(lock):
-@@ -252,6 +254,7 @@ class ThreadPoolShutdownTest(ThreadPoolMixin, ExecutorShutdownTest, BaseTestCase
- self.assertIn(out.strip(), [b"apple", b""])
-
-
-+@unittest.skip("skipping problematic test")
- class ProcessPoolShutdownTest(ExecutorShutdownTest):
- def test_processes_terminate(self):
- def acquire_lock(lock):
diff --git a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
deleted file mode 100644
index b452c6556f..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_storlines-skip-due-to-load-variability.patch
+++ /dev/null
@@ -1,29 +0,0 @@
-From 9f252a691cd335341938489da32d6e2d4620d8ca Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Fri, 6 Oct 2023 10:59:44 -0400
-Subject: [PATCH] test_storlines: skip due to load variability
-
-This is yet another test that intermittently fails on the Yocto AB when
-a worker is under heavy load, so skip it during testing.
-
-Upstream-Status: Inappropriate [OE-Specific]
-
-[YOCTO #14933]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_ftplib.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/test_ftplib.py b/Lib/test/test_ftplib.py
-index bed0e6d..36602be 100644
---- a/Lib/test/test_ftplib.py
-+++ b/Lib/test/test_ftplib.py
-@@ -630,6 +630,7 @@ class TestFTPClass(TestCase):
- self.client.storbinary('stor', f, rest=r)
- self.assertEqual(self.server.handler_instance.rest, str(r))
-
-+ @unittest.skip('timing related test, dependent on load')
- def test_storlines(self):
- data = RETR_DATA.replace('\r\n', '\n').encode(self.client.encoding)
- f = io.BytesIO(data)
diff --git a/meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch b/meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch
deleted file mode 100644
index 6dfba59a44..0000000000
--- a/meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch
+++ /dev/null
@@ -1,32 +0,0 @@
-From ac5635821ed9bead45a5bcddc3828e50647fbe77 Mon Sep 17 00:00:00 2001
-From: Trevor Gamblin <tgamblin@baylibre.com>
-Date: Mon, 27 Oct 2025 14:24:24 -0400
-Subject: [PATCH] test_sysconfig: skip test_sysconfig.test_sysconfigdata_json
-
-This test seems new as of 3.14.0 and fails due to various path and flag
-differences in variables like CFLAGS. Since the test already has the
-precedent of a skip put in place for Android builds due to prefix
-changes, skip it for our situation too.
-
-Upstream-Status: Inappropriate [embedded-specific]
-
-Signed-off-by: Trevor Gamblin <tgamblin@baylibre.com>
----
- Lib/test/test_sysconfig.py | 1 +
- 1 file changed, 1 insertion(+)
-
-diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py
-index 09eff11179e..14fcdedccba 100644
---- a/Lib/test/test_sysconfig.py
-+++ b/Lib/test/test_sysconfig.py
-@@ -689,6 +689,7 @@ class TestSysConfig(unittest.TestCase, VirtualEnvironmentMixin):
- self.assertNotEqual(data['prefix'], data['base_prefix'])
- self.assertNotEqual(data['exec_prefix'], data['base_exec_prefix'])
-
-+ @unittest.skip('OE adds/modifies various flags and paths/prefixes')
- @unittest.skipIf(os.name != 'posix', '_sysconfig-vars JSON file is only available on POSIX')
- @unittest.skipIf(is_wasi, "_sysconfig-vars JSON file currently isn't available on WASI")
- @unittest.skipIf(is_android or is_apple_mobile, 'Android and iOS change the prefix')
---
-2.51.0
-
diff --git a/meta/recipes-devtools/python/python3_3.14.5.bb b/meta/recipes-devtools/python/python3_3.14.5.bb
index 9e6738997d..2f821b130f 100644
--- a/meta/recipes-devtools/python/python3_3.14.5.bb
+++ b/meta/recipes-devtools/python/python3_3.14.5.bb
@@ -15,25 +15,12 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://reformat_sysconfig.py \
file://0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch \
file://0001-test_locale.py-correct-the-test-output-format.patch \
- file://0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch \
- file://0001-test_ctypes.test_find-skip-without-tools-sdk.patch \
file://makerace.patch \
file://0001-sysconfig.py-use-platlibdir-also-for-purelib.patch \
file://0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch \
file://valid-dists.patch \
file://0001-Avoid-shebang-overflow-on-python-config.py.patch \
file://0001-Update-test_sysconfig-for-posix_user-purelib.patch \
- file://0001-skip-no_stdout_fileno-test-due-to-load-variability.patch \
- file://0001-test_storlines-skip-due-to-load-variability.patch \
- file://0001-test_shutdown-skip-problematic-test.patch \
- file://0001-test_deadlock-skip-problematic-test.patch \
- file://0001-test_active_children-skip-problematic-test.patch \
- file://0001-test_readline-skip-limited-history-test.patch \
- file://0001-test_cmd-skip-bang-completion-test.patch \
- file://0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch \
- file://0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch \
- file://0001-Skip-flaky-test_default_timeout-tests.patch \
- file://0001-test_only_active_thread-skip-problematic-test.patch \
file://0001-prefer-valid-entrypoints.patch \
file://0001-Fix-ThreadingMock-call-count-race-condition.patch \
"
@@ -252,7 +239,76 @@ do_install:append:class-nativesdk () {
create_wrapper ${D}${bindir}/python${PYTHON_MAJMIN} TERMINFO_DIRS='${sysconfdir}/terminfo:/etc/terminfo:/usr/share/terminfo:/usr/share/misc/terminfo:/lib/terminfo' PYTHONNOUSERSITE='1'
}
-SKIPPED_TESTS = "--ignore test.test_os.test_os.TimerfdTests.test_timerfd_TFD_TIMER_ABSTIME"
+# Tests failing due to load variability. Bugs were opened at
+# https://bugzilla.yoctoproject.org/ to track some of these:
+# 14296 (test_many_processes, test_process_time, test_thread_time, test_wait_integer)
+# 14933 (test_storlines)
+# 15120 (test_input_no_stdout_fileno)
+# 15131 (*TestBarrier.test_timeout)
+# 15177 (test_thread_time)
+# 15743 (test.test_os.test_os.TimerfdTests.test_timerfd_TFD_TIMER_ABSTIME)
+# 15885 (test_default_timeout)
+SKIPPED_TESTS = " \
+ --ignore *TestBarrier.test_timeout \
+ --ignore ExecutorDeadlockTest \
+ --ignore ExecutorShutdownTest \
+ --ignore ProcessPoolShutdownTest \
+ --ignore ThreadPoolShutdownTest \
+ --ignore test.test_os.test_os.TimerfdTests.test_timerfd_TFD_TIMER_ABSTIME \
+ --ignore test_active_children \
+ --ignore test_default_timeout \
+ --ignore test_input_no_stdout_fileno \
+ --ignore test_many_processes \
+ --ignore test_only_active_thread \
+ --ignore test_process_time \
+ --ignore test_storlines \
+ --ignore test_thread_time \
+ --ignore test_wait_integer \
+ --ignore test_write_read_append \
+"
+
+# We build Python3 with editline support by default, which has tab completion
+# but not bang completion. test_bang_completion_without_do_shell() passes if
+# building with readline, but we don't want to change the default, so skip the
+# test.
+SKIPPED_TESTS:append = " \
+ --ignore test_bang_completion_without_do_shell \
+"
+
+# Also fails with editline instead of readline. See:
+# https://github.com/python/cpython/issues/123018
+SKIPPED_TESTS:append = " \
+ --ignore test_write_read_limited_history \
+"
+
+# In 3.14+ PyREPL's uses terminfo instead of curses. ICH1, is not in the
+# resulting terminal capabilities, in an "optimization" occurring from PyREPL's
+# side that causes test_cursor_back_write() to fail. Specifically, the test
+# tests the following writes in sequence:
+#
+# 1. b"1"
+# 2. TERM_CAPABILITIES["cub"] + b":1"
+# 3. ANY, b"2"
+#
+# The first two writes are read correctly, but the result for the third
+# write is seeing the equivalent of:
+#
+# ANY, b"21"
+SKIPPED_TESTS:append = " \
+ --ignore test_cursor_back_write \
+"
+
+# Needs IMAGE_FEATURE += \"tools-sdk\"
+SKIPPED_TESTS:append = " \
+ --ignore test_find_library_with_gcc \
+ --ignore test_find_library_with_ld \
+"
+
+# Fails due to differences in CFLAGS as as modified during build
+SKIPPED_TESTS:append = " \
+ --ignore test_sysconfigdata_json \
+"
+
SKIPPED_TESTS:append:class-target:libc-musl = " \
-x test__locale \
-x test_c_locale_coercion \
^ permalink raw reply related
* [wrynose][PATCH 4/6] python3: use += instead of :append in SKIPPED_TESTS
From: Peter Marko @ 2026-06-08 21:56 UTC (permalink / raw)
To: openembedded-core; +Cc: peter.marko
In-Reply-To: <20260608215654.3664494-1-peter.marko@siemens.com>
From: Ross Burton <ross.burton@arm.com>
+= is less computationally intensive than :append so use it unless the
semantics of :append are needed.
Also remove the class-target override, this is not required as ptests
are only used in target builds.
Signed-off-by: Ross Burton <ross.burton@arm.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 8ba5db86ac364b85fa6c1ee36fa5a037c0ee818a)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
meta/recipes-devtools/python/python3_3.14.5.bb | 12 ++++++------
1 file changed, 6 insertions(+), 6 deletions(-)
diff --git a/meta/recipes-devtools/python/python3_3.14.5.bb b/meta/recipes-devtools/python/python3_3.14.5.bb
index 2f821b130f..501de75fb1 100644
--- a/meta/recipes-devtools/python/python3_3.14.5.bb
+++ b/meta/recipes-devtools/python/python3_3.14.5.bb
@@ -271,13 +271,13 @@ SKIPPED_TESTS = " \
# but not bang completion. test_bang_completion_without_do_shell() passes if
# building with readline, but we don't want to change the default, so skip the
# test.
-SKIPPED_TESTS:append = " \
+SKIPPED_TESTS += " \
--ignore test_bang_completion_without_do_shell \
"
# Also fails with editline instead of readline. See:
# https://github.com/python/cpython/issues/123018
-SKIPPED_TESTS:append = " \
+SKIPPED_TESTS += " \
--ignore test_write_read_limited_history \
"
@@ -294,22 +294,22 @@ SKIPPED_TESTS:append = " \
# write is seeing the equivalent of:
#
# ANY, b"21"
-SKIPPED_TESTS:append = " \
+SKIPPED_TESTS += " \
--ignore test_cursor_back_write \
"
# Needs IMAGE_FEATURE += \"tools-sdk\"
-SKIPPED_TESTS:append = " \
+SKIPPED_TESTS += " \
--ignore test_find_library_with_gcc \
--ignore test_find_library_with_ld \
"
# Fails due to differences in CFLAGS as as modified during build
-SKIPPED_TESTS:append = " \
+SKIPPED_TESTS += " \
--ignore test_sysconfigdata_json \
"
-SKIPPED_TESTS:append:class-target:libc-musl = " \
+SKIPPED_TESTS:append:libc-musl = " \
-x test__locale \
-x test_c_locale_coercion \
-x test_locale \
^ permalink raw reply related
* [wrynose][PATCH 2/6] python3: Fix ThreadingMock call_count race condition
From: Peter Marko @ 2026-06-08 21:56 UTC (permalink / raw)
To: openembedded-core; +Cc: peter.marko
In-Reply-To: <20260608215354.3664441-1-peter.marko@siemens.com>
From: Sai Sneha <saisneha196@gmail.com>
ThreadingMock._increment_mock_call() was not thread-safe causing
intermittent ptest failures on qemuarm64:
FAIL: test_call_count_thread_safe
AssertionError: 983 != 1000
Each time a mock is called, Python reads the call_count, adds 1,
and writes it back. When multiple threads do this simultaneously,
some increments get lost because two threads can read the same
value before either writes back.
The fix adds a lock around this operation in ThreadingMock so
only one thread can update call_count at a time.
Reproduction and testing:
- x86 stress test (50 threads x 10000 calls x 30 runs):
Before fix: 23/30 failures, missing up to 42095 calls
After fix: 0/30 failures
- qemuarm64 (10 threads x 100 calls x 20 runs):
Before fix: 3/20 failures, missing up to 49 calls
After fix: 0/20 failures
- All 19 existing ThreadingMock tests pass
Upstream fix merged into CPython main:
https://github.com/python/cpython/pull/150176
Fixes [YOCTO #16213]
Signed-off-by: Sai Sneha <saisneha196@gmail.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 6f7af3f76c8ce0a77ddc779a850071a714caff33)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
...eadingMock-call-count-race-condition.patch | 37 +++++++++++++++++++
.../recipes-devtools/python/python3_3.14.5.bb | 1 +
2 files changed, 38 insertions(+)
create mode 100644 meta/recipes-devtools/python/python3/0001-Fix-ThreadingMock-call-count-race-condition.patch
diff --git a/meta/recipes-devtools/python/python3/0001-Fix-ThreadingMock-call-count-race-condition.patch b/meta/recipes-devtools/python/python3/0001-Fix-ThreadingMock-call-count-race-condition.patch
new file mode 100644
index 0000000000..aba3188a59
--- /dev/null
+++ b/meta/recipes-devtools/python/python3/0001-Fix-ThreadingMock-call-count-race-condition.patch
@@ -0,0 +1,37 @@
+From 388e023fe1197c1ffed374520ed45df4ac72b8f5 Mon Sep 17 00:00:00 2001
+From: Sai Sneha <saisneha196@gmail.com>
+Date: Thu, 21 May 2026 13:08:07 +0530
+Subject: [PATCH] Fix ThreadingMock call_count race condition
+
+ThreadingMock._increment_mock_call() was not thread-safe.
+Multiple threads calling the mock simultaneously could lose
+increments due to race conditions on call_count and other
+attributes.
+
+Fix by overriding _increment_mock_call in ThreadingMixin
+and wrapping it with the existing _mock_calls_events_lock.
+
+Upstream-Status: Backport [https://github.com/python/cpython/pull/150176]
+
+Signed-off-by: Sai Sneha <saisneha196@gmail.com>
+---
+ Lib/unittest/mock.py | 4 ++++
+ 1 file changed, 4 insertions(+)
+
+diff --git a/Lib/unittest/mock.py b/Lib/unittest/mock.py
+index 16f3699e89..56cdc37942 100644
+--- a/Lib/unittest/mock.py
++++ b/Lib/unittest/mock.py
+@@ -3113,6 +3113,10 @@ def _mock_call(self, *args, **kwargs):
+
+ return ret_value
+
++ def _increment_mock_call(self, /, *args, **kwargs):
++ with self._mock_calls_events_lock:
++ super()._increment_mock_call(*args, **kwargs)
++
+ def wait_until_called(self, *, timeout=_timeout_unset):
+ """Wait until the mock object is called.
+
+--
+2.34.1
diff --git a/meta/recipes-devtools/python/python3_3.14.5.bb b/meta/recipes-devtools/python/python3_3.14.5.bb
index b5c1d6fb3e..9e6738997d 100644
--- a/meta/recipes-devtools/python/python3_3.14.5.bb
+++ b/meta/recipes-devtools/python/python3_3.14.5.bb
@@ -35,6 +35,7 @@ SRC_URI = "http://www.python.org/ftp/python/${PV}/Python-${PV}.tar.xz \
file://0001-Skip-flaky-test_default_timeout-tests.patch \
file://0001-test_only_active_thread-skip-problematic-test.patch \
file://0001-prefer-valid-entrypoints.patch \
+ file://0001-Fix-ThreadingMock-call-count-race-condition.patch \
"
SRC_URI:append:class-native = " \
file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
^ permalink raw reply related
* [wrynose][PATCH 1/6] python3: upgrade 3.14.4 -> 3.14.5
From: Peter Marko @ 2026-06-08 21:53 UTC (permalink / raw)
To: openembedded-core; +Cc: peter.marko
From: Peter Marko <peter.marko@siemens.com>
Release notes: [1] and [2].
Resolves following CVEs from reports:
* CVE-2026-1502
* CVE-2026-3087 (Windows specific)
* CVE-2026-3298 (Windows specific)
* CVE-2026-4786 (explicitly set, see Debian security tracker)
* CVE-2026-5713 (explicitly set, see Debian security tracker)
* CVE-2026-6019 (explicitly set, see Debian security tracker)
* CVE-2026-6100 (explicitly set, see Debian security tracker)
Also some security issues without CVE assignment.
Refresh patches.
[1] https://docs.python.org/3/whatsnew/changelog.html#python-3-14-5-final
[2] https://docs.python.org/3/whatsnew/changelog.html#python-3-14-5-release-candidate-1
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 0df68073ebaecb968448dcf516b9085efadc6d29)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
...01-Avoid-shebang-overflow-on-python-config.py.patch | 2 +-
....py-handle-stdin-I-O-errors-same-way-as-maste.patch | 2 +-
...e.pre-use-qemu-wrapper-when-gathering-profile.patch | 2 +-
...ailing-tests-due-to-load-variability-on-YP-AB.patch | 10 +++++-----
.../0001-Skip-flaky-test_default_timeout-tests.patch | 4 ++--
...-Update-test_sysconfig-for-posix_user-purelib.patch | 2 +-
...no_stdout_fileno-test-due-to-load-variability.patch | 2 +-
...01-test_active_children-skip-problematic-test.patch | 2 +-
.../0001-test_cmd-skip-bang-completion-test.patch | 2 +-
...-test_ctypes.test_find-skip-without-tools-sdk.patch | 2 +-
...test_locale.py-correct-the-test-output-format.patch | 2 +-
...test_only_active_thread-skip-problematic-test.patch | 2 +-
...repl-skip-test_unix_console.test_cursor_back_.patch | 2 +-
.../0001-test_readline-skip-limited-history-test.patch | 6 +++---
...sconfig-skip-test_sysconfig.test_sysconfigdat.patch | 2 +-
meta/recipes-devtools/python/python3/makerace.patch | 2 +-
.../python/{python3_3.14.4.bb => python3_3.14.5.bb} | 8 ++++++--
17 files changed, 29 insertions(+), 25 deletions(-)
rename meta/recipes-devtools/python/{python3_3.14.4.bb => python3_3.14.5.bb} (98%)
diff --git a/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch b/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
index eaf5ea5049..c2106f9437 100644
--- a/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
+++ b/meta/recipes-devtools/python/python3/0001-Avoid-shebang-overflow-on-python-config.py.patch
@@ -19,7 +19,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index 9ec3a71..f7d5382 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2585,6 +2585,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
+@@ -2829,6 +2829,8 @@ python-config: $(srcdir)/Misc/python-config.in Misc/python-config.sh
@ # Substitution happens here, as the completely-expanded BINDIR
@ # is not available in configure
sed -e "s,@EXENAME@,$(EXENAME)," < $(srcdir)/Misc/python-config.in >python-config.py
diff --git a/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch b/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch
index 84ad2abb0b..d9072a36f7 100644
--- a/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch
+++ b/meta/recipes-devtools/python/python3/0001-Lib-pty.py-handle-stdin-I-O-errors-same-way-as-maste.patch
@@ -32,7 +32,7 @@ diff --git a/Lib/pty.py b/Lib/pty.py
index 1d97994..fa8821b 100644
--- a/Lib/pty.py
+++ b/Lib/pty.py
-@@ -178,7 +178,10 @@ def _copy(master_fd, master_read=_read, stdin_read=_read):
+@@ -149,7 +149,10 @@ def _copy(master_fd, master_read=_read, stdin_read=_read):
i_buf = i_buf[n:]
if stdin_avail and STDIN_FILENO in rfds:
diff --git a/meta/recipes-devtools/python/python3/0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch b/meta/recipes-devtools/python/python3/0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch
index 39b62f6f26..e25797f57e 100644
--- a/meta/recipes-devtools/python/python3/0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch
+++ b/meta/recipes-devtools/python/python3/0001-Makefile.pre-use-qemu-wrapper-when-gathering-profile.patch
@@ -18,7 +18,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index 3bd4495f95b..8e8fc60bc76 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -751,8 +751,7 @@ profile-run-stamp:
+@@ -857,8 +857,7 @@ profile-run-stamp:
# enabled.
$(MAKE) profile-gen-stamp
# Next, run the profile task to generate the profile information.
diff --git a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
index 4a35e8854e..a236268efb 100644
--- a/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
+++ b/meta/recipes-devtools/python/python3/0001-Skip-failing-tests-due-to-load-variability-on-YP-AB.patch
@@ -30,7 +30,7 @@ diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.
index 9a72362c022..008e6a505a5 100644
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
-@@ -722,6 +722,7 @@ def test_close(self):
+@@ -774,6 +774,7 @@ class _TestProcess(BaseTestCase):
close_queue(q)
@support.requires_resource('walltime')
@@ -38,7 +38,7 @@ index 9a72362c022..008e6a505a5 100644
def test_many_processes(self):
if self.TYPE == 'threads':
self.skipTest('test not appropriate for {}'.format(self.TYPE))
-@@ -2345,6 +2346,7 @@ def _test_timeout_f(cls, barrier, results):
+@@ -2398,6 +2399,7 @@ class _TestBarrier(BaseTestCase):
except threading.BrokenBarrierError:
results.append(True)
@@ -46,7 +46,7 @@ index 9a72362c022..008e6a505a5 100644
def test_timeout(self):
"""
Test wait(timeout)
-@@ -5459,6 +5461,7 @@ def signal_and_sleep(cls, sem, period):
+@@ -5550,6 +5552,7 @@ class TestWait(unittest.TestCase):
time.sleep(period)
@support.requires_resource('walltime')
@@ -58,7 +58,7 @@ diff --git a/Lib/test/test_time.py b/Lib/test/test_time.py
index 5312faa5077..36873d9a400 100644
--- a/Lib/test/test_time.py
+++ b/Lib/test/test_time.py
-@@ -548,6 +548,7 @@ def test_monotonic(self):
+@@ -548,6 +548,7 @@ class TimeTestCase(unittest.TestCase):
def test_perf_counter(self):
time.perf_counter()
@@ -66,7 +66,7 @@ index 5312faa5077..36873d9a400 100644
@unittest.skipIf(
support.is_wasi, "process_time not available on WASI"
)
-@@ -567,6 +568,7 @@ def test_process_time(self):
+@@ -567,6 +568,7 @@ class TimeTestCase(unittest.TestCase):
self.assertTrue(info.monotonic)
self.assertFalse(info.adjustable)
diff --git a/meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch b/meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch
index 4e1bd833b4..d41037f9ea 100644
--- a/meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch
+++ b/meta/recipes-devtools/python/python3/0001-Skip-flaky-test_default_timeout-tests.patch
@@ -27,7 +27,7 @@ diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.
