Gitiles
Code Review Sign In
gerrit.openbmc.org / mdmillerii / openbmc / 15cf61fd85554e450a47a1c23dcd8f2572afefab / . / poky / documentation / migration-guides / release-notes-4.3.4.rst
blob: 4c9e67f2cbcf295bc1ba9c081e6dc07dd22aa48f [file] [log] [blame]
Patrick Williams44b3caf2024-04-12 16:51:14 -0500[diff] [blame]1.. SPDX-License-Identifier: CC-BY-SA-2.0-UK
2
3Release notes for Yocto-4.3.4 (Nanbield)
4----------------------------------------
5
6Security Fixes in Yocto-4.3.4
7~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
8
9- bind: Fix :cve:`2023-4408`, :cve:`2023-5517`, :cve:`2023-5679` and :cve:`2023-50387`
10- gcc: Update :term:`CVE_STATUS` for :cve:`2023-4039` as fixed
11- glibc: Fix :cve:`2023-6246`, :cve:`2023-6779` and :cve:`2023-6780`
12- gnutls: Fix :cve:`2024-0553` and :cve:`2024-0567`
13- gstreamer: Fix :cve_mitre:`2024-0444`
14- libssh2: fix :cve:`2023-48795`
15- libxml2: Fix :cve:`2024-25062`
16- linux-yocto/6.1: Fix :cve:`2023-6610`, :cve:`2023-6915`, :cve:`2023-46838`, :cve:`2023-50431`, :cve:`2024-1085`, :cve:`2024-1086` and :cve:`2024-23849`
17- linux-yocto/6.1: Ignore :cve:`2021-33630`, :cve:`2021-33631`, :cve:`2022-36402`, :cve:`2023-5717`, :cve:`2023-6200`, :cve:`2023-35827`, :cve:`2023-40791`, :cve:`2023-46343`, :cve:`2023-46813`, :cve:`2023-46862`, :cve:`2023-51042`, :cve:`2023-51043`, :cve_mitre:`2023-52340`, :cve:`2024-0562`, :cve:`2024-0565`, :cve:`2024-0582`, :cve:`2024-0584`, :cve:`2024-0607`, :cve:`2024-0639`, :cve:`2024-0641`, :cve:`2024-0646`, :cve:`2024-0775` and :cve:`2024-22705`
18- openssl: fix :cve:`2024-0727`
19- python3-jinja2: Fix :cve:`2024-22195`
20- tiff: Fix :cve:`2023-6228`, :cve:`2023-52355` and :cve:`2023-52356`
21- vim: Fix :cve:`2024-22667`
22- wpa-supplicant: Fix :cve:`2023-52160`
23- xserver-xorg: Fix :cve:`2023-6377`, :cve:`2023-6478`, :cve:`2023-6816`, :cve:`2024-0229`, :cve:`2024-0408`, :cve:`2024-0409`, :cve:`2024-21885` and :cve:`2024-21886`
24- xwayland: Fix :cve:`2023-6816`, :cve:`2024-0408` and :cve:`2024-0409`
25- zlib: Ignore :cve:`2023-6992`
26
27
28Fixes in Yocto-4.3.4
29~~~~~~~~~~~~~~~~~~~~
30
31- allarch: Fix allarch corner case
32- at-spi2-core: Upgrade to 2.50.1
33- bind: Upgrade to 9.18.24
34- build-appliance-image: Update to nanbield head revision
35- contributor-guide: add notes for tests
36- contributor-guide: be more specific about meta-* trees
37- core-image-ptest: Increase disk size to 1.5G for strace ptest image
38- cpio: Upgrade to 2.15
39- curl: improve run-ptest
40- curl: increase test timeouts
41- cve-check: Log if :term:`CVE_STATUS` set but not reported for component
42- cve-update-nvd2-native: Add an age threshold for incremental update
43- cve-update-nvd2-native: Fix CVE configuration update
44- cve-update-nvd2-native: Fix typo in comment
45- cve-update-nvd2-native: Remove duplicated CVE_CHECK_DB_FILE definition
46- cve-update-nvd2-native: Remove rejected CVE from database
47- cve-update-nvd2-native: nvd_request_next: Improve comment
48- cve_check: cleanup logging
49- cve_check: handle :term:`CVE_STATUS` being set to the empty string
50- dev-manual: Rephrase spdx creation
51- dev-manual: improve descriptions of 'bitbake -S printdiff'
52- dev-manual: packages: clarify shared :term:`PR` service constraint
53- dev-manual: packages: fix capitalization
