blob: cb10068b8df7acfb76fc7eec00b6756f981b221c [file] [log] [blame]
Patrick Williamsdb4c27e2022-08-05 08:10:29 -05001Release notes for Yocto-4.0.2 (Kirkstone)
2-----------------------------------------
3
4Security Fixes in Yocto-4.0.2
5~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
6
7- libxslt: Mark :cve:`2022-29824` as not applying
8- tiff: Add jbig PACKAGECONFIG and clarify IGNORE :cve:`2022-1210`
9- tiff: mark :cve:`2022-1622` and :cve:`2022-1623` as invalid
10- pcre2:fix :cve:`2022-1586` Out-of-bounds read
11- curl: fix :cve:`2022-22576`, :cve:`2022-27775`, :cve:`2022-27776`, :cve:`2022-27774`, :cve:`2022-30115`, :cve:`2022-27780`, :cve:`2022-27781`, :cve:`2022-27779` and :cve:`2022-27782`
12- qemu: fix :cve:`2021-4206` and :cve:`2021-4207`
13- freetype: fix :cve:`2022-27404`, :cve:`2022-27405` and :cve:`2022-27406`
14
15Fixes in Yocto-4.0.2
16~~~~~~~~~~~~~~~~~~~~
17
18- alsa-plugins: fix libavtp vs. avtp packageconfig
19- archiver: don't use machine variables in shared recipes
20- archiver: use bb.note instead of echo
21- baremetal-image: fix broken symlink in do_rootfs
22- base-passwd: Disable shell for default users
23- bash: submit patch upstream
24- bind: upgrade 9.18.1 -> 9.18.2
25- binutils: Bump to latest 2.38 release branch
26- bitbake.conf: Make TCLIBC and TCMODE lazy assigned
27- bitbake: build: Add clean_stamp API function to allow removal of task stamps
28- bitbake: data: Do not depend on vardepvalueexclude flag
29- bitbake: fetch2/osc: Small fixes for osc fetcher
30- bitbake: server/process: Fix logging issues where only the first message was displayed
31- build-appliance-image: Update to kirkstone head revision
32- buildhistory.bbclass: fix shell syntax when using dash
33- cairo: Add missing GPLv3 license checksum entry
34- classes: rootfs-postcommands: add skip option to overlayfs_qa_check
35- cronie: upgrade 1.6.0 -> 1.6.1
36- cups: upgrade 2.4.1 -> 2.4.2
37- cve-check.bbclass: Added do_populate_sdk[recrdeptask].
38- cve-check: Add helper for symlink handling
39- cve-check: Allow warnings to be disabled
40- cve-check: Fix report generation
41- cve-check: Only include installed packages for rootfs manifest
42- cve-check: add support for Ignored CVEs
43- cve-check: fix return type in check_cves
44- cve-check: move update_symlinks to a library
45- cve-check: write empty fragment files in the text mode
46- cve-extra-exclusions: Add kernel CVEs
47- cve-update-db-native: make it possible to disable database updates
48- devtool: Fix _copy_file() TypeError
49- e2fsprogs: add alternatives handling of lsattr as well
50- e2fsprogs: update upstream status
51- efivar: add musl libc compatibility
52- epiphany: upgrade 42.0 -> 42.2
53- ffmpeg: upgrade 5.0 -> 5.0.1
54- fribidi: upgrade 1.0.11 -> 1.0.12
55- gcc-cross-canadian: Add nativesdk-zstd dependency
56- gcc-source: Fix incorrect task dependencies from ${B}
57- gcc: Upgrade to 11.3 release
58- gcc: depend on zstd-native
59- git: fix override syntax in RDEPENDS
60- glib-2.0: upgrade 2.72.1 -> 2.72.2
61- glibc: Drop make-native dependency
62- go: upgrade 1.17.8 -> 1.17.10
63- gst-devtools: upgrade 1.20.1 -> 1.20.2
64- gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2
65- gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2
66- gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2
67- gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2
68- gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2
69- gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2
70- gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2
71- gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2
72- gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2
73- gstreamer1.0: upgrade 1.20.1 -> 1.20.2
74- gtk+3: upgrade 3.24.33 -> 3.24.34
75- gtk-doc: Fix potential shebang overflow on gtkdoc-mkhtml2
76- image.bbclass: allow overriding dependency on virtual/kernel:do_deploy
77- insane.bbclass: make sure to close .patch files
78- iso-codes: upgrade 4.9.0 -> 4.10.0
79- kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task
80- libcgroup: upgrade 2.0.1 -> 2.0.2
81- liberror-perl: Update sstate/equiv versions to clean cache
82- libinput: upgrade 1.19.3 -> 1.19.4
83- libpcre2: upgrade 10.39 -> 10.40
84- librepo: upgrade 1.14.2 -> 1.14.3
85- libseccomp: Add missing files for ptests
86- libseccomp: Correct LIC_FILES_CHKSUM
87- libxkbcommon: upgrade 1.4.0 -> 1.4.1
88- libxml2: Upgrade 2.9.13 -> 2.9.14
89- license.bbclass: Bound beginline and endline in copy_license_files()
90- license_image.bbclass: Make QA errors fail the build
91- linux-firmware: add support for building snapshots
92- linux-firmware: package new Qualcomm firmware