index e8064e7..9ab1f9e 100644
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
-@@ -2259,6 +2259,7 @@ class _TestBarrier(BaseTestCase):
+@@ -2424,6 +2424,7 @@ class _TestBarrier(BaseTestCase):
"""
Test the barrier's default timeout
"""
@@ -39,7 +39,7 @@ diff --git a/Lib/test/lock_tests.py b/Lib/test/lock_tests.py
index 8c8f890..43e9b90 100644
--- a/Lib/test/lock_tests.py
+++ b/Lib/test/lock_tests.py
-@@ -1165,6 +1165,7 @@ class BarrierTests(BaseTestCase):
+@@ -1215,6 +1215,7 @@ class BarrierTests(BaseTestCase):
"""
Test the barrier's default timeout
"""
diff --git a/meta/recipes-devtools/python/python3/0001-Update-test_sysconfig-for-posix_user-purelib.patch b/meta/recipes-devtools/python/python3/0001-Update-test_sysconfig-for-posix_user-purelib.patch
index adaca4ff77..6a62c6dc5b 100644
--- a/meta/recipes-devtools/python/python3/0001-Update-test_sysconfig-for-posix_user-purelib.patch
+++ b/meta/recipes-devtools/python/python3/0001-Update-test_sysconfig-for-posix_user-purelib.patch
@@ -25,7 +25,7 @@ diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py
index 1ade492..4e94889 100644
--- a/Lib/test/test_sysconfig.py
+++ b/Lib/test/test_sysconfig.py
-@@ -430,7 +430,7 @@ class TestSysConfig(unittest.TestCase):
+@@ -434,7 +434,7 @@ class TestSysConfig(unittest.TestCase, VirtualEnvironmentMixin):
expected = os.path.normpath(global_path.replace(base, user, 1))
# bpo-44860: platlib of posix_user doesn't use sys.platlibdir,
# whereas posix_prefix does.
diff --git a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch b/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
index 9bc8b091cc..b186bdcb88 100644
--- a/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
+++ b/meta/recipes-devtools/python/python3/0001-skip-no_stdout_fileno-test-due-to-load-variability.patch
@@ -19,7 +19,7 @@ diff --git a/Lib/test/test_builtin.py b/Lib/test/test_builtin.py
index c5394de..ed17fb6 100644
--- a/Lib/test/test_builtin.py
+++ b/Lib/test/test_builtin.py
-@@ -2474,6 +2474,7 @@ class PtyTests(unittest.TestCase):
+@@ -2738,6 +2738,7 @@ class PtyTests(unittest.TestCase):
"byte 0xe9 in position 4: ordinal not in "
"range(128)")
diff --git a/meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch b/meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch
index 80aa29faf0..d7202aa575 100644
--- a/meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_active_children-skip-problematic-test.patch
@@ -21,7 +21,7 @@ diff --git a/Lib/test/_test_multiprocessing.py b/Lib/test/_test_multiprocessing.
index 008e6a505a5..746de8945f0 100644
--- a/Lib/test/_test_multiprocessing.py
+++ b/Lib/test/_test_multiprocessing.py
-@@ -615,6 +615,7 @@ def test_cpu_count(self):
+@@ -667,6 +667,7 @@ class _TestProcess(BaseTestCase):
self.assertIsInstance(cpus, int)
self.assertGreaterEqual(cpus, 1)
diff --git a/meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch b/meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch
index d339e8c198..f1ba044cc3 100644
--- a/meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_cmd-skip-bang-completion-test.patch
@@ -18,7 +18,7 @@ diff --git a/Lib/test/test_cmd.py b/Lib/test/test_cmd.py
index dbfec42fc21..c33dab8d10d 100644
--- a/Lib/test/test_cmd.py
+++ b/Lib/test/test_cmd.py
-@@ -295,6 +295,7 @@ def do_tab_completion_test(self, args):
+@@ -295,6 +295,7 @@ class CmdTestReadline(unittest.TestCase):
self.assertIn(b'ab_completion_test', output)
self.assertIn(b'tab completion success', output)
diff --git a/meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch b/meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch
index 68e277d662..cdcd9302d6 100644
--- a/meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_ctypes.test_find-skip-without-tools-sdk.patch
@@ -18,7 +18,7 @@ diff --git a/Lib/test/test_ctypes/test_find.py b/Lib/test/test_ctypes/test_find.
index 85b2861..b033203 100644
--- a/Lib/test/test_ctypes/test_find.py
+++ b/Lib/test/test_ctypes/test_find.py
-@@ -116,10 +116,12 @@ class FindLibraryLinux(unittest.TestCase):
+@@ -117,10 +117,12 @@ class FindLibraryLinux(unittest.TestCase):
# LD_LIBRARY_PATH)
self.assertEqual(find_library(libname), 'lib%s.so' % libname)
diff --git a/meta/recipes-devtools/python/python3/0001-test_locale.py-correct-the-test-output-format.patch b/meta/recipes-devtools/python/python3/0001-test_locale.py-correct-the-test-output-format.patch
index 189246911b..201271b0c0 100644
--- a/meta/recipes-devtools/python/python3/0001-test_locale.py-correct-the-test-output-format.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_locale.py-correct-the-test-output-format.patch
@@ -34,7 +34,7 @@ diff --git a/Lib/test/test_locale.py b/Lib/test/test_locale.py
index da4bd79..fd9e67d 100644
--- a/Lib/test/test_locale.py
+++ b/Lib/test/test_locale.py
-@@ -501,7 +501,7 @@ class TestRealLocales(unittest.TestCase):
+@@ -500,7 +500,7 @@ class TestRealLocales(unittest.TestCase):
self.skipTest('test needs Turkish locale')
loc = locale.getlocale(locale.LC_CTYPE)
if verbose:
diff --git a/meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch b/meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch
index 4886b7e386..bc436e077a 100644
--- a/meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_only_active_thread-skip-problematic-test.patch
@@ -17,7 +17,7 @@ diff --git a/Lib/test/test_external_inspection.py b/Lib/test/test_external_inspe
index a709b837161..7a87092c10e 100644
--- a/Lib/test/test_external_inspection.py
+++ b/Lib/test/test_external_inspection.py
-@@ -1111,6 +1111,7 @@ def test_self_trace(self):
+@@ -1154,6 +1154,7 @@ class TestGetStackTrace(unittest.TestCase):
],
)
diff --git a/meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch b/meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch
index e886c046cb..97f7871266 100644
--- a/meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_pyrepl-skip-test_unix_console.test_cursor_back_.patch
@@ -33,7 +33,7 @@ diff --git a/Lib/test/test_pyrepl/test_unix_console.py b/Lib/test/test_pyrepl/te
index 3b0d2637dab..5a3c8952f61 100644
--- a/Lib/test/test_pyrepl/test_unix_console.py
+++ b/Lib/test/test_pyrepl/test_unix_console.py
-@@ -172,6 +172,7 @@ def test_cursor_up_down(self, _os_write):
+@@ -186,6 +186,7 @@ class TestConsole(TestCase):
_os_write.assert_any_call(ANY, TERM_CAPABILITIES["cud"] + b":1")
con.restore()
diff --git a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch b/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
index a619d51c10..c59c6672e0 100644
--- a/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_readline-skip-limited-history-test.patch
@@ -20,7 +20,7 @@ diff --git a/Lib/test/test_readline.py b/Lib/test/test_readline.py
index 537a9fb..ddf0323 100644
--- a/Lib/test/test_readline.py
+++ b/Lib/test/test_readline.py
-@@ -71,6 +71,7 @@ class TestHistoryManipulation (unittest.TestCase):
+@@ -74,6 +74,7 @@ class TestHistoryManipulation (unittest.TestCase):
@unittest.skipUnless(hasattr(readline, "append_history_file"),
"append_history not available")
@@ -28,7 +28,7 @@ index 537a9fb..ddf0323 100644
def test_write_read_append(self):
hfile = tempfile.NamedTemporaryFile(delete=False)
hfile.close()
-@@ -142,6 +143,7 @@ class TestHistoryManipulation (unittest.TestCase):
+@@ -145,6 +146,7 @@ class TestHistoryManipulation (unittest.TestCase):
self.assertEqual(readline.get_history_item(1), "entrée 1")
self.assertEqual(readline.get_history_item(2), "entrée 22")
@@ -36,7 +36,7 @@ index 537a9fb..ddf0323 100644
def test_write_read_limited_history(self):
previous_length = readline.get_history_length()
self.addCleanup(readline.set_history_length, previous_length)
-@@ -390,6 +392,7 @@ readline.write_history_file(history_file)
+@@ -393,6 +395,7 @@ readline.write_history_file(history_file)
self.assertIn(b"done", output)
diff --git a/meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch b/meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch
index 0fe9399bf1..6dfba59a44 100644
--- a/meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch
+++ b/meta/recipes-devtools/python/python3/0001-test_sysconfig-skip-test_sysconfig.test_sysconfigdat.patch
@@ -19,7 +19,7 @@ diff --git a/Lib/test/test_sysconfig.py b/Lib/test/test_sysconfig.py
index 09eff11179e..14fcdedccba 100644
--- a/Lib/test/test_sysconfig.py
+++ b/Lib/test/test_sysconfig.py
-@@ -685,6 +685,7 @@ def test_makefile_overwrites_config_vars(self):
+@@ -689,6 +689,7 @@ class TestSysConfig(unittest.TestCase, VirtualEnvironmentMixin):
self.assertNotEqual(data['prefix'], data['base_prefix'])
self.assertNotEqual(data['exec_prefix'], data['base_exec_prefix'])
diff --git a/meta/recipes-devtools/python/python3/makerace.patch b/meta/recipes-devtools/python/python3/makerace.patch
index bf73135e09..b29ea56cc3 100644
--- a/meta/recipes-devtools/python/python3/makerace.patch
+++ b/meta/recipes-devtools/python/python3/makerace.patch
@@ -20,7 +20,7 @@ diff --git a/Makefile.pre.in b/Makefile.pre.in
index be1b9ea..9ec3a71 100644
--- a/Makefile.pre.in
+++ b/Makefile.pre.in
-@@ -2492,7 +2492,7 @@ COMPILEALL_OPTS=-j0
+@@ -2735,7 +2735,7 @@ COMPILEALL_OPTS=-j0
TEST_MODULES=@TEST_MODULES@
.PHONY: libinstall
diff --git a/meta/recipes-devtools/python/python3_3.14.4.bb b/meta/recipes-devtools/python/python3_3.14.5.bb
similarity index 98%
rename from meta/recipes-devtools/python/python3_3.14.4.bb
rename to meta/recipes-devtools/python/python3_3.14.5.bb
index 71f590f630..b5c1d6fb3e 100644
--- a/meta/recipes-devtools/python/python3_3.14.4.bb
+++ b/meta/recipes-devtools/python/python3_3.14.5.bb
@@ -40,8 +40,7 @@ SRC_URI:append:class-native = " \
file://0001-Lib-sysconfig.py-use-prefix-value-from-build-configu.patch \
"
-SRC_URI[sha256sum] = "a97d5549e9ad81fe17159ed02c68774ad5d266c72f8d9a0b5a9c371fe85d902b"
-SRC_URI[sha256sum] = "d923c51303e38e249136fc1bdf3568d56ecb03214efdef48516176d3d7faaef8"
+SRC_URI[sha256sum] = "7e32597b99e5d9a39abed35de4693fa169df3e5850d4c334337ffd6a19a36db6"
# exclude pre-releases for both python 2.x and 3.x
UPSTREAM_CHECK_REGEX = "[Pp]ython-(?P<pver>\d+(\.\d+)+).tar"
@@ -522,3 +521,8 @@ SYSROOT_PREPROCESS_FUNCS += " py3_sysroot_cleanup"
py3_sysroot_cleanup () {
rm -rf ${SYSROOT_DESTDIR}${libdir}/python${PYTHON_MAJMIN}/test
}
+
+CVE_STATUS[CVE-2026-4786] = "cpe-stable-backport: backported to v3.14.5"
+CVE_STATUS[CVE-2026-5713] = "cpe-stable-backport: backported to v3.14.5"
+CVE_STATUS[CVE-2026-6019] = "cpe-stable-backport: backported to v3.14.5"
+CVE_STATUS[CVE-2026-6100] = "cpe-stable-backport: backported to v3.14.5"
^ permalink raw reply related
* [wrynose][PATCH 1/2] go: upgrade 1.26.2 -> 1.26.3
From: Peter Marko @ 2026-06-08 18:23 UTC (permalink / raw)
To: openembedded-core; +Cc: Peter Marko, Mathieu Dubois-Briand, Richard Purdie
From: Peter Marko <peter.marko@siemens.com>
Upgrade to latest 1.26.x release [1]:
$ git --no-pager log --oneline go1.26.2..go1.26.3
2dc996f71b (tag: go1.26.3) [release-branch.go1.26] go1.26.3
8282c628a0 [release-branch.go1.26] cmd/go: reject sumdb response lacking module hash
3baf3eec3b [release-branch.go1.26] all: avoid unsafe StringToUTF16Ptr on Windows
0bec63330d [release-branch.go1.26] net/mail: fix quadratic consumePhrase behavior
7136366ebf [release-branch.go1.26] cmd/go: invalidate test cache when -coverpkg dependencies change
722b68ceca [release-branch.go1.26] cmd/compile: keep blank nodes alive in b.loop
3ae315a8cd [release-branch.go1.26] os: avoid panic when RemoveAll fails to remove a symlink
c9f97f50c4 [release-branch.go1.26] html/template: fix escaping of URLs in meta content attributes
40fa774fff [release-branch.go1.26] cmd/pack: refuse to extract files with directory components
d9389d318b [release-branch.go1.26] net/mail: fix quadratic complexity in consumeComment
dd29b59a2b [release-branch.go1.26] cmd/compile: fix loopvar version detection with line directives
18fa391f45 [release-branch.go1.26] crypto/fips140: add package docs
e0f5c054cb [release-branch.go1.26] net: avoid double-free of cgo pointer when handling large DNS response
2992086cf8 [release-branch.go1.26] lib/fips140: add certified pointing to v1.0.0-c2097c7c
f43caf8712 [release-branch.go1.26] lib/fips140: update inprocess to v1.26.0
19d2ce3401 [release-branch.go1.26] runtime: fix timespec definition on 32bits systems
e9df527f06 [release-branch.go1.26] crypto/tls: wrap ML-KEM hybrids in fips140.WithoutEnforcement
73f417a37c [release-branch.go1.26] go/types, types2: handle unconstrained type parameters correctly in a few places
50856a181c [release-branch.go1.26] cmd/go: use MkdirTemp to create temp directory for "go bug"
e137885d68 [release-branch.go1.26] cmd/compile/internal/devirtualize: use pointer identity for type comparison
c9712872cc [release-branch.go1.26] crypto/internal/fips140/drbg: build tag out entropy generation on Wasm
cb994d85ff [release-branch.go1.26] cmd/fix: change -diff to exit 1 if diffs exist
95470667eb [release-branch.go1.26] net/http/httputil: reencode queries with many parameters in proxy
9b01c04815 [release-branch.go1.26] html/template: fix escaper bypass by treating empty script type as JavaScript
be12fe151c [release-branch.go1.26] runtime: use uname version check for 64-bit time on 32-bit arch codepaths
ec5ebece41 [release-branch.go1.26] all: update x/net to 705de46f
710f29a758 [release-branch.go1.26] runtime: add sysUnreserve to undo sysReserve
efdc0fb354 [release-branch.go1.26] cmd/compile: handle min integer step in loop
ba4554f03b [release-branch.go1.26] cmd/go: specify full path to go command when running go tool covdata
f4e425d342 [release-branch.go1.26] fix incorrect loop trip counts
0b4d5f85e6 [release-branch.go1.26] cmd/link: use bfd ld 2.36+ on linux/arm64 instead of gold
Fixes CVE-2026-42501, CVE-2026-39825, CVE-2026-39836, CVE-2026-42499,
CVE-2026-39820, CVE-2026-39819, CVE-2026-39817, CVE-2026-33814,
CVE-2026-39826, CVE-2026-33811 and CVE-2026-39823.
Drop patch handling gold linker as upstream implemented gold linker
availability autodetection with [3].
Release information: [2]
[1] https://github.com/golang/go/compare/go1.26.2...go1.26.3
[2] https://groups.google.com/g/golang-announce/c/qcCIEXso47M
[3] https://github.com/golang/go/commit/0b4d5f85e68ea79b61de9989f9f37a984eb11289
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: 3d8258a8d3d96dc1225172c2ff9e889fd12cf6bc)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
.../go/{go-1.26.2.inc => go-1.26.3.inc} | 3 +-
...e_1.26.2.bb => go-binary-native_1.26.3.bb} | 6 +-
..._1.26.2.bb => go-cross-canadian_1.26.3.bb} | 0
...{go-cross_1.26.2.bb => go-cross_1.26.3.bb} | 0
...osssdk_1.26.2.bb => go-crosssdk_1.26.3.bb} | 0
...runtime_1.26.2.bb => go-runtime_1.26.3.bb} | 0
...rcing-binutils-gold-dependency-on-aa.patch | 55 -------------------
.../go/{go_1.26.2.bb => go_1.26.3.bb} | 0
8 files changed, 4 insertions(+), 60 deletions(-)
rename meta/recipes-devtools/go/{go-1.26.2.inc => go-1.26.3.inc} (83%)
rename meta/recipes-devtools/go/{go-binary-native_1.26.2.bb => go-binary-native_1.26.3.bb} (80%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.26.2.bb => go-cross-canadian_1.26.3.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.26.2.bb => go-cross_1.26.3.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.26.2.bb => go-crosssdk_1.26.3.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.26.2.bb => go-runtime_1.26.3.bb} (100%)
delete mode 100644 meta/recipes-devtools/go/go/0011-cmd-link-stop-forcing-binutils-gold-dependency-on-aa.patch
rename meta/recipes-devtools/go/{go_1.26.2.bb => go_1.26.3.bb} (100%)
diff --git a/meta/recipes-devtools/go/go-1.26.2.inc b/meta/recipes-devtools/go/go-1.26.3.inc
similarity index 83%
rename from meta/recipes-devtools/go/go-1.26.2.inc
rename to meta/recipes-devtools/go/go-1.26.3.inc
index 8bb10bc89f..db7b18ed2d 100644
--- a/meta/recipes-devtools/go/go-1.26.2.inc
+++ b/meta/recipes-devtools/go/go-1.26.3.inc
@@ -15,6 +15,5 @@ SRC_URI += "\
file://0008-src-cmd-dist-buildgo.go-do-not-hardcode-host-compile.patch \
file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \
file://0010-cmd-go-clear-GOROOT-for-func-ldShared-when-trimpath-.patch \
- file://0011-cmd-link-stop-forcing-binutils-gold-dependency-on-aa.patch \
"
-SRC_URI[main.sha256sum] = "2e91ebb6947a96e9436fb2b3926a8802efe63a6d375dffec4f82aa9dbd6fd43b"
+SRC_URI[main.sha256sum] = "1c646875d0aa8799133184ed57cf79ff24bdefe8c8820470602a9d3d6d9192b8"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.26.2.bb b/meta/recipes-devtools/go/go-binary-native_1.26.3.bb
similarity index 80%
rename from meta/recipes-devtools/go/go-binary-native_1.26.2.bb
rename to meta/recipes-devtools/go/go-binary-native_1.26.3.bb
index d9006373f6..135c7fbf5e 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.26.2.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.26.3.bb
@@ -9,9 +9,9 @@ PROVIDES = "go-native"
# Checksums available at https://go.dev/dl/
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "990e6b4bbba816dc3ee129eaeaf4b42f17c2800b88a2166c265ac1a200262282"
-SRC_URI[go_linux_arm64.sha256sum] = "c958a1fe1b361391db163a485e21f5f228142d6f8b584f6bef89b26f66dc5b23"
-SRC_URI[go_linux_ppc64le.sha256sum] = "62b7645dd2404052535617c59e91cf03c7aa28e332dbaddbe4c0d7de7bcc6736"
+SRC_URI[go_linux_amd64.sha256sum] = "2b2cfc7148493da5e73981bffbf3353af381d5f93e789c82c79aff64962eb556"
+SRC_URI[go_linux_arm64.sha256sum] = "9d89a3ea57d141c2b22d70083f2c8459ba3890f2d9e818e7e933b75614936565"
+SRC_URI[go_linux_ppc64le.sha256sum] = "dbd82b50530ead2beb1fd72215117380df3cb16332b51467116dc35b3691dd75"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.26.2.bb b/meta/recipes-devtools/go/go-cross-canadian_1.26.3.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.26.2.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.26.3.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.26.2.bb b/meta/recipes-devtools/go/go-cross_1.26.3.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.26.2.bb
rename to meta/recipes-devtools/go/go-cross_1.26.3.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.26.2.bb b/meta/recipes-devtools/go/go-crosssdk_1.26.3.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.26.2.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.26.3.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.26.2.bb b/meta/recipes-devtools/go/go-runtime_1.26.3.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.26.2.bb
rename to meta/recipes-devtools/go/go-runtime_1.26.3.bb
diff --git a/meta/recipes-devtools/go/go/0011-cmd-link-stop-forcing-binutils-gold-dependency-on-aa.patch b/meta/recipes-devtools/go/go/0011-cmd-link-stop-forcing-binutils-gold-dependency-on-aa.patch
deleted file mode 100644
index dda0f2bb71..0000000000
--- a/meta/recipes-devtools/go/go/0011-cmd-link-stop-forcing-binutils-gold-dependency-on-aa.patch
+++ /dev/null
@@ -1,55 +0,0 @@
-From 6d265b008e3d106b2706645e5a88cd8e2fb98953 Mon Sep 17 00:00:00 2001
-From: Dirk Müller <dirk@dmllr.de>
-Date: Wed, 09 Mar 2022 17:47:23 +0100
-Subject: [PATCH 11/11] cmd/link: stop forcing binutils-gold dependency on
- aarch64
-
-The bfd linker appears to be working just fine at least in version
-2.41 or above. Reject the known broken one instead, which
-avoids an architecture specific linker dependency that
-is cumbersome for distributions.
-
-Fixes #22040.
-
-Change-Id: I9f377e47c22ef20497479c0978c053ed5de46a38
-
-Upstream-Status: Submitted [https://go-review.googlesource.com/c/go/+/391115]
----
- src/cmd/link/internal/ld/lib.go | 21 ---------------------
- 1 file changed, 21 deletions(-)
-
-diff --git a/src/cmd/link/internal/ld/lib.go b/src/cmd/link/internal/ld/lib.go
-index dfc72e02c0..2a2a304113 100644
---- a/src/cmd/link/internal/ld/lib.go
-+++ b/src/cmd/link/internal/ld/lib.go
-@@ -1701,27 +1701,6 @@ func (ctxt *Link) hostlink() {
- // Use lld to avoid errors from default linker (issue #38838)
- altLinker = "lld"
- }
--
-- if ctxt.Arch.InFamily(sys.ARM64) && buildcfg.GOOS == "linux" {
-- // On ARM64, the GNU linker will fail with
-- // -znocopyreloc if it thinks a COPY relocation is
-- // required. Switch to gold.
-- // https://sourceware.org/bugzilla/show_bug.cgi?id=19962
-- // https://go.dev/issue/22040
-- altLinker = "gold"
--
-- // If gold is not installed, gcc will silently switch
-- // back to ld.bfd. So we parse the version information
-- // and provide a useful error if gold is missing.
-- name, args := flagExtld[0], flagExtld[1:]
-- args = append(args, "-fuse-ld=gold", "-Wl,--version")
-- cmd := exec.Command(name, args...)
-- if out, err := cmd.CombinedOutput(); err == nil {
-- if !bytes.Contains(out, []byte("GNU gold")) {
-- log.Fatalf("ARM64 external linker must be gold (issue #15696, 22040), but is not: %s", out)
-- }
-- }
-- }
- }
- if ctxt.Arch.Family == sys.ARM64 && buildcfg.GOOS == "freebsd" {
- // Switch to ld.bfd on freebsd/arm64.
