Patrick Williams | db4c27e | 2022-08-05 08:10:29 -0500 | [diff] [blame] | 1 | Release notes for Yocto-4.0.2 (Kirkstone) |
| 2 | ----------------------------------------- |
| 3 | |
| 4 | Security Fixes in Yocto-4.0.2 |
| 5 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 6 | |
| 7 | - libxslt: Mark :cve:`2022-29824` as not applying |
| 8 | - tiff: Add jbig PACKAGECONFIG and clarify IGNORE :cve:`2022-1210` |
| 9 | - tiff: mark :cve:`2022-1622` and :cve:`2022-1623` as invalid |
| 10 | - pcre2:fix :cve:`2022-1586` Out-of-bounds read |
| 11 | - curl: fix :cve:`2022-22576`, :cve:`2022-27775`, :cve:`2022-27776`, :cve:`2022-27774`, :cve:`2022-30115`, :cve:`2022-27780`, :cve:`2022-27781`, :cve:`2022-27779` and :cve:`2022-27782` |
| 12 | - qemu: fix :cve:`2021-4206` and :cve:`2021-4207` |
| 13 | - freetype: fix :cve:`2022-27404`, :cve:`2022-27405` and :cve:`2022-27406` |
| 14 | |
| 15 | Fixes in Yocto-4.0.2 |
| 16 | ~~~~~~~~~~~~~~~~~~~~ |
| 17 | |
| 18 | - alsa-plugins: fix libavtp vs. avtp packageconfig |
| 19 | - archiver: don't use machine variables in shared recipes |
| 20 | - archiver: use bb.note instead of echo |
| 21 | - baremetal-image: fix broken symlink in do_rootfs |
| 22 | - base-passwd: Disable shell for default users |
| 23 | - bash: submit patch upstream |
| 24 | - bind: upgrade 9.18.1 -> 9.18.2 |
| 25 | - binutils: Bump to latest 2.38 release branch |
| 26 | - bitbake.conf: Make TCLIBC and TCMODE lazy assigned |
| 27 | - bitbake: build: Add clean_stamp API function to allow removal of task stamps |
| 28 | - bitbake: data: Do not depend on vardepvalueexclude flag |
| 29 | - bitbake: fetch2/osc: Small fixes for osc fetcher |
| 30 | - bitbake: server/process: Fix logging issues where only the first message was displayed |
| 31 | - build-appliance-image: Update to kirkstone head revision |
| 32 | - buildhistory.bbclass: fix shell syntax when using dash |
| 33 | - cairo: Add missing GPLv3 license checksum entry |
| 34 | - classes: rootfs-postcommands: add skip option to overlayfs_qa_check |
| 35 | - cronie: upgrade 1.6.0 -> 1.6.1 |
| 36 | - cups: upgrade 2.4.1 -> 2.4.2 |
| 37 | - cve-check.bbclass: Added do_populate_sdk[recrdeptask]. |
| 38 | - cve-check: Add helper for symlink handling |
| 39 | - cve-check: Allow warnings to be disabled |
| 40 | - cve-check: Fix report generation |
| 41 | - cve-check: Only include installed packages for rootfs manifest |
| 42 | - cve-check: add support for Ignored CVEs |
| 43 | - cve-check: fix return type in check_cves |
| 44 | - cve-check: move update_symlinks to a library |
| 45 | - cve-check: write empty fragment files in the text mode |
| 46 | - cve-extra-exclusions: Add kernel CVEs |
| 47 | - cve-update-db-native: make it possible to disable database updates |
| 48 | - devtool: Fix _copy_file() TypeError |
| 49 | - e2fsprogs: add alternatives handling of lsattr as well |
| 50 | - e2fsprogs: update upstream status |
| 51 | - efivar: add musl libc compatibility |
| 52 | - epiphany: upgrade 42.0 -> 42.2 |
| 53 | - ffmpeg: upgrade 5.0 -> 5.0.1 |
| 54 | - fribidi: upgrade 1.0.11 -> 1.0.12 |
| 55 | - gcc-cross-canadian: Add nativesdk-zstd dependency |
| 56 | - gcc-source: Fix incorrect task dependencies from ${B} |
| 57 | - gcc: Upgrade to 11.3 release |
| 58 | - gcc: depend on zstd-native |