54- dev-manual: packages: need enough free space
55- docs: add initial stylechecks with Vale
56- docs: correct sdk installation default path
57- docs: document VIRTUAL-RUNTIME variables
58- docs: suppress excess use of "following" word
59- docs: use "manual page(s)"
60- docs: Makefile: remove releases.rst in "make clean"
61- externalsrc: fix task dependency for do_populate_lic
62- glibc: Remove duplicate :term:`CVE_STATUS` for :cve:`2023-4527`
63- glibc: stable 2.38 branch updates (2.38+gitd37c2b20a4)
64- gnutls: Upgrade to 3.8.3
65- gstreamer1.0: skip a test that is known to be flaky
66- gstreamer: Upgrade to 1.22.9
67- gtk: Set :term:`CVE_PRODUCT`
68- kernel.bbclass: Set pkg-config variables for building modules
69- libxml2: Upgrade to 2.11.7
70- linux-firmware: Upgrade to 20240220
71- linux-yocto/6.1: update to v6.1.78
72- mdadm: Disable ptests
73- migration-guides: add release notes for 4.3.3
74- migration-guides: add release notes for 4.0.17
75- migration-guides: fix release notes for 4.3.3 linux-yocto/6.1 CVE entries
76- multilib_global.bbclass: fix parsing error with no kernel module split
77- openssl: fix crash on aarch64 if BTI is enabled but no Crypto instructions
78- openssl: Upgrade to 3.1.5
79- overlayfs: add missing closing parenthesis in selftest
80- poky.conf: bump version for 4.3.4 release
81- profile-manual: usage.rst: fix reference to bug report
82- profile-manual: usage.rst: formatting fixes
83- profile-manual: usage.rst: further style improvements
84- pseudo: Update to pull in gcc14 fix and missing statvfs64 intercept
85- python3-jinja2: Upgrade to 3.1.3
86- ref-manual: release-process: grammar fix
87- ref-manual: system-requirements: update packages to build docs
88- ref-manual: tasks: do_cleanall: recommend using '-f' instead
89- ref-manual: tasks: do_cleansstate: recommend using '-f' instead for a shared sstate
90- ref-manual: variables: adding multiple groups in :term:`GROUPADD_PARAM`
91- ref-manual: variables: add documentation of the variable :term:`SPDX_NAMESPACE_PREFIX`
92- reproducible: Fix race with externalsrc/devtool over lockfile
93- sdk-manual: extensible: correctly describe separate build-sysroots tasks in direct sdk workflows
94- tzdata : Upgrade to 2024a
95- udev-extraconf: fix unmount directories containing octal-escaped chars
96- vim: Upgrade to v9.0.2190
97- wireless-regdb: Upgrade to 2024.01.23
98- xserver-xorg: Upgrade to 21.1.11
99- xwayland: Upgrade to 23.2.4
100- yocto-uninative: Update to 4.4 for glibc 2.39
101
102
103Known Issues in Yocto-4.3.4
104~~~~~~~~~~~~~~~~~~~~~~~~~~~
105
106- N/A
107
108
109Contributors to Yocto-4.3.4
110~~~~~~~~~~~~~~~~~~~~~~~~~~~
111
112- Alex Kiernan
113- Alexander Kanavin
114- Alexander Sverdlin
115- Baruch Siach
116- BELOUARGA Mohamed
117- Benjamin Bara
118- Bruce Ashfield
119- Chen Qi
120- Claus Stovgaard
121- Dhairya Nagodra
122- Geoff Parker
123- Johan Bezem
124- Jonathan GUILLOT
125- Julien Stephan
126- Kai Kang
127- Khem Raj
128- Lee Chee Yang
129- Luca Ceresoli
130- Martin Jansa
131- Michael Halstead
132- Michael Opdenacker
133- Munehisa Kamata
134- Pavel Zhukov
135- Peter Marko
136- Priyal Doshi
137- Richard Purdie
138- Robert Joslyn
139- Ross Burton
140- Simone Weiß
141- Soumya Sambu
142- Steve Sakoman
143- Tim Orling
144- Wang Mingyu
145- Yoann Congal
146- Yogita Urade
147
148