---
-2.25.1
-
diff --git a/meta/recipes-devtools/go/go_1.26.2.bb b/meta/recipes-devtools/go/go_1.26.3.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.26.2.bb
rename to meta/recipes-devtools/go/go_1.26.3.bb
^ permalink raw reply related
* [wrynose][PATCH 2/2] go: upgrade 1.26.3 -> 1.26.4
From: Peter Marko @ 2026-06-08 18:23 UTC (permalink / raw)
To: openembedded-core; +Cc: Peter Marko, Mathieu Dubois-Briand, Richard Purdie
In-Reply-To: <20260608182325.5900-1-peter.marko@siemens.com>
From: Peter Marko <peter.marko@siemens.com>
Upgrade to latest 1.26.x release [1]:
$ git --no-pager log --oneline go1.26.3..go1.26.4
a9ce111d58 (tag: go1.26.4) [release-branch.go1.26] go1.26.4
babc19e1ad [release-branch.go1.26] cmd/compile: do not misscompile x+x << 63 to x << 0 on amd64
7d24489b2b [release-branch.go1.26] runtime/race: build race detector linux/arm64 syso with no-outline-atomics
ce5a3e718c [release-branch.go1.26] crypto/x509: split candidate hostname only once
ec1c380418 [release-branch.go1.26] net/textproto: escape arbitrary input when including them in errors
7f24db453a [release-branch.go1.26] mime: avoid quadratic complexity in WordDecoder.DecodeHeader
ccffd99f3c [release-branch.go1.26] cmd/fix: pull in CL 783960
26c2ac5f94 [release-branch.go1.26] crypto/internal/fips140/drbg: fix Wasm stub
Fixes CVE-2026-42504, CVE-2026-42507 and CVE-2026-27145.
Release information: [2]
[1] https://github.com/golang/go/compare/go1.26.3...go1.26.4
[2] https://groups.google.com/g/golang-announce/c/tKs3rmcBcKw
Signed-off-by: Peter Marko <peter.marko@siemens.com>
Signed-off-by: Mathieu Dubois-Briand <mathieu.dubois-briand@bootlin.com>
Signed-off-by: Richard Purdie <richard.purdie@linuxfoundation.org>
(From OE-Core rev: b9b3b3098eece17d29d41b1923ae5a26511d9b4b)
Signed-off-by: Peter Marko <peter.marko@siemens.com>
---
meta/recipes-devtools/go/{go-1.26.3.inc => go-1.26.4.inc} | 2 +-
...o-binary-native_1.26.3.bb => go-binary-native_1.26.4.bb} | 6 +++---
...cross-canadian_1.26.3.bb => go-cross-canadian_1.26.4.bb} | 0
.../go/{go-cross_1.26.3.bb => go-cross_1.26.4.bb} | 0
.../go/{go-crosssdk_1.26.3.bb => go-crosssdk_1.26.4.bb} | 0
.../go/{go-runtime_1.26.3.bb => go-runtime_1.26.4.bb} | 0
meta/recipes-devtools/go/{go_1.26.3.bb => go_1.26.4.bb} | 0
7 files changed, 4 insertions(+), 4 deletions(-)
rename meta/recipes-devtools/go/{go-1.26.3.inc => go-1.26.4.inc} (90%)
rename meta/recipes-devtools/go/{go-binary-native_1.26.3.bb => go-binary-native_1.26.4.bb} (80%)
rename meta/recipes-devtools/go/{go-cross-canadian_1.26.3.bb => go-cross-canadian_1.26.4.bb} (100%)
rename meta/recipes-devtools/go/{go-cross_1.26.3.bb => go-cross_1.26.4.bb} (100%)
rename meta/recipes-devtools/go/{go-crosssdk_1.26.3.bb => go-crosssdk_1.26.4.bb} (100%)
rename meta/recipes-devtools/go/{go-runtime_1.26.3.bb => go-runtime_1.26.4.bb} (100%)
rename meta/recipes-devtools/go/{go_1.26.3.bb => go_1.26.4.bb} (100%)
diff --git a/meta/recipes-devtools/go/go-1.26.3.inc b/meta/recipes-devtools/go/go-1.26.4.inc
similarity index 90%
rename from meta/recipes-devtools/go/go-1.26.3.inc
rename to meta/recipes-devtools/go/go-1.26.4.inc
index db7b18ed2d..8bc6f4d4de 100644
--- a/meta/recipes-devtools/go/go-1.26.3.inc
+++ b/meta/recipes-devtools/go/go-1.26.4.inc
@@ -16,4 +16,4 @@ SRC_URI += "\
file://0009-go-Filter-build-paths-on-staticly-linked-arches.patch \
file://0010-cmd-go-clear-GOROOT-for-func-ldShared-when-trimpath-.patch \
"
-SRC_URI[main.sha256sum] = "1c646875d0aa8799133184ed57cf79ff24bdefe8c8820470602a9d3d6d9192b8"
+SRC_URI[main.sha256sum] = "4f668a32fbfc1132e6a881fb968c2f1dada631492a339211735fbb255a42602d"
diff --git a/meta/recipes-devtools/go/go-binary-native_1.26.3.bb b/meta/recipes-devtools/go/go-binary-native_1.26.4.bb
similarity index 80%
rename from meta/recipes-devtools/go/go-binary-native_1.26.3.bb
rename to meta/recipes-devtools/go/go-binary-native_1.26.4.bb
index 135c7fbf5e..3757b9f6a5 100644
--- a/meta/recipes-devtools/go/go-binary-native_1.26.3.bb
+++ b/meta/recipes-devtools/go/go-binary-native_1.26.4.bb
@@ -9,9 +9,9 @@ PROVIDES = "go-native"
# Checksums available at https://go.dev/dl/
SRC_URI = "https://dl.google.com/go/go${PV}.${BUILD_GOOS}-${BUILD_GOARCH}.tar.gz;name=go_${BUILD_GOTUPLE}"
-SRC_URI[go_linux_amd64.sha256sum] = "2b2cfc7148493da5e73981bffbf3353af381d5f93e789c82c79aff64962eb556"
-SRC_URI[go_linux_arm64.sha256sum] = "9d89a3ea57d141c2b22d70083f2c8459ba3890f2d9e818e7e933b75614936565"
-SRC_URI[go_linux_ppc64le.sha256sum] = "dbd82b50530ead2beb1fd72215117380df3cb16332b51467116dc35b3691dd75"
+SRC_URI[go_linux_amd64.sha256sum] = "1153d3d50e0ac764b447adfe05c2bcf08e889d42a02e0fe0259bd47f6733ad7f"
+SRC_URI[go_linux_arm64.sha256sum] = "ef758ae7c6cf9267c9c0ef080b8965f453d89ab2d25d9eb22de4405925238768"
+SRC_URI[go_linux_ppc64le.sha256sum] = "53f49b8c7eace2d30389327b4a516b13321f90377fdf5929a6b63174609bc22e"
UPSTREAM_CHECK_URI = "https://golang.org/dl/"
UPSTREAM_CHECK_REGEX = "go(?P<pver>\d+(\.\d+)+)\.linux"
diff --git a/meta/recipes-devtools/go/go-cross-canadian_1.26.3.bb b/meta/recipes-devtools/go/go-cross-canadian_1.26.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross-canadian_1.26.3.bb
rename to meta/recipes-devtools/go/go-cross-canadian_1.26.4.bb
diff --git a/meta/recipes-devtools/go/go-cross_1.26.3.bb b/meta/recipes-devtools/go/go-cross_1.26.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-cross_1.26.3.bb
rename to meta/recipes-devtools/go/go-cross_1.26.4.bb
diff --git a/meta/recipes-devtools/go/go-crosssdk_1.26.3.bb b/meta/recipes-devtools/go/go-crosssdk_1.26.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-crosssdk_1.26.3.bb
rename to meta/recipes-devtools/go/go-crosssdk_1.26.4.bb
diff --git a/meta/recipes-devtools/go/go-runtime_1.26.3.bb b/meta/recipes-devtools/go/go-runtime_1.26.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go-runtime_1.26.3.bb
rename to meta/recipes-devtools/go/go-runtime_1.26.4.bb
diff --git a/meta/recipes-devtools/go/go_1.26.3.bb b/meta/recipes-devtools/go/go_1.26.4.bb
similarity index 100%
rename from meta/recipes-devtools/go/go_1.26.3.bb
rename to meta/recipes-devtools/go/go_1.26.4.bb
^ permalink raw reply related
* [PATCH 3/3] archiver.bbclass: Add ARCHIVER_MIRROR_INCLUDE
From: Peter Kjellerstedt @ 2026-06-08 17:52 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <20260608175259.3238900-1-pkj@axis.com>
When using the archiver's mirror mode, ARCHIVER_MIRROR_INCLUDE contains
a list of URI prefixes to always include in the mirror. This may be
useful if recipes that are included in the mirror (due to their
licenses) depend on some recipe that otherwise would not be included in
the mirror, and that recipe uses files that are normally only available
on a private server.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
---
meta/classes/archiver.bbclass | 37 ++++++++++++++++++++++--
meta/lib/oeqa/selftest/cases/archiver.py | 24 +++++++++++++++
2 files changed, 58 insertions(+), 3 deletions(-)
diff --git a/meta/classes/archiver.bbclass b/meta/classes/archiver.bbclass
index a3f8689b19..035d0dce0f 100644
--- a/meta/classes/archiver.bbclass
+++ b/meta/classes/archiver.bbclass
@@ -35,7 +35,13 @@
# ARCHIVER_MODE[mirror] = "combined": All sources are placed into a single
# directory suitable for direct use as a mirror. Duplicate sources are
# ignored.
-# 12) Source mirror exclusions:
+# 12) Source mirror inclusions:
+# ARCHIVER_MIRROR_INCLUDE is a list of URI prefixes to always include in
+# the mirror. This may be useful if recipes that are included in the mirror
+# (due to their licenses) depend on some recipe that otherwise would not be
+# included in the mirror, and that recipe uses files that are normally only
+# available on a private server.
+# 13) Source mirror exclusions:
# ARCHIVER_MIRROR_EXCLUDE is a list of prefixes to exclude from the mirror.
# This may be used for sources which you are already publishing yourself
# (e.g. if the URI starts with 'https://mysite.com/' and your mirror is
@@ -77,8 +83,9 @@ do_ar_original[dirs] = "${ARCHIVER_OUTDIR} ${ARCHIVER_WORKDIR}"
# This is a convenience for the shell script to use it
def include_package(d, pn):
-
- included, reason = copyleft_should_include(d)
+ included, reason = archiver_should_include(d)
+ if not included:
+ included, reason = copyleft_should_include(d)
if not included:
bb.debug(1, 'archiver: %s is excluded: %s' % (pn, reason))
return False
@@ -99,6 +106,29 @@ def include_package(d, pn):
return True
+def archiver_should_include(d):
+ ar_src = d.getVarFlag('ARCHIVER_MODE', 'src')
+ if ar_src == "mirror":
+ src_uri = (d.getVar('SRC_URI') or '').split()
+ if len(src_uri) == 0:
+ return False, None
+
+ mirror_inclusions = (d.getVar('ARCHIVER_MIRROR_INCLUDE') or '').split()
+
+ def is_included(url):
+ for prefix in mirror_inclusions:
+ if url.startswith(prefix):
+ return True
+ return False
+
+ fetcher = bb.fetch2.Fetch(src_uri, d)
+
+ for ud in fetcher.expanded_urldata():
+ if is_included(ud.url):
+ return True, "URL matches ARCHIVER_MIRROR_INCLUDE"
+
+ return False, None
+
python () {
pn = d.getVar('PN')
assume_provided = (d.getVar("ASSUME_PROVIDED") or "").split()
@@ -182,6 +212,7 @@ python () {
do_ar_prepare[vardeps] += " \
ARCHIVER_MODE \
ARCHIVER_MIRROR_EXCLUDE \
+ ARCHIVER_MIRROR_INCLUDE \
COPYLEFT_LICENSE_EXCLUDE \
COPYLEFT_LICENSE_INCLUDE \
COPYLEFT_PN_EXCLUDE \
diff --git a/meta/lib/oeqa/selftest/cases/archiver.py b/meta/lib/oeqa/selftest/cases/archiver.py
index 122d16b655..e9f178d5c9 100644
--- a/meta/lib/oeqa/selftest/cases/archiver.py
+++ b/meta/lib/oeqa/selftest/cases/archiver.py
@@ -261,6 +261,30 @@ class Archiver(OESelftestTestCase):
archive_path = os.path.join(glob_result[0], target_file_name)
self.assertFalse(os.path.exists(archive_path), 'Failed to exclude archive file %s' % (target_file_name))
+ def test_archiver_mode_mirror_include(self):
+ """
+ Test that `ARCHIVER_MIRROR_INCLUDE` causes a source URL to be included
+ in the mirror even when the recipe would otherwise be excluded by the
+ copyleft license filter.
+ """
+
+ target = 'selftest-ed'
+ target_file_name = 'ed-1.21.1.tar.lz'
+
+ features = 'INHERIT += "archiver"\n'
+ features += 'ARCHIVER_MODE[src] = "mirror"\n'
+ features += 'ARCHIVER_MODE[mirror] = "combined"\n'
+ features += 'BB_GENERATE_MIRROR_TARBALLS = "1"\n'
+ features += 'COPYLEFT_LICENSE_INCLUDE = "CLOSED"\n'
+ features += 'ARCHIVER_MIRROR_INCLUDE = "${GNU_MIRROR}"\n'
+ self.write_config(features)
+
+ bitbake('-c deploy_archives %s' % (target))
+
+ bb_vars = get_bb_vars(['DEPLOY_DIR_SRC'])
+ target_path = os.path.join(bb_vars['DEPLOY_DIR_SRC'], 'mirror', target_file_name)
+ self.assertTrue(os.path.exists(target_path), 'Missing archive file %s' % (target_file_name))
+
def test_archiver_mode_mirror_combined(self):
"""
Test that the archiver works with `ARCHIVER_MODE[src] = "mirror"`
^ permalink raw reply related
* [PATCH 2/3] oeqa/selftest/archiver: Do not run bitbake -c clean unnecessarily
From: Peter Kjellerstedt @ 2026-06-08 17:52 UTC (permalink / raw)
To: openembedded-core
In-Reply-To: <20260608175259.3238900-1-pkj@axis.com>
Now that the archiver bbclass properly adapts its output based on its
configuration, it should no longer be needed to run `bitbake -c clean`
before invoking the archiver. There is one exception, which is due to
modifying DL_DIR as it does not automatically trigger a re-fetch.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
---
meta/lib/oeqa/selftest/cases/archiver.py | 9 ++-------
1 file changed, 2 insertions(+), 7 deletions(-)
diff --git a/meta/lib/oeqa/selftest/cases/archiver.py b/meta/lib/oeqa/selftest/cases/archiver.py
index 872504808a..122d16b655 100644
--- a/meta/lib/oeqa/selftest/cases/archiver.py
+++ b/meta/lib/oeqa/selftest/cases/archiver.py
@@ -31,7 +31,6 @@ class Archiver(OESelftestTestCase):
features += 'COPYLEFT_PN_EXCLUDE = "%s"\n' % exclude_recipe
self.write_config(features)
- bitbake('-c clean %s %s' % (include_recipe, exclude_recipe))
bitbake("-c deploy_archives %s %s" % (include_recipe, exclude_recipe))
bb_vars = get_bb_vars(['DEPLOY_DIR_SRC', 'TARGET_SYS'])
@@ -62,7 +61,6 @@ class Archiver(OESelftestTestCase):
features += 'COPYLEFT_RECIPE_TYPES = "target"\n'
self.write_config(features)
- bitbake('-c clean %s %s' % (target_recipe, native_recipe))
bitbake("%s -c deploy_archives %s" % (target_recipe, native_recipe))
bb_vars = get_bb_vars(['DEPLOY_DIR_SRC', 'TARGET_SYS', 'BUILD_SYS'])
@@ -99,7 +97,6 @@ class Archiver(OESelftestTestCase):
features += 'COPYLEFT_PN_EXCLUDE = "%s"\n' % target_recipes[1]
self.write_config(features)
- bitbake('-c clean %s %s' % (' '.join(target_recipes), ' '.join(native_recipes)))
bitbake('-c deploy_archives %s %s' % (' '.join(target_recipes), ' '.join(native_recipes)))
bb_vars = get_bb_vars(['DEPLOY_DIR_SRC', 'TARGET_SYS', 'BUILD_SYS'])
@@ -174,7 +171,6 @@ class Archiver(OESelftestTestCase):
features += extra_config
self.write_config(features)
- bitbake('-c clean %s' % (target))
bitbake('-c deploy_archives %s' % (target))
bb_vars = get_bb_vars(['DEPLOY_DIR_SRC', 'BUILD_SYS'])
@@ -255,7 +251,6 @@ class Archiver(OESelftestTestCase):
features += 'ARCHIVER_MIRROR_EXCLUDE = "${GNU_MIRROR}"\n'
self.write_config(features)
- bitbake('-c clean %s' % (target))
bitbake('-c deploy_archives %s' % (target))
bb_vars = get_bb_vars(['DEPLOY_DIR_SRC', 'TARGET_SYS'])
@@ -281,7 +276,6 @@ class Archiver(OESelftestTestCase):
self.write_config(features)
for target in ['selftest-ed', 'selftest-hardlink']:
- bitbake('-c clean %s' % (target))
bitbake('-c deploy_archives %s' % (target))
bb_vars = get_bb_vars(['DEPLOY_DIR_SRC'])
@@ -302,7 +296,6 @@ class Archiver(OESelftestTestCase):
features += 'COPYLEFT_LICENSE_INCLUDE = "*"\n'
self.write_config(features)
- bitbake('-c clean git-submodule-test')
bitbake('-c deploy_archives -f git-submodule-test')
bb_vars = get_bb_vars(['DEPLOY_DIR_SRC'])
@@ -330,6 +323,8 @@ class Archiver(OESelftestTestCase):
features += 'DL_DIR = "${TOPDIR}/downloads-shallow"\n'
self.write_config(features)
+ # Clean the build directory so that fetch is rerun.
+ # This is needed due to modifying DL_DIR.
bitbake('-c clean git-submodule-test')
bitbake('-c deploy_archives -f git-submodule-test')
^ permalink raw reply related
* [PATCH 1/3] archiver.bbclass: Properly remove artifacts when configuration changes
From: Peter Kjellerstedt @ 2026-06-08 17:52 UTC (permalink / raw)
To: openembedded-core
Before, the different archiver tasks that produce artifacts would just
add to the common output directory. This meant that changing how the
archiver is configured would just add more artifacts, but never remove
any. E.g., if "dumpdata" was enabled, it would add the environment data
for each built recipe to the artifacts. However, if it was then
disabled, all the generated artifacts would remain until each recipe was
manually cleaned, or the entire tmp directory was removed.
This adds a task that cleans the output directory if needed. It is a
separate task that all the other archiver tasks depend on because they
all write to the same output directory so it must only be cleaned once.
This also means it has to depend on all variables that affect any of
the other tasks.
Signed-off-by: Peter Kjellerstedt <peter.kjellerstedt@axis.com>
---
meta/classes/archiver.bbclass | 27 +++++++++++++----
meta/lib/oeqa/selftest/cases/archiver.py | 38 ++++++++++++++++++++++++
2 files changed, 59 insertions(+), 6 deletions(-)
diff --git a/meta/classes/archiver.bbclass b/meta/classes/archiver.bbclass
index 1f1ee45bd7..a3f8689b19 100644
--- a/meta/classes/archiver.bbclass
+++ b/meta/classes/archiver.bbclass
@@ -179,6 +179,20 @@ python () {
d.appendVarFlag('do_package_write_rpm', 'depends', ' %s:do_ar_configured' % pn)
}
+do_ar_prepare[vardeps] += " \
+ ARCHIVER_MODE \
+ ARCHIVER_MIRROR_EXCLUDE \
+ COPYLEFT_LICENSE_EXCLUDE \
+ COPYLEFT_LICENSE_INCLUDE \
+ COPYLEFT_PN_EXCLUDE \
+ COPYLEFT_PN_INCLUDE \
+ COPYLEFT_RECIPE_TYPES \
+"
+do_ar_prepare[cleandirs] = "${ARCHIVER_TOPDIR}"
+do_ar_prepare() {
+ :
+}
+
# Take all the sources for a recipe and put them in WORKDIR/archiver-work/.
# Files in SRC_URI are copied directly, anything that's a directory
# (e.g. git repositories) is "unpacked" and then put into a tarball.
@@ -609,14 +623,15 @@ do_deploy_archives[sstate-inputdirs] = "${ARCHIVER_TOPDIR}"
do_deploy_archives[sstate-outputdirs] = "${DEPLOY_DIR_SRC}"
addtask do_deploy_archives_setscene
-addtask do_ar_original after do_unpack
-addtask do_unpack_and_patch after do_patch do_preconfigure
+addtask do_ar_prepare
+addtask do_ar_original after do_unpack do_ar_prepare
+addtask do_unpack_and_patch after do_patch do_preconfigure do_ar_prepare
addtask do_ar_patched after do_unpack_and_patch
addtask do_ar_configured after do_unpack_and_patch
-addtask do_ar_mirror after do_fetch
-addtask do_dumpdata
-addtask do_ar_recipe
-addtask do_deploy_archives
+addtask do_ar_mirror after do_fetch do_ar_prepare
+addtask do_dumpdata after do_ar_prepare
+addtask do_ar_recipe after do_ar_prepare
+addtask do_deploy_archives after do_ar_prepare
do_build[recrdeptask] += "do_deploy_archives"
do_rootfs[recrdeptask] += "do_deploy_archives"
do_populate_sdk[recrdeptask] += "do_deploy_archives"
diff --git a/meta/lib/oeqa/selftest/cases/archiver.py b/meta/lib/oeqa/selftest/cases/archiver.py
index 82b0293338..872504808a 100644
--- a/meta/lib/oeqa/selftest/cases/archiver.py
+++ b/meta/lib/oeqa/selftest/cases/archiver.py
@@ -343,3 +343,41 @@ class Archiver(OESelftestTestCase):
]:
target_path = os.path.join(bb_vars['DEPLOY_DIR_SRC'], 'mirror', target_file_name)
self.assertTrue(os.path.exists(target_path))
+
+ def test_archiver_cleanup(self):
+ """
+ Test that the archiver removes no longer needed artifacts when its
+ configuration is modified.
+ """
+
+ target = 'selftest-ed-native'
+ target_file_name = 'selftest-ed-native-1.21.1-r0-showdata.dump'
+
+ def assert_dumpdata_present(expect_present):
+ bb_vars = get_bb_vars(['DEPLOY_DIR_SRC', 'BUILD_SYS'])
+ glob_str = os.path.join(bb_vars['DEPLOY_DIR_SRC'], bb_vars['BUILD_SYS'], '%s-*' % target)
+ glob_result = glob.glob(glob_str)
+ self.assertTrue(glob_result, 'Missing archiver directory for %s' % target)
+
+ archive_path = os.path.join(glob_result[0], target_file_name)
+ if expect_present:
+ self.assertTrue(os.path.exists(archive_path),
+ 'Missing archive file %s' % target_file_name)
+ else:
+ self.assertFalse(os.path.exists(archive_path),
+ 'Unexpected archive file %s' % target_file_name)
+
+ features = 'INHERIT += "archiver"\n'
+ self.write_config(features)
+ bitbake('-c deploy_archives %s -f' % target)
+ assert_dumpdata_present(False)
+
+ features += 'ARCHIVER_MODE[dumpdata] = "1"\n'
+ self.write_config(features)
+ bitbake('-c deploy_archives %s -f' % target)
+ assert_dumpdata_present(True)
+
+ features = 'INHERIT += "archiver"\n'
+ self.write_config(features)
+ bitbake('-c deploy_archives %s -f' % target)
+ assert_dumpdata_present(False)
^ permalink raw reply related
* Re: [OE-core] [PATCH][oe][meta] runqemu: introduce unique instance ID
From: Valekova Spitalova, Zuzana @ 2026-06-08 17:00 UTC (permalink / raw)
To: richard.purdie@linuxfoundation.org,
openembedded-core@lists.openembedded.org
Cc: Freihofer, Adrian
In-Reply-To: <87166f2237c2327bfaf7b3d8aefe7ebb11de3246.camel@linuxfoundation.org>
Hi Richard,
Do you mean the `/tmp/qemu-tap-locks/tapX.lock` file which is generated
by:
> possibles = re.findall(tap_re, ip_link, re.M)
> tap = ""
> for p in possibles:
> lockfile = os.path.join(lockdir, p)
> if os.path.exists('%s.skip' % lockfile):
> logger.info('Found %s.skip, skipping %s' % (lockfile, p))
> continue
> self.taplock = lockfile + '.lock'
?