93- linux-firmware: replace mkdir by install
94- linux-firmware: split ath3k firmware
95- linux-firmware: upgrade to 20220610
96- linux-yocto/5.10: update to v5.10.119
97- linux-yocto/5.15: Enable MDIO bus config
98- linux-yocto/5.15: bpf: explicitly disable unpriv eBPF by default
99- linux-yocto/5.15: cfg/xen: Move x86 configs to separate file
100- linux-yocto/5.15: update to v5.15.44
101- local.conf.sample: Update sstate url to new 'all' path
102- logrotate: upgrade 3.19.0 -> 3.20.1
103- lttng-modules: Fix build failure for 5.10.119+ and 5.15.44+ kernel
104- lttng-modules: fix build against 5.18-rc7+
105- lttng-modules: fix shell syntax
106- lttng-ust: upgrade 2.13.2 -> 2.13.3
107- lzo: Add further info to a patch and mark as Inactive-Upstream
108- makedevs: Don't use COPYING.patch just to add license file into ${S}
109- manuals: switch to the sstate mirror shared between all versions
110- mesa.inc: package 00-radv-defaults.conf
111- mesa: backport a patch to support compositors without zwp_linux_dmabuf_v1 again
112- mesa: upgrade to 22.0.3
113- meson.bbclass: add cython binary to cross/native toolchain config
114- mmc-utils: upgrade to latest revision
115- mobile-broadband-provider-info: upgrade 20220315 -> 20220511
116- ncurses: update to patchlevel 20220423
117- oeqa/selftest/cve_check: add tests for Ignored and partial reports
118- oeqa/selftest/cve_check: add tests for recipe and image reports
119- oescripts: change compare logic in OEListPackageconfigTests
120- openssl: Backport fix for ptest cert expiry
121- overlayfs: add docs about skipping QA check & service dependencies
122- ovmf: Fix native build with gcc-12
123- patch.py: make sure that patches/series file exists before quilt pop
124- pciutils: avoid lspci conflict with busybox
125- perl: Add dependency on make-native to avoid race issues
126- perl: Fix build with gcc-12
127- poky.conf: bump version for 4.0.2
128- popt: fix override syntax in RDEPENDS
129- pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE
130- python3: Ensure stale empty python module directories don't break the build
131- python3: Remove problematic paths from sysroot files
132- python3: fix reproducibility issue with python3-core
133- python3: use built-in distutils for ptest, rather than setuptools' 'fork'
134- python: Avoid shebang overflow on python-config.py
135- rootfs-postcommands.bbclass: correct comments
136- rootfs.py: close kernel_abi_ver_file
137- rootfs.py: find .ko.zst kernel modules
138- rust-common: Drop LLVM_TARGET and simplify
139- rust-common: Ensure sstate signatures have correct dependencues for do_rust_gen_targets
140- rust-common: Fix for target definitions returning 'NoneType' for arm
141- rust-common: Fix native signature dependency issues
142- rust-common: Fix sstate signatures between arm hf and non-hf
143- sanity: Don't warn about make 4.2.1 for mint
144- sanity: Switch to make 4.0 as a minimum version
145- sed: Specify shell for "nobody" user in run-ptest
146- selftest/imagefeatures/overlayfs: Always append to DISTRO_FEATURES
147- selftest/multiconfig: Test that multiconfigs in separate layers works
148- sqlite3: upgrade to 3.38.5
149- staging.bbclass: process direct dependencies in deterministic order
150- staging: Fix rare sysroot corruption issue
151- strace: Don't run ptest as "nobody"
152- systemd: Correct 0001-pass-correct-parameters-to-getdents64.patch
153- systemd: Correct path returned in sd_path_lookup()
154- systemd: Document future actions needed for set of musl patches
155- systemd: Drop 0001-test-parse-argument-Include-signal.h.patch
156- systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch
157- systemd: Drop 0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch
158- systemd: Drop redundant musl patches
159- systemd: Fix build regression with latest update
160- systemd: Remove __compare_fn_t type in musl-specific patch
161- systemd: Update patch status
162- systemd: systemd-systemctl: Support instance conf files during enable
163- systemd: update ``0008-add-missing-FTW_-macros-for-musl.patch``
164- systemd: upgrade 250.4 -> 250.5
165- uboot-sign: Fix potential index error issues
166- valgrind: submit arm patches upstream
167- vim: Upgrade to 8.2.5083
168- webkitgtk: upgrade to 2.36.3
169- wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions
170- xwayland: upgrade 22.1.0 -> 22.1.1
171- xxhash: fix build with gcc 12
172- zip/unzip: mark all submittable patches as Inactive-Upstream
173
174Known Issues in Yocto-4.0.2
175~~~~~~~~~~~~~~~~~~~~~~~~~~~
176
177- There were build failures at the autobuilder due to a known scp issue on Fedora-36 hosts.