149Repositories / Downloads for Yocto-4.3.4
150~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
151
152poky
153
154- Repository Location: :yocto_git:`/poky`
155- Branch: :yocto_git:`nanbield </poky/log/?h=nanbield>`
156- Tag: :yocto_git:`yocto-4.3.4 </poky/log/?h=yocto-4.3.4>`
157- Git Revision: :yocto_git:`7b8aa378d069ee31373f22caba3bd7fc7863f447 </poky/commit/?id=7b8aa378d069ee31373f22caba3bd7fc7863f447>`
158- Release Artefact: poky-7b8aa378d069ee31373f22caba3bd7fc7863f447
159- sha: 0cb14125f215cc9691cff43982e2c540a5b6018df4ed25c10933135b5bf21d0f
160- Download Locations:
161 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/poky-7b8aa378d069ee31373f22caba3bd7fc7863f447.tar.bz2
162 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/poky-7b8aa378d069ee31373f22caba3bd7fc7863f447.tar.bz2
163
164openembedded-core
165
166- Repository Location: :oe_git:`/openembedded-core`
167- Branch: :oe_git:`nanbield </openembedded-core/log/?h=nanbield>`
168- Tag: :oe_git:`yocto-4.3.4 </openembedded-core/log/?h=yocto-4.3.4>`
169- Git Revision: :oe_git:`d0e68072d138ccc1fb5957fdc46a91871eb6a3e1 </openembedded-core/commit/?id=d0e68072d138ccc1fb5957fdc46a91871eb6a3e1>`
170- Release Artefact: oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1
171- sha: d311fe22ff296c466f9bea1cd26343baee5630bc37f3dda42f2d9d8cc99e3add
172- Download Locations:
173 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1.tar.bz2
174 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/oecore-d0e68072d138ccc1fb5957fdc46a91871eb6a3e1.tar.bz2
175
176meta-mingw
177
178- Repository Location: :yocto_git:`/meta-mingw`
179- Branch: :yocto_git:`nanbield </meta-mingw/log/?h=nanbield>`
180- Tag: :yocto_git:`yocto-4.3.4 </meta-mingw/log/?h=yocto-4.3.4>`
181- Git Revision: :yocto_git:`49617a253e09baabbf0355bc736122e9549c8ab2 </meta-mingw/commit/?id=49617a253e09baabbf0355bc736122e9549c8ab2>`
182- Release Artefact: meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2
183- sha: 2225115b73589cdbf1e491115221035c6a61679a92a93b2a3cf761ff87bf4ecc
184- Download Locations:
185 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2
186 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/meta-mingw-49617a253e09baabbf0355bc736122e9549c8ab2.tar.bz2
187
188bitbake
189
190- Repository Location: :oe_git:`/bitbake`
191- Branch: :oe_git:`2.6 </bitbake/log/?h=2.6>`
192- Tag: :oe_git:`yocto-4.3.4 </bitbake/log/?h=yocto-4.3.4>`
193- Git Revision: :oe_git:`380a9ac97de5774378ded5e37d40b79b96761a0c </bitbake/commit/?id=380a9ac97de5774378ded5e37d40b79b96761a0c>`
194- Release Artefact: bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c
195- sha: 78f579b9d29e72d09b6fb10ac62aa925104335e92d2afb3155bc9ab1994e36c1
196- Download Locations:
197 http://downloads.yoctoproject.org/releases/yocto/yocto-4.3.4/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2
198 http://mirrors.kernel.org/yocto/yocto/yocto-4.3.4/bitbake-380a9ac97de5774378ded5e37d40b79b96761a0c.tar.bz2
199
200yocto-docs
201
202- Repository Location: :yocto_git:`/yocto-docs`
203- Branch: :yocto_git:`nanbield </yocto-docs/log/?h=nanbield>`
204- Tag: :yocto_git:`yocto-4.3.4 </yocto-docs/log/?h=yocto-4.3.4>`
205- Git Revision: :yocto_git:`05d08b0bbaef760157c8d35a78d7405bc5ffce55 </yocto-docs/commit/?id=05d08b0bbaef760157c8d35a78d7405bc5ffce55>`
206