How should I use it then? :) Something like `basename /tmp/qemu-tap-
locks/tap0.lock | sed "s/[^0-9]//g"` and pass it into variable? It's
not very unique or straight forward, is it?
Looking into qemuboot.conf, maybe @CLIENT@ could be feasible. But the
main problem is, that I need a @variable@ inside "cmd" while it's
evaluated there. The @CLIENT@ nor @TAP@ are used in setup_tap nor
setup_cmd.
What do you mean by PID? Do you mean to use `ps` to get the pid or
somehow call `os.getpid()`?
Would it be possible to provide me an example(s) how to achieve it ? :)
Many thanks for support,
Zuzana
On Mon, 2026-06-08 at 12:19 +0100, Richard Purdie wrote:
> On Sun, 2026-06-07 at 19:40 +0200, Zuzana via lists.openembedded.org
> wrote:
> > In some cases like running multiple QEMUs, would be nice to have an
> > option
> > to distinguish between them. For this reason I introduce an unique
> > instance
> > ID based on time. Later in cmd, the '@INSTANCE_ID@' could be used
> > for QEMU
> > identification.
> >
> > Signed-off-by: Zuzana Valekova Spitalova
> > <zuzana.valekova-spitalova@siemens.com>
> > ---
> > scripts/runqemu | 7 +++++++
> > 1 file changed, 7 insertions(+)
>
> Note that we already have the taplocks and IP addresses for the
> guests,
> there is also the PID of qemu as a unique ID. Why would we need
> something else as well? Can you not use the PID?
>
> Cheers,
>
> Richard
^ permalink raw reply
* [PATCH] rpcbind: Modify socket file only, if systemd is used
From: Jörg Sommer @ 2026-06-08 16:54 UTC (permalink / raw)
To: openembedded-core, joerg.sommer, AHoemig; +Cc: Jörg Sommer
From: Jörg Sommer <joerg.sommer@navimatix.de>
Fixes: bee29dc822c611 ("rpcbind: Remove IPv6 listener, if ipv6 not in DISTRO_FEATURES")
Signed-off-by: Jörg Sommer <joerg.sommer@navimatix.de>
---
meta/recipes-extended/rpcbind/rpcbind_1.2.8.bb | 3 ++-
1 file changed, 2 insertions(+), 1 deletion(-)
diff --git a/meta/recipes-extended/rpcbind/rpcbind_1.2.8.bb b/meta/recipes-extended/rpcbind/rpcbind_1.2.8.bb
index bd8ba1e88a..6604774c1f 100644
--- a/meta/recipes-extended/rpcbind/rpcbind_1.2.8.bb
+++ b/meta/recipes-extended/rpcbind/rpcbind_1.2.8.bb
@@ -55,7 +55,8 @@ do_install:append () {
install -d ${D}${systemd_system_unitdir}/rpcbind.service.d
install -m 0644 ${UNPACKDIR}/rpcbind.systemd ${D}${systemd_system_unitdir}/rpcbind.service.d/rpcbind.conf
- if ! ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'true', 'false', d)}
+ if ${@bb.utils.contains('DISTRO_FEATURES', 'systemd', 'true', 'false', d)} \
+ && ! ${@bb.utils.contains('DISTRO_FEATURES', 'ipv6', 'true', 'false', d)}
then
sed -i '/^Listen.*=\[.*\]/s/^/# /' ${D}${systemd_system_unitdir}/*.socket
fi
--
2.53.0
^ permalink raw reply related
* Re: [OE-core] [PATCH 3/4] python3: remove obsolete skips of some ctypes tests
From: Ross Burton @ 2026-06-08 15:24 UTC (permalink / raw)
To: Richard Purdie; +Cc: openembedded-core@lists.openembedded.org
In-Reply-To: <31be192fad3a35a7ef53344d7a2186f446e38ef8.camel@linuxfoundation.org>
On 5 Jun 2026, at 18:01, Richard Purdie <richard.purdie@linuxfoundation.org> wrote:
>
> On Fri, 2026-06-05 at 16:15 +0100, Ross Burton via lists.openembedded.org wrote:
>> These two tests were skipped in 2021[1] as at the time they required
>> dependencies that were primarily provided by packagegroup-core-buildessential.
>>
>> I'm not sure what this dependency was, but the tests pass with just the
>> core-image-ptest-python3 image:
>>
>> test_find_library_with_gcc (FindLibraryLinux.test_find_library_with_gcc) ... ok
>> test_find_library_with_ld (FindLibraryLinux.test_find_library_with_ld) ... ok
>>
>> [1] oe-core c6567235cba ("python3: skip tests requiring tools-sdk")
>>
>> Signed-off-by: Ross Burton <ross.burton@arm.com>
>> ---
>> meta/recipes-devtools/python/python3_3.14.5.bb | 6 ------
>> 1 file changed, 6 deletions(-)
>
> Doesn't your previous patch remove the gcc dependency?
Yes. But still:
$ gcc
-sh: gcc: command not found
$ python3 -mtest -v test_ctypes.test_find
test_find_library_with_gcc (test.test_ctypes.test_find.FindLibraryLinux.test_find_library_with_gcc) ... ok
test_find_library_with_ld (test.test_ctypes.test_find.FindLibraryLinux.test_find_library_with_ld) ... ok
test_find_on_libpath (test.test_ctypes.test_find.FindLibraryLinux.test_find_on_libpath) ... skipped 'gcc, needed for test, not available’
I’ll file a ticket upstream…
Ross
^ permalink raw reply
* Re: [OE-core][PATCH v1] liburcu: ptest: add regression test suite
From: Ross Burton @ 2026-06-08 14:48 UTC (permalink / raw)
To: pratik.farkase@est.tech
Cc: openembedded-core@lists.openembedded.org,
pratik.farkase@ericsson.com
In-Reply-To: <20260508131615.25076-1-pratik.farkase@est.tech>
On 8 May 2026, at 14:16, Pratik Farkase via lists.openembedded.org <pratik.farkase=est.tech@lists.openembedded.org> wrote:
>
> Add the upstream regression tests to the existing ptest for full
> coverage of both unit and regression suites:
>
> - rcutorture stress/perf tests across all RCU flavors (membarrier,
> mb, bp, qsbr) with global, per-cpu, and per-thread configurations
> - test_urcu_fork and test_urcu_fork_cxx for fork+RCU interaction
>
> Move liburcu from PTESTS_FAST to PTESTS_SLOW as the regression tests
> add ~6 minutes of runtime (total 379s).
>
> Tested on qemux86-64 with ptest-runner: 122 PASS, 0 FAIL (379s).
I’m unconvinced that regression/stress tests that take six minutes are a suitable use of ptest.
Ross
^ permalink raw reply
* Re: [OE-core][PATCH v1] liburcu: add ptest support
From: Ross Burton @ 2026-06-08 14:48 UTC (permalink / raw)
To: pratik.farkase@est.tech
Cc: openembedded-core@lists.openembedded.org,
pratik.farkase@ericsson.com
In-Reply-To: <20260505104512.62425-1-pratik.farkase@est.tech>
On 5 May 2026, at 11:45, Pratik Farkase via lists.openembedded.org <pratik.farkase=est.tech@lists.openembedded.org> wrote:
> + find ${B}/tests/unit -maxdepth 1 -type f -executable \
> + ! -name "*.la" | while read -r t; do
> + ${B}/libtool --mode=install install -m 0755 "$t" ${D}${PTEST_PATH}/tests/unit/
> + done
Feels like makefile-getvar would tidy this up.
Ross
^ permalink raw reply
* Re: [OE-core] [scarthgap] [PATCH] libcap: Fix CVE-2026-4878
From: Jeremy Rosen @ 2026-06-08 14:44 UTC (permalink / raw)
To: adongare, openembedded-core; +Cc: xe-linux-external, to
In-Reply-To: <20260601134257.47867-1-adongare@cisco.com>
Hello Anil
from what I can tell, this CVE was fixed in master but not in wrynose
please submit a patch for wrynose then ping this thread so we can apply
to scarthgap
thanks a lot
Jeremy
On Mon Jun 1, 2026 at 3:42 PM CEST, Anil Dongare -X (adongare - E INFOCHIPS PRIVATE LIMITED at Cisco) via lists.openembedded.org wrote:
> From: Anil Dongare <adongare@cisco.com>
>
> Pick the upstream patch [1] as mentioned in [2].
>
> [1] https://git.kernel.org/pub/scm/libs/libcap/libcap.git/patch/?id=286ace1259992bd0c5d9016715833f2e148ac596
> [2] https://security-tracker.debian.org/tracker/CVE-2026-4878
>
> Signed-off-by: Anil Dongare <adongare@cisco.com>
> ---
> .../libcap/files/CVE-2026-4878.patch | 162 ++++++++++++++++++
> meta/recipes-support/libcap/libcap_2.69.bb | 1 +
> 2 files changed, 163 insertions(+)
> create mode 100644 meta/recipes-support/libcap/files/CVE-2026-4878.patch
>
> diff --git a/meta/recipes-support/libcap/files/CVE-2026-4878.patch b/meta/recipes-support/libcap/files/CVE-2026-4878.patch
> new file mode 100644
> index 0000000000..827e41b8a0
> --- /dev/null
> +++ b/meta/recipes-support/libcap/files/CVE-2026-4878.patch
> @@ -0,0 +1,162 @@
> +From 286ace1259992bd0c5d9016715833f2e148ac596 Mon Sep 17 00:00:00 2001
> +From: "Andrew G. Morgan" <morgan@kernel.org>
> +Date: Thu, 12 Mar 2026 07:38:05 -0700
> +Subject: [PATCH] Address a potential TOCTOU race condition in cap_set_file().
> +
> +This issue was researched and reported by Ali Raza (@locus-x64). It
> +has been assigned CVE-2026-4878.
> +
> +The finding is that while cap_set_file() checks if a file is a regular
> +file before applying or removing a capability attribute, a small
> +window existed after that check when the filepath could be overwritten
> +either with new content or a symlink to some other file. To do this
> +would imply that the caller of cap_set_file() was directing it to a
> +directory over which a local attacker has write access, and performed
> +the operation frequently enough that an attacker had a non-negligible
> +chance of exploiting the race condition. The code now locks onto the
> +intended file, eliminating the race condition.
> +
> +CVE: CVE-2026-4878
> +Upstream-Status: Backport [https://git.kernel.org/pub/scm/libs/libcap/libcap.git/commit/?id=286ace1259992bd0c5d9016715833f2e148ac596]
> +
> +Signed-off-by: Andrew G. Morgan <morgan@kernel.org>
> +(cherry picked from commit 286ace1259992bd0c5d9016715833f2e148ac596)
> +Signed-off-by: Anil Dongare <adongare@cisco.com>
> +---
> + libcap/cap_file.c | 69 +++++++++++++++++++++++++++++++++++++++-------
> + progs/quicktest.sh | 14 +++++++++-
> + 2 files changed, 72 insertions(+), 11 deletions(-)
> +
> +diff --git a/libcap/cap_file.c b/libcap/cap_file.c
> +index 0bc07f7..f02bf9f 100644
> +--- a/libcap/cap_file.c
> ++++ b/libcap/cap_file.c
> +@@ -8,8 +8,13 @@
> + #define _DEFAULT_SOURCE
> + #endif
> +
> ++#ifndef _GNU_SOURCE
> ++#define _GNU_SOURCE
> ++#endif
> ++
> + #include <sys/types.h>
> + #include <byteswap.h>
> ++#include <fcntl.h>
> + #include <sys/stat.h>
> + #include <unistd.h>
> +
> +@@ -322,26 +327,70 @@ int cap_set_file(const char *filename, cap_t cap_d)
> + struct vfs_ns_cap_data rawvfscap;
> + int sizeofcaps;
> + struct stat buf;
> ++ char fdpath[64];
> ++ int fd, ret;
> ++
> ++ _cap_debug("setting filename capabilities");
> ++ fd = open(filename, O_RDONLY|O_NOFOLLOW);
> ++ if (fd >= 0) {
> ++ ret = cap_set_fd(fd, cap_d);
> ++ close(fd);
> ++ return ret;
> ++ }
> +
> +- if (lstat(filename, &buf) != 0) {
> +- _cap_debug("unable to stat file [%s]", filename);
> ++ /*
> ++ * Attempting to set a file capability on a file the process can't
> ++ * read the content of. This is considered a non-standard use case
> ++ * and the following (slower) code is complicated because it is
> ++ * trying to avoid a TOCTOU race condition.
> ++ */
> ++
> ++ fd = open(filename, O_PATH|O_NOFOLLOW);
> ++ if (fd < 0) {
> ++ _cap_debug("cannot find file at path [%s]", filename);
> ++ return -1;
> ++ }
> ++ if (fstat(fd, &buf) != 0) {
> ++ _cap_debug("unable to stat file [%s] descriptor %d",
> ++ filename, fd);
> ++ close(fd);
> + return -1;
> + }
> + if (S_ISLNK(buf.st_mode) || !S_ISREG(buf.st_mode)) {
> +- _cap_debug("file [%s] is not a regular file", filename);
> ++ _cap_debug("file [%s] descriptor %d for non-regular file",
> ++ filename, fd);
> ++ close(fd);
> + errno = EINVAL;
> + return -1;
> + }
> +
> +- if (cap_d == NULL) {
> +- _cap_debug("removing filename capabilities");
> +- return removexattr(filename, XATTR_NAME_CAPS);
> ++ /*
> ++ * While the fd remains open, this named file is locked to the
> ++ * origin regular file. The size of the fdpath variable is
> ++ * sufficient to support a 160+ bit number.
> ++ */
> ++ if (snprintf(fdpath, sizeof(fdpath), "/proc/self/fd/%d", fd)
> ++ >= sizeof(fdpath)) {
> ++ _cap_debug("file descriptor too large %d", fd);
> ++ errno = EINVAL;
> ++ ret = -1;
> ++
> ++ } else if (cap_d == NULL) {
> ++ _cap_debug("dropping file caps on [%s] via [%s]",
> ++ filename, fdpath);
> ++ ret = removexattr(fdpath, XATTR_NAME_CAPS);
> ++
> + } else if (_fcaps_save(&rawvfscap, cap_d, &sizeofcaps) != 0) {
> +- return -1;
> +- }
> ++ _cap_debug("problem converting cap_d to vfscap format");
> ++ ret = -1;
> +
> +- _cap_debug("setting filename capabilities");
> +- return setxattr(filename, XATTR_NAME_CAPS, &rawvfscap, sizeofcaps, 0);
> ++ } else {
> ++ _cap_debug("setting filename capabilities");
> ++ ret = setxattr(fdpath, XATTR_NAME_CAPS, &rawvfscap,
> ++ sizeofcaps, 0);
> ++ }
> ++ close(fd);
> ++ return ret;
> + }
> +
> + /*
> +diff --git a/progs/quicktest.sh b/progs/quicktest.sh
> +index e6c48e6..5dc72f9 100755
> +--- a/progs/quicktest.sh
> ++++ b/progs/quicktest.sh
> +@@ -148,7 +148,19 @@ pass_capsh --caps="cap_setpcap=p" --inh=cap_chown --current
> + pass_capsh --strict --caps="cap_chown=p" --inh=cap_chown --current
> +
> + # change the way the capability is obtained (make it inheritable)
> ++chmod 0000 ./privileged
> + ./setcap cap_setuid,cap_setgid=ei ./privileged
> ++if [ $? -ne 0 ]; then
> ++ echo "FAILED to set file capability"
> ++ exit 1
> ++fi
> ++chmod 0755 ./privileged
> ++ln -s privileged unprivileged
> ++./setcap -r ./unprivileged
> ++if [ $? -eq 0 ]; then
> ++ echo "FAILED by removing a capability from a symlinked file"
> ++ exit 1
> ++fi
> +
> + # Note, the bounding set (edited with --drop) only limits p
> + # capabilities, not i's.
> +@@ -246,7 +258,7 @@ EOF
> + pass_capsh --iab='!%cap_chown,^cap_setpcap,cap_setuid'
> + fail_capsh --mode=PURE1E --iab='!%cap_chown,^cap_setuid'
> + fi
> +-/bin/rm -f ./privileged
> ++/bin/rm -f ./privileged ./unprivileged
> +
> + echo "testing namespaced file caps"
> +
> +--
> diff --git a/meta/recipes-support/libcap/libcap_2.69.bb b/meta/recipes-support/libcap/libcap_2.69.bb
> index 03975b44a0..43185f027e 100644
> --- a/meta/recipes-support/libcap/libcap_2.69.bb
> +++ b/meta/recipes-support/libcap/libcap_2.69.bb
> @@ -16,6 +16,7 @@ SRC_URI = "${KERNELORG_MIRROR}/linux/libs/security/linux-privs/${BPN}2/${BPN}-${
> file://0001-ensure-the-XATTR_NAME_CAPS-is-defined-when-it-is-use.patch \
> file://0002-tests-do-not-run-target-executables.patch \
> file://CVE-2025-1390.patch \
> + file://CVE-2026-4878.patch \
> "
> SRC_URI:append:class-nativesdk = " \
> file://0001-nativesdk-libcap-Raise-the-size-of-arrays-containing.patch \
^ permalink raw reply
* Re: [OE-core][PATCH v2] gmp: add ptest support
From: Ross Burton @ 2026-06-08 14:37 UTC (permalink / raw)
To: pratik.farkase@est.tech
Cc: openembedded-core@lists.openembedded.org,
pratik.farkase@ericsson.com
In-Reply-To: <20260506185128.10489-1-pratik.farkase@est.tech>
On 6 May 2026, at 19:51, Pratik Farkase via lists.openembedded.org <pratik.farkase=est.tech@lists.openembedded.org> wrote:
> +++ b/meta/recipes-support/gmp/gmp/run-ptest
> @@ -0,0 +1,19 @@
> +#!/bin/sh
> +
> +cd "$(dirname "$0")/tests" || exit 1
Overly defensive, just fail
> +for d in . mpz mpn mpf mpq rand misc cxx; do
> + [ -d "$d" ] || continue
> + for test in $(find "$d" -maxdepth 1 -type f -executable | sort); do
> + testname=$(echo "$test" | sed 's|^\./||')
> + ./"$test"
You could just do a find of tests and let it recurse instead of having to know (and keep in sync) the list of directories?
ie instead of iterating the directories and then the files, just do "for test in $(find . -type f -executable|sort) …” inside tests/
> +do_install_ptest() {
> + install -d ${D}${PTEST_PATH}/tests
> +
> + for d in . mpz mpn mpf mpq rand misc cxx; do
> + install -d ${D}${PTEST_PATH}/tests/$d
> + find ${B}/tests/$d -maxdepth 1 -type f -executable \
> + ! -name "*.la" | while read -r t; do
Could this just be a makefile-getvar to get the check_PROGRAMS value?
Ross
^ permalink raw reply
* Re: [OE-core] [Scarthgap] [PATCH] binutils: Fix CVE-2026-6846
From: Jérémy Rosen @ 2026-06-08 14:28 UTC (permalink / raw)
To: spushpka, openembedded-core; +Cc: xe-linux-external
In-Reply-To: <20260601144901.33446-1-spushpka@cisco.com>
Hello Shubham
From what I can see, both master and wrynose are affected by this CVE
but I could not find any patch for these releases
please submit patches for those releases as well and then repost this
one
thanks a lot
Jeremy
On Mon Jun 1, 2026 at 4:49 PM CEST, Shubham Pushpkar via lists.openembedded.org wrote:
> This patch applies the upstream fix as referenced in [2], using the commit shown in [1].
>
> [1] https://sourceware.org/git/gitweb.cgi?p=binutils-gdb.git;h=7a089e0302382f4d4e077941156e1eaa68d01393
> [2] https://security-tracker.debian.org/tracker/CVE-2026-6846
>
> Signed-off-by: Shubham Pushpkar <spushpka@cisco.com>
> ---
> .../binutils/binutils-2.42.inc | 1 +
> .../binutils/binutils/CVE-2026-6846.patch | 57 +++++++++++++++++++
> 2 files changed, 58 insertions(+)
> create mode 100644 meta/recipes-devtools/binutils/binutils/CVE-2026-6846.patch
>
> diff --git a/meta/recipes-devtools/binutils/binutils-2.42.inc b/meta/recipes-devtools/binutils/binutils-2.42.inc
> index 1a865c45f4..4e5125f532 100644
> --- a/meta/recipes-devtools/binutils/binutils-2.42.inc
> +++ b/meta/recipes-devtools/binutils/binutils-2.42.inc
> @@ -74,5 +74,6 @@ SRC_URI = "\
> file://0030-CVE-2025-11840.patch \
> file://CVE-2025-69647.patch \
> file://CVE-2025-69648.patch \
> + file://CVE-2026-6846.patch \
> "
> S = "${WORKDIR}/git"
> diff --git a/meta/recipes-devtools/binutils/binutils/CVE-2026-6846.patch b/meta/recipes-devtools/binutils/binutils/CVE-2026-6846.patch
> new file mode 100644
> index 0000000000..8eaca87583
> --- /dev/null
> +++ b/meta/recipes-devtools/binutils/binutils/CVE-2026-6846.patch
> @@ -0,0 +1,57 @@
> +From 2a340616f7e6591f83e85777d1d1f6108c33f5b8 Mon Sep 17 00:00:00 2001
> +From: Alan Modra <amodra@gmail.com>
> +Date: Mon, 6 Apr 2026 22:58:22 +0930
> +Subject: [PATCH] PR 34049 buffer overflow in xcoff_link_add_symbols
> +
> +The fact that coffcode.h:coff_set_alignment_hook for rs6000 removes
> +sections can result in target_index > section_count. Thus any array
> +indexed by target_index must not be sized by section_count.
> +
> + PR ld/34049
> + * xcofflink.c (xcoff_link_add_symbols): Size reloc_info array
> + using max target_index.