| 59 | - git: fix override syntax in RDEPENDS |
| 60 | - glib-2.0: upgrade 2.72.1 -> 2.72.2 |
| 61 | - glibc: Drop make-native dependency |
| 62 | - go: upgrade 1.17.8 -> 1.17.10 |
| 63 | - gst-devtools: upgrade 1.20.1 -> 1.20.2 |
| 64 | - gstreamer1.0-libav: upgrade 1.20.1 -> 1.20.2 |
| 65 | - gstreamer1.0-omx: upgrade 1.20.1 -> 1.20.2 |
| 66 | - gstreamer1.0-plugins-bad: upgrade 1.20.1 -> 1.20.2 |
| 67 | - gstreamer1.0-plugins-base: upgrade 1.20.1 -> 1.20.2 |
| 68 | - gstreamer1.0-plugins-good: upgrade 1.20.1 -> 1.20.2 |
| 69 | - gstreamer1.0-plugins-ugly: upgrade 1.20.1 -> 1.20.2 |
| 70 | - gstreamer1.0-python: upgrade 1.20.1 -> 1.20.2 |
| 71 | - gstreamer1.0-rtsp-server: upgrade 1.20.1 -> 1.20.2 |
| 72 | - gstreamer1.0-vaapi: upgrade 1.20.1 -> 1.20.2 |
| 73 | - gstreamer1.0: upgrade 1.20.1 -> 1.20.2 |
| 74 | - gtk+3: upgrade 3.24.33 -> 3.24.34 |
| 75 | - gtk-doc: Fix potential shebang overflow on gtkdoc-mkhtml2 |
| 76 | - image.bbclass: allow overriding dependency on virtual/kernel:do_deploy |
| 77 | - insane.bbclass: make sure to close .patch files |
| 78 | - iso-codes: upgrade 4.9.0 -> 4.10.0 |
| 79 | - kernel-yocto.bbclass: Reset to exiting on non-zero return code at end of task |
| 80 | - libcgroup: upgrade 2.0.1 -> 2.0.2 |
| 81 | - liberror-perl: Update sstate/equiv versions to clean cache |
| 82 | - libinput: upgrade 1.19.3 -> 1.19.4 |
| 83 | - libpcre2: upgrade 10.39 -> 10.40 |
| 84 | - librepo: upgrade 1.14.2 -> 1.14.3 |
| 85 | - libseccomp: Add missing files for ptests |
| 86 | - libseccomp: Correct LIC_FILES_CHKSUM |
| 87 | - libxkbcommon: upgrade 1.4.0 -> 1.4.1 |
| 88 | - libxml2: Upgrade 2.9.13 -> 2.9.14 |
| 89 | - license.bbclass: Bound beginline and endline in copy_license_files() |
| 90 | - license_image.bbclass: Make QA errors fail the build |
| 91 | - linux-firmware: add support for building snapshots |
| 92 | - linux-firmware: package new Qualcomm firmware |
| 93 | - linux-firmware: replace mkdir by install |
| 94 | - linux-firmware: split ath3k firmware |
| 95 | - linux-firmware: upgrade to 20220610 |
| 96 | - linux-yocto/5.10: update to v5.10.119 |
| 97 | - linux-yocto/5.15: Enable MDIO bus config |
| 98 | - linux-yocto/5.15: bpf: explicitly disable unpriv eBPF by default |
| 99 | - linux-yocto/5.15: cfg/xen: Move x86 configs to separate file |
| 100 | - linux-yocto/5.15: update to v5.15.44 |
| 101 | - local.conf.sample: Update sstate url to new 'all' path |
| 102 | - logrotate: upgrade 3.19.0 -> 3.20.1 |
| 103 | - lttng-modules: Fix build failure for 5.10.119+ and 5.15.44+ kernel |
| 104 | - lttng-modules: fix build against 5.18-rc7+ |
| 105 | - lttng-modules: fix shell syntax |
| 106 | - lttng-ust: upgrade 2.13.2 -> 2.13.3 |
| 107 | - lzo: Add further info to a patch and mark as Inactive-Upstream |
| 108 | - makedevs: Don't use COPYING.patch just to add license file into ${S} |
| 109 | - manuals: switch to the sstate mirror shared between all versions |
| 110 | - mesa.inc: package 00-radv-defaults.conf |
| 111 | - mesa: backport a patch to support compositors without zwp_linux_dmabuf_v1 again |
| 112 | - mesa: upgrade to 22.0.3 |
| 113 | - meson.bbclass: add cython binary to cross/native toolchain config |
| 114 | - mmc-utils: upgrade to latest revision |