178
179Contributors to Yocto-4.0.2
180~~~~~~~~~~~~~~~~~~~~~~~~~~~
181
182- Alex Kiernan
183- Alexander Kanavin
184- Aryaman Gupta
185- Bruce Ashfield
186- Claudius Heine
187- Davide Gardenal
188- Dmitry Baryshkov
189- Ernst Sjöstrand
190- Felix Moessbauer
191- Gunjan Gupta
192- He Zhe
193- Hitendra Prajapati
194- Jack Mitchell
195- Jeremy Puhlman
196- Jiaqing Zhao
197- Joerg Vehlow
198- Jose Quaresma
199- Kai Kang
200- Khem Raj
201- Konrad Weihmann
202- Marcel Ziswiler
203- Markus Volk
204- Marta Rybczynska
205- Martin Jansa
206- Michael Opdenacker
207- Mingli Yu
208- Naveen Saini
209- Nick Potenski
210- Paulo Neves
211- Pavel Zhukov
212- Peter Kjellerstedt
213- Rasmus Villemoes
214- Richard Purdie
215- Robert Joslyn
216- Ross Burton
217- Samuli Piippo
218- Sean Anderson
219- Stefan Wiehler
220- Steve Sakoman
221- Sundeep Kokkonda
222- Tomasz Dziendzielski
223- Xiaobing Luo
224- Yi Zhao
225- leimaohui
226- wangmy
227
228Repositories / Downloads for Yocto-4.0.2
229~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
230
231poky
232
233- Repository Location: https://git.yoctoproject.org/git/poky
234- Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>`
235- Tag: :yocto_git:`yocto-4.0.2 </poky/log/?h=yocto-4.0.2>`
236- Git Revision: :yocto_git:`a5ea426b1da472fc8549459fff3c1b8c6e02f4b5 </poky/commit/?id=a5ea426b1da472fc8549459fff3c1b8c6e02f4b5>`
237- Release Artefact: poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5
238- sha: 474ddfacfed6661be054c161597a1a5273188dfe021b31d6156955d93c6b7359
239- Download Locations:
240 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5.tar.bz2
241 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5.tar.bz2
242
243openembedded-core
244
245- Repository Location: https://git.openembedded.org/openembedded-core
246- Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>`
247- Tag: :oe_git:`yocto-4.0.2 </openembedded-core/log/?h=yocto-4.0.2>`
248- Git Revision: :oe_git:`eea52e0c3d24c79464f4afdbc3c397e1cb982231 </openembedded-core/commit/?id=eea52e0c3d24c79464f4afdbc3c397e1cb982231>`
249- Release Artefact: oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231
250- sha: 252d5c2c2db7e14e7365fcc69d32075720b37d629894bae36305eba047a39907
251- Download Locations:
252 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231.tar.bz2
253 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231.tar.bz2
254
255meta-mingw
256
257- Repository Location: https://git.yoctoproject.org/git/meta-mingw
258- Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>`
259- Tag: :yocto_git:`yocto-4.0.2 </meta-mingw/log/?h=yocto-4.0.2>`
260- Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>`
261- Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1
262- sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302
263- Download Locations:
264 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
265 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2
266
267meta-gplv2
268
269- Repository Location: https://git.yoctoproject.org/git/meta-gplv2
270- Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>`
271- Tag: :yocto_git:`yocto-4.0.2 </meta-gplv2/log/?h=yocto-4.0.2>`
272- Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>`
273- Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a
274- sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d
275- Download Locations:
276 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
277 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2
278
279bitbake
280
281- Repository Location: https://git.openembedded.org/bitbake
282- Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>`
283- Tag: :oe_git:`yocto-4.0.2 </bitbake/log/?h=yocto-4.0.2>`
284- Git Revision: :oe_git:`b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 </bitbake/commit/?id=b8fd6f5d9959d27176ea016c249cf6d35ac8ba03>`
285- Release Artefact: bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03
286- sha: 373818b1dee2c502264edf654d6d8f857b558865437f080e02d5ba6bb9e72cc3
287- Download Locations:
288 http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2
289 http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2
290
291yocto-docs
292
293- Repository Location: https://git.yoctoproject.org/git/yocto-docs
294- Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>`
295- Tag: :yocto_git:`yocto-4.0.2 </yocto-docs/log/?h=yocto-4.0.2>`
296- Git Revision: :yocto_git:`662294dccd028828d5c7e9fd8f5c8e14df53df4b </yocto-docs/commit/?id=662294dccd028828d5c7e9fd8f5c8e14df53df4b>`