> +
> +CVE: CVE-2026-6846
> +Upstream-Status: Backport [https://sourceware.org/git/?p=binutils-gdb.git;a=commitdiff;h=7a089e0302382f4d4e077941156e1eaa68d01393]
> +
> +(cherry picked from commit 7a089e0302382f4d4e077941156e1eaa68d01393)
> +Signed-off-by: Shubham Pushpkar <spushpka@cisco.com>
> +---
> + bfd/xcofflink.c | 15 ++++++++++++++-
> + 1 file changed, 14 insertions(+), 1 deletion(-)
> +
> +diff --git a/bfd/xcofflink.c b/bfd/xcofflink.c
> +index 6ef9abcd8..196967ed0 100644
> +--- a/bfd/xcofflink.c
> ++++ b/bfd/xcofflink.c
> +@@ -1300,6 +1300,7 @@ xcoff_link_add_symbols (bfd *abfd, struct bfd_link_info *info)
> + } *reloc_info = NULL;
> + bfd_size_type amt;
> + unsigned short visibility;
> ++ unsigned int max_target_index;
> +
> + keep_syms = obj_coff_keep_syms (abfd);
> +
> +@@ -1363,7 +1364,19 @@ xcoff_link_add_symbols (bfd *abfd, struct bfd_link_info *info)
> + order by VMA within a given section, so we handle this by
> + scanning along the relocs as we process the csects. We index
> + into reloc_info using the section target_index. */
> +- amt = abfd->section_count + 1;
> ++ max_target_index = 0;
> ++ for (o = abfd->section_last; o != NULL; o = o->prev)
> ++ if (o->target_index != 0)
> ++ {
> ++ /* The last section added from the object file will have the
> ++ highest target_index. See coffgen.c coff_real_object_p and
> ++ make_a_section_from_file. Sections added by
> ++ xcoff_link_create_extra_sections will have a zero
> ++ target_index. */
> ++ max_target_index = o->target_index;
> ++ break;
> ++ }
> ++ amt = max_target_index + 1;
> + amt *= sizeof (struct reloc_info_struct);
> + reloc_info = bfd_zmalloc (amt);
> + if (reloc_info == NULL)
> +--
> +2.35.6
^ permalink raw reply
* Re: [OE-core] [scarthgap][PATCH] glibc: Fix CVEs
From: Jérémy Rosen @ 2026-06-08 14:07 UTC (permalink / raw)
To: jackson.james9803, openembedded-core
In-Reply-To: <20260529042811.2210385-1-jacksonj2@kpit.com>
Hello Jackson
from what I see all the CVE are not applied to the upper branches of
yocto
CVE-2026-5450 is applied to master but not wrynose
CVE-2026-5928 is not applied, neither to master nor wrynose.
The other three CVE seem to be backported correctly
please submit for master/wrynose and the resubmit for scarthgap
Thx a lot
Jeremy
On Fri May 29, 2026 at 6:28 AM CEST, Jackson James via lists.openembedded.org wrote:
> Fix the following CVEs-
> CVE-2026-4046 CVE-2026-4437 CVE-2026-4438 CVE-2026-5450,
> CVE-2026-5928
>
> Signed-off-by: Jackson James <jacksonj2@kpit.com>
> ---
> ...ount-records-correctly-CVE-2026-4437.patch | 248 +++++++++++++
> ...eck-hostname-for-validity-CVE-2026-4.patch | 328 +++++++++++++++++
> ...x-buffer-overflow-in-scanf-mc-BZ-340.patch | 138 +++++++
> ...x-ungetwc-operating-on-byte-stream-B.patch | 117 ++++++
> ...e-pending-character-state-in-IBM1390.patch | 336 ++++++++++++++++++
> meta/recipes-core/glibc/glibc_2.39.bb | 5 +
> 6 files changed, 1172 insertions(+)
> create mode 100644 meta/recipes-core/glibc/glibc/0024-CVE-2026-4437-Count-records-correctly-CVE-2026-4437.patch
> create mode 100644 meta/recipes-core/glibc/glibc/0025-CVE-2026-4438-Check-hostname-for-validity-CVE-2026-4.patch
> create mode 100644 meta/recipes-core/glibc/glibc/0026-CVE-2026-5450-Fix-buffer-overflow-in-scanf-mc-BZ-340.patch
> create mode 100644 meta/recipes-core/glibc/glibc/0027-CVE-2026-5928-Fix-ungetwc-operating-on-byte-stream-B.patch
> create mode 100644 meta/recipes-core/glibc/glibc/0028-CVE-2026-4046-Use-pending-character-state-in-IBM1390.patch
>
> diff --git a/meta/recipes-core/glibc/glibc/0024-CVE-2026-4437-Count-records-correctly-CVE-2026-4437.patch b/meta/recipes-core/glibc/glibc/0024-CVE-2026-4437-Count-records-correctly-CVE-2026-4437.patch
> new file mode 100644
> index 0000000000..3ad5f41935
> --- /dev/null
> +++ b/meta/recipes-core/glibc/glibc/0024-CVE-2026-4437-Count-records-correctly-CVE-2026-4437.patch
> @@ -0,0 +1,248 @@
> +From 9f5f18aab40ec6b61fa49a007615e6077e9a979b Mon Sep 17 00:00:00 2001
> +From: Carlos O'Donell <carlos@redhat.com>
> +Date: Fri, 20 Mar 2026 16:43:33 -0400
> +Subject: resolv: Count records correctly (CVE-2026-4437)
> +
> +The answer section boundary was previously ignored, and the code in
> +getanswer_ptr would iterate past the last resource record, but not
> +beyond the end of the returned data. This could lead to subsequent data
> +being interpreted as answer records, thus violating the DNS
> +specification. Such resource records could be maliciously crafted and
> +hidden from other tooling, but processed by the glibc stub resolver and
> +acted upon by the application. While we trust the data returned by the
> +configured recursive resolvers, we should not trust its format and
> +should validate it as required. It is a security issue to incorrectly
> +process the DNS protocol.
> +
> +A regression test is added for response section crossing.
> +
> +No regressions on x86_64-linux-gnu.
> +
> +Reviewed-by: Collin Funk <collin.funk1@gmail.com>
> +
> +CVE: CVE-2026-4437
> +
> +Upstream-Status: Backport [https://sourceware.org/cgit/glibc/commit/?id=9f5f18aab40ec6b61fa49a007615e6077e9a979b]
> +Comment: Patch refreshed
> +
> +Signed-off-by: Jackson James <jacksonj2@kpit.com>
> +---
> + resolv/Makefile | 4 +
> + resolv/nss_dns/dns-host.c | 2 +-
> + resolv/tst-resolv-dns-section.c | 162 ++++++++++++++++++++++++++++++++
> + 3 files changed, 167 insertions(+), 1 deletion(-)
> + create mode 100644 resolv/tst-resolv-dns-section.c
> +
> +diff --git a/resolv/Makefile b/resolv/Makefile
> +index abff7fc0..7d2aa9b5 100644
> +--- a/resolv/Makefile
> ++++ b/resolv/Makefile
> +@@ -98,6 +98,7 @@ tests += \
> + tst-resolv-basic \
> + tst-resolv-binary \
> + tst-resolv-byaddr \
> ++ tst-resolv-dns-section \
> + tst-resolv-edns \
> + tst-resolv-invalid-cname \
> + tst-resolv-network \
> +@@ -109,6 +110,7 @@ tests += \
> + tst-resolv-semi-failure \
> + tst-resolv-short-response \
> + tst-resolv-trailing \
> ++ # tests
> +
> + # This test calls __res_context_send directly, which is not exported
> + # from libresolv.
> +@@ -286,6 +288,8 @@ $(objpfx)tst-resolv-aliases: $(objpfx)libresolv.so $(shared-thread-library)
> + $(objpfx)tst-resolv-basic: $(objpfx)libresolv.so $(shared-thread-library)
> + $(objpfx)tst-resolv-binary: $(objpfx)libresolv.so $(shared-thread-library)
> + $(objpfx)tst-resolv-byaddr: $(objpfx)libresolv.so $(shared-thread-library)
> ++$(objpfx)tst-resolv-dns-section: $(objpfx)libresolv.so \
> ++ $(shared-thread-library)
> + $(objpfx)tst-resolv-edns: $(objpfx)libresolv.so $(shared-thread-library)
> + $(objpfx)tst-resolv-network: $(objpfx)libresolv.so $(shared-thread-library)
> + $(objpfx)tst-resolv-res_init: $(objpfx)libresolv.so
> +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
> +index 95a7b3f0..74a7c08d 100644
> +--- a/resolv/nss_dns/dns-host.c
> ++++ b/resolv/nss_dns/dns-host.c
> +@@ -820,7 +820,7 @@ getanswer_ptr (unsigned char *packet, size_t packetlen,
> + /* expected_name may be updated to point into this buffer. */
> + unsigned char name_buffer[NS_MAXCDNAME];
> +
> +- while (ancount > 0)
> ++ for (; ancount > 0; --ancount)
> + {
> + struct ns_rr_wire rr;
> + if (!__ns_rr_cursor_next (&c, &rr))
> +diff --git a/resolv/tst-resolv-dns-section.c b/resolv/tst-resolv-dns-section.c
> +new file mode 100644
> +index 00000000..d233dc5f
> +--- /dev/null
> ++++ b/resolv/tst-resolv-dns-section.c
> +@@ -0,0 +1,162 @@
> ++/* Test handling of invalid section transitions (bug 34014).
> ++ Copyright (C) 2022-2026 Free Software Foundation, Inc.
> ++ This file is part of the GNU C Library.
> ++
> ++ The GNU C Library is free software; you can redistribute it and/or
> ++ modify it under the terms of the GNU Lesser General Public
> ++ License as published by the Free Software Foundation; either
> ++ version 2.1 of the License, or (at your option) any later version.
> ++
> ++ The GNU C Library is distributed in the hope that it will be useful,
> ++ but WITHOUT ANY WARRANTY; without even the implied warranty of
> ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> ++ Lesser General Public License for more details.
> ++
> ++ You should have received a copy of the GNU Lesser General Public
> ++ License along with the GNU C Library; if not, see
> ++ <https://www.gnu.org/licenses/>. */
> ++
> ++#include <array_length.h>
> ++#include <errno.h>
> ++#include <netdb.h>
> ++#include <resolv.h>
> ++#include <stdlib.h>
> ++#include <string.h>
> ++#include <support/check.h>
> ++#include <support/format_nss.h>
> ++#include <support/resolv_test.h>
> ++#include <support/support.h>
> ++
> ++/* Name of test, and the second section type. */
> ++struct item {
> ++ const char *test;
> ++ int ns_section;
> ++};
> ++
> ++static const struct item test_items[] =
> ++ {
> ++ { "Test crossing from ns_s_an to ns_s_ar.", ns_s_ar },
> ++ { "Test crossing from ns_s_an to ns_s_an.", ns_s_ns },
> ++
> ++ { NULL, 0 },
> ++ };
> ++
> ++/* The response is designed to contain the following:
> ++ - An Answer section with one T_PTR record that is skipped.
> ++ - A second section with a semantically invalid T_PTR record.
> ++ The original defect is that the response parsing would cross
> ++ section boundaries and handle the additional section T_PTR
> ++ as if it were an answer. A conforming implementation would
> ++ stop as soon as it reaches the end of the section. */
> ++static void
> ++response (const struct resolv_response_context *ctx,
> ++ struct resolv_response_builder *b,
> ++ const char *qname, uint16_t qclass, uint16_t qtype)
> ++{
> ++ TEST_COMPARE (qclass, C_IN);
> ++
> ++ /* We only test PTR. */
> ++ TEST_COMPARE (qtype, T_PTR);
> ++
> ++ unsigned int count;
> ++ char *tail = NULL;
> ++
> ++ if (strstr (qname, "in-addr.arpa") != NULL
> ++ && sscanf (qname, "%u.%ms", &count, &tail) == 2)
> ++ TEST_COMPARE_STRING (tail, "0.168.192.in-addr.arpa");
> ++ else if (sscanf (qname, "%x.%ms", &count, &tail) == 2)
> ++ {
> ++ TEST_COMPARE_STRING (tail, "\
> ++0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa");
> ++ }
> ++ else
> ++ FAIL_EXIT1 ("invalid QNAME: %s\n", qname);
> ++ free (tail);
> ++
> ++ /* We have a bounded number of possible tests. */
> ++ TEST_VERIFY (count >= 0);
> ++ TEST_VERIFY (count <= 15);
> ++
> ++ struct resolv_response_flags flags = {};
> ++ resolv_response_init (b, flags);
> ++ resolv_response_add_question (b, qname, qclass, qtype);
> ++ resolv_response_section (b, ns_s_an);
> ++
> ++ /* Actual answer record, but the wrong name (skipped). */
> ++ resolv_response_open_record (b, "1.0.0.10.in-addr.arpa", qclass, qtype, 60);
> ++
> ++ /* Record the answer. */
> ++ resolv_response_add_name (b, "test.ptr.example.net");
> ++ resolv_response_close_record (b);
> ++
> ++ /* Add a second section to test section boundary crossing. */
> ++ resolv_response_section (b, test_items[count].ns_section);
> ++ /* Semantically incorrect, but hide a T_PTR entry. */
> ++ resolv_response_open_record (b, qname, qclass, qtype, 60);
> ++ resolv_response_add_name (b, "wrong.ptr.example.net");
> ++ resolv_response_close_record (b);
> ++}
> ++
> ++
> ++/* Perform one check using a reverse lookup. */
> ++static void
> ++check_reverse (int af, int count)
> ++{
> ++ TEST_VERIFY (af == AF_INET || af == AF_INET6);
> ++ TEST_VERIFY (count < array_length (test_items));
> ++
> ++ char addr[sizeof (struct in6_addr)] = { 0 };
> ++ socklen_t addrlen;
> ++ if (af == AF_INET)
> ++ {
> ++ addr[0] = (char) 192;
> ++ addr[1] = (char) 168;
> ++ addr[2] = (char) 0;
> ++ addr[3] = (char) count;
> ++ addrlen = 4;
> ++ }
> ++ else
> ++ {
> ++ addr[0] = 0x20;
> ++ addr[1] = 0x01;
> ++ addr[2] = 0x0d;
> ++ addr[3] = 0xb8;
> ++ addr[4] = addr[5] = addr[6] = addr[7] = 0x0;
> ++ addr[8] = addr[9] = addr[10] = addr[11] = 0x0;
> ++ addr[12] = 0x0;
> ++ addr[13] = 0x0;
> ++ addr[14] = 0x0;
> ++ addr[15] = count;
> ++ addrlen = 16;
> ++ }
> ++
> ++ h_errno = 0;
> ++ struct hostent *answer = gethostbyaddr (addr, addrlen, af);
> ++ TEST_VERIFY (answer == NULL);
> ++ TEST_VERIFY (h_errno == NO_RECOVERY);
> ++ if (answer != NULL)
> ++ printf ("error: unexpected success: %s\n",
> ++ support_format_hostent (answer));
> ++}
> ++
> ++static int
> ++do_test (void)
> ++{
> ++ struct resolv_test *obj = resolv_test_start
> ++ ((struct resolv_redirect_config)
> ++ {
> ++ .response_callback = response
> ++ });
> ++
> ++ for (int i = 0; test_items[i].test != NULL; i++)
> ++ {
> ++ check_reverse (AF_INET, i);
> ++ check_reverse (AF_INET6, i);
> ++ }
> ++
> ++ resolv_test_end (obj);
> ++
> ++ return 0;
> ++}
> ++
> ++#include <support/test-driver.c>
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-core/glibc/glibc/0025-CVE-2026-4438-Check-hostname-for-validity-CVE-2026-4.patch b/meta/recipes-core/glibc/glibc/0025-CVE-2026-4438-Check-hostname-for-validity-CVE-2026-4.patch
> new file mode 100644
> index 0000000000..b95cc99e06
> --- /dev/null
> +++ b/meta/recipes-core/glibc/glibc/0025-CVE-2026-4438-Check-hostname-for-validity-CVE-2026-4.patch
> @@ -0,0 +1,328 @@
> +From e10977481f4db4b2a3ce34fa4c3a1e26651ae312 Mon Sep 17 00:00:00 2001
> +From: Carlos O'Donell <carlos@redhat.com>
> +Date: Fri, 20 Mar 2026 17:14:33 -0400
> +Subject: resolv: Check hostname for validity (CVE-2026-4438)
> +
> +The processed hostname in getanswer_ptr should be correctly checked to
> +avoid invalid characters from being allowed, including shell
> +metacharacters. It is a security issue to fail to check the returned
> +hostname for validity.
> +
> +A regression test is added for invalid metacharacters and other cases
> +of invalid or valid characters.
> +
> +No regressions on x86_64-linux-gnu.
> +
> +Reviewed-by: Adhemerval Zanella <adhemerval.zanella@linaro.org>
> +
> +CVE: CVE-2026-4438
> +
> +Upstream-Status: Backport [https://sourceware.org/cgit/glibc/commit/?id=e10977481f4db4b2a3ce34fa4c3a1e26651ae312]
> +Comment: Patch refreshed
> +
> +Signed-off-by: Jackson James <jacksonj2@kpit.com>
> +---
> + resolv/Makefile | 3 +
> + resolv/nss_dns/dns-host.c | 2 +-
> + resolv/tst-resolv-invalid-ptr.c | 255 ++++++++++++++++++++++++++++++++
> + 3 files changed, 259 insertions(+), 1 deletion(-)
> + create mode 100644 resolv/tst-resolv-invalid-ptr.c
> +
> +diff --git a/resolv/Makefile b/resolv/Makefile
> +index 7d2aa9b5..20ffa9b5 100644
> +--- a/resolv/Makefile
> ++++ b/resolv/Makefile
> +@@ -101,6 +101,7 @@ tests += \
> + tst-resolv-dns-section \
> + tst-resolv-edns \
> + tst-resolv-invalid-cname \
> ++ tst-resolv-invalid-ptr \
> + tst-resolv-network \
> + tst-resolv-noaaaa \
> + tst-resolv-noaaaa-vc \
> +@@ -299,6 +300,8 @@ $(objpfx)tst-resolv-res_init-thread: $(objpfx)libresolv.so \
> + $(shared-thread-library)
> + $(objpfx)tst-resolv-invalid-cname: $(objpfx)libresolv.so \
> + $(shared-thread-library)
> ++$(objpfx)tst-resolv-invalid-ptr: $(objpfx)libresolv.so \
> ++ $(shared-thread-library)
> + $(objpfx)tst-resolv-noaaaa: $(objpfx)libresolv.so $(shared-thread-library)
> + $(objpfx)tst-resolv-noaaaa-vc: $(objpfx)libresolv.so $(shared-thread-library)
> + $(objpfx)tst-resolv-nondecimal: $(objpfx)libresolv.so $(shared-thread-library)
> +diff --git a/resolv/nss_dns/dns-host.c b/resolv/nss_dns/dns-host.c
> +index 74a7c08d..b8f5d61b 100644
> +--- a/resolv/nss_dns/dns-host.c
> ++++ b/resolv/nss_dns/dns-host.c
> +@@ -866,7 +866,7 @@ getanswer_ptr (unsigned char *packet, size_t packetlen,
> + char hname[MAXHOSTNAMELEN + 1];
> + if (__ns_name_unpack (c.begin, c.end, rr.rdata,
> + name_buffer, sizeof (name_buffer)) < 0
> +- || !__res_binary_hnok (expected_name)
> ++ || !__res_binary_hnok (name_buffer)
> + || __ns_name_ntop (name_buffer, hname, sizeof (hname)) < 0)
> + {
> + *h_errnop = NO_RECOVERY;
> +diff --git a/resolv/tst-resolv-invalid-ptr.c b/resolv/tst-resolv-invalid-ptr.c
> +new file mode 100644
> +index 00000000..9cdc4dce
> +--- /dev/null
> ++++ b/resolv/tst-resolv-invalid-ptr.c
> +@@ -0,0 +1,255 @@
> ++/* Test handling of invalid T_PTR results (bug 34015).
> ++ Copyright (C) 2022-2026 Free Software Foundation, Inc.
> ++ This file is part of the GNU C Library.
> ++
> ++ The GNU C Library is free software; you can redistribute it and/or
> ++ modify it under the terms of the GNU Lesser General Public
> ++ License as published by the Free Software Foundation; either
> ++ version 2.1 of the License, or (at your option) any later version.
> ++
> ++ The GNU C Library is distributed in the hope that it will be useful,
> ++ but WITHOUT ANY WARRANTY; without even the implied warranty of
> ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> ++ Lesser General Public License for more details.