| 115 | - mobile-broadband-provider-info: upgrade 20220315 -> 20220511 |
| 116 | - ncurses: update to patchlevel 20220423 |
| 117 | - oeqa/selftest/cve_check: add tests for Ignored and partial reports |
| 118 | - oeqa/selftest/cve_check: add tests for recipe and image reports |
| 119 | - oescripts: change compare logic in OEListPackageconfigTests |
| 120 | - openssl: Backport fix for ptest cert expiry |
| 121 | - overlayfs: add docs about skipping QA check & service dependencies |
| 122 | - ovmf: Fix native build with gcc-12 |
| 123 | - patch.py: make sure that patches/series file exists before quilt pop |
| 124 | - pciutils: avoid lspci conflict with busybox |
| 125 | - perl: Add dependency on make-native to avoid race issues |
| 126 | - perl: Fix build with gcc-12 |
| 127 | - poky.conf: bump version for 4.0.2 |
| 128 | - popt: fix override syntax in RDEPENDS |
| 129 | - pypi.bbclass: Set CVE_PRODUCT to PYPI_PACKAGE |
| 130 | - python3: Ensure stale empty python module directories don't break the build |
| 131 | - python3: Remove problematic paths from sysroot files |
| 132 | - python3: fix reproducibility issue with python3-core |
| 133 | - python3: use built-in distutils for ptest, rather than setuptools' 'fork' |
| 134 | - python: Avoid shebang overflow on python-config.py |
| 135 | - rootfs-postcommands.bbclass: correct comments |
| 136 | - rootfs.py: close kernel_abi_ver_file |
| 137 | - rootfs.py: find .ko.zst kernel modules |
| 138 | - rust-common: Drop LLVM_TARGET and simplify |
| 139 | - rust-common: Ensure sstate signatures have correct dependencues for do_rust_gen_targets |
| 140 | - rust-common: Fix for target definitions returning 'NoneType' for arm |
| 141 | - rust-common: Fix native signature dependency issues |
| 142 | - rust-common: Fix sstate signatures between arm hf and non-hf |
| 143 | - sanity: Don't warn about make 4.2.1 for mint |
| 144 | - sanity: Switch to make 4.0 as a minimum version |
| 145 | - sed: Specify shell for "nobody" user in run-ptest |
| 146 | - selftest/imagefeatures/overlayfs: Always append to DISTRO_FEATURES |
| 147 | - selftest/multiconfig: Test that multiconfigs in separate layers works |
| 148 | - sqlite3: upgrade to 3.38.5 |
| 149 | - staging.bbclass: process direct dependencies in deterministic order |
| 150 | - staging: Fix rare sysroot corruption issue |
| 151 | - strace: Don't run ptest as "nobody" |
| 152 | - systemd: Correct 0001-pass-correct-parameters-to-getdents64.patch |
| 153 | - systemd: Correct path returned in sd_path_lookup() |
| 154 | - systemd: Document future actions needed for set of musl patches |
| 155 | - systemd: Drop 0001-test-parse-argument-Include-signal.h.patch |
| 156 | - systemd: Drop 0002-don-t-use-glibc-specific-qsort_r.patch |
| 157 | - systemd: Drop 0016-Hide-__start_BUS_ERROR_MAP-and-__stop_BUS_ERROR_MAP.patch |
| 158 | - systemd: Drop redundant musl patches |
| 159 | - systemd: Fix build regression with latest update |
| 160 | - systemd: Remove __compare_fn_t type in musl-specific patch |
| 161 | - systemd: Update patch status |
| 162 | - systemd: systemd-systemctl: Support instance conf files during enable |
| 163 | - systemd: update ``0008-add-missing-FTW_-macros-for-musl.patch`` |
| 164 | - systemd: upgrade 250.4 -> 250.5 |
| 165 | - uboot-sign: Fix potential index error issues |