> ++
> ++ You should have received a copy of the GNU Lesser General Public
> ++ License along with the GNU C Library; if not, see
> ++ <https://www.gnu.org/licenses/>. */
> ++
> ++#include <array_length.h>
> ++#include <errno.h>
> ++#include <netdb.h>
> ++#include <resolv.h>
> ++#include <stdlib.h>
> ++#include <string.h>
> ++#include <support/check.h>
> ++#include <support/format_nss.h>
> ++#include <support/resolv_test.h>
> ++#include <support/support.h>
> ++
> ++/* Name of test, the answer, the expected error return, and if we
> ++ expect the call to fail. */
> ++struct item {
> ++ const char *test;
> ++ const char *answer;
> ++ int expected;
> ++ bool fail;
> ++};
> ++
> ++static const struct item test_items[] =
> ++ {
> ++ /* Test for invalid characters. */
> ++ { "Invalid use of \"|\"",
> ++ "test.|.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"&\"",
> ++ "test.&.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \";\"",
> ++ "test.;.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"<\"",
> ++ "test.<.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \">\"",
> ++ "test.>.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"(\"",
> ++ "test.(.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \")\"",
> ++ "test.).ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"$\"",
> ++ "test.$.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"`\"",
> ++ "test.`.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"\\\"",
> ++ "test.\\.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"\'\"",
> ++ "test.'.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"\"\"",
> ++ "test.\".ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \" \"",
> ++ "test. .ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"\\t\"",
> ++ "test.\t.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"\\n\"",
> ++ "test.\n.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"\\r\"",
> ++ "test.\r.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"*\"",
> ++ "test.*.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"?\"",
> ++ "test.?.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"[\"",
> ++ "test.[.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"]\"",
> ++ "test.].ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \",\"",
> ++ "test.,.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"~\"",
> ++ "test.~.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \":\"",
> ++ "test.:.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"!\"",
> ++ "test.!.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"@\"",
> ++ "test.@.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"#\"",
> ++ "test.#.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"%\"",
> ++ "test.%%.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of \"^\"",
> ++ "test.^.ptr.example", NO_RECOVERY, true },
> ++
> ++ /* Test for invalid UTF-8 characters (2-byte, 4-byte, 6-byte). */
> ++ { "Invalid use of UTF-8 (2-byte, U+00C0-U+00C2)",
> ++ "ÁÂÃ.test.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of UTF-8 (4-byte, U+0750-U+0752)",
> ++ "ݐݑݒ.test.ptr.example", NO_RECOVERY, true },
> ++ { "Invalid use of UTF-8 (6-byte, U+0904-U+0906)",
> ++ "ऄअआ.test.ptr.example", NO_RECOVERY, true },
> ++
> ++ /* Test for "-" which may be valid depending on position. */
> ++ { "Invalid leading \"-\"",
> ++ "-test.ptr.example", NO_RECOVERY, true },
> ++ { "Valid trailing \"-\"",
> ++ "test-.ptr.example", 0, false },
> ++ { "Valid mid-label use of \"-\"",
> ++ "te-st.ptr.example", 0, false },
> ++
> ++ /* Test for "_" which is always valid in any position. */
> ++ { "Valid leading use of \"_\"",
> ++ "_test.ptr.example", 0, false },
> ++ { "Valid mid-label use of \"_\"",
> ++ "te_st.ptr.example", 0, false },
> ++ { "Valid trailing use of \"_\"",
> ++ "test_.ptr.example", 0, false },
> ++
> ++ /* Sanity test the broader set [A-Za-z0-9_-] of valid characters. */
> ++ { "Valid \"[A-Z]\"",
> ++ "test.ABCDEFGHIJKLMNOPQRSTUVWXYZ.ptr.example", 0, false },
> ++ { "Valid \"[a-z]\"",
> ++ "test.abcdefghijklmnopqrstuvwxyz.ptr.example", 0, false },
> ++ { "Valid \"[0-9]\"",
> ++ "test.0123456789.ptr.example", 0, false },
> ++ { "Valid mixed use of \"[A-Za-z0-9_-]\"",
> ++ "test.012abcABZ_-.ptr.example", 0, false },
> ++ };
> ++
> ++static void
> ++response (const struct resolv_response_context *ctx,
> ++ struct resolv_response_builder *b,
> ++ const char *qname, uint16_t qclass, uint16_t qtype)
> ++{
> ++ TEST_COMPARE (qclass, C_IN);
> ++
> ++ /* We only test PTR. */
> ++ TEST_COMPARE (qtype, T_PTR);
> ++
> ++ unsigned int count, count1;
> ++ char *tail = NULL;
> ++
> ++ /* The test implementation can handle up to 255 tests. */
> ++ if (strstr (qname, "in-addr.arpa") != NULL
> ++ && sscanf (qname, "%u.%ms", &count, &tail) == 2)
> ++ TEST_COMPARE_STRING (tail, "0.168.192.in-addr.arpa");
> ++ else if (sscanf (qname, "%x.%x.%ms", &count, &count1, &tail) == 3)
> ++ {
> ++ TEST_COMPARE_STRING (tail, "\
> ++0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.8.b.d.0.1.0.0.2.ip6.arpa");
> ++ count |= count1 << 4;
> ++ }
> ++ else
> ++ FAIL_EXIT1 ("invalid QNAME: %s\n", qname);
> ++ free (tail);
> ++
> ++ /* Cross check. Count has a fixed bound (soft limit). */
> ++ TEST_VERIFY (count >= 0 && count <= 255);
> ++
> ++ /* We have a fixed number of tests (hard limit). */
> ++ TEST_VERIFY_EXIT (count < array_length (test_items));
> ++
> ++ struct resolv_response_flags flags = {};
> ++ resolv_response_init (b, flags);
> ++ resolv_response_add_question (b, qname, qclass, qtype);
> ++ resolv_response_section (b, ns_s_an);
> ++
> ++ /* Actual answer record. */
> ++ resolv_response_open_record (b, qname, qclass, qtype, 60);
> ++
> ++ /* Record the answer. */
> ++ resolv_response_add_name (b, test_items[count].answer);
> ++ resolv_response_close_record (b);
> ++}
> ++
> ++/* Perform one check using a reverse lookup. */
> ++static void
> ++check_reverse (int af, int count)
> ++{
> ++ TEST_VERIFY (af == AF_INET || af == AF_INET6);
> ++ TEST_VERIFY_EXIT (count < array_length (test_items));
> ++
> ++ /* Generate an address to query for each test. */
> ++ char addr[sizeof (struct in6_addr)] = { 0 };
> ++ socklen_t addrlen;
> ++ if (af == AF_INET)
> ++ {
> ++ addr[0] = (char) 192;
> ++ addr[1] = (char) 168;
> ++ addr[2] = (char) 0;
> ++ addr[3] = (char) count;
> ++ addrlen = 4;
> ++ }
> ++ else
> ++ {
> ++ addr[0] = 0x20;
> ++ addr[1] = 0x01;
> ++ addr[2] = 0x0d;
> ++ addr[3] = 0xb8;
> ++ addr[4] = addr[5] = addr[6] = addr[7] = 0x0;
> ++ addr[8] = addr[9] = addr[10] = addr[11] = 0x0;
> ++ addr[12] = 0x0;
> ++ addr[13] = 0x0;
> ++ addr[14] = 0x0;
> ++ addr[15] = (char) count;
> ++ addrlen = 16;
> ++ }
> ++
> ++ h_errno = 0;
> ++ struct hostent *answer = gethostbyaddr (addr, addrlen, af);
> ++
> ++ /* Verify h_errno is as expected. */
> ++ TEST_COMPARE (h_errno, test_items[count].expected);
> ++ if (h_errno != test_items[count].expected)
> ++ /* And print more information if it's not. */
> ++ printf ("INFO: %s\n", test_items[count].test);
> ++
> ++ if (test_items[count].fail)
> ++ {
> ++ /* We expected a failure so verify answer is NULL. */
> ++ TEST_VERIFY (answer == NULL);
> ++ /* If it's not NULL we should print out what we received. */
> ++ if (answer != NULL)
> ++ printf ("error: unexpected success: %s\n",
> ++ support_format_hostent (answer));
> ++ }
> ++ else
> ++ /* We don't expect a failure so answer must be valid. */
> ++ TEST_COMPARE_STRING (answer->h_name, test_items[count].answer);
> ++}
> ++
> ++static int
> ++do_test (void)
> ++{
> ++ struct resolv_test *obj = resolv_test_start
> ++ ((struct resolv_redirect_config)
> ++ {
> ++ .response_callback = response
> ++ });
> ++
> ++ for (int i = 0; i < array_length (test_items); i++)
> ++ {
> ++ check_reverse (AF_INET, i);
> ++ check_reverse (AF_INET6, i);
> ++ }
> ++ resolv_test_end (obj);
> ++
> ++ return 0;
> ++}
> ++
> ++#include <support/test-driver.c>
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-core/glibc/glibc/0026-CVE-2026-5450-Fix-buffer-overflow-in-scanf-mc-BZ-340.patch b/meta/recipes-core/glibc/glibc/0026-CVE-2026-5450-Fix-buffer-overflow-in-scanf-mc-BZ-340.patch
> new file mode 100644
> index 0000000000..989ddcdae8
> --- /dev/null
> +++ b/meta/recipes-core/glibc/glibc/0026-CVE-2026-5450-Fix-buffer-overflow-in-scanf-mc-BZ-340.patch
> @@ -0,0 +1,138 @@
> +From 839898777226a3ed88c0859f25ffe712519b4ead Mon Sep 17 00:00:00 2001
> +From: Rocket Ma <marocketbd@gmail.com>
> +Date: Fri, 17 Apr 2026 23:48:41 -0700
> +Subject: stdio-common: Fix buffer overflow in scanf %mc [BZ #34008]
> +
> +* stdio-common/vfscanf-internal.c: When enlarging allocated buffer with
> +format %mc or %mC, glibc allocates one byte less, leading to
> +user-controlled one byte overflow. This commit fixes BZ #34008, or
> +CVE-2026-5450.
> +
> +Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> +Signed-off-by: Rocket Ma <marocketbd@gmail.com>
> +Reviewed-by: H.J. Lu <hjl.tools@gmail.com>
> +
> +CVE: CVE-2026-5450
> +
> +Upstream-Status: Backport [https://sourceware.org/cgit/glibc/commit/?id=839898777226a3ed88c0859f25ffe712519b4ead]
> +Comment: Patch refreshed
> +
> +Signed-off-by: Jackson James <jacksonj2@kpit.com>
> +---
> + stdio-common/Makefile | 4 +++
> + stdio-common/tst-vfscanf-bz34008.c | 48 ++++++++++++++++++++++++++++++
> + stdio-common/vfscanf-internal.c | 7 +++---
> + 3 files changed, 56 insertions(+), 4 deletions(-)
> + create mode 100644 stdio-common/tst-vfscanf-bz34008.c
> +
> +diff --git a/stdio-common/Makefile b/stdio-common/Makefile
> +index c8224342..7d76f55a 100644
> +--- a/stdio-common/Makefile
> ++++ b/stdio-common/Makefile
> +@@ -266,6 +266,7 @@ tests := \
> + tst-vfprintf-width-i18n \
> + tst-vfprintf-width-prec \
> + tst-vfprintf-width-prec-alloc \
> ++ tst-vfscanf-bz34008 \
> + tst-wc-printf \
> + tstdiomisc \
> + tstgetln \
> +@@ -401,6 +402,9 @@ tst-printf-bz18872-ENV = MALLOC_TRACE=$(objpfx)tst-printf-bz18872.mtrace \
> + tst-vfprintf-width-prec-ENV = \
> + MALLOC_TRACE=$(objpfx)tst-vfprintf-width-prec.mtrace \
> + LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so
> ++tst-vfscanf-bz34008-ENV = \
> ++ MALLOC_CHECK_=3 \
> ++ LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so
> + tst-printf-bz25691-ENV = \
> + MALLOC_TRACE=$(objpfx)tst-printf-bz25691.mtrace \
> + LD_PRELOAD=$(common-objpfx)/malloc/libc_malloc_debug.so
> +diff --git a/stdio-common/tst-vfscanf-bz34008.c b/stdio-common/tst-vfscanf-bz34008.c
> +new file mode 100644
> +index 00000000..48371c8a
> +--- /dev/null
> ++++ b/stdio-common/tst-vfscanf-bz34008.c
> +@@ -0,0 +1,48 @@
> ++/* Regression test for vfscanf %Nmc out-of-bound write (BZ #34008)
> ++ Copyright (C) 2026 The GNU Toolchain Authors.
> ++ This file is part of the GNU C Library.
> ++
> ++ The GNU C Library is free software; you can redistribute it and/or
> ++ modify it under the terms of the GNU Lesser General Public
> ++ License as published by the Free Software Foundation; either
> ++ version 2.1 of the License, or (at your option) any later version.
> ++
> ++ The GNU C Library is distributed in the hope that it will be useful,
> ++ but WITHOUT ANY WARRANTY; without even the implied warranty of
> ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> ++ Lesser General Public License for more details.
> ++
> ++ You should have received a copy of the GNU Lesser General Public
> ++ License along with the GNU C Library; if not, see
> ++ <https://www.gnu.org/licenses/>. */
> ++
> ++#include "malloc/mcheck.h"
> ++#include <stddef.h>
> ++#include <stdio.h>
> ++#include <string.h>
> ++#include <wchar.h>
> ++#include <stdlib.h>
> ++#include <malloc.h>
> ++#include <support/check.h>
> ++
> ++#define WIDTH 0x410
> ++#define SCANFSTR "%1040mc"
> ++static int
> ++do_test (void)
> ++{
> ++ mcheck_pedantic (NULL);
> ++ char *input = malloc (WIDTH + 1);
> ++ TEST_VERIFY (input != NULL);
> ++ memset (input, 'A', WIDTH);
> ++ input[WIDTH] = '\0';
> ++
> ++ char *buf = NULL;
> ++ TEST_VERIFY (sscanf (input, SCANFSTR, &buf) != -1);
> ++ TEST_VERIFY (buf != NULL);
> ++
> ++ free (buf);
> ++ free (input);
> ++ return 0;
> ++}
> ++
> ++#include <support/test-driver.c>
> +diff --git a/stdio-common/vfscanf-internal.c b/stdio-common/vfscanf-internal.c
> +index 1b82deff..8a813e94 100644
> +--- a/stdio-common/vfscanf-internal.c
> ++++ b/stdio-common/vfscanf-internal.c
> +@@ -853,8 +853,7 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr,
> + {
> + /* Enlarge the buffer. */
> + size_t newsize
> +- = strsize
> +- + (strsize >= width ? width - 1 : strsize);
> ++ = strsize + (strsize >= width ? width : strsize);
> +
> + str = (char *) realloc (*strptr, newsize);
> + if (str == NULL)
> +@@ -925,7 +925,7 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr,
> + && wstr == (wchar_t *) *strptr + strsize)
> + {
> + size_t newsize
> +- = strsize + (strsize > width ? width - 1 : strsize);
> ++ = strsize + (strsize >= width ? width : strsize);
> + /* Enlarge the buffer. */
> + wstr = (wchar_t *) realloc (*strptr,
> + newsize * sizeof (wchar_t));
> +@@ -980,7 +980,7 @@ __vfscanf_internal (FILE *s, const char *format, va_list argptr,
> + && wstr == (wchar_t *) *strptr + strsize)
> + {
> + size_t newsize
> +- = strsize + (strsize > width ? width - 1 : strsize);
> ++ = strsize + (strsize >= width ? width : strsize);
> + /* Enlarge the buffer. */
> + wstr = (wchar_t *) realloc (*strptr,
> + newsize * sizeof (wchar_t));
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-core/glibc/glibc/0027-CVE-2026-5928-Fix-ungetwc-operating-on-byte-stream-B.patch b/meta/recipes-core/glibc/glibc/0027-CVE-2026-5928-Fix-ungetwc-operating-on-byte-stream-B.patch
> new file mode 100644
> index 0000000000..21228a44b7
> --- /dev/null
> +++ b/meta/recipes-core/glibc/glibc/0027-CVE-2026-5928-Fix-ungetwc-operating-on-byte-stream-B.patch
> @@ -0,0 +1,117 @@
> +From ef3bfb5f910011f3780cb06aa47e730035f53285 Mon Sep 17 00:00:00 2001
> +From: Rocket Ma <marocketbd@gmail.com>
> +Date: Fri, 1 May 2026 20:39:07 -0700
> +Subject: libio: Fix ungetwc operating on byte stream [BZ #33998]
> +
> +* libio/wgenops.c: When _IO_wdefault_pbackfail attempts to push back one
> +character, it accidently compare the wchar to push back with the last
> +char from byte stream, instead of wide stream. Under specific coding,
> +attacker may exploit this to leak information. This commit fix bug
> +33998, or CVE-2026-5928.
> +
> +Signed-off-by: Rocket Ma <marocketbd@gmail.com>
> +Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> +
> +CVE: CVE-2026-5928
> +
> +Upstream-Status: Backport [https://sourceware.org/cgit/glibc/commit/?id=ef3bfb5f910011f3780cb06aa47e730035f53285]
> +Comment: Patch refreshed
> +
> +Signed-off-by: Jackson James <jacksonj2@kpit.com>
> +---
> + libio/Makefile | 1 +
> + libio/bug-wgenops-bz33998.c | 54 +++++++++++++++++++++++++++++++++++++
> + libio/wgenops.c | 4 +--
> + 3 files changed, 57 insertions(+), 2 deletions(-)
> + create mode 100644 libio/bug-wgenops-bz33998.c
> +
> +diff --git a/libio/Makefile b/libio/Makefile
> +index b189455b..20e2b056 100644
> +--- a/libio/Makefile
> ++++ b/libio/Makefile
> +@@ -83,6 +83,7 @@ tests = \
> + bug-ungetwc1 \
> + bug-ungetwc2 \
> + bug-wfflush \
> ++ bug-wgenops-bz33998 \
> + bug-wmemstream1 \
> + bug-wsetpos \
> + test-fmemopen \
> +diff --git a/libio/bug-wgenops-bz33998.c b/libio/bug-wgenops-bz33998.c
> +new file mode 100644
> +index 00000000..cc4067da
> +--- /dev/null
> ++++ b/libio/bug-wgenops-bz33998.c
> +@@ -0,0 +1,54 @@
> ++/* Regression test for ungetwc operating on byte stream (BZ #33998)
> ++ Copyright (C) 2026 The GNU Toolchain Authors.
> ++ This file is part of the GNU C Library.
> ++
> ++ The GNU C Library is free software; you can redistribute it and/or
> ++ modify it under the terms of the GNU Lesser General Public
> ++ License as published by the Free Software Foundation; either
> ++ version 2.1 of the License, or (at your option) any later version.
> ++
> ++ The GNU C Library is distributed in the hope that it will be useful,
> ++ but WITHOUT ANY WARRANTY; without even the implied warranty of
> ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> ++ Lesser General Public License for more details.
> ++
> ++ You should have received a copy of the GNU Lesser General Public
> ++ License along with the GNU C Library; if not, see
> ++ <https://www.gnu.org/licenses/>. */
> ++
> ++#include "support/temp_file.h"
> ++#include "support/xstdio.h"
> ++#include "support/xunistd.h"
> ++#include <stdlib.h>
> ++#include <unistd.h>
> ++#include <sys/mman.h>
> ++#include <stdio.h>
> ++#include <wchar.h>
> ++#include <support/check.h>
> ++
> ++static int
> ++do_test (void)
> ++{
> ++ char *filename;
> ++ int fd = create_temp_file ("tst-bz33998-", &filename);
> ++ TEST_VERIFY (fd != -1);
> ++ xwrite (fd, "A", sizeof ("A")); // write "A\0" by design
> ++ xclose (fd);
> ++
> ++ FILE *fp = xfopen (filename, "r+");
> ++ TEST_COMPARE (getwc (fp), L'A');
> ++ /* If the bug is fixed, then ungetwc should not touch byte stream.
> ++ If the bug is not fixed, ungetwc firstly match last read char, L'A',
> ++ failed, then the pbackfail branch, matching last read char in byte
> ++ stream, that is, '\0' (initialized when setup wide stream). */
> ++ char *old_read_ptr = fp->_IO_read_ptr;
> ++ TEST_COMPARE (ungetwc (L'\0', fp), L'\0');
> ++ TEST_VERIFY (fp->_IO_read_ptr == old_read_ptr);
> ++
> ++ xfclose (fp);
> ++ free (filename);
> ++
> ++ return 0;
> ++}
> ++
> ++#include <support/test-driver.c>
> +diff --git a/libio/wgenops.c b/libio/wgenops.c
> +index adfb9701..14ece4e7 100644
> +--- a/libio/wgenops.c
> ++++ b/libio/wgenops.c
> +@@ -108,8 +108,8 @@ _IO_wdefault_pbackfail (FILE *fp, wint_t c)
> + {
> + if (fp->_wide_data->_IO_read_ptr > fp->_wide_data->_IO_read_base
> + && !_IO_in_backup (fp)
> +- && (wint_t) fp->_IO_read_ptr[-1] == c)
> +- --fp->_IO_read_ptr;
> ++ && (wint_t) fp->_wide_data->_IO_read_ptr[-1] == c)
> ++ --fp->_wide_data->_IO_read_ptr;
> + else
> + {
> + /* Need to handle a filebuf in write mode (switch to read mode). FIXME!*/
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-core/glibc/glibc/0028-CVE-2026-4046-Use-pending-character-state-in-IBM1390.patch b/meta/recipes-core/glibc/glibc/0028-CVE-2026-4046-Use-pending-character-state-in-IBM1390.patch
> new file mode 100644
> index 0000000000..3deccbc072
> --- /dev/null
> +++ b/meta/recipes-core/glibc/glibc/0028-CVE-2026-4046-Use-pending-character-state-in-IBM1390.patch
> @@ -0,0 +1,336 @@
> +From d6f08d1cf027f4eb2ba289a6cc66853722d4badc Mon Sep 17 00:00:00 2001
> +From: Florian Weimer <fweimer@redhat.com>
> +Date: Thu, 16 Apr 2026 19:13:43 +0200
> +Subject: Use pending character state in IBM1390, IBM1399 character sets
> + (CVE-2026-4046)
> +
> +Follow the example in iso-2022-jp-3.c and use the __count state
> +variable to store the pending character. This avoids restarting
> +the conversion if the output buffer ends between two 4-byte UCS-4
> +code points, so that the assert reported in the bug can no longer
> +happen.
> +
> +Even though the fix is applied to ibm1364.c, the change is only
> +effective for the two HAS_COMBINED codecs for IBM1390, IBM1399.
> +
> +The test case was mostly auto-generated using
> +claude-4.6-opus-high-thinking, and composer-2-fast shows up in the
> +log as well. During review, gpt-5.4-xhigh flagged that the original
> +version of the test case was not exercising the new character
> +flush logic.
> +
> +This fixes bug 33980.
> +
> +Assisted-by: LLM
> +Reviewed-by: Carlos O'Donell <carlos@redhat.com>
> +
> +CVE: CVE-2026-4046
> +
> +Upstream-Status: Backport [https://sourceware.org/cgit/glibc/commit/?id=d6f08d1cf027f4eb2ba289a6cc66853722d4badc]
> +
> +Signed-off-by: Jackson James <jacksonj2@kpit.com>
> +---
> + iconvdata/Makefile | 4 +-
> + iconvdata/ibm1364.c | 70 ++++++++++++++----
> + iconvdata/tst-bug33980.c | 153 +++++++++++++++++++++++++++++++++++++++
> + 3 files changed, 211 insertions(+), 16 deletions(-)
> + create mode 100644 iconvdata/tst-bug33980.c
> +
> +diff --git a/iconvdata/Makefile b/iconvdata/Makefile
> +index 7196a874..090ba929 100644
> +--- a/iconvdata/Makefile
> ++++ b/iconvdata/Makefile
> +@@ -76,7 +76,7 @@ tests = bug-iconv1 bug-iconv2 tst-loading tst-e2big tst-iconv4 bug-iconv4 \
> + tst-iconv6 bug-iconv5 bug-iconv6 tst-iconv7 bug-iconv8 bug-iconv9 \
> + bug-iconv10 bug-iconv11 bug-iconv12 tst-iconv-big5-hkscs-to-2ucs4 \
> + bug-iconv13 bug-iconv14 bug-iconv15 \
> +- tst-iconv-iso-2022-cn-ext
> ++ tst-iconv-iso-2022-cn-ext tst-bug33980
> + ifeq ($(have-thread-library),yes)
> + tests += bug-iconv3
> + endif
> +@@ -333,6 +333,8 @@ $(objpfx)bug-iconv15.out: $(addprefix $(objpfx), $(gconv-modules)) \
> + $(addprefix $(objpfx),$(modules.so))
> + $(objpfx)tst-iconv-iso-2022-cn-ext.out: $(addprefix $(objpfx), $(gconv-modules)) \
> + $(addprefix $(objpfx),$(modules.so))
> ++$(objpfx)tst-bug33980.out: $(addprefix $(objpfx), $(gconv-modules)) \
> ++ $(addprefix $(objpfx),$(modules.so))
> +
> + $(objpfx)iconv-test.out: run-iconv-test.sh \
> + $(addprefix $(objpfx), $(gconv-modules)) \
> +diff --git a/iconvdata/ibm1364.c b/iconvdata/ibm1364.c
> +index 4c37f30e..fd255a46 100644
> +--- a/iconvdata/ibm1364.c
> ++++ b/iconvdata/ibm1364.c
> +@@ -67,12 +67,29 @@
> +
> + /* Since this is a stateful encoding we have to provide code which resets
> + the output state to the initial state. This has to be done during the
> +- flushing. */
> ++ flushing. For the to-internal direction (FROM_DIRECTION is true),
> ++ there may be a pending character that needs flushing. */
> + #define EMIT_SHIFT_TO_INIT \
> + if ((data->__statep->__count & ~7) != sb) \
> + { \
> + if (FROM_DIRECTION) \
> +- data->__statep->__count &= 7; \
> ++ { \
> ++ uint32_t ch = data->__statep->__count >> 7; \
> ++ if (__glibc_unlikely (ch != 0)) \
> ++ { \
> ++ if (__glibc_unlikely (outend - outbuf < 4)) \
> ++ status = __GCONV_FULL_OUTPUT; \
> ++ else \
> ++ { \
> ++ put32 (outbuf, ch); \
> ++ outbuf += 4; \
> ++ /* Clear character and db bit. */ \
> ++ data->__statep->__count &= 7; \
> ++ } \
> ++ } \
> ++ else \
> ++ data->__statep->__count &= 7; \
> ++ } \
> + else \
> + { \
> + /* We are not in the initial state. To switch back we have \
> +@@ -99,11 +116,13 @@
> + *curcsp = save_curcs
> +
> +
> +-/* Current codeset type. */
> ++/* Current codeset type. The bit is stored in the __count variable of
> ++ the conversion state. If the db bit is set, bit 7 and above store
> ++ a pending UCS-4 code point if non-zero. */
> + enum
> + {
> +- sb = 0,
> +- db = 64
> ++ sb = 0, /* Single byte mode. */
> ++ db = 64 /* Double byte mode. */
> + };
> +
> +
> +@@ -119,21 +138,29 @@ enum
> + } \
> + else \
> + { \
> +- /* This is a combined character. Make sure we have room. */ \
> +- if (__glibc_unlikely (outptr + 8 > outend)) \
> +- { \
> +- result = __GCONV_FULL_OUTPUT; \
> +- break; \
> +- } \
> +- \
> + const struct divide *cmbp \
> + = &DB_TO_UCS4_COMB[ch - __TO_UCS4_COMBINED_MIN]; \
> + assert (cmbp->res1 != 0 && cmbp->res2 != 0); \
> + \
> + put32 (outptr, cmbp->res1); \
> + outptr += 4; \
> +- put32 (outptr, cmbp->res2); \
> +- outptr += 4; \
> ++ \
> ++ /* See whether we have room for the second character. */ \
> ++ if (outend - outptr >= 4) \
> ++ { \
> ++ put32 (outptr, cmbp->res2); \
> ++ outptr += 4; \
> ++ } \
> ++ else \
> ++ { \
> ++ /* Otherwise store only the first character now, and \
> ++ put the second one into the queue. */ \
> ++ curcs |= cmbp->res2 << 7; \
> ++ inptr += 2; \
> ++ /* Tell the caller why we terminate the loop. */ \
> ++ result = __GCONV_FULL_OUTPUT; \
> ++ break; \
> ++ } \
> + } \
> + }
> + #else
> +@@ -153,7 +180,20 @@ enum
> + #define LOOPFCT FROM_LOOP
> + #define BODY \
> + { \
> +- uint32_t ch = *inptr; \
> ++ uint32_t ch; \
> ++ \
> ++ ch = curcs >> 7; \
> ++ if (__glibc_unlikely (ch != 0)) \
> ++ { \
> ++ put32 (outptr, ch); \
> ++ outptr += 4; \
> ++ /* Remove the pending character, but preserve state bits. */ \
> ++ curcs &= (1 << 7) - 1; \
> ++ continue; \
> ++ } \
> ++ \
> ++ /* Otherwise read the next input byte. */ \
> ++ ch = *inptr; \
> + \
> + if (__builtin_expect (ch, 0) == SO) \
> + { \
> +diff --git a/iconvdata/tst-bug33980.c b/iconvdata/tst-bug33980.c
> +new file mode 100644
> +index 00000000..c9693e0e
> +--- /dev/null
> ++++ b/iconvdata/tst-bug33980.c
> +@@ -0,0 +1,153 @@
> ++/* Test for bug 33980: combining characters in IBM1390/IBM1399.