| 166 | - valgrind: submit arm patches upstream |
| 167 | - vim: Upgrade to 8.2.5083 |
| 168 | - webkitgtk: upgrade to 2.36.3 |
| 169 | - wic/plugins/rootfs: Fix permissions when splitting rootfs folders across partitions |
| 170 | - xwayland: upgrade 22.1.0 -> 22.1.1 |
| 171 | - xxhash: fix build with gcc 12 |
| 172 | - zip/unzip: mark all submittable patches as Inactive-Upstream |
| 173 | |
| 174 | Known Issues in Yocto-4.0.2 |
| 175 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 176 | |
| 177 | - There were build failures at the autobuilder due to a known scp issue on Fedora-36 hosts. |
| 178 | |
| 179 | Contributors to Yocto-4.0.2 |
| 180 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 181 | |
| 182 | - Alex Kiernan |
| 183 | - Alexander Kanavin |
| 184 | - Aryaman Gupta |
| 185 | - Bruce Ashfield |
| 186 | - Claudius Heine |
| 187 | - Davide Gardenal |
| 188 | - Dmitry Baryshkov |
| 189 | - Ernst Sjöstrand |
| 190 | - Felix Moessbauer |
| 191 | - Gunjan Gupta |
| 192 | - He Zhe |
| 193 | - Hitendra Prajapati |
| 194 | - Jack Mitchell |
| 195 | - Jeremy Puhlman |
| 196 | - Jiaqing Zhao |
| 197 | - Joerg Vehlow |
| 198 | - Jose Quaresma |
| 199 | - Kai Kang |
| 200 | - Khem Raj |
| 201 | - Konrad Weihmann |
| 202 | - Marcel Ziswiler |
| 203 | - Markus Volk |
| 204 | - Marta Rybczynska |
| 205 | - Martin Jansa |
| 206 | - Michael Opdenacker |
| 207 | - Mingli Yu |
| 208 | - Naveen Saini |
| 209 | - Nick Potenski |
| 210 | - Paulo Neves |
| 211 | - Pavel Zhukov |
| 212 | - Peter Kjellerstedt |
| 213 | - Rasmus Villemoes |
| 214 | - Richard Purdie |
| 215 | - Robert Joslyn |
| 216 | - Ross Burton |
| 217 | - Samuli Piippo |
| 218 | - Sean Anderson |
| 219 | - Stefan Wiehler |
| 220 | - Steve Sakoman |
| 221 | - Sundeep Kokkonda |
| 222 | - Tomasz Dziendzielski |
| 223 | - Xiaobing Luo |
| 224 | - Yi Zhao |
| 225 | - leimaohui |
| 226 | - wangmy |
| 227 | |
| 228 | Repositories / Downloads for Yocto-4.0.2 |
| 229 | ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~ |
| 230 | |
| 231 | poky |
| 232 | |
| 233 | - Repository Location: https://git.yoctoproject.org/git/poky |
| 234 | - Branch: :yocto_git:`kirkstone </poky/log/?h=kirkstone>` |
| 235 | - Tag: :yocto_git:`yocto-4.0.2 </poky/log/?h=yocto-4.0.2>` |
| 236 | - Git Revision: :yocto_git:`a5ea426b1da472fc8549459fff3c1b8c6e02f4b5 </poky/commit/?id=a5ea426b1da472fc8549459fff3c1b8c6e02f4b5>` |
| 237 | - Release Artefact: poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5 |
| 238 | - sha: 474ddfacfed6661be054c161597a1a5273188dfe021b31d6156955d93c6b7359 |
| 239 | - Download Locations: |
| 240 | http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5.tar.bz2 |
| 241 | http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/poky-a5ea426b1da472fc8549459fff3c1b8c6e02f4b5.tar.bz2 |
| 242 | |
| 243 | openembedded-core |
| 244 | |
| 245 | - Repository Location: https://git.openembedded.org/openembedded-core |
| 246 | - Branch: :oe_git:`kirkstone </openembedded-core/log/?h=kirkstone>` |
| 247 | - Tag: :oe_git:`yocto-4.0.2 </openembedded-core/log/?h=yocto-4.0.2>` |
| 248 | - Git Revision: :oe_git:`eea52e0c3d24c79464f4afdbc3c397e1cb982231 </openembedded-core/commit/?id=eea52e0c3d24c79464f4afdbc3c397e1cb982231>` |