> ++ Copyright (C) 2026 Free Software Foundation, Inc.
> ++ This file is part of the GNU C Library.
> ++
> ++ The GNU C Library is free software; you can redistribute it and/or
> ++ modify it under the terms of the GNU Lesser General Public
> ++ License as published by the Free Software Foundation; either
> ++ version 2.1 of the License, or (at your option) any later version.
> ++
> ++ The GNU C Library is distributed in the hope that it will be useful,
> ++ but WITHOUT ANY WARRANTY; without even the implied warranty of
> ++ MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the GNU
> ++ Lesser General Public License for more details.
> ++
> ++ You should have received a copy of the GNU Lesser General Public
> ++ License along with the GNU C Library; if not, see
> ++ <https://www.gnu.org/licenses/>. */
> ++
> ++#include <alloc_buffer.h>
> ++#include <errno.h>
> ++#include <iconv.h>
> ++#include <stdbool.h>
> ++#include <string.h>
> ++
> ++#include <support/check.h>
> ++#include <support/next_to_fault.h>
> ++#include <support/support.h>
> ++
> ++/* Run iconv in a loop with a small output buffer of OUTBUFSIZE bytes
> ++ starting at OUTBUF. OUTBUF should be right before an unmapped page
> ++ so that writing past the end will fault. Skip SHIFT bytes at the
> ++ start of the input and output, to exercise different buffer
> ++ alignment. TRUNCATE indicates skipped bytes at the end of
> ++ input (0 and 1 a valid). */
> ++static void
> ++test_one (const char *encoding, unsigned int shift, unsigned int truncate,
> ++ char *outbuf, size_t outbufsize)
> ++{
> ++ /* In IBM1390 and IBM1399, the DBCS code 0xECB5 expands to two
> ++ Unicode code points when translated. */
> ++ static char input[] =
> ++ {
> ++ /* 8 letters X. */
> ++ 0xe7, 0xe7, 0xe7, 0xe7, 0xe7, 0xe7, 0xe7, 0xe7,
> ++ /* SO, 0xECB5, SI: shift to DBCS, special character, shift back. */
> ++ 0x0e, 0xec, 0xb5, 0x0f
> ++ };
> ++
> ++ /* Expected output after UTF-8 conversion. */
> ++ static char expected[] =
> ++ {
> ++ 'X', 'X', 'X', 'X', 'X', 'X', 'X', 'X',
> ++ /* U+304B (HIRAGANA LETTER KA). */
> ++ 0xe3, 0x81, 0x8b,
> ++ /* U+309A (COMBINING KATAKANA-HIRAGANA SEMI-VOICED SOUND MARK). */
> ++ 0xe3, 0x82, 0x9a
> ++ };
> ++
> ++ iconv_t cd = iconv_open ("UTF-8", encoding);
> ++ TEST_VERIFY_EXIT (cd != (iconv_t) -1);
> ++
> ++ char result_storage[64];
> ++ struct alloc_buffer result_buf
> ++ = alloc_buffer_create (result_storage, sizeof (result_storage));
> ++
> ++ char *inptr = &input[shift];
> ++ size_t inleft = sizeof (input) - shift - truncate;
> ++
> ++ while (inleft > 0)
> ++ {
> ++ char *outptr = outbuf;
> ++ size_t outleft = outbufsize;
> ++ size_t inleft_before = inleft;
> ++
> ++ size_t ret = iconv (cd, &inptr, &inleft, &outptr, &outleft);
> ++ size_t produced = outptr - outbuf;
> ++ alloc_buffer_copy_bytes (&result_buf, outbuf, produced);
> ++
> ++ if (ret == (size_t) -1 && errno == E2BIG)
> ++ {
> ++ if (produced == 0 && inleft == inleft_before)
> ++ {
> ++ /* Output buffer too small to make progress. This is
> ++ expected for very small output buffer sizes. */
> ++ TEST_VERIFY_EXIT (outbufsize < 3);
> ++ break;
> ++ }
> ++ continue;
> ++ }
> ++ if (ret == (size_t) -1)
> ++ FAIL_EXIT1 ("%s (outbufsize %zu): iconv: %m", encoding, outbufsize);
> ++ break;
> ++ }
> ++
> ++ /* Flush any pending state (e.g. a buffered combined character).
> ++ With outbufsize < 3, we could not store the first character, so
> ++ the second character did not become pending, and there is nothing
> ++ to flush. */
> ++ {
> ++ char *outptr = outbuf;
> ++ size_t outleft = outbufsize;
> ++
> ++ size_t ret = iconv (cd, NULL, NULL, &outptr, &outleft);
> ++ TEST_VERIFY_EXIT (ret == 0);
> ++ size_t produced = outptr - outbuf;
> ++ alloc_buffer_copy_bytes (&result_buf, outbuf, produced);
> ++
> ++ /* Second flush does not provide more data. */
> ++ outptr = outbuf;
> ++ outleft = outbufsize;
> ++ ret = iconv (cd, NULL, NULL, &outptr, &outleft);
> ++ TEST_VERIFY_EXIT (ret == 0);
> ++ TEST_VERIFY (outptr == outbuf);
> ++ }
> ++
> ++ TEST_VERIFY_EXIT (!alloc_buffer_has_failed (&result_buf));
> ++ size_t result_used
> ++ = sizeof (result_storage) - alloc_buffer_size (&result_buf);
> ++
> ++ if (outbufsize >= 3)
> ++ {
> ++ TEST_COMPARE (inleft, 0);
> ++ TEST_COMPARE (result_used, sizeof (expected) - shift);
> ++ TEST_COMPARE_BLOB (result_storage, result_used,
> ++ &expected[shift], sizeof (expected) - shift);
> ++ }
> ++ else
> ++ /* If the buffer is too small, only the leading X could be converted. */
> ++ TEST_COMPARE (result_used, 8 - shift);
> ++
> ++ TEST_VERIFY_EXIT (iconv_close (cd) == 0);
> ++}
> ++
> ++static int
> ++do_test (void)
> ++{
> ++ struct support_next_to_fault ntf
> ++ = support_next_to_fault_allocate (8);
> ++
> ++ for (int shift = 0; shift <= 8; ++shift)
> ++ for (int truncate = 0; truncate < 2; ++truncate)
> ++ for (size_t outbufsize = 1; outbufsize <= 8; outbufsize++)
> ++ {
> ++ char *outbuf = ntf.buffer + ntf.length - outbufsize;
> ++ test_one ("IBM1390", shift, truncate, outbuf, outbufsize);
> ++ test_one ("IBM1399", shift, truncate, outbuf, outbufsize);
> ++ }
> ++
> ++ support_next_to_fault_free (&ntf);
> ++ return 0;
> ++}
> ++
> ++#include <support/test-driver.c>
> +--
> +2.34.1
> +
> diff --git a/meta/recipes-core/glibc/glibc_2.39.bb b/meta/recipes-core/glibc/glibc_2.39.bb
> index 7958d64eed..12a2e696ad 100644
> --- a/meta/recipes-core/glibc/glibc_2.39.bb
> +++ b/meta/recipes-core/glibc/glibc_2.39.bb
> @@ -55,6 +55,11 @@ SRC_URI = "${GLIBC_GIT_URI};branch=${SRCBRANCH};name=glibc \
> file://0022-Avoid-hardcoded-build-time-paths-in-the-output-binar.patch \
> file://0023-qemu-stale-process.patch \
> file://0001-stdlib-Add-single-threaded-fast-path-to-rand.patch \
> + file://0024-CVE-2026-4437-Count-records-correctly-CVE-2026-4437.patch \
> + file://0025-CVE-2026-4438-Check-hostname-for-validity-CVE-2026-4.patch \
> + file://0026-CVE-2026-5450-Fix-buffer-overflow-in-scanf-mc-BZ-340.patch \
> + file://0027-CVE-2026-5928-Fix-ungetwc-operating-on-byte-stream-B.patch \
> + file://0028-CVE-2026-4046-Use-pending-character-state-in-IBM1390.patch \
> "
> S = "${WORKDIR}/git"
> B = "${WORKDIR}/build-${TARGET_SYS}"
^ permalink raw reply
* Re: [OE-core][wrynose][PATCH] curl: fix CVE-2026-6276
From: Yoann Congal @ 2026-06-08 14:06 UTC (permalink / raw)
To: adarsh.jagadish.kamini, openembedded-core
In-Reply-To: <20260602140623.762455-1-adarsh.jagadish.kamini@est.tech>
On Tue Jun 2, 2026 at 4:06 PM CEST, Adarsh Jagadish Kamini via lists.openembedded.org wrote:
> From: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
>
> Backport patch to fix CVE-2026-6276.
> https://nvd.nist.gov/vuln/detail/CVE-2026-6276
>
> Upstream fix:
> https://github.com/curl/curl/commit/3a19987a87f393d9394fe5acc7643f6c263c92db
>
> Adapted for curl 8.19.0:
> - Use Curl_safefree (upstream uses curlx_safefree, renamed in later versions)
> - Drop req->userpwd/req->proxyuserpwd context (not yet moved to
> SingleRequest in this version)
>
> Tested with ptest:
> Before: PASSED: 1000, FAILED: 0, SKIPPED: 0
> After: PASSED: 1001, FAILED: 0, SKIPPED: 0
>
> Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
> ---
> .../curl/curl/CVE-2026-6276.patch | 315 ++++++++++++++++++
> meta/recipes-support/curl/curl_8.19.0.bb | 1 +
> 2 files changed, 316 insertions(+)
> create mode 100644 meta/recipes-support/curl/curl/CVE-2026-6276.patch
>
> diff --git a/meta/recipes-support/curl/curl/CVE-2026-6276.patch b/meta/recipes-support/curl/curl/CVE-2026-6276.patch
> new file mode 100644
> index 0000000000..68bec24e94
> --- /dev/null
> +++ b/meta/recipes-support/curl/curl/CVE-2026-6276.patch
> @@ -0,0 +1,315 @@
> +From 48d71bc976572aaf09c63ab86b5165762450a507 Mon Sep 17 00:00:00 2001
> +From: Daniel Stenberg <daniel@haxx.se>
> +Date: Tue, 14 Apr 2026 08:51:44 +0200
> +Subject: [PATCH] urldata: move cookiehost to struct SingleRequest
> +
> +To make it scoped for the single request appropriately.
> +
> +Reported-by: Muhamad Arga Reksapati
> +
> +Verify with libtest 2504: a custom Host *disabled* on reused handle
> +
> +Closes #21312
> +
> +CVE: CVE-2026-6276
> +Upstream-Status: Backport [https://github.com/curl/curl/commit/3a19987a87f393d9394fe5acc7643f6c263c92db]
> +
> +Signed-off-by: Adarsh Jagadish Kamini <adarsh.jagadish.kamini@est.tech>
> +---
> + lib/http.c | 14 +++---
> + lib/request.c | 3 ++
> + lib/request.h | 3 ++
> + lib/url.c | 2 +-
> + lib/urldata.h | 3 --
> + tests/data/Makefile.am | 2 +-
> + tests/data/test2504 | 52 +++++++++++++++++++++
> + tests/libtest/Makefile.inc | 2 +-
> + tests/libtest/lib2504.c | 93 ++++++++++++++++++++++++++++++++++++++
> + 9 files changed, 162 insertions(+), 12 deletions(-)
> + create mode 100644 tests/data/test2504
> + create mode 100644 tests/libtest/lib2504.c
> +
> +diff --git a/lib/http.c b/lib/http.c
> +index 188da5fd83..7ebbdfa551 100644
> +--- a/lib/http.c
> ++++ b/lib/http.c
> +@@ -2002,6 +2002,9 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
> + data->state.first_remote_protocol = conn->scheme->protocol;
> + }
> + Curl_safefree(aptr->host);
> ++#ifndef CURL_DISABLE_COOKIES
> ++ Curl_safefree(data->req.cookiehost);
> ++#endif
> +
> + ptr = Curl_checkheaders(data, STRCONST("Host"));
> + if(ptr && (!data->state.this_is_a_follow ||
> +@@ -2037,8 +2040,7 @@ static CURLcode http_set_aptr_host(struct Curl_easy *data)
> + if(colon)
> + *colon = 0; /* The host must not include an embedded port number */
> + }
> +- curlx_free(aptr->cookiehost);
> +- aptr->cookiehost = cookiehost;
> ++ data->req.cookiehost = cookiehost;
> + }
> + #endif
> +
> +@@ -2538,8 +2540,8 @@ static CURLcode http_cookies(struct Curl_easy *data,
> +
> + if(data->cookies && data->state.cookie_engine) {
> + bool okay;
> +- const char *host = data->state.aptr.cookiehost ?
> +- data->state.aptr.cookiehost : data->conn->host.name;
> ++ const char *host = data->req.cookiehost ?
> ++ data->req.cookiehost : data->conn->host.name;
> + Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
> + result = Curl_cookie_getlist(data, data->conn, &okay, host, &list);
> + if(!result && okay) {
> +@@ -3545,8 +3547,8 @@ static CURLcode http_header_s(struct Curl_easy *data,
> + if(v) {
> + /* If there is a custom-set Host: name, use it here, or else use
> + * real peer hostname. */
> +- const char *host = data->state.aptr.cookiehost ?
> +- data->state.aptr.cookiehost : conn->host.name;
> ++ const char *host = data->req.cookiehost ?
> ++ data->req.cookiehost : conn->host.name;
> + const bool secure_context = Curl_secure_context(conn, host);
> + CURLcode result;
> + Curl_share_lock(data, CURL_LOCK_DATA_COOKIE, CURL_LOCK_ACCESS_SINGLE);
> +diff --git a/lib/request.c b/lib/request.c
> +index 66077530d7..765dbac058 100644
> +--- a/lib/request.c
> ++++ b/lib/request.c
> +@@ -113,6 +113,9 @@ void Curl_req_hard_reset(struct SingleRequest *req, struct Curl_easy *data)
> + struct curltime t0 = { 0, 0 };
> +
> + Curl_safefree(req->newurl);
> ++#ifndef CURL_DISABLE_COOKIES
> ++ Curl_safefree(req->cookiehost);
> ++#endif
> + Curl_client_reset(data);
> + if(req->sendbuf_init)
> + Curl_bufq_reset(&req->sendbuf);
> +diff --git a/lib/request.h b/lib/request.h
> +index 5332d48538..6e4bd0fb6e 100644
> +--- a/lib/request.h
> ++++ b/lib/request.h
> +@@ -95,6 +95,9 @@ struct SingleRequest {
> + char *newurl; /* Set to the new URL to use when a redirect or a retry is
> + wanted */
> +
> ++#ifndef CURL_DISABLE_COOKIES
> ++ char *cookiehost;
> ++#endif
> + #ifndef CURL_DISABLE_COOKIES
> + unsigned char setcookies;
> + #endif
> +diff --git a/lib/url.c b/lib/url.c
> +index ec0457bcdd..b9e308add2 100644
> +--- a/lib/url.c
> ++++ b/lib/url.c
> +@@ -304,7 +304,7 @@ CURLcode Curl_close(struct Curl_easy **datap)
> + Curl_safefree(data->state.aptr.ref);
> + Curl_safefree(data->state.aptr.host);
> + #ifndef CURL_DISABLE_COOKIES
> +- Curl_safefree(data->state.aptr.cookiehost);
> ++ Curl_safefree(data->req.cookiehost);
> + #endif
> + #ifndef CURL_DISABLE_RTSP
> + Curl_safefree(data->state.aptr.rtsp_transport);
> +diff --git a/lib/urldata.h b/lib/urldata.h
> +index 5ae148054b..d71337c8f6 100644
> +--- a/lib/urldata.h
> ++++ b/lib/urldata.h
> +@@ -1052,9 +1052,6 @@ struct UrlState {
> + char *rangeline;
> + char *ref;
> + char *host;
> +-#ifndef CURL_DISABLE_COOKIES
> +- char *cookiehost;
> +-#endif
> + #ifndef CURL_DISABLE_RTSP
> + char *rtsp_transport;
> + #endif
> +diff --git a/tests/data/Makefile.am b/tests/data/Makefile.am
> +index 53abf60901..da0f8f55d4 100644
> +--- a/tests/data/Makefile.am
> ++++ b/tests/data/Makefile.am
> +@@ -264,7 +264,7 @@ test2309 \
> + \
> + test2400 test2401 test2402 test2403 test2404 test2405 test2406 test2407 \
> + \
> +-test2500 test2501 test2502 test2503 \
> ++test2500 test2501 test2502 test2503 test2504 \
> + \
> + test2600 test2601 test2602 test2603 test2604 test2605 \
> + \
> +diff --git a/tests/data/test2504 b/tests/data/test2504
> +new file mode 100644
> +index 0000000000..8cec1c8210
> +--- /dev/null
> ++++ b/tests/data/test2504
> +@@ -0,0 +1,52 @@
> ++<?xml version="1.0" encoding="US-ASCII"?>
> ++<testcase>
> ++<info>
> ++<keywords>
> ++HTTP
> ++cookies
> ++</keywords>
> ++</info>
> ++
> ++# Server-side
> ++<reply>
> ++<data crlf="headers" nocheck="yes">
> ++HTTP/1.1 200 OK
> ++Date: Tue, 09 Nov 2010 14:49:00 GMT
> ++Server: server.example.com
> ++Content-Length: 47
> ++Set-Cookie: sid=SECRET123; Path=/
> ++
> ++file contents should appear once for each file
> ++</data>
> ++</reply>
> ++
> ++# Client-side
> ++<client>
> ++<server>
> ++http
> ++</server>
> ++<tool>
> ++lib%TESTNUMBER
> ++</tool>
> ++<name>
> ++custom Host with cookie, handle reuse, no custom Host:
> ++</name>
> ++<command>
> ++http://%HOSTIP:%HTTPPORT
> ++</command>
> ++</client>
> ++
> ++# Verify data after the test has been "shot"
> ++<verify>
> ++<protocol crlf="headers">
> ++GET / HTTP/1.1
> ++Host: victim.internal
> ++Accept: */*
> ++
> ++GET / HTTP/1.1
> ++Host: %HOSTIP:%HTTPPORT
> ++Accept: */*
> ++
> ++</protocol>
> ++</verify>
> ++</testcase>
> +diff --git a/tests/libtest/Makefile.inc b/tests/libtest/Makefile.inc
> +index e3202804a9..2319bafe72 100644
> +--- a/tests/libtest/Makefile.inc
> ++++ b/tests/libtest/Makefile.inc
> +@@ -113,7 +113,7 @@ TESTS_C = \
> + lib2023.c lib2032.c lib2082.c \
> + lib2301.c lib2302.c lib2304.c lib2306.c lib2308.c lib2309.c \
> + lib2402.c lib2404.c lib2405.c \
> +- lib2502.c \
> ++ lib2502.c lib2504.c \
> + lib2700.c \
> + lib3010.c lib3025.c lib3026.c lib3027.c lib3033.c lib3034.c \
> + lib3100.c lib3101.c lib3102.c lib3103.c lib3104.c lib3105.c \
> +diff --git a/tests/libtest/lib2504.c b/tests/libtest/lib2504.c
> +new file mode 100644
> +index 0000000000..72b965d6e6
> +--- /dev/null
> ++++ b/tests/libtest/lib2504.c
> +@@ -0,0 +1,93 @@
> ++/***************************************************************************
> ++ * _ _ ____ _
> ++ * Project ___| | | | _ \| |
> ++ * / __| | | | |_) | |
> ++ * | (__| |_| | _ <| |___
> ++ * \___|\___/|_| \_\_____|
> ++ *
> ++ * Copyright (C) Linus Nielsen Feltzing <linus@haxx.se>
> ++ *
> ++ * This software is licensed as described in the file COPYING, which
> ++ * you should have received as part of this distribution. The terms
> ++ * are also available at https://curl.se/docs/copyright.html.
> ++ *
> ++ * You may opt to use, copy, modify, merge, publish, distribute and/or sell
> ++ * copies of the Software, and permit persons to whom the Software is
> ++ * furnished to do so, under the terms of the COPYING file.
> ++ *
> ++ * This software is distributed on an "AS IS" basis, WITHOUT WARRANTY OF ANY
> ++ * KIND, either express or implied.