| 249 | - Release Artefact: oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231 |
| 250 | - sha: 252d5c2c2db7e14e7365fcc69d32075720b37d629894bae36305eba047a39907 |
| 251 | - Download Locations: |
| 252 | http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231.tar.bz2 |
| 253 | http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/oecore-eea52e0c3d24c79464f4afdbc3c397e1cb982231.tar.bz2 |
| 254 | |
| 255 | meta-mingw |
| 256 | |
| 257 | - Repository Location: https://git.yoctoproject.org/git/meta-mingw |
| 258 | - Branch: :yocto_git:`kirkstone </meta-mingw/log/?h=kirkstone>` |
| 259 | - Tag: :yocto_git:`yocto-4.0.2 </meta-mingw/log/?h=yocto-4.0.2>` |
| 260 | - Git Revision: :yocto_git:`a90614a6498c3345704e9611f2842eb933dc51c1 </meta-mingw/commit/?id=a90614a6498c3345704e9611f2842eb933dc51c1>` |
| 261 | - Release Artefact: meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1 |
| 262 | - sha: 49f9900bfbbc1c68136f8115b314e95d0b7f6be75edf36a75d9bcd1cca7c6302 |
| 263 | - Download Locations: |
| 264 | http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 |
| 265 | http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/meta-mingw-a90614a6498c3345704e9611f2842eb933dc51c1.tar.bz2 |
| 266 | |
| 267 | meta-gplv2 |
| 268 | |
| 269 | - Repository Location: https://git.yoctoproject.org/git/meta-gplv2 |
| 270 | - Branch: :yocto_git:`kirkstone </meta-gplv2/log/?h=kirkstone>` |
| 271 | - Tag: :yocto_git:`yocto-4.0.2 </meta-gplv2/log/?h=yocto-4.0.2>` |
| 272 | - Git Revision: :yocto_git:`d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a </meta-gplv2/commit/?id=d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a>` |
| 273 | - Release Artefact: meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a |
| 274 | - sha: c386f59f8a672747dc3d0be1d4234b6039273d0e57933eb87caa20f56b9cca6d |
| 275 | - Download Locations: |
| 276 | http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 |
| 277 | http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/meta-gplv2-d2f8b5cdb285b72a4ed93450f6703ca27aa42e8a.tar.bz2 |
| 278 | |
| 279 | bitbake |
| 280 | |
| 281 | - Repository Location: https://git.openembedded.org/bitbake |
| 282 | - Branch: :oe_git:`2.0 </bitbake/log/?h=2.0>` |
| 283 | - Tag: :oe_git:`yocto-4.0.2 </bitbake/log/?h=yocto-4.0.2>` |
| 284 | - Git Revision: :oe_git:`b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 </bitbake/commit/?id=b8fd6f5d9959d27176ea016c249cf6d35ac8ba03>` |
| 285 | - Release Artefact: bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03 |
| 286 | - sha: 373818b1dee2c502264edf654d6d8f857b558865437f080e02d5ba6bb9e72cc3 |
| 287 | - Download Locations: |
| 288 | http://downloads.yoctoproject.org/releases/yocto/yocto-4.0.2/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2 |
| 289 | http://mirrors.kernel.org/yocto/yocto/yocto-4.0.2/bitbake-b8fd6f5d9959d27176ea016c249cf6d35ac8ba03.tar.bz2 |
| 290 | |
| 291 | yocto-docs |
| 292 | |
| 293 | - Repository Location: https://git.yoctoproject.org/git/yocto-docs |
| 294 | - Branch: :yocto_git:`kirkstone </yocto-docs/log/?h=kirkstone>` |
| 295 | - Tag: :yocto_git:`yocto-4.0.2 </yocto-docs/log/?h=yocto-4.0.2>` |
| 296 | - Git Revision: :yocto_git:`662294dccd028828d5c7e9fd8f5c8e14df53df4b </yocto-docs/commit/?id=662294dccd028828d5c7e9fd8f5c8e14df53df4b>` |