> ++ *
> ++ * SPDX-License-Identifier: curl
> ++ *
> ++ ***************************************************************************/
> ++#include "first.h"
> ++
> ++#include "testtrace.h"
> ++
> ++static size_t sink2504(char *ptr, size_t size, size_t nmemb, void *ud)
> ++{
> ++ (void)ptr;
> ++ (void)ud;
> ++ return size * nmemb;
> ++}
> ++
> ++static void dump_cookies2504(CURL *h, const char *tag)
> ++{
> ++ struct curl_slist *cookies = NULL;
> ++ struct curl_slist *nc;
> ++ CURLcode rc = curl_easy_getinfo(h, CURLINFO_COOKIELIST, &cookies);
> ++
> ++ curl_mprintf("== %s ==\n", tag);
> ++ if(rc) {
> ++ curl_mprintf("getinfo error: %d\n", (int)rc);
> ++ return;
> ++ }
> ++ for(nc = cookies; nc; nc = nc->next)
> ++ puts(nc->data);
> ++ curl_slist_free_all(cookies);
> ++}
> ++
> ++static CURLcode test_lib2504(const char *URL)
> ++{
> ++ CURL *curl;
> ++ CURLcode result = CURLE_OUT_OF_MEMORY;
> ++ struct curl_slist *hdrs = NULL;
> ++
> ++ if(curl_global_init(CURL_GLOBAL_ALL) != CURLE_OK) {
> ++ curl_mfprintf(stderr, "curl_global_init() failed\n");
> ++ return TEST_ERR_MAJOR_BAD;
> ++ }
> ++
> ++ curl = curl_easy_init();
> ++ if(!curl) {
> ++ curl_mfprintf(stderr, "curl_easy_init() failed\n");
> ++ curl_global_cleanup();
> ++ return TEST_ERR_MAJOR_BAD;
> ++ }
> ++
> ++ hdrs = curl_slist_append(hdrs, "Host: victim.internal");
> ++ if(hdrs) {
> ++ test_setopt(curl, CURLOPT_WRITEFUNCTION, sink2504);
> ++ test_setopt(curl, CURLOPT_COOKIEFILE, "");
> ++ test_setopt(curl, CURLOPT_HTTPHEADER, hdrs);
> ++ test_setopt(curl, CURLOPT_URL, URL);
> ++
> ++ result = curl_easy_perform(curl);
> ++ curl_mprintf("req1=%d\n", (int)result);
> ++ dump_cookies2504(curl, "after request 1");
> ++
> ++ test_setopt(curl, CURLOPT_HTTPHEADER, NULL);
> ++ test_setopt(curl, CURLOPT_URL, URL);
> ++
> ++ result = curl_easy_perform(curl);
> ++ curl_mprintf("req2=%d\n", (int)result);
> ++ dump_cookies2504(curl, "after request 2");
> ++ }
> ++test_cleanup:
> ++ curl_slist_free_all(hdrs);
> ++ curl_easy_cleanup(curl);
> ++ curl_global_cleanup();
> ++
> ++ return result;
> ++}
> diff --git a/meta/recipes-support/curl/curl_8.19.0.bb b/meta/recipes-support/curl/curl_8.19.0.bb
> index b9251336b8..9bbbb5e36f 100644
> --- a/meta/recipes-support/curl/curl_8.19.0.bb
> +++ b/meta/recipes-support/curl/curl_8.19.0.bb
> @@ -161,6 +161,7 @@ RDEPENDS:${PN}-ptest += " \
> perl-module-memoize \
> perl-module-storable \
> perl-module-time-hires \
> + file://CVE-2026-6276.patch \
This should be in SRC_URI, not in RDEPENDS. Did you try to build this
patch?
Regards,
> "
>
> PACKAGES =+ "lib${BPN}"
--
Yoann Congal
Smile ECS
^ permalink raw reply
* Re: [OE-core] [PATCH v2] zstd: add ptest support
From: Ross Burton @ 2026-06-08 14:05 UTC (permalink / raw)
To: pratik.farkase@est.tech
Cc: openembedded-core@lists.openembedded.org,
pratik.farkase@ericsson.com
In-Reply-To: <20260519090816.17783-1-pratik.farkase@est.tech>
On 19 May 2026, at 10:08, Pratik Farkase via lists.openembedded.org <pratik.farkase=est.tech@lists.openembedded.org> wrote:
>
> Add comprehensive ptest support for zstd running the full upstream test
> suite covering compression correctness, streaming, dictionaries, CLI
> behavior, and fuzz testing.
>
> Tests included:
> - fullbench: validates all internal compression/decompression functions
> - poolTests: thread pool ordering and synchronization
> - invalidDictionaries: dictionary error handling
> - legacy: legacy format (v0.4+) compatibility
> - fuzzer: randomized compression/decompression (200s, ~700+ rounds)
> - zstreamtest: streaming API fuzzer (90s, ~250+ rounds)
> - decodecorpus: random frame generation and decode (30s, ~450+ rounds)
> - playTests.sh: comprehensive CLI validation including compression,
> decompression, multithreading, dictionaries, sparse files, frame
> concatenation, long distance matching, benchmarks, and round-trips
> - cli-tests: 36 Python-based CLI integration tests covering
> compression, decompression, progress, file-stat, dictionaries,
> symlinks, and file handling
The primary goal of the ptests is integration testing so if we’re having to manually install and run the tests then it’s entirely reasonable if not desirable to pick a subset of the tests.
In this case, we don’t need to run the fuzzer tests and so on. I’d suggest maybe just fullbench and cli-tests would be sufficient here, less to install and faster execution.
Ross
^ permalink raw reply
* RE: [OE-core] [PATCH 2/2] rootfs,spdx: handle removed packages
From: Marko, Peter @ 2026-06-08 13:56 UTC (permalink / raw)
To: Joshua Watt; +Cc: openembedded-core@lists.openembedded.org
In-Reply-To: <CAJdd5Gb_oFCfDcn_wQHk6XnJtG3+zMmKruOyqPrpVgYUi0T9AQ@mail.gmail.com>
> -----Original Message-----
> From: Joshua Watt <jpewhacker@gmail.com>
> Sent: Friday, June 5, 2026 4:16 PM
> To: Marko, Peter (FT D EU SK BFS1) <Peter.Marko@siemens.com>
> Cc: openembedded-core@lists.openembedded.org
> Subject: Re: [OE-core] [PATCH 2/2] rootfs,spdx: handle removed packages
>
> On Fri, Jun 5, 2026 at 6:05 AM Peter Marko via lists.openembedded.org
> <peter.marko=siemens.com@lists.openembedded.org> wrote:
> >
> > From: Peter Marko <peter.marko@siemens.com>
> >
> > SPDX should not list packages which were removed from rootfs as installed.
> >
> > The list of installed packages does not contain them directly, but as
> > dependencies of other installed packages.
> >
> > Siwtch them to "other" to keep them in SPDX as part of the build and
> > installation process.
>
> I agree the packages should be removed from the rootfs, but using the
> method described.
>
> Instead, the list of removed packages should be passed to
> collect_build_package_inputs(), and anything removed should skip
> having it's files added to files_by_hash (but, should still be added
> to build_deps, since it is a build dependency).
I have tried several approaches here but all without success until now..
The problem is that these removed packages are "rdepends" and not "depends".
Thus in collect_build_package_inputs they are not present yet.
And even if they would be, the rdepends would anyway add it back later.
SPDX entries for rdepend clauses are added in expand_collection function.
I obviously cannot remove the rdepends clause when the recipe sbom is created.
The best approach probably is to remove the rdepends when iterating over sbomx in expand_collection.
Would you agree when I try to send a patch in that direction?
Or do you have any other suggestion?
>
> This will prevent that rootfs package from "containing" the files for
> removed packages, and break the linkage between the rootfs and the
> removed packages.
>
> I'm not exactly sure the reasoning behind changing the type the
> "other", but we should not be doing that.
Well, "other" because there was no good value for that available in enum (installation helper).
>
> >
> > Signed-off-by: Peter Marko <peter.marko@siemens.com>
> > ---
> > meta/classes-recipe/create-spdx-image-3.0.bbclass | 7 +++++++
> > meta/lib/oe/rootfs.py | 6 ++++++
> > meta/lib/oe/sbom30.py | 8 +++++++-
> > meta/lib/oe/spdx30_tasks.py | 14 +++++++++++++-
> > 4 files changed, 33 insertions(+), 2 deletions(-)
> >
> > diff --git a/meta/classes-recipe/create-spdx-image-3.0.bbclass b/meta/classes-
> recipe/create-spdx-image-3.0.bbclass
> > index 15a91e90e2..dfbd2961b3 100644
> > --- a/meta/classes-recipe/create-spdx-image-3.0.bbclass
> > +++ b/meta/classes-recipe/create-spdx-image-3.0.bbclass
> > @@ -6,6 +6,7 @@
> > # SPDX image tasks
> >
> > SPDX_ROOTFS_PACKAGES = "${SPDXDIR}/rootfs-packages.json"
> > +SPDX_ROOTFS_REMOVED_PACKAGES = "${SPDXDIR}/rootfs-removed-
> packages.json"
> > SPDXIMAGEDEPLOYDIR = "${SPDXDIR}/image-deploy"
> > SPDXROOTFSDEPLOY = "${SPDXDIR}/rootfs-deploy"
> >
> > @@ -15,14 +16,20 @@ python spdx_collect_rootfs_packages() {
> > from oe.rootfs import image_list_installed_packages
> >
> > root_packages_file = Path(d.getVar("SPDX_ROOTFS_PACKAGES"))
> > + root_removed_packages_file =
> Path(d.getVar("SPDX_ROOTFS_REMOVED_PACKAGES"))
> >
> > packages = image_list_installed_packages(d)
> > if not packages:
> > packages = {}
> >
> > + removed_packages = (d.getVar("ROOTFS_REMOVED_PACKAGES") or
> "").split()
> > +
> > root_packages_file.parent.mkdir(parents=True, exist_ok=True)
> > with root_packages_file.open("w") as f:
> > json.dump(packages, f)
> > +
> > + with root_removed_packages_file.open("w") as f:
> > + json.dump(removed_packages, f)
> > }
> > ROOTFS_POSTUNINSTALL_COMMAND =+ "spdx_collect_rootfs_packages"
> >
> > diff --git a/meta/lib/oe/rootfs.py b/meta/lib/oe/rootfs.py
> > index 5eee48f587..b8830596ed 100644
> > --- a/meta/lib/oe/rootfs.py
> > +++ b/meta/lib/oe/rootfs.py
> > @@ -261,10 +261,13 @@ class Rootfs(object, metaclass=ABCMeta):
> >
> >
> > def _uninstall_unneeded(self):
> > + removed_pkgs = set()
> > +
> > # Remove the run-postinsts package if no delayed postinsts are found
> > delayed_postinsts = self._get_delayed_postinsts()
> > if delayed_postinsts is None:
> > if
> os.path.exists(self.d.expand("${IMAGE_ROOTFS}${sysconfdir}/init.d/run-postinsts"))
> or os.path.exists(self.d.expand("${IMAGE_ROOTFS}${systemd_system_unitdir}/run-
> postinsts.service")):
> > + removed_pkgs.add("run-postinsts")
> > self.pm.remove(["run-postinsts"])
> >
> > image_rorfs = bb.utils.contains("IMAGE_FEATURES", "read-only-rootfs",
> > @@ -285,6 +288,7 @@ class Rootfs(object, metaclass=ABCMeta):
> > # to be uninstalled or to be managed correctly otherwise.
> > provider = self.d.getVar("VIRTUAL-RUNTIME_update-alternatives")
> > pkgs_to_remove = sorted([pkg for pkg in pkgs_installed if pkg in
> unneeded_pkgs], key=lambda x: x == provider)
> > + removed_pkgs.update(pkgs_to_remove)
> >
> > # update-alternatives provider is removed in its own remove()
> > # call because all package managers do not guarantee the packages
> > @@ -296,6 +300,8 @@ class Rootfs(object, metaclass=ABCMeta):
> > if len(pkgs_to_remove) > 0:
> > self.pm.remove([pkgs_to_remove[-1]], False)
> >
> > + self.d.setVar("ROOTFS_REMOVED_PACKAGES", "
> ".join(sorted(removed_pkgs)))
> > +
> > if delayed_postinsts:
> > self._save_postinsts()
> > if image_rorfs:
> > diff --git a/meta/lib/oe/sbom30.py b/meta/lib/oe/sbom30.py
> > index b379ff947c..4fa32266fa 100644
> > --- a/meta/lib/oe/sbom30.py
> > +++ b/meta/lib/oe/sbom30.py
> > @@ -1122,7 +1122,7 @@ def find_by_spdxid(d, spdxid, *, required=False):
> > return find_jsonld(d, *jsonld_hash_path(hash_id(spdxid)), required=required)
> >
> >
> > -def create_sbom(d, name, root_elements, add_objectsets=[]):
> > +def create_sbom(d, name, root_elements, add_objectsets=[],
> removed_packages=[]):
> > objset = ObjectSet.new_objset(d, name)
> >
> > sbom = objset.add(
> > @@ -1142,6 +1142,12 @@ def create_sbom(d, name, root_elements,
> add_objectsets=[]):
> > + "\n ".join(sorted(list(missing_spdxids)))
> > )
> >
> > + if removed_packages:
> > + for pkg in objset.foreach_type(oe.spdx30.software_Package):
> > + if pkg.name in removed_packages and pkg.software_primaryPurpose ==
> oe.spdx30.software_SoftwarePurpose.install:
> > + pkg.software_primaryPurpose =
> oe.spdx30.software_SoftwarePurpose.other
> > + bb.note("Reclassified removed package %s SPDX entry from install to
> other" % pkg.name)
> > +
> > # Filter out internal extensions from final SBoMs
> > objset.remove_internal_extensions()
> >
> > diff --git a/meta/lib/oe/spdx30_tasks.py b/meta/lib/oe/spdx30_tasks.py
> > index 7cc46d579b..18c68f47de 100644
> > --- a/meta/lib/oe/spdx30_tasks.py
> > +++ b/meta/lib/oe/spdx30_tasks.py
> > @@ -1532,6 +1532,7 @@ def create_image_sbom_spdx(d):
> > image_link_name = d.getVar("IMAGE_LINK_NAME")
> > imgdeploydir = Path(d.getVar("SPDXIMAGEDEPLOYDIR"))
> > machine = d.getVar("MACHINE")
> > + root_removed_packages_file =
> Path(d.getVar("SPDX_ROOTFS_REMOVED_PACKAGES"))
> >
> > spdx_path = imgdeploydir / (image_name + ".spdx.json")
> >
> > @@ -1553,7 +1554,18 @@ def create_image_sbom_spdx(d):
> > for o in image_objset.foreach_root(oe.spdx30.software_File):
> > root_elements.append(oe.sbom30.get_element_link_id(o))
> >
> > - objset, sbom = oe.sbom30.create_sbom(d, image_name, root_elements)
> > + try:
> > + with root_removed_packages_file.open("r") as f:
> > + removed_packages = json.load(f)
> > + except FileNotFoundError:
> > + removed_packages = []
> > +
> > + objset, sbom = oe.sbom30.create_sbom(
> > + d,
> > + image_name,
> > + root_elements,
> > + removed_packages=removed_packages,
> > + )
> >
> > # Set supplier on root elements if SPDX_IMAGE_SUPPLIER is defined
> > supplier = objset.new_agent("SPDX_IMAGE_SUPPLIER", add=False)
> >
> > -=-=-=-=-=-=-=-=-=-=-=-
> > Links: You receive all messages sent to this group.
> > View/Reply Online (#238166): https://lists.openembedded.org/g/openembedded-
> core/message/238166
> > Mute This Topic: https://lists.openembedded.org/mt/119660891/3616693
> > Group Owner: openembedded-core+owner@lists.openembedded.org
> > Unsubscribe: https://lists.openembedded.org/g/openembedded-core/unsub
> [JPEWhacker@gmail.com]
> > -=-=-=-=-=-=-=-=-=-=-=-
> >
^ permalink raw reply
* Re: [OE-core] [wrynose][PATCH] perl: patch CVE-2026-8376
From: Jérémy Rosen @ 2026-06-08 13:46 UTC (permalink / raw)
To: tgaige.opensource, openembedded-core; +Cc: hsimeliere.opensource
In-Reply-To: <20260528120100.1801387-1-tgaige.opensource@witekio.com>
Hello Theo
from what I see, this CVE also affects master (same version of Perl as
in wrynose)
I couldn't find a similar patch for master. Please submit one before we
can backport on stable branches
Regards
Jérémy
On Thu May 28, 2026 at 2:01 PM CEST, Theo Gaige via lists.openembedded.org wrote:
> From: "Theo Gaige (Schneider Electric)" <tgaige.opensource@witekio.com>
>
> Backport patches from [1]
>
> [1] https://github.com/Perl/perl5/pull/24433
>
> Signed-off-by: Theo Gaige (Schneider Electric) <tgaige.opensource@witekio.com>
> ---
> .../perl/files/CVE-2026-8376-01.patch | 62 +++++++++++++++++++
> .../perl/files/CVE-2026-8376-02.patch | 49 +++++++++++++++
> meta/recipes-devtools/perl/perl_5.42.0.bb | 2 +
> 3 files changed, 113 insertions(+)
> create mode 100644 meta/recipes-devtools/perl/files/CVE-2026-8376-01.patch
> create mode 100644 meta/recipes-devtools/perl/files/CVE-2026-8376-02.patch
>
> diff --git a/meta/recipes-devtools/perl/files/CVE-2026-8376-01.patch b/meta/recipes-devtools/perl/files/CVE-2026-8376-01.patch
> new file mode 100644
> index 0000000000..2b5d27147a
> --- /dev/null
> +++ b/meta/recipes-devtools/perl/files/CVE-2026-8376-01.patch
> @@ -0,0 +1,62 @@
> +From 6ad242ce86b16b74437e6815d507bc003e77a948 Mon Sep 17 00:00:00 2001
> +From: Tony Cook <tony@develop-help.com>
> +Date: Tue, 12 May 2026 14:47:31 +1000
> +Subject: [PATCH 1/2] perl/perl-security#147: test cases
> +
> +The suggested case from the ticket and an alternative.
> +
> +(cherry picked from commit e842efdafe7c51a687a4907e4887988fe6a025ef)
> +
> +CVE: CVE-2026-8376
> +Upstream-Status: Backport [https://github.com/Perl/perl5/commit/e842efdafe7c51a687a4907e4887988fe6a025ef]
> +Signed-off-by: Theo Gaige (Schneider Electric) <tgaige.opensource@witekio.com>
> +---
> + t/re/pat_psycho.t | 18 ++++++++++++++++--
> + 1 file changed, 16 insertions(+), 2 deletions(-)
> +
> +diff --git a/t/re/pat_psycho.t b/t/re/pat_psycho.t
> +index 336039521d..73a7992372 100644
> +--- a/t/re/pat_psycho.t
> ++++ b/t/re/pat_psycho.t
> +@@ -10,7 +10,7 @@
> + use strict;
> + use warnings;
> + use 5.010;
> +-
> ++use Config;
> +
> + sub run_tests;
> +
> +@@ -31,7 +31,7 @@ BEGIN {
> +
> + skip_all('$PERL_SKIP_PSYCHO_TEST set') if $ENV{PERL_SKIP_PSYCHO_TEST};
> +
> +-plan tests => 15; # Update this when adding/deleting tests.
> ++plan tests => 17; # Update this when adding/deleting tests.
> +
> + run_tests() unless caller;
> +
> +@@ -211,6 +211,20 @@ EOF
> +
> +
> + }
> ++
> ++ SKIP:
> ++ { # sec #147
> ++ $Config{ptrsize} == 4
> ++ or skip "these only fail on x32 and use too much memory on x64", 2;
> ++ local $::TODO = "This crashes";
> ++ # original case
> ++ fresh_perl_like('/\x{10000}{1073741824}/',
> ++ qr/Regexp out of space/, {}, "ssize_t overflow");
> ++
> ++ # synthesized but similar case
> ++ fresh_perl_like('/(?:\x{10001}\x{10000}){536870912}/',
> ++ qr/Regexp out of space/, {}, "ssize_t overflow again");
> ++ }
> + } # End of sub run_tests
> +
> + 1;
> +--
> +2.43.0
> +
> diff --git a/meta/recipes-devtools/perl/files/CVE-2026-8376-02.patch b/meta/recipes-devtools/perl/files/CVE-2026-8376-02.patch
> new file mode 100644
> index 0000000000..a1fef66119
> --- /dev/null
> +++ b/meta/recipes-devtools/perl/files/CVE-2026-8376-02.patch
> @@ -0,0 +1,49 @@
> +From 0fc9c70ccc0fea260326e08baa60d92797f8a79b Mon Sep 17 00:00:00 2001
> +From: Tony Cook <tony@develop-help.com>
> +Date: Tue, 12 May 2026 14:51:00 +1000
> +Subject: [PATCH 2/2] perl/perl-security#147: test against the actual character
> + lengths
> +
> +(cherry picked from commit 5e7f119eb2bb1181be908701f22bf7068e722f1c)
> +
> +CVE: CVE-2026-8376
> +Upstream-Status: Backport [https://github.com/Perl/perl5/commit/5e7f119eb2bb1181be908701f22bf7068e722f1c]
> +Signed-off-by: Theo Gaige (Schneider Electric) <tgaige.opensource@witekio.com>
> +---
> + regcomp_study.c | 7 +++++++
> + t/re/pat_psycho.t | 1 -
> + 2 files changed, 7 insertions(+), 1 deletion(-)
> +
> +diff --git a/regcomp_study.c b/regcomp_study.c
> +index 9106452dd5..05f1b017b1 100644
> +--- a/regcomp_study.c
> ++++ b/regcomp_study.c
> +@@ -2770,6 +2770,13 @@ Perl_study_chunk(pTHX_
> + (U8 *) SvEND(data->last_found))
> + - (U8*)s;
> + l -= old;
> ++
> ++ if (l > 0 &&
> ++ (mincount >= SSize_t_MAX / (SSize_t)l
> ++ || old > SSize_t_MAX - mincount * (SSize_t)l)) {
> ++ FAIL("Regexp out of space");
> ++ }
> ++
> + /* Get the added string: */
> + last_str = newSVpvn_utf8(s + old, l, UTF);
> + last_chrs = UTF ? utf8_length((U8*)(s + old),
> +diff --git a/t/re/pat_psycho.t b/t/re/pat_psycho.t
> +index 73a7992372..9fd764fd5e 100644
> +--- a/t/re/pat_psycho.t
> ++++ b/t/re/pat_psycho.t
> +@@ -216,7 +216,6 @@ EOF
> + { # sec #147
> + $Config{ptrsize} == 4
> + or skip "these only fail on x32 and use too much memory on x64", 2;
> +- local $::TODO = "This crashes";
> + # original case
> + fresh_perl_like('/\x{10000}{1073741824}/',
> + qr/Regexp out of space/, {}, "ssize_t overflow");
> +--
> +2.43.0
> +
> diff --git a/meta/recipes-devtools/perl/perl_5.42.0.bb b/meta/recipes-devtools/perl/perl_5.42.0.bb
> index cf28067bab..1833b7a352 100644
> --- a/meta/recipes-devtools/perl/perl_5.42.0.bb
> +++ b/meta/recipes-devtools/perl/perl_5.42.0.bb
> @@ -16,6 +16,8 @@ SRC_URI = "https://www.cpan.org/src/5.0/perl-${PV}.tar.gz;name=perl \
> file://0002-Constant-Fix-up-shebang.patch \
> file://determinism.patch \
> file://0001-cpan-Sys-Syslog-Makefile.PL-Fix-_PATH_LOG-for-determ.patch \
> + file://CVE-2026-8376-01.patch \
> + file://CVE-2026-8376-02.patch \
> "
> SRC_URI:append:class-native = " \
> file://perl-configpm-switch.patch \
^ permalink raw reply
page: next (older)
- recent:[subjects (threaded)|topics (new)|topics (active)]
This is a public inbox, see mirroring instructions
for how to clone and mirror all data and code used for this